Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Rapport Hijachkthis

Dokiato

Par Dokiato
dans Analyses et éradication malwares

 Partager

Messages recommandés

Dokiato Member

Dokiato

Posté(e)
Posté(e)

Bonjours, je suis un nouveaux dans le monde de hijack

Je voudrais s'avoir se qu'il faut garder et se qu'il ne faut pas garder ext ... Pour avoir un apercu de se qu'il faut fair avec tout ca et pouvoir avec le temps apprendre a utilisé mieux se programe ext... S.v.p aidez moi :P

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\CTsvcCDA.exe

C:\Program Files\Diskeeper\DkService.exe

C:\WINDOWS\system32\msasvc.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\system32\CTHELPER.EXE

C:\Program Files\internet explorer\iexplore.exe

C:\Program Files\Creative\ShareDLL\CtNotify.exe

C:\Program Files\Creative\ShareDLL\MediaDet.exe

C:\WINDOWS\system32\ctfmon.exe

F:\Programe\Ad-Aware SE Professional\Ad-Watch.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\internet explorer\iexplore.exe

C:\WINDOWS\explorer.exe

F:\Programe\Firefox\firefox.exe

F:\Programe\Hijackthis\VERSION TRADUITE ORIGINALE.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.hotmail.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F3 - REG:win.ini: load=C:\WINDOWS\system32\camacttiv.exe

O1 - Hosts: 66.98.148.65 auto.search.msn.com

O1 - Hosts: 66.98.148.65 auto.search.msn.es

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: (no name) - {248AEE7B-BA53-47C1-BC59-4520A9D7C9F3} - C:\WINDOWS\Web\ahrdajva.dll

O2 - BHO: (no name) - {371EE1EF-F177-1390-7807-08525DC0E55C} - C:\WINDOWS\system32\nweipeg.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - F:\Programe\BitComet\tools\BitCometBHO.dll

O2 - BHO: (no name) - {669F1F99-1244-4872-B690-DFC5CB4ADECb} - C:\WINDOWS\system32\hpwrrvuv.dll (file missing)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll

O2 - BHO: (no name) - {ADA2AEC6-C2A3-4C1E-833F-0BB49DDDBA85} - C:\WINDOWS\system32\hpwrrvuv.dll (file missing)

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll

O2 - BHO: (no name) - {D651AFF4-9590-424d-BD1E-8E33E090DFB3} - C:\WINDOWS\system32\segowpqt.dll (file missing)

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE

O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"

O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run

O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe

O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [uaafn] C:\Program Files\Jhigk\Agyuq.exe

