Wininit32.exe
Wininit32.exe - Win NT/2K/XP - Windows & Software
Marsh Posté le 19-04-2004 à 20:41:55
fichier inexistant sur mon windows ( xp pro sp1 ) ainsi que sous 2000 et 98 ...
---------------
:Moultiplayers:.:Quatuor Chevalier:.:Admin G15-france.com:.:Wiki -G15-france:.:-Papa-:.
Marsh Posté le 19-04-2004 à 20:43:19
ok merci donc si je le balance sa devrait pas faire sauté mon ordi ??? :0
Marsh Posté le 19-04-2004 à 21:06:53
C'est normal que ce fichier soit infecté car C'EST le fichier justement qui commande le virus. Bon courage. Et met à jour ton antivirus.
Marsh Posté le 19-04-2004 à 21:19:20
oui je viens de voir sa mmmmm apparemment même à jour norton ne le vois pas j'ai déjà bousiller une ou deux clé de registre et juste ou vont les clé de registre supprimer elle parte à tout jamais ???
et vous
Supprime les valeurs suivantes:
"Configuration Loader"
"Update"
"WinUpdate"
"Task Manager"
"Windows API Structure"
"Microsoft Diagnostic"
"3Dfx Acc"
"ABsr"
"adp"
"Advapi"
"AIM reminder"
"Alevir"
"Alogserv"
"Amon"
"AnVir"
"Apvxd"
"Apvxdwin"
"ausvc"
"Avast32"
"AvconsoleEXE"
"Avgserv9.exe"
"AvMaiSrv"
"avpcc"
"avx communicator"
"avxlni"
"awhost32"
"Backwork"
"bargains"
"bitdefenderlive"
"BlackIce Utility"
"BMail Installation"
"Bnexe"
"BOCleanautostart"
"Configuration Manager"
"dlder"
"Vet Alert"
"ExplorerTask"
"Bonzi Buddy"
"boot"
"Bymer.Scanner"
"cAgOu"
"CC2KUI"
"Choke"
"CLICKTHEBUTTON"
"CmeSYS"
"CmeUPD"
"msnb"
"Configuration Wizard"
"CoreSrv"
"CyDoor"
"Debug"
"distributed.net client"
"LangSupportEx"
"DownloadWare"
"Dvp95"
"Eac_Cnry"
"eixfi"
"Element"
"Explorer32"
"F-StopW"
"Gator"
"Vet Start UpHookSys"
"I386"
"Kernell32"
"Kernel32"
"LoadBlackD"
"LoadDBackUp"
"LoadFonts"
"LoadOrderVerification"
"LTM2"
"McAfee Firewall"
"McAfeeVirusScanService" "mnsvc"
"MPFExe"
"MprHTML"
"MSAdmin"
"WinUpdatermsdos423"
"MSKernel32"
"msn"
"Msrc"
"MSREGIT"
"Ms Spool32"
"Mswincfg"
"murphy shield"
"Default"
"MxHLp32"
"Myapp"
"NAV Agent"
"navapw32"
"NAV Configuration Wizard"
"NAV DefAlert"
"Netapi"
"Nod32CC"
"Norton Auto-Protect"
"ogrc"
"PAV.EXE"
"PCStart"
"PersFw"
"PPMemCheck"
"procmon"
"RapApp"
"TaskMan"
"rvds"
"rdvs"
"Registry"
"Run_cd"
"Rundllsystem32"
"RunProg"
"ScanInicio"
"ScrSvr"
"VAGuard"
"server"
"serverex"
"Shellapi32"
"sistrai.exe"
"sistray"
"SyncAgent"
"SysProtect"
"SysScan"
"Explorer"
"SystemBoot"
"SystemFTP"
"SystemMD"
"System Monitor"
"SystemReg"
"System-Service"
"Task Bar"
"TaskReg"
"Taskschd"
"Tau monitor"
"tcactive"
"tcmonitor"
"Tiny Personal Firewall"
"TrojanScanner"
"UMXLDRW"
"vscanner"
"Vshwin32EXE"
"VsStatEXE"
"WebScan"
"WebScanX"
"Webtrap"
"Whvlxd"
