Coktail de virus

Réponse 21 / 33

Utilisateur anonyme

je parlais de ceci : ^^

C:\WINDOWS\phd2dll.INI

milnight

Ah OK !

C'est un fichier type paramètre de configuration
taille 112 octets

Réponse 22 / 33

Utilisateur anonyme

▶ Télécharge : Gmer (by Przemyslaw Gmerek)

▶ Dezippe gmer ,cliques sur l'onglet rootkit,lances le scan,des lignes rouges vont apparaitre.

▶ Les lignes rouges indiquent la presence d'un rootkit.Postes moi le rapport gmer (cliques sur copy,puis vas dans demarrer ,puis ouvres le bloc note,vas dans edition et cliques sur coller,le rapport gmer va apparaitre,postes moi le)

Ensuite

▶ sur les lignes rouge:

▶ Services:cliques droit delete service
▶ Process:cliques droit kill process
▶ Adl ,file:cliques droit delete files

milnight

Je n'ai pas de lignes rouges mais je te poste quand même le rapport :

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-27 16:03:01
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\Emilie\LOCALS~1\Temp\pxdyapod.sys

---- System - GMER 1.0.15 ----

SSDT F8F00D0E ZwCreateKey
SSDT F8F00D04 ZwCreateThread
SSDT F8F00D13 ZwDeleteKey
SSDT F8F00D1D ZwDeleteValueKey
SSDT F8F00D22 ZwLoadKey
SSDT F8F00CF0 ZwOpenProcess
SSDT F8F00CF5 ZwOpenThread
SSDT F8F00D2C ZwReplaceKey
SSDT F8F00D27 ZwRestoreKey
SSDT F8F00D18 ZwSetValueKey
SSDT F8F00CFF ZwTerminateProcess

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Fastfat \Fat EC535C8A

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

Réponse 23 / 33

Utilisateur anonyme

salut execute ceci et poste le rapport stp

http://sd-1.archive-host.com/membres/up/829108531491024/Temp_Tools/registre.exe

milnight

Bonjour,

SteelWerX Registry Console Tool 3.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
Recguard REG_SZ C:\WINDOWS\SMINST\RECGUARD.EXE
PinnacleDriverCheck REG_SZ C:\WINDOWS\System32\PSDrvCheck.exe
IntelliType REG_SZ "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
ATIPTA REG_SZ C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
ATICCC REG_SZ "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
avgnt REG_SZ "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
Adobe ARM REG_SZ "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents

SteelWerX Registry Console Tool 3.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe REG_SZ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger
C:\WINDOWS\system32\sessmgr.exe REG_SZ C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019
C:\Program Files\eMule\emule.exe REG_SZ C:\Program Files\eMule\emule.exe:*:Disabled:eMule
C:\Program Files\VideoLAN\VLC\vlc.exe REG_SZ C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player
C:\Program Files\MSN Messenger\msnmsgr.exe REG_SZ C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.1
C:\Program Files\MSN Messenger\livecall.exe REG_SZ C:\Program Files\MSN Messenger\livecall.exe:*:Disabled:Windows Live Messenger 8.1 (Phone)
C:\Program Files\Avira\AntiVir Desktop\avcenter.exe REG_SZ C:\Program Files\Avira\AntiVir Desktop\avcenter.exe:*:Disabled:Démarrer AntiVir
C:\Program Files\Avira\AntiVir Desktop\update.exe REG_SZ C:\Program Files\Avira\AntiVir Desktop\update.exe:*:Disabled:update.exe
C:\Program Files\HomePlayer\HomePlayer.exe REG_SZ C:\Program Files\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer
C:\Program Files\HomePlayer\VLC\vlc.exe REG_SZ C:\Program Files\HomePlayer\VLC\vlc.exe:*:Enabled:VLC HomePlayer
C:\Program Files\Microsoft Money 2005\MNYCoreFiles\msmoney.exe REG_SZ C:\Program Files\Microsoft Money 2005\MNYCoreFiles\msmoney.exe:*:Disabled:Microsoft Money

SteelWerX Registry Console Tool 3.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\software\microsoft\security center
AntiVirusDisableNotify REG_DWORD 0 (0x0)
FirewallDisableNotify REG_DWORD 0 (0x0)
UpdatesDisableNotify REG_DWORD 0 (0x0)
AntiVirusOverride REG_DWORD 1 (0x1)
FirewallOverride REG_DWORD 0 (0x0)

HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring

milnight > milnight

Je vois que j'ai encore MSN messenger, je pensais l'avoir désinstallé ... ?