O4 - HKLM\..\Run: [Opgbqy] C:\Program Files\Yrheswr\Pzln.exe

O4 - HKLM\..\Run: [Puibx] C:\Program Files\Fdfnh\Oabl.exe

O4 - HKLM\..\Run: [btqoq] C:\Program Files\Iletgu\Cbokkfy.exe

O4 - HKLM\..\Run: [Fvujhs] C:\Program Files\Klwzyp\Esrjerg.exe

O4 - HKLM\..\Run: [Ftlamr] C:\Program Files\Lvbfft\Wxcgel.exe

O4 - HKLM\..\Run: [Exovhigi] C:\Program Files\Ndsleo\Yxffhw.exe

O4 - HKLM\..\Run: [Ylvssvrk] C:\Program Files\Zyapzod\Wxqq.exe

O4 - HKLM\..\Run: [Hocyfdn] C:\Program Files\Ejiijb\Eeqefzy.exe

O4 - HKLM\..\Run: [Prifpf] C:\Program Files\Qlmzjo\Isbvfnu.exe

O4 - HKLM\..\Run: [Cgtulag] C:\Program Files\Stmeijs\Reti.exe

O4 - HKLM\..\Run: [Ykvtxfn] C:\Program Files\Ygmnvft\Ogyn.exe

O4 - HKLM\..\Run: [iwqarbfu] C:\Program Files\Ksus\Goyn.exe

O4 - HKLM\..\Run: [bmatvzs] C:\Program Files\Hwdbrlv\Oqrjo.exe

O4 - HKLM\..\Run: [Leosofks] C:\Program Files\Awhq\Bnnqu.exe

O4 - HKLM\..\Run: [Qimjhgtf] C:\Program Files\Mrpcq\Agpuyu.exe

O4 - HKLM\..\Run: [Vuvvn] C:\Program Files\Rtltq\Wccfoun.exe

O4 - HKLM\..\Run: [Zisury] C:\Program Files\Tgtu\Qhhkjgu.exe

O4 - HKLM\..\Run: [uyvva] C:\Program Files\Yixl\Ddcxu.exe

O4 - HKLM\..\Run: [Jqiil] C:\Program Files\Cjcj\Qzglfnb.exe

O4 - HKLM\..\Run: [Lyngyk] C:\Program Files\Uierojs\Lqcsb.exe

O4 - HKLM\..\Run: [Xudmbyb] C:\Program Files\Gbbxki\Aainsw.exe

O4 - HKLM\..\Run: [Kcpsirdb] C:\Program Files\Kdfvcv\Dnteas.exe

O4 - HKLM\..\Run: [bnvuwgvx] C:\Program Files\Bnmdh\Szqnd.exe

O4 - HKLM\..\Run: [biciu] C:\Program Files\Fprbh\Oudgup.exe

O4 - HKLM\..\Run: [Zybwdgdo] C:\Program Files\Pptncg\Ngqm.exe

O4 - HKLM\..\Run: [Lxptn] C:\Program Files\Arwlddx\Lrbt.exe

O4 - HKLM\..\Run: [bosvr] C:\Program Files\Crvruyi\Kuzw.exe

O4 - HKLM\..\Run: [Pjahxv] C:\Program Files\Gtaiule\Xfqw.exe

O4 - HKLM\..\Run: [Dvrubhab] C:\Program Files\Lqwlmp\Yslqn.exe

O4 - HKLM\..\Run: [Qxkxggf] c:\Program Files\Kdilgsr\Ysauw.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [AVG7_CC] F:\Programe\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [avast!] F:\Programe\Avast\ashDisp.exe

O4 - HKLM\..\Run: [desktop] C:\WINDOWS\system32\desktop.exe

O4 - HKLM\..\Run: [Generic Host Process] C:\WINDOWS\system32\camacttiv.exe

O4 - HKLM\..\RunServices: [desktop] C:\WINDOWS\system32\desktop.exe

O4 - HKLM\..\RunServices: [Generic Host Process] C:\WINDOWS\system32\camacttiv.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [AWMON] "F:\Programe\Ad-Aware SE Professional\Ad-Watch.exe"

O8 - Extra context menu item: Download all links using BitComet - res://F:\Programe\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Download all videos using BitComet - res://F:\Programe\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: Download link using &BitComet - res://F:\Programe\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: (no name) - {750A64D8-DFAA-485B-A335-F7093333FBB7} - (no file) (HKCU)

O10 - Broken Internet access because of LSP provider 'xfire_lsp.dll' missing

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,910,0

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: ahrdajva - C:\WINDOWS\Web\ahrdajva.dll

O20 - Winlogon Notify: fccyy - fccyy.dll (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - F:\Programe\avgamsvr.exe (file missing)

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - F:\Programe\avgupsvc.exe (file missing)

O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - F:\Programe\avgemc.exe (file missing)

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe

O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Diskeeper\DkService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\system32\msasvc.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 - C:\Program Files\Common Files\SC Test Branding 1 Shared\Service\SCTestService1.exe

O23 - Service: Windows Firewall/Internet Connection Sharing (ICS) (SharedAccess) - Unknown owner - C:\WINDOWS\C:\WINDOWS\System32\svchost.exe (file missing)

Lien vers le commentaire
Partager sur d’autres sites

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

salut et bienvenue :P

 

Je voudrais s'avoir se qu'il faut garder et se qu'il ne faut pas garder ext

Avant toute chose, il va falloir désinfecté ton pc, car il est bien vérolé !!!

Commence comme ceci >

 

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.

  • Double-clique VundoFix.exe afin de le lancer
  • Clique sur le bouton Scan for Vundo
  • Lorsque le scan est complété, clique sur le bouton Remove Vundo
  • Une invite te demandera si tu veux supprimer les fichiers, clique YES
  • Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
  • Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
  • Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

 

Poste le rapport de VundoFix, et un nouveau rapport hijackthis.(en entier stp).

 

Télécharge et lance DiagHelp comme montré dans ce tutoriel> http://www.malekal.com/DiagHelp/DiagHelp.php

Ne lance que l'option 1 et poste le rapport stp.Attention: n'oublie pas d'appuyer sur une touche lorsque cela te sera demandé à la fin du rapport Catchme.

 

Voilà : ca fait 3 rapports à poster.

Lien vers le commentaire
Partager sur d’autres sites
Dokiato Member

Dokiato

Posté(e)
  • Auteur
Posté(e)

Voila pour vindofix:

 

VundoFix V6.3.21

 

Checking Java version...

 

Scan started at 20:11:47 2007-05-11

 

Listing files found while scanning....

 

