Findykill
Résolu
Utilisateur anonyme
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
j'ai fait comme indiqué ici : http://www.commentcamarche.net/faq/sujet 9889 comment supprimer le virus beagle bagle#premiere methode findykill
et sa me donne sa :
############################## | FindyKill V6.003 |
# User : Utilisateur (Administrateurs) # PC-DE-UTILISATE
# Update on 07/07/09 by Chiquitine29 & C_XX
# Start at: 17:01:06 | 07/07/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# AMD Turion(tm) 64 X2 Mobile Technology TL-56
# Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
# Internet Explorer 8.0.6001.18783
# Windows Firewall Status : Enabled
# AV : avast! antivirus 4.8.1229 [VPS 081114-0] 4.8.1229 [ Enabled | Updated ]
# C:\ # Disque fixe local # 141,04 Go (56,5 Go free) # NTFS
# D:\ # Disque fixe local # 8,01 Go (7,13 Go free) [_OEMBP] # NTFS
# E:\ # Disque CD-ROM
# G:\ # Disque amovible # 3,76 Go (3,55 Go free) [STORE'N'GO] # FAT32
# H:\ # Disque amovible # 120,8 Mo (10,97 Mo free) [USB] # FAT
############################## | Processus actifs |
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
################## | Registre Startup |
HKCU_Main: "Local Page"="C:\\Windows\\system32\\blank.htm"
HKCU_Main: "Search Page"="https://www.google.com/?gws_rd=ssl"
HKCU_Main: "Start Page"="about:blank"
HKCU_Main: "Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
HKCU_Main: "Start Page Redirect Cache AcceptLangs"="fr"
HKCU_Main: "Start Page Redirect Cache_TIMESTAMP"=hex:b0,b3,03,3d,5a,b8,c9,01
HKLM_logon: "Userinit"="C:\\Windows\\system32\\userinit.exe,"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: Windows Defender=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
HKLM_Run: avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKLM_Run: snpstd3=C:\Windows\vsnpstd3.exe
HKLM_Run: SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
HKLM_Run: pzbahehjxavyxb=C:\Windows\System32\regsvr32.exe /s "C:\Windows\system32\jfesrfqahjoemln.dll"
HKLM_Run: Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM_Run: NeroFilterCheck=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: Sidebar=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKCU_Run: MsnMsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
HKCU_Run: ehTray.exe=C:\Windows\ehome\ehTray.exe
HKCU_Run: Shareaza="C:\Program Files\Shareaza\Shareaza.exe" -tray
HKCU_Run: swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKCU_Run: SpybotSD TeaTimer=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
HKCU_Run: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
HKCU_Run: WMPNSCFG=C:\Program Files\Windows Media Player\WMPNSCFG.exe
HKCU_Run: BitTorrent DNA="C:\Program Files\DNA\btdna.exe"
################## | Fichiers # Dossiers infectieux |
Présent ! C:\Windows\Temp\sig3F60.tmp
################## | C:\Users\Utilisateur\Temporary Internet Files |
################## | All Drives ... |
################## | Registre # Clés Run infectieuses |
################## | Registre # Mountpoints2 |
################## | Etat / Services / Informations |
# Affichage des fichiers cachés : OK
# Mode sans echec : OK
# Uac : OK
# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# Wlansvc -> Start = 2 ( Good = 2 | Bad = 4 )
# (!) SharedAccess -> Start = 4 ( Good = 2 | Bad = 4 )
# windefend -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )
################## | Cracks / Keygens / Serials |
a quoi sa corespond ?
j'ai fait comme indiqué ici : http://www.commentcamarche.net/faq/sujet 9889 comment supprimer le virus beagle bagle#premiere methode findykill
et sa me donne sa :
############################## | FindyKill V6.003 |
# User : Utilisateur (Administrateurs) # PC-DE-UTILISATE
# Update on 07/07/09 by Chiquitine29 & C_XX
# Start at: 17:01:06 | 07/07/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# AMD Turion(tm) 64 X2 Mobile Technology TL-56
# Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
# Internet Explorer 8.0.6001.18783
# Windows Firewall Status : Enabled
# AV : avast! antivirus 4.8.1229 [VPS 081114-0] 4.8.1229 [ Enabled | Updated ]
# C:\ # Disque fixe local # 141,04 Go (56,5 Go free) # NTFS
# D:\ # Disque fixe local # 8,01 Go (7,13 Go free) [_OEMBP] # NTFS
# E:\ # Disque CD-ROM
# G:\ # Disque amovible # 3,76 Go (3,55 Go free) [STORE'N'GO] # FAT32
# H:\ # Disque amovible # 120,8 Mo (10,97 Mo free) [USB] # FAT
############################## | Processus actifs |
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
################## | Registre Startup |
HKCU_Main: "Local Page"="C:\\Windows\\system32\\blank.htm"
HKCU_Main: "Search Page"="https://www.google.com/?gws_rd=ssl"
HKCU_Main: "Start Page"="about:blank"
HKCU_Main: "Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
HKCU_Main: "Start Page Redirect Cache AcceptLangs"="fr"
HKCU_Main: "Start Page Redirect Cache_TIMESTAMP"=hex:b0,b3,03,3d,5a,b8,c9,01
HKLM_logon: "Userinit"="C:\\Windows\\system32\\userinit.exe,"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: Windows Defender=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
HKLM_Run: avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKLM_Run: snpstd3=C:\Windows\vsnpstd3.exe
HKLM_Run: SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
HKLM_Run: pzbahehjxavyxb=C:\Windows\System32\regsvr32.exe /s "C:\Windows\system32\jfesrfqahjoemln.dll"