Réponse 24 / 33

Utilisateur anonyme

ah ?

bon il a pas fonctionné car j'ai fait une erreur que j ai corrigé

retelecharge-le et relance-le

milnight

SteelWerX Registry Console Tool 3.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
Recguard REG_SZ C:\WINDOWS\SMINST\RECGUARD.EXE
PinnacleDriverCheck REG_SZ C:\WINDOWS\System32\PSDrvCheck.exe
IntelliType REG_SZ "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
ATIPTA REG_SZ C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
ATICCC REG_SZ "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
avgnt REG_SZ "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
Adobe ARM REG_SZ "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents

SteelWerX Registry Console Tool 3.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe REG_SZ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger
C:\WINDOWS\system32\sessmgr.exe REG_SZ C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019
C:\Program Files\eMule\emule.exe REG_SZ C:\Program Files\eMule\emule.exe:*:Disabled:eMule
C:\Program Files\VideoLAN\VLC\vlc.exe REG_SZ C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player
C:\Program Files\MSN Messenger\msnmsgr.exe REG_SZ C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.1
C:\Program Files\MSN Messenger\livecall.exe REG_SZ C:\Program Files\MSN Messenger\livecall.exe:*:Disabled:Windows Live Messenger 8.1 (Phone)
C:\Program Files\Avira\AntiVir Desktop\avcenter.exe REG_SZ C:\Program Files\Avira\AntiVir Desktop\avcenter.exe:*:Disabled:Démarrer AntiVir
C:\Program Files\Avira\AntiVir Desktop\update.exe REG_SZ C:\Program Files\Avira\AntiVir Desktop\update.exe:*:Disabled:update.exe
C:\Program Files\HomePlayer\HomePlayer.exe REG_SZ C:\Program Files\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer
C:\Program Files\HomePlayer\VLC\vlc.exe REG_SZ C:\Program Files\HomePlayer\VLC\vlc.exe:*:Enabled:VLC HomePlayer
C:\Program Files\Microsoft Money 2005\MNYCoreFiles\msmoney.exe REG_SZ C:\Program Files\Microsoft Money 2005\MNYCoreFiles\msmoney.exe:*:Disabled:Microsoft Money

SteelWerX Registry Console Tool 3.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\software\microsoft\security center
AntiVirusDisableNotify REG_DWORD 0 (0x0)
FirewallDisableNotify REG_DWORD 0 (0x0)
UpdatesDisableNotify REG_DWORD 0 (0x0)
AntiVirusOverride REG_DWORD 1 (0x1)
FirewallOverride REG_DWORD 0 (0x0)

HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring

Réponse 25 / 33

Utilisateur anonyme

grrrrr....tu es sur que c est pas le premier que tu as relancé ?

milnight

J'ai repris le lien que tu as mis, je n'en ai pas d'autre !

Réponse 26 / 33

Utilisateur anonyme

salut reessaie-le en mode sans echec

milnight

résultat en mode sans échec :

SteelWerX Registry Console Tool 3.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
Recguard REG_SZ C:\WINDOWS\SMINST\RECGUARD.EXE
PinnacleDriverCheck REG_SZ C:\WINDOWS\System32\PSDrvCheck.exe
IntelliType REG_SZ "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
ATIPTA REG_SZ C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
ATICCC REG_SZ "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
avgnt REG_SZ "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
Adobe ARM REG_SZ "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents

SteelWerX Registry Console Tool 3.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe REG_SZ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger
C:\WINDOWS\system32\sessmgr.exe REG_SZ C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019
C:\Program Files\eMule\emule.exe REG_SZ C:\Program Files\eMule\emule.exe:*:Disabled:eMule
C:\Program Files\VideoLAN\VLC\vlc.exe REG_SZ C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player
C:\Program Files\MSN Messenger\msnmsgr.exe REG_SZ C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.1
C:\Program Files\MSN Messenger\livecall.exe REG_SZ C:\Program Files\MSN Messenger\livecall.exe:*:Disabled:Windows Live Messenger 8.1 (Phone)
C:\Program Files\Avira\AntiVir Desktop\avcenter.exe REG_SZ C:\Program Files\Avira\AntiVir Desktop\avcenter.exe:*:Disabled:Démarrer AntiVir
C:\Program Files\Avira\AntiVir Desktop\update.exe REG_SZ C:\Program Files\Avira\AntiVir Desktop\update.exe:*:Disabled:update.exe
C:\Program Files\HomePlayer\HomePlayer.exe REG_SZ C:\Program Files\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer
C:\Program Files\HomePlayer\VLC\vlc.exe REG_SZ C:\Program Files\HomePlayer\VLC\vlc.exe:*:Enabled:VLC HomePlayer
C:\Program Files\Microsoft Money 2005\MNYCoreFiles\msmoney.exe REG_SZ C:\Program Files\Microsoft Money 2005\MNYCoreFiles\msmoney.exe:*:Disabled:Microsoft Money

SteelWerX Registry Console Tool 3.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\software\microsoft\security center
AntiVirusDisableNotify REG_DWORD 0 (0x0)
FirewallDisableNotify REG_DWORD 0 (0x0)
UpdatesDisableNotify REG_DWORD 0 (0x0)
AntiVirusOverride REG_DWORD 1 (0x1)
FirewallOverride REG_DWORD 0 (0x0)

HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring

Réponse 27 / 33

Utilisateur anonyme

▶ Désactive ton antivirus le temps de la manipulation car OTM est détecté comme une infection à tort.

▶ Télécharge OTM (OldTimer) sur ton Bureau :

▶ Double-clique sur OTM.exe afin de le lancer.

▶ Copie (Ctrl+C) le texte suivant ci-dessous :

:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe

:reg
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"=-
C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019"
C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
C:\Program Files\Avira\AntiVir Desktop\avcenter.exe"="C:\Program Files\Avira\AntiVir Desktop\avcenter.exe:*:Enabled:Démarrer AntiVir"
C:\Program Files\Avira\AntiVir Desktop\update.exe"="C:\Program Files\Avira\AntiVir Desktop\update.exe:*:Enabled:update.exe"

:commands
[emptytemp]
[start explorer]
[reboot]
▶ Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

▶ Clique maintenant sur le bouton MoveIt! puis ferme OTM

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

▶ Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\

*Le nom du rapport correspond au moment de sa création : date_heure.log

milnight

rapport OTM :

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" not found.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\WINDOWS\system32\sessmgr.exe"|"C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"C:\Program Files\Avira\AntiVir Desktop\avcenter.exe"="C:\Program Files\Avira\AntiVir Desktop\avcenter.exe:*:Enabled:Démarrer AntiVir"C:\Program Files\Avira\AntiVir Desktop\update.exe"="C:\Program Files\Avira\AntiVir Desktop\update.exe:*:Enabled:update.exe" /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: Emilie
->Temp folder emptied: 687886 bytes
->Temporary Internet Files folder emptied: 49554 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 126532070 bytes
->Flash cache emptied: 1540899 bytes

User: LocalService
->Temp folder emptied: 65716 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 36158 bytes
RecycleBin emptied: 590844 bytes

Total Files Cleaned = 124,00 mb

OTM by OldTimer - Version 3.1.10.0 log created on 03022010_101239

Files moved on Reboot...

Registry entries deleted on Reboot...