C:\WINDOWS\system32\aagrprwg.dll

C:\WINDOWS\system32\aaheucyw.dll

C:\WINDOWS\system32\acsoyuim.dll

C:\WINDOWS\system32\adsjqfjf.ini

C:\WINDOWS\system32\aijrrhuc.exe

C:\WINDOWS\system32\auemrukr.ini

C:\WINDOWS\system32\awlgmhpv.dll

C:\WINDOWS\system32\awmqdxdi.dll

C:\WINDOWS\system32\bafljihr.dll

C:\WINDOWS\system32\bbhvwqqc.exe

C:\WINDOWS\system32\bhtffxlh.exe

C:\WINDOWS\system32\biyidwhx.dll

C:\WINDOWS\system32\bmnhjddd.exe

C:\WINDOWS\system32\boxfsdvy.ini

C:\WINDOWS\system32\brehddkr.dll

C:\WINDOWS\system32\bwpyvkhw.exe

C:\WINDOWS\system32\cnksefse.dll

C:\WINDOWS\system32\ctradjbx.dll

C:\WINDOWS\system32\dbqycoyo.dll

C:\WINDOWS\system32\despodbo.dll

C:\WINDOWS\system32\dgweaube.dll

C:\WINDOWS\system32\ebuaewgd.ini

C:\WINDOWS\system32\eedgtxux.dll

C:\WINDOWS\system32\eggamfin.dll

C:\WINDOWS\system32\eieskwbp.exe

C:\WINDOWS\system32\emldalkt.ini

C:\WINDOWS\system32\esirxfjv.ini

C:\WINDOWS\system32\fbqprvil.exe

C:\WINDOWS\system32\fiywmipv.dll

C:\WINDOWS\system32\fjcugnle.dll

C:\WINDOWS\system32\fjfqjsda.dll

C:\WINDOWS\system32\fkyqjehr.dll

C:\WINDOWS\system32\flmscwgt.exe

C:\WINDOWS\system32\fpfqpfki.dll

C:\WINDOWS\system32\ftppyfdu.dll

C:\WINDOWS\system32\futhtwnh.exe

C:\WINDOWS\system32\fxcsjana.dll

C:\WINDOWS\system32\fyceuivg.dll

C:\WINDOWS\system32\fyiegget.dll

C:\WINDOWS\system32\gmjldhlo.dll

C:\WINDOWS\system32\gqjffrhn.dll

C:\WINDOWS\system32\gwrprgaa.ini

C:\WINDOWS\system32\heperrcp.ini

C:\WINDOWS\system32\hhqrbsyx.ini

C:\WINDOWS\system32\hidayiyu.dll

C:\WINDOWS\system32\hiwfyqyl.ini

C:\WINDOWS\system32\hkiujrkb.exe

C:\WINDOWS\system32\hkxixbbl.dll

C:\WINDOWS\system32\hlyeakpn.dll

C:\WINDOWS\system32\hqnevngi.dll

C:\WINDOWS\system32\hrlqidau.dll

C:\WINDOWS\system32\hvkjydfp.dll

C:\WINDOWS\system32\hwhmidji.exe

C:\WINDOWS\system32\idatualb.dll

C:\WINDOWS\system32\iemjsury.dll

C:\WINDOWS\system32\ihsyswtl.dll

C:\WINDOWS\system32\ikfpqfpf.ini

C:\WINDOWS\system32\iogyliqu.dll

C:\WINDOWS\system32\itnieftr.ini

C:\WINDOWS\system32\itxsqobk.dll

C:\WINDOWS\system32\jdbromtl.dll

C:\WINDOWS\system32\jjvcbsup.dll

C:\WINDOWS\system32\jmsatpae.dll

C:\WINDOWS\system32\jxtvkcfr.exe

C:\WINDOWS\system32\kboqsxti.ini

C:\WINDOWS\system32\kdggvbru.ini

C:\WINDOWS\system32\kedkmajc.dll

C:\WINDOWS\system32\knfmlurp.dll

C:\WINDOWS\system32\kvfavwrg.dll

C:\WINDOWS\system32\lbbxixkh.ini

C:\WINDOWS\system32\leuphjgk.exe

C:\WINDOWS\system32\lptabbwh.dll

C:\WINDOWS\system32\lvyxuirx.ini

C:\WINDOWS\system32\lyqyfwih.dll

C:\WINDOWS\system32\najcklyc.dll

C:\WINDOWS\system32\ndwtrutu.dll

C:\WINDOWS\system32\nhrffjqg.ini

C:\WINDOWS\system32\nidvsofh.dll

C:\WINDOWS\system32\npcykfnq.exe

C:\WINDOWS\system32\ntpraaxp.exe

C:\WINDOWS\system32\nweipeg.dll

C:\WINDOWS\system32\ohbaqphj.dll

C:\WINDOWS\system32\ookeiihv.dll

C:\WINDOWS\system32\oqarbnaa.dll

C:\WINDOWS\system32\oyocyqbd.ini

C:\WINDOWS\system32\pbcsvntf.exe

C:\WINDOWS\system32\pcrrepeh.dll

C:\WINDOWS\system32\piuacanl.dll

C:\WINDOWS\system32\prulmfnk.ini

C:\WINDOWS\system32\pubfckpc.dll

C:\WINDOWS\system32\qgexbfft.ini

C:\WINDOWS\system32\qgkbchla.dll

C:\WINDOWS\system32\rhejqykf.ini

C:\WINDOWS\system32\rhgmjugl.dll

C:\WINDOWS\system32\rhijlfab.ini

C:\WINDOWS\system32\rimgygab.exe

C:\WINDOWS\system32\rkodupwt.dll

C:\WINDOWS\system32\rkurmeua.dll

C:\WINDOWS\system32\rkydrsea.exe

C:\WINDOWS\system32\rtfeinti.dll

C:\WINDOWS\system32\rwoaymiy.dll

C:\WINDOWS\system32\rxmtsprb.dll

C:\WINDOWS\system32\sbupggnu.dll

C:\WINDOWS\system32\scysrofw.dll

C:\WINDOWS\system32\segowpqt.dll

C:\WINDOWS\system32\smpoojsd.dll

C:\WINDOWS\system32\sxrpcvew.ini

C:\WINDOWS\system32\sytpbtar.dll

C:\WINDOWS\system32\teggeiyf.ini

C:\WINDOWS\system32\tffbxegq.dll

C:\WINDOWS\system32\tfluqycq.dll

C:\WINDOWS\system32\tiermnxw.ini

C:\WINDOWS\system32\tkladlme.dll

C:\WINDOWS\system32\tqrdcwpu.dll

C:\WINDOWS\system32\tvicyfgi.dll

C:\WINDOWS\system32\uecswfvu.dll

C:\WINDOWS\system32\uhnvbopx.ini

C:\WINDOWS\system32\unggpubs.ini

C:\WINDOWS\system32\upitbwix.ini

C:\WINDOWS\system32\upwcdrqt.ini

C:\WINDOWS\system32\uqilygoi.ini

C:\WINDOWS\system32\uqqjtweg.dll