"Win32BaseServiceMOD"
"Win32DLL"
"Win32 Rundll Loader"
"Win386"
"Winahlp.exe"
"WIN-BUGSFIX"
"Windows"
"WinDSNX"
"WinLoader"
"WinProfile"
"WinProxy"
"Win Server"
"winserver"
"Win Server Updt"
"Winsvc32"
"Winsys"
"WinSystem"
"WQK"
"Zonavirus"
"ZoneAlarm"
"ZoneAlarm Pro"
"vsmon"
"vsmon.exe"
"zzgshp"
"WinHelp"
"WinGate initialize"
"Program In Windows"
"Remote Procedure Call Locator"
"WinDSNX"
"Windows Subsys"
"msconfigurator"
"ps2"
"cmd"
"Supernova"
"WindowsMGM"
"NeroCheck"
"LoadWinConf"
"messnger"
"explore"
"FuckCop"
"InternetConfigure"
"Api"
"Svhost Loader"
"Gforce4DRv"
"Ccapp"
"Ccevtmgr"
"Ccpxysvc"
"Ccregvfy"
"Cd_load"
"Cmesys"
"Cmgrdian"
"Comsocks"
"Cpdclnt"
"Cpd"
"Absr"
"Adservice"
"Aornum"
"Arupld32"
"Atrack"
"wins"
"fSys"
"rundll"
"rundll32"
"Network Connections"
"NTFix"
"System Service"
"windows update"
"WinConfig"
"print sharing"
"WindowsUpdate"
"Loader"
"GForce4DR"
"Microsoft System Monitor"
"Windows Registry Checker"
"WindowsFix32"
"winupd32.exe"
"CriticalUpdate"
"Wininit"
"LoadWinConf"
"vhostl"
"Svhost Loader"
"GForce4DRv"
"ssdpsrv.exe"
"ssdpsvr.exe"
"System Service"
"WindowsUpdate"
"Internat32.exe"
"Winsock2 driverSysCmd"
"NTsocket"
"updatek"
"webiss"
"explorer"
"systemtray"
"systemtray32"
"SystemTray32"
"systray"
"SysTray"
"SysTray32"
"GhostStartTrayApp"
"SymTray - Norton SystemWorks"
"fuckyou"
"WinFix32.exe"
"vptray"
"SystemUpdate"
"Microsoft Configuration"
"WinApp32"
"SVHOST"
"PrinTray"
"tskdbg"
"CMESys"
"CMD"
"WINTASK"
"TaskMonitor"
"winapidr"
"Com+Services"
"System Configuration"
"WIN32 DEBUG"
"poeto."
"NAV Live Update"
"Windows Explorer"
"config32.exe"
"Pop3trap.exe"
"WebTrapNT.exe"
"TrackPointSrv"
"Microsoft Netview"
"Generic Host Process for Win32 Services"...
"AdobeA"
"win32app"
"Explorer de la dc"
"ColdLife - icmp"
"ColdLife ?icmp"
"NT Guard"
"Sustem"
"updateWin"
"Winsock32 driver"
"windows auto update"
des clefs de registre:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion \ RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion \ RunServices
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion \ RunOnce
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
avez vous encore ces valeur cité en dessus ???
Marsh Posté le 19-04-2004 à 21:20:54
Tu veux qu'on vérifie la présence de chacune des valeurs que tu as cité ? 
Marsh Posté le 19-04-2004 à 20:39:23
Bonjour,
Heu mon fichier wininit32.exe est apparement infecté par un virus w32.Xabot.worm je pense ( après un poil de recherche ) mais c'est quoi ce fichier wininit32 peut on le détruire et comment détruire le virus si norton ne le détecte pas ...
Ya t'il un docteur dans le forum