Forum Clubic

Pub CID sans cesse

bonjour
voila tout est dan le tritre
j’ai suivi la precedur de ce site : www.aidoforum.com…
merci de m’aider
A+


Deckard’s System Scanner v20071014.68
Run by VALERIE on 2008-03-06 12:53:09
Computer is in Normal Mode.

– System Restore --------------------------------------------------------------

Successfully created a Deckard’s System Scanner Restore Point.

– Last 5 Restore Point(s) –
27: 2008-03-06 11:53:16 UTC - RP164 - Deckard’s System Scanner Restore Point
26: 2008-03-06 11:23:42 UTC - RP163 - Removed Macrogaming SweetIM 2.1
25: 2008-03-04 15:42:26 UTC - RP162 - Point de vérification système
24: 2008-02-27 18:30:41 UTC - RP161 - Point de vérification système
23: 2008-02-19 18:01:31 UTC - RP160 - Point de vérification système

– First Restore Point –
1: 2008-01-06 13:54:33 UTC - RP138 - Software Distribution Service 3.0

Backed up registry hives.
Performed disk cleanup.

– HijackThis (run as VALERIE.exe) ---------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:54:47, on 06/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wbsecsvc.exe
C:\Program Files\winbond\w89c33\wwu.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Documents and Settings\VALERIE\Bureau\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\VALERIE.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = fr.yahoo.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.yahoo.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d’Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM…\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM…\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM…\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM…\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM…\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe”
O4 - HKLM…\Run: [blue delete title meow] C:\Documents and Settings\All Users\Application Data\up hold blue delete\Mfcd creative.exe
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [Multi dash] C:\DOCUME~1\VALERIE\APPLIC~1\Grimdrv\meta tray defy.exe
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - Global Startup: WWU.lnk = C:\Program Files\winbond\w89c33\wwu.exe
O8 - Extra context menu item: &Search - ?p=ZSzim029YYFR
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\OCEANE\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - messenger.zone.msn.com…
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - s.tf1.fr…
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - messenger.zone.msn.com…
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - messenger.zone.msn.com…
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - messenger.zone.msn.com…
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - download.divx.com…
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - messenger.zone.msn.com…
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - messenger.zone.msn.com…
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - messenger.zone.msn.com…
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com…
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - messenger.zone.msn.com…
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - messenger.zone.msn.com…
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: wbsecsvc - Winbond - C:\WINDOWS\system32\wbsecsvc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe


End of file - 8068 bytes

– File Associations -----------------------------------------------------------

All associations okay.

– Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 wbsecdrv (wbsecdrv Protocol Driver) - c:\windows\system32\drivers\wbsecdrv.sys <Not Verified; Winbond; Winbond wbsecdrv>

S3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
S3 SNPSTD3 (USB PC Camera (SNPSTD3)) - c:\windows\system32\drivers\snpstd3.sys <Not Verified; ; PC Camera driver>

– Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 wbsecsvc - c:\windows\system32\wbsecsvc.exe /service <Not Verified; Winbond; organization wbsecsvc>

S2 CLTNetCnService (Symantec Lic NetConnect service) - “c:\program files\fichiers communs\symantec shared\ccsvchst.exe” /h cccommon (file missing)

– Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Description: Haut-parleur système
Device ID: ACPI\PNP0800\4&3656B0&0
Manufacturer: (Périphériques système standard)
Name: Haut-parleur système
PNP Device ID: ACPI\PNP0800\4&3656B0&0
Service:

– Scheduled Tasks -------------------------------------------------------------

2008-03-06 12:00:00 266 --ah----- C:\WINDOWS\Tasks\AF2FF47391D46EA3.job

– Files created between 2008-02-06 and 2008-03-06 -----------------------------

2008-03-06 12:54:38 0 d-------- C:\Program Files\Trend Micro
2008-03-06 12:46:06 0 d–hs---- C:\Documents and Settings\VALERIE\Recent
2008-02-17 12:55:19 0 d-------- C:\Documents and Settings\VALERIE\Application Data\vlc
2008-02-17 12:55:15 0 d-------- C:\Program Files\adslTV
2008-02-16 20:04:50 0 d-------- C:\Program Files\Grimdrv
2008-02-16 00:03:18 0 d-------- C:\Program Files\Conquete 2.0
2008-02-16 00:02:53 0 d-------- C:\Documents and Settings\VALERIE\Application Data\InstallShield
2008-02-15 07:46:41 0 d-------- C:\Program Files\eMule
2008-02-09 12:25:13 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-09 12:25:09 0 d-------- C:\Documents and Settings\VALERIE\Application Data\Mozilla