C:\WINDOWS\system32\urbvggdk.dll

C:\WINDOWS\system32\uyiyadih.ini

C:\WINDOWS\system32\vhiiekoo.ini

C:\WINDOWS\system32\vimkrodt.dll

C:\WINDOWS\system32\vipcvpxk.dll

C:\WINDOWS\system32\vjfxrise.dll

C:\WINDOWS\system32\vpimwyif.ini

C:\WINDOWS\system32\vssarute.dll

C:\WINDOWS\system32\wevcprxs.dll

C:\WINDOWS\system32\wforsycs.ini

C:\WINDOWS\system32\whastyes.exe

C:\WINDOWS\system32\whnojvpo.exe

C:\WINDOWS\system32\wiwcgiow.exe

C:\WINDOWS\system32\wmqafytx.dll

C:\WINDOWS\system32\wvwlgiqx.dll

C:\WINDOWS\system32\wxnmreit.dll

C:\WINDOWS\system32\wyyokiyb.dll

C:\WINDOWS\system32\xghuwoeq.dll

C:\WINDOWS\system32\xhimjrts.exe

C:\WINDOWS\system32\xhwdiyib.ini

C:\WINDOWS\system32\xiwbtipu.dll

C:\WINDOWS\system32\xpobvnhu.dll

C:\WINDOWS\system32\xqffuuvy.ini

C:\WINDOWS\system32\xqiglwvw.ini

C:\WINDOWS\system32\xriuxyvl.dll

C:\WINDOWS\system32\xsmpdcqy.dll

C:\WINDOWS\system32\xtxbdoxk.dll

C:\WINDOWS\system32\xtyfaqmw.ini

C:\WINDOWS\system32\xuxtgdee.ini

C:\WINDOWS\system32\xysbrqhh.dll

C:\WINDOWS\system32\yccnpauv.dll

C:\WINDOWS\system32\ycsahxoi.dll

C:\WINDOWS\system32\yfcbdkjo.dll

C:\WINDOWS\system32\yimyaowr.ini

C:\WINDOWS\system32\yjwhafgy.dll

C:\WINDOWS\system32\ykyjaanp.dll

C:\WINDOWS\system32\ylkjvxav.exe

C:\WINDOWS\system32\yrusjmei.ini

C:\WINDOWS\system32\yvdsfxob.dll

C:\WINDOWS\system32\yvuuffqx.dll

C:\WINDOWS\system32\yxaskoyr.dll

C:\WINDOWS\Web\ahrdajva.dll

 

Beginning removal...

 

Attempting to delete C:\WINDOWS\system32\aagrprwg.dll

C:\WINDOWS\system32\aagrprwg.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\aaheucyw.dll

C:\WINDOWS\system32\aaheucyw.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\acsoyuim.dll

C:\WINDOWS\system32\acsoyuim.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\adsjqfjf.ini

C:\WINDOWS\system32\adsjqfjf.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\aijrrhuc.exe

C:\WINDOWS\system32\aijrrhuc.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\auemrukr.ini

C:\WINDOWS\system32\auemrukr.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\awlgmhpv.dll

C:\WINDOWS\system32\awlgmhpv.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\awmqdxdi.dll

C:\WINDOWS\system32\awmqdxdi.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\bafljihr.dll

C:\WINDOWS\system32\bafljihr.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\bbhvwqqc.exe

C:\WINDOWS\system32\bbhvwqqc.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\bhtffxlh.exe

C:\WINDOWS\system32\bhtffxlh.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\biyidwhx.dll

C:\WINDOWS\system32\biyidwhx.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\bmnhjddd.exe

C:\WINDOWS\system32\bmnhjddd.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\boxfsdvy.ini

C:\WINDOWS\system32\boxfsdvy.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\brehddkr.dll

C:\WINDOWS\system32\brehddkr.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\bwpyvkhw.exe

C:\WINDOWS\system32\bwpyvkhw.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\cnksefse.dll

C:\WINDOWS\system32\cnksefse.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ctradjbx.dll

C:\WINDOWS\system32\ctradjbx.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\dbqycoyo.dll

C:\WINDOWS\system32\dbqycoyo.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\despodbo.dll

C:\WINDOWS\system32\despodbo.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\dgweaube.dll

C:\WINDOWS\system32\dgweaube.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ebuaewgd.ini

C:\WINDOWS\system32\ebuaewgd.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\eedgtxux.dll

C:\WINDOWS\system32\eedgtxux.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\eggamfin.dll

C:\WINDOWS\system32\eggamfin.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\eieskwbp.exe

C:\WINDOWS\system32\eieskwbp.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\emldalkt.ini

C:\WINDOWS\system32\emldalkt.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\esirxfjv.ini

C:\WINDOWS\system32\esirxfjv.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\fbqprvil.exe