Réponse 28 / 33

Utilisateur anonyme

desole j'ai fait une faute d'impression , recolle ceci dans OTM afin d'effectuer la correction

:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe

:reg
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"=-
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"=-
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Avira\AntiVir Desktop\avcenter.exe"="C:\Program Files\Avira\AntiVir Desktop\avcenter.exe:*:Enabled:Démarrer AntiVir"
"C:\Program Files\Avira\AntiVir Desktop\update.exe"="C:\Program Files\Avira\AntiVir Desktop\update.exe:*:Enabled:update.exe"

:commands
[emptytemp]
[start explorer]
[reboot]

milnight

nouveau rapport OTM :

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list not found.
Registry key HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list not found.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\"C:\WINDOWS\system32\sessmgr.exe"|"C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019" /E : value set successfully!
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\"C:\Program Files\eMule\emule.exe"|"C:\Program Files\eMule\emule.exe:*:Enabled:eMule" /E : value set successfully!
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\"C:\Program Files\VideoLAN\VLC\vlc.exe"|"C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player" /E : value set successfully!
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\"C:\Program Files\MSN Messenger\msnmsgr.exe"|"C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" /E : value set successfully!
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\"C:\Program Files\MSN Messenger\livecall.exe"|"C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" /E : value set successfully!
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\"C:\Program Files\Avira\AntiVir Desktop\avcenter.exe"|"C:\Program Files\Avira\AntiVir Desktop\avcenter.exe:*:Enabled:Démarrer AntiVir" /E : value set successfully!
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\"C:\Program Files\Avira\AntiVir Desktop\update.exe"|"C:\Program Files\Avira\AntiVir Desktop\update.exe:*:Enabled:update.exe" /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Emilie
->Temp folder emptied: 1346 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 14741897 bytes
->Flash cache emptied: 405 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 16786 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 14,00 mb

OTM by OldTimer - Version 3.1.10.0 log created on 03022010_102415

Files moved on Reboot...

Registry entries deleted on Reboot...

Réponse 29 / 33

Utilisateur anonyme

c'est bon c'est le resultat que je voulais voir ;)

as-tu encore des soucis particuliers ?

milnight

Tout d'abord, merci pour tout le travail fournit. Je n'ai plus de problèmes.

Juste 3 questions :

1- comment supprimer des fichiers qui ne veulent pas se désinstaller via le panneau de configuration ? (ex j'ai changé d'appareil photo numérique et je souhaiterais supprimer tous les logiciels qui concerne l'ancien APN).

2- Comment être sûr d'avoir les bonnes mises à jour des différents programmes utilisés ?

3- Parmi les différents programmes chargés pour la résolution du problème, lesquels sont à conserver ou supprimer ?

Emilie.

Réponse 30 / 33

Utilisateur anonyme

pas de quoi ;)

milnight

rapport Tcleaner :

[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Combofix.txt: trouvé !
C:\Qoobox: trouvé !
C:\_OTM: trouvé !
C:\Documents and Settings\Emilie\Bureau\Gmer.exe: trouvé !
C:\Documents and Settings\Emilie\Bureau\Gmer.zip: trouvé !
C:\Documents and Settings\Emilie\Bureau\OTM.exe: trouvé !
C:\Qoobox\Quarantine\catchme.log: trouvé !
C:\WINDOWS\mbr.exe: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\Emilie\Bureau\Gmer.exe: supprimé !
C:\Documents and Settings\Emilie\Bureau\Gmer.zip: supprimé !
C:\Documents and Settings\Emilie\Bureau\OTM.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\Qoobox\Quarantine\catchme.log: supprimé !
C:\WINDOWS\mbr.exe: supprimé !
C:\Qoobox: supprimé !
C:\_OTM: supprimé !

Réponse 31 / 33

benjamindu58futur11 Messages postés 135 Date d'inscription Statut Membre Dernière intervention 6

Eh ben, on voit que t'as pas fumé que la moquette hier ^^'

Réponse 32 / 33

Utilisateur anonyme

comment supprimer des fichiers qui ne veulent pas se désinstaller via le panneau de configuration ? (ex j'ai changé d'appareil photo numérique et je souhaiterais supprimer tous les logiciels qui concerne l'ancien APN).

les noms des programmes ?

sinon les messages d'erreurs ?

sinon essaie avec ceci :

https://www.revouninstaller.com/

milnight

problème résolu.

Merci.

Réponse 33 / 33

Utilisateur anonyme

bon surf ;)

Coktail de virus

33 réponses

Discussions similaires