– Find3M Report ---------------------------------------------------------------

2008-03-03 18:37:57 0 d-------- C:\Program Files\LimeWire
2008-02-29 14:02:21 0 d-------- C:\Program Files\Fichiers communs\Adobe
2008-02-17 20:37:21 0 d-------- C:\Program Files\Yahoo!
2008-02-16 20:04:22 0 d-------- C:\Program Files\Messenger Plus! Live
2008-02-16 00:03:16 0 d–h----- C:\Program Files\InstallShield Installation Information
2008-02-14 18:48:58 0 d-------- C:\Documents and Settings\VALERIE\Application Data\Grimdrv
2008-02-04 18:57:30 0 d-------- C:\Documents and Settings\VALERIE\Application Data\Yahoo!
2008-02-03 15:19:12 0 d-------- C:\Program Files\K-Lite Codec Pack
2008-02-03 14:43:25 0 d-------- C:\Program Files\DivX
2008-01-13 20:18:30 0 d-------- C:\Program Files\Maxis
2008-01-13 20:15:17 0 d-------- C:\Documents and Settings\VALERIE\Application Data\WinRAR
2008-01-13 17:18:22 0 d-------- C:\Documents and Settings\VALERIE\Application Data\DAEMON Tools
2008-01-13 13:50:25 0 d-------- C:\Program Files\DAEMON Tools Lite
2008-01-06 15:05:17 511392 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-01-06 15:05:17 85256 --a------ C:\WINDOWS\system32\perfc00C.dat
2008-01-06 14:47:02 0 d-------- C:\Program Files\CCleaner
2007-12-24 13:49:52 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll

– Registry Dump ---------------------------------------------------------------

Note empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“AGRSMMSG”=“AGRSMMSG.exe” [20/12/2004 15:10 C:\WINDOWS\AGRSMMSG.exe]
“SoundMan”=“SOUNDMAN.EXE” [20/01/2005 20:04 C:\WINDOWS\SOUNDMAN.EXE]
“VTTrayp”=“VTtrayp.exe” [12/10/2004 06:00 C:\WINDOWS\system32\VTTrayp.exe]
“CameraFixer”=“C:\WINDOWS\CameraFixer.exe” [12/04/2006 09:08]
“tsnpstd3”=“C:\WINDOWS\tsnpstd3.exe” [20/12/2005 14:39]
“snpstd3”=“C:\WINDOWS\vsnpstd3.exe” [05/09/2005 15:55]
“SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe” [25/09/2007 00:11]
“blue delete title meow”=“C:\Documents and Settings\All Users\Application Data\up hold blue delete\Mfcd creative.exe” [06/03/2008 12:50]
“Adobe Reader Speed Launcher”=“C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe” [11/01/2008 22:16]
“avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [04/12/2007 14:00]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [05/08/2004 13:00]
“Multi dash”=“C:\DOCUME~1\VALERIE\APPLIC~1\Grimdrv\meta tray defy.exe” [14/02/2008 18:47]

C:\Documents and Settings\All Users\Menu D?marrer\Programmes\D?marrage
WWU.lnk - C:\Program Files\winbond\w89c33\wwu.exe [26/01/2007 17:44:50]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Multi dash]
C:\DOCUME~1\OCEANE\APPLIC~1\Grimdrv\meta tray defy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor]
“C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe” /m=0

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
VTTimer.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{91486c08-1983-11dc-a666-0060b3cd880c}]
Auto\command- G:\AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

Newly Created Service - ASWUPDSV
Newly Created Service - AVAST!_ANTIVIRUS
Newly Created Service - AVAST!_MAIL_SCANNER
Newly Created Service - AVAST!_WEB_SCANNER

– Hosts -----------------------------------------------------------------------

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD

7766 more entries in hosts file.

– End of Deckard’s System Scanner: finished at 2008-03-06 12:55:32 ------------


Deckard’s System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.

– System Information ----------------------------------------------------------

Microsoft Windows XP Édition familiale (build 2600) SP 2.0
Architecture: X86; Language: French

CPU 0: Intel® Celeron® M processor 1300MHz
Percentage of Memory in Use: 41%
Physical Memory (total/avail): 991.48 MiB / 579.66 MiB
Pagefile Memory (total/avail): 1237.83 MiB / 849.39 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1925.05 MiB

C: is Fixed (NTFS) - 19.53 GiB total, 8.9 GiB free.
D: is Fixed (NTFS) - 9.77 GiB total, 8.86 GiB free.
E: is Fixed (FAT32) - 8 GiB total, 6.27 GiB free.
F: is CDROM (No Media)

\.\PHYSICALDRIVE0 - SAMSUNG MP0402H - 37.31 GiB - 3 partitions
\PARTITION0 - Étendu avec Inter. 13 étendue - 19.53 GiB - C:
\PARTITION1 (bootable) - Système de fichiers installable - 9.77 GiB - D:
\PARTITION2 - Unknown - 8.01 GiB - E:

– Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.

AV: avast! antivirus 4.7.1098 [VPS 071205-1] v4.7.1098 (ALWIL Software) Disabled Outdated

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe:
:Enabled:@xpsp3res.dll,-20000"
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”=“C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger"
“C:\Program Files\Windows Live\Messenger\livecall.exe”="C:\Program Files\Windows Live\Messenger\livecall.exe:
:Enabled:