C:\WINDOWS\system32\fbqprvil.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\fiywmipv.dll

C:\WINDOWS\system32\fiywmipv.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\fjcugnle.dll

C:\WINDOWS\system32\fjcugnle.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\fjfqjsda.dll

C:\WINDOWS\system32\fjfqjsda.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\fkyqjehr.dll

C:\WINDOWS\system32\fkyqjehr.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\flmscwgt.exe

C:\WINDOWS\system32\flmscwgt.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\fpfqpfki.dll

C:\WINDOWS\system32\fpfqpfki.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ftppyfdu.dll

C:\WINDOWS\system32\ftppyfdu.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\futhtwnh.exe

C:\WINDOWS\system32\futhtwnh.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\fxcsjana.dll

C:\WINDOWS\system32\fxcsjana.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\fyceuivg.dll

C:\WINDOWS\system32\fyceuivg.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\fyiegget.dll

C:\WINDOWS\system32\fyiegget.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\gmjldhlo.dll

C:\WINDOWS\system32\gmjldhlo.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\gqjffrhn.dll

C:\WINDOWS\system32\gqjffrhn.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\gwrprgaa.ini

C:\WINDOWS\system32\gwrprgaa.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\heperrcp.ini

C:\WINDOWS\system32\heperrcp.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\hhqrbsyx.ini

C:\WINDOWS\system32\hhqrbsyx.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\hidayiyu.dll

C:\WINDOWS\system32\hidayiyu.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\hiwfyqyl.ini

C:\WINDOWS\system32\hiwfyqyl.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\hkiujrkb.exe

C:\WINDOWS\system32\hkiujrkb.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\hkxixbbl.dll

C:\WINDOWS\system32\hkxixbbl.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\hlyeakpn.dll

C:\WINDOWS\system32\hlyeakpn.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\hqnevngi.dll

C:\WINDOWS\system32\hqnevngi.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\hvkjydfp.dll

C:\WINDOWS\system32\hvkjydfp.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\hwhmidji.exe

C:\WINDOWS\system32\hwhmidji.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\idatualb.dll

C:\WINDOWS\system32\idatualb.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\iemjsury.dll

C:\WINDOWS\system32\iemjsury.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ihsyswtl.dll

C:\WINDOWS\system32\ihsyswtl.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ikfpqfpf.ini

C:\WINDOWS\system32\ikfpqfpf.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\iogyliqu.dll

C:\WINDOWS\system32\iogyliqu.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\itnieftr.ini

C:\WINDOWS\system32\itnieftr.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\itxsqobk.dll

C:\WINDOWS\system32\itxsqobk.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\jdbromtl.dll

C:\WINDOWS\system32\jdbromtl.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\jjvcbsup.dll

C:\WINDOWS\system32\jjvcbsup.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\jmsatpae.dll

C:\WINDOWS\system32\jmsatpae.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\jxtvkcfr.exe

C:\WINDOWS\system32\jxtvkcfr.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\kboqsxti.ini

C:\WINDOWS\system32\kboqsxti.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\kdggvbru.ini

C:\WINDOWS\system32\kdggvbru.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\kedkmajc.dll

C:\WINDOWS\system32\kedkmajc.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\knfmlurp.dll

C:\WINDOWS\system32\knfmlurp.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\kvfavwrg.dll

C:\WINDOWS\system32\kvfavwrg.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\lbbxixkh.ini

C:\WINDOWS\system32\lbbxixkh.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\leuphjgk.exe

C:\WINDOWS\system32\leuphjgk.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\lptabbwh.dll

C:\WINDOWS\system32\lptabbwh.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\lvyxuirx.ini

C:\WINDOWS\system32\lvyxuirx.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\lyqyfwih.dll

C:\WINDOWS\system32\lyqyfwih.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\najcklyc.dll

C:\WINDOWS\system32\najcklyc.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ndwtrutu.dll

C:\WINDOWS\system32\ndwtrutu.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\nhrffjqg.ini

C:\WINDOWS\system32\nhrffjqg.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\npcykfnq.exe

C:\WINDOWS\system32\npcykfnq.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ntpraaxp.exe

C:\WINDOWS\system32\ntpraaxp.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\nweipeg.dll

C:\WINDOWS\system32\nweipeg.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ohbaqphj.dll

C:\WINDOWS\system32\ohbaqphj.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ookeiihv.dll

C:\WINDOWS\system32\ookeiihv.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\oqarbnaa.dll

C:\WINDOWS\system32\oqarbnaa.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\oyocyqbd.ini

C:\WINDOWS\system32\oyocyqbd.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\pbcsvntf.exe

C:\WINDOWS\system32\pbcsvntf.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\pcrrepeh.dll

C:\WINDOWS\system32\pcrrepeh.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\piuacanl.dll

C:\WINDOWS\system32\piuacanl.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\prulmfnk.ini

C:\WINDOWS\system32\prulmfnk.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\pubfckpc.dll

C:\WINDOWS\system32\pubfckpc.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\qgexbfft.ini

C:\WINDOWS\system32\qgexbfft.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\qgkbchla.dll

C:\WINDOWS\system32\qgkbchla.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\rhejqykf.ini

C:\WINDOWS\system32\rhejqykf.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\rhijlfab.ini

C:\WINDOWS\system32\rhijlfab.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\rimgygab.exe