HKLM_Run: Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM_Run: NeroFilterCheck=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: Sidebar=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKCU_Run: MsnMsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
HKCU_Run: ehTray.exe=C:\Windows\ehome\ehTray.exe
HKCU_Run: Shareaza="C:\Program Files\Shareaza\Shareaza.exe" -tray
HKCU_Run: swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKCU_Run: SpybotSD TeaTimer=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
HKCU_Run: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
HKCU_Run: WMPNSCFG=C:\Program Files\Windows Media Player\WMPNSCFG.exe
HKCU_Run: BitTorrent DNA="C:\Program Files\DNA\btdna.exe"
################## | Fichiers # Dossiers infectieux |
Présent ! C:\Windows\Temp\sig3F60.tmp
################## | C:\Users\Utilisateur\Temporary Internet Files |
################## | All Drives ... |
################## | Registre # Clés Run infectieuses |
################## | Registre # Mountpoints2 |
################## | Etat / Services / Informations |
# Affichage des fichiers cachés : OK
# Mode sans echec : OK
# Uac : OK
# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# Wlansvc -> Start = 2 ( Good = 2 | Bad = 4 )
# (!) SharedAccess -> Start = 4 ( Good = 2 | Bad = 4 )
# windefend -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )
################## | Cracks / Keygens / Serials |
a quoi sa corespond ?
45 réponses
mon ordi remarche !!! il démarre normal tout bien, tout comme d'habitude (que je l'ador quand il met 10ans a démarré et quand il met 10min a me connecté sur msn =) ), ya méme la touche "fn" (qui ne marché plus) qui remarche, pas encor avec tout les raccourcis mais c'est déja sa ^^.
ps : est se que c'est normal que le centre de sécurité me dit qui a pas d'anti-virus ? les mises a jour son faite !
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named TeaTimer.exe was found!
========== SERVICES/DRIVERS ==========
Service\Driver naecd deleted successfully.
Service\Driver Boonty Games deleted successfully.
========== FILES ==========
C:\Windows\system32\jfesrfqahjoemln.dll unregistered successfully.
C:\Windows\system32\jfesrfqahjoemln.dll moved successfully.
File/Folder C:\SYS_List.txt not found.
C:\Windows\bkit6768.exe moved successfully.
C:\Windows\wtofj3410.exe moved successfully.
C:\Windows\kdiue732.txt moved successfully.
File/Folder C:\Users\UTILIS~1\AppData\Local\Temp\naecd.sys not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE2429AA-9D41-3B38-24BB-4C1217AE3524}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CE2429AA-9D41-3B38-24BB-4C1217AE3524}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\pzbahehjxavyxb not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\GrpConv deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLS deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ntrconnect\ deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Utilisateur
->Temp folder emptied: 86564863 bytes
->Temporary Internet Files folder emptied: 11292689 bytes
->Java cache emptied: 592489 bytes
%systemdrive% .tmp files removed: 0 bytes
C:\Windows\msdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 23169663 bytes
Total Files Cleaned = 116,02 mb
OTM by OldTimer - Version 3.0.0.4 log created on 07082009_105959
Files moved on Reboot...
Registry entries deleted on Reboot...
ps : est se que c'est normal que le centre de sécurité me dit qui a pas d'anti-virus ? les mises a jour son faite !
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named TeaTimer.exe was found!
========== SERVICES/DRIVERS ==========
Service\Driver naecd deleted successfully.
Service\Driver Boonty Games deleted successfully.
========== FILES ==========
C:\Windows\system32\jfesrfqahjoemln.dll unregistered successfully.
C:\Windows\system32\jfesrfqahjoemln.dll moved successfully.
File/Folder C:\SYS_List.txt not found.
C:\Windows\bkit6768.exe moved successfully.
C:\Windows\wtofj3410.exe moved successfully.
C:\Windows\kdiue732.txt moved successfully.
File/Folder C:\Users\UTILIS~1\AppData\Local\Temp\naecd.sys not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE2429AA-9D41-3B38-24BB-4C1217AE3524}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CE2429AA-9D41-3B38-24BB-4C1217AE3524}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\pzbahehjxavyxb not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\GrpConv deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLS deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ntrconnect\ deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Utilisateur
->Temp folder emptied: 86564863 bytes
->Temporary Internet Files folder emptied: 11292689 bytes
->Java cache emptied: 592489 bytes
%systemdrive% .tmp files removed: 0 bytes
C:\Windows\msdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 23169663 bytes
Total Files Cleaned = 116,02 mb
OTM by OldTimer - Version 3.0.0.4 log created on 07082009_105959
Files moved on Reboot...
Registry entries deleted on Reboot...
tu es sur que sa sert ?
parce que minen tout marche bien, c'est bon, l'anti-virus est reconu maintenent, les mise a jour sont faite, tout est nikel.
parce que minen tout marche bien, c'est bon, l'anti-virus est reconu maintenent, les mise a jour sont faite, tout est nikel.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question