C:\WINDOWS\system32\rimgygab.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\rkodupwt.dll

C:\WINDOWS\system32\rkodupwt.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\rkurmeua.dll

C:\WINDOWS\system32\rkurmeua.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\rkydrsea.exe

C:\WINDOWS\system32\rkydrsea.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\rtfeinti.dll

C:\WINDOWS\system32\rtfeinti.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\rwoaymiy.dll

C:\WINDOWS\system32\rwoaymiy.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\rxmtsprb.dll

C:\WINDOWS\system32\rxmtsprb.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\sbupggnu.dll

C:\WINDOWS\system32\sbupggnu.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\scysrofw.dll

C:\WINDOWS\system32\scysrofw.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\sxrpcvew.ini

C:\WINDOWS\system32\sxrpcvew.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\sytpbtar.dll

C:\WINDOWS\system32\sytpbtar.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\teggeiyf.ini

C:\WINDOWS\system32\teggeiyf.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\tffbxegq.dll

C:\WINDOWS\system32\tffbxegq.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\tfluqycq.dll

C:\WINDOWS\system32\tfluqycq.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\tiermnxw.ini

C:\WINDOWS\system32\tiermnxw.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\tkladlme.dll

C:\WINDOWS\system32\tkladlme.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\tqrdcwpu.dll

C:\WINDOWS\system32\tqrdcwpu.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\tvicyfgi.dll

C:\WINDOWS\system32\tvicyfgi.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\uecswfvu.dll

C:\WINDOWS\system32\uecswfvu.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\uhnvbopx.ini

C:\WINDOWS\system32\uhnvbopx.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\unggpubs.ini

C:\WINDOWS\system32\unggpubs.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\upitbwix.ini

C:\WINDOWS\system32\upitbwix.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\upwcdrqt.ini

C:\WINDOWS\system32\upwcdrqt.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\uqilygoi.ini

C:\WINDOWS\system32\uqilygoi.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\uqqjtweg.dll

C:\WINDOWS\system32\uqqjtweg.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\urbvggdk.dll

C:\WINDOWS\system32\urbvggdk.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\uyiyadih.ini

C:\WINDOWS\system32\uyiyadih.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\vhiiekoo.ini

C:\WINDOWS\system32\vhiiekoo.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\vimkrodt.dll

C:\WINDOWS\system32\vimkrodt.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\vipcvpxk.dll

C:\WINDOWS\system32\vipcvpxk.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\vjfxrise.dll

C:\WINDOWS\system32\vjfxrise.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\vpimwyif.ini

C:\WINDOWS\system32\vpimwyif.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\vssarute.dll

C:\WINDOWS\system32\vssarute.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\wevcprxs.dll

C:\WINDOWS\system32\wevcprxs.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\wforsycs.ini

C:\WINDOWS\system32\wforsycs.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\whastyes.exe

C:\WINDOWS\system32\whastyes.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\whnojvpo.exe

C:\WINDOWS\system32\whnojvpo.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\wiwcgiow.exe

C:\WINDOWS\system32\wiwcgiow.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\wmqafytx.dll

C:\WINDOWS\system32\wmqafytx.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\wvwlgiqx.dll

C:\WINDOWS\system32\wvwlgiqx.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\wxnmreit.dll

C:\WINDOWS\system32\wxnmreit.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\wyyokiyb.dll

C:\WINDOWS\system32\wyyokiyb.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\xghuwoeq.dll

C:\WINDOWS\system32\xghuwoeq.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\xhimjrts.exe

C:\WINDOWS\system32\xhimjrts.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\xhwdiyib.ini

C:\WINDOWS\system32\xhwdiyib.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\xiwbtipu.dll

C:\WINDOWS\system32\xiwbtipu.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\xpobvnhu.dll

C:\WINDOWS\system32\xpobvnhu.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\xqffuuvy.ini

C:\WINDOWS\system32\xqffuuvy.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\xqiglwvw.ini

C:\WINDOWS\system32\xqiglwvw.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\xriuxyvl.dll

C:\WINDOWS\system32\xriuxyvl.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\xsmpdcqy.dll

C:\WINDOWS\system32\xsmpdcqy.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\xtxbdoxk.dll

C:\WINDOWS\system32\xtxbdoxk.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\xtyfaqmw.ini

C:\WINDOWS\system32\xtyfaqmw.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\xuxtgdee.ini

C:\WINDOWS\system32\xuxtgdee.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\xysbrqhh.dll

C:\WINDOWS\system32\xysbrqhh.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\yccnpauv.dll

C:\WINDOWS\system32\yccnpauv.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ycsahxoi.dll

C:\WINDOWS\system32\ycsahxoi.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\yfcbdkjo.dll

C:\WINDOWS\system32\yfcbdkjo.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\yimyaowr.ini

C:\WINDOWS\system32\yimyaowr.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\yjwhafgy.dll

C:\WINDOWS\system32\yjwhafgy.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ykyjaanp.dll

C:\WINDOWS\system32\ykyjaanp.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ylkjvxav.exe

C:\WINDOWS\system32\ylkjvxav.exe Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\yrusjmei.ini

C:\WINDOWS\system32\yrusjmei.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\yvdsfxob.dll

C:\WINDOWS\system32\yvdsfxob.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\yvuuffqx.dll

C:\WINDOWS\system32\yvuuffqx.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\yxaskoyr.dll

C:\WINDOWS\system32\yxaskoyr.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\Web\ahrdajva.dll

C:\WINDOWS\Web\ahrdajva.dll Has been deleted!

 

Performing Repairs to the registry.

Done!

 

 

 

 

Hijackthis:

 

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 20:28:17, on 2007-05-11

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\CTsvcCDA.exe

C:\Program Files\Diskeeper\DkService.exe

C:\WINDOWS\system32\msasvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\MsPMSPSv.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\system32\CTHELPER.EXE

C:\Program Files\Creative\ShareDLL\CtNotify.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Creative\ShareDLL\MediaDet.exe

F:\Programe\Ad-Aware SE Professional\Ad-Watch.exe

C:\Program Files\internet explorer\iexplore.exe

F:\Programe\Hijackthis\VERSION TRADUITE ORIGINALE.EXE

F:\Programe\Firefox\firefox.exe

C:\WINDOWS\system32\wuauclt.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.hotmail.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F3 - REG:win.ini: load=C:\WINDOWS\system32\camacttiv.exe

O1 - Hosts: 66.98.148.65 auto.search.msn.com

O1 - Hosts: 66.98.148.65 auto.search.msn.es

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: (no name) - {248AEE7B-BA53-47C1-BC59-4520A9D7C9F3} - C:\WINDOWS\Web\ahrdajva.dll (file missing)

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - F:\Programe\BitComet\tools\BitCometBHO.dll

O2 - BHO: (no name) - {669F1F99-1244-4872-B690-DFC5CB4ADECb} - C:\WINDOWS\system32\hpwrrvuv.dll (file missing)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll

O2 - BHO: (no name) - {ADA2AEC6-C2A3-4C1E-833F-0BB49DDDBA85} - C:\WINDOWS\system32\hpwrrvuv.dll (file missing)

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE

O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"

O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run

O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe

O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [uaafn] C:\Program Files\Jhigk\Agyuq.exe

O4 - HKLM\..\Run: [Opgbqy] C:\Program Files\Yrheswr\Pzln.exe

O4 - HKLM\..\Run: [Puibx] C:\Program Files\Fdfnh\Oabl.exe

O4 - HKLM\..\Run: [btqoq] C:\Program Files\Iletgu\Cbokkfy.exe

O4 - HKLM\..\Run: [Fvujhs] C:\Program Files\Klwzyp\Esrjerg.exe

O4 - HKLM\..\Run: [Ftlamr] C:\Program Files\Lvbfft\Wxcgel.exe

O4 - HKLM\..\Run: [Exovhigi] C:\Program Files\Ndsleo\Yxffhw.exe

O4 - HKLM\..\Run: [Ylvssvrk] C:\Program Files\Zyapzod\Wxqq.exe

O4 - HKLM\..\Run: [Hocyfdn] C:\Program Files\Ejiijb\Eeqefzy.exe

O4 - HKLM\..\Run: [Prifpf] C:\Program Files\Qlmzjo\Isbvfnu.exe

O4 - HKLM\..\Run: [Cgtulag] C:\Program Files\Stmeijs\Reti.exe

O4 - HKLM\..\Run: [Ykvtxfn] C:\Program Files\Ygmnvft\Ogyn.exe

O4 - HKLM\..\Run: [iwqarbfu] C:\Program Files\Ksus\Goyn.exe

O4 - HKLM\..\Run: [bmatvzs] C:\Program Files\Hwdbrlv\Oqrjo.exe

O4 - HKLM\..\Run: [Leosofks] C:\Program Files\Awhq\Bnnqu.exe

O4 - HKLM\..\Run: [Qimjhgtf] C:\Program Files\Mrpcq\Agpuyu.exe

O4 - HKLM\..\Run: [Vuvvn] C:\Program Files\Rtltq\Wccfoun.exe

O4 - HKLM\..\Run: [Zisury] C:\Program Files\Tgtu\Qhhkjgu.exe

O4 - HKLM\..\Run: [uyvva] C:\Program Files\Yixl\Ddcxu.exe

O4 - HKLM\..\Run: [Jqiil] C:\Program Files\Cjcj\Qzglfnb.exe

O4 - HKLM\..\Run: [Lyngyk] C:\Program Files\Uierojs\Lqcsb.exe

O4 - HKLM\..\Run: [Xudmbyb] C:\Program Files\Gbbxki\Aainsw.exe

O4 - HKLM\..\Run: [Kcpsirdb] C:\Program Files\Kdfvcv\Dnteas.exe

O4 - HKLM\..\Run: [bnvuwgvx] C:\Program Files\Bnmdh\Szqnd.exe

O4 - HKLM\..\Run: [biciu] C:\Program Files\Fprbh\Oudgup.exe

O4 - HKLM\..\Run: [Zybwdgdo] C:\Program Files\Pptncg\Ngqm.exe

O4 - HKLM\..\Run: [Lxptn] C:\Program Files\Arwlddx\Lrbt.exe

O4 - HKLM\..\Run: [bosvr] C:\Program Files\Crvruyi\Kuzw.exe

O4 - HKLM\..\Run: [Pjahxv] C:\Program Files\Gtaiule\Xfqw.exe

O4 - HKLM\..\Run: [Dvrubhab] C:\Program Files\Lqwlmp\Yslqn.exe

O4 - HKLM\..\Run: [Qxkxggf] c:\Program Files\Kdilgsr\Ysauw.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [AVG7_CC] F:\Programe\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [avast!] F:\Programe\Avast\ashDisp.exe

O4 - HKLM\..\Run: [desktop] C:\WINDOWS\system32\desktop.exe

O4 - HKLM\..\Run: [Generic Host Process] C:\WINDOWS\system32\camacttiv.exe

O4 - HKLM\..\RunServices: [desktop] C:\WINDOWS\system32\desktop.exe

O4 - HKLM\..\RunServices: [Generic Host Process] C:\WINDOWS\system32\camacttiv.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [AWMON] "F:\Programe\Ad-Aware SE Professional\Ad-Watch.exe"

O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

O8 - Extra context menu item: Download all links using BitComet - res://F:\Programe\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Download all videos using BitComet - res://F:\Programe\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: Download link using &BitComet - res://F:\Programe\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: (no name) - {750A64D8-DFAA-485B-A335-F7093333FBB7} - (no file) (HKCU)

O10 - Broken Internet access because of LSP provider 'xfire_lsp.dll' missing

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,910,0

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: fccyy - fccyy.dll (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - F:\Programe\avgamsvr.exe (file missing)

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - F:\Programe\avgupsvc.exe (file missing)

O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - F:\Programe\avgemc.exe (file missing)

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe

O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Diskeeper\DkService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\system32\msasvc.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 - C:\Program Files\Common Files\SC Test Branding 1 Shared\Service\SCTestService1.exe

O23 - Service: Windows Firewall/Internet Connection Sharing (ICS) (SharedAccess) - Unknown owner - C:\WINDOWS\C:\WINDOWS\System32\svchost.exe (file missing)

Lien vers le commentaire
Partager sur d’autres sites
Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

:P VundoFix a mis un sérieux coup de balai!!

 

A présent, poste le rapport demandé stp >

 

Télécharge et lance DiagHelp comme montré dans ce tutoriel> http://www.malekal.com/DiagHelp/DiagHelp.php

Ne lance que l'option 1 et poste le rapport stp.Attention: n'oublie pas d'appuyer sur une touche lorsque cela te sera demandé à la fin du rapport Catchme.

 

Il y a encore du boulot!! j'ai besoin de voir ce qu'il reste stp. J'attire ton attention sur la phrase notée en rouge ci dessus.

Lien vers le commentaire
Partager sur d’autres sites
Dokiato Member

Dokiato

Posté(e)
  • Auteur
Posté(e) (modifié)

je fais le plus rapidement possible mais (89sur511ko à 0,9ko/s) je sais pas mais le host doit envoyer beaucoups d'info a plusieurs perssonne car c'est très lents ... :P

 

Et en passant d'habitude ca me prend de 3 à 8 min redemarer mon ordi et apres le scan ,ca a pris moins d'une min . :P

 

Editer <- : bon fais deux fois que je le relance et rendu à 17 % le telechargements aret...

Modifié par Dokiato
Lien vers le commentaire
Partager sur d’autres sites
Thanos Devil Member !

Thanos

Posté(e)
Posté(e) (modifié)
Et en passant d'habitude ca me prend de 3 à 8 min redemarer mon ordi et apres le scan ,ca a pris moins d'une min . icon_biggrin.gif

:P et ca ira encore bien mieux après! il y a encore beaucoup de fichiers à éliminer, je vais te donner du boulot !

après tout ca, il va falloir faire un peu de sécurisation pour ne pas que ca se reproduise :P

 

Edit: ah....bon on va faire autrement alors!! je vais te préparer une première procédure!!

Modifié par charles ingals
Lien vers le commentaire
Partager sur d’autres sites
Dokiato Member

Dokiato

Posté(e)
  • Auteur
Posté(e) (modifié)

D'accord ,je vais chercher une autre source voire parce que la j'arrive même plus a le lancer le telechargement avec le lien ...Et en passant ,il y a un prob qui me cause bcps (je ne peux pas utilisé mon task messenger) /cry

 

Edit <- : Windows fatal eror /Dont send / Dr waurst ->dont send... faut jreeboot sa l'air

Modifié par Dokiato
Lien vers le commentaire
Partager sur d’autres sites
Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

à mon avis tu dois avoir une bande passante bien amoindrie ! je ne pense pas que tu trouvera une autre source, et même si c'est le cas, ca ne changera pas grand chose!!

 

Essaie ici à tout hasard >

 

-Rend toi sur cette page afin de télécharger le fichier DiagHelp > http://www.sendspace.com/file/bk38tc

pour cela, clique sur le lien en bas de page > pointright.gifDownload Link: DiagHelp

 

Si tu n'y parviens toujours pas, je te poste une première procédure pour nettoyer.

Lien vers le commentaire
Partager sur d’autres sites
Dokiato Member

Dokiato

Posté(e)
  • Auteur
Posté(e) (modifié)

Ca ma pris 3 sec -.- lol

 

Ps-The command prompt has been disabled by your administrator ... j'ai jamais desactiver ca pi command on le reactive

 

-> je sais je suis un boulet :S

Modifié par Dokiato
Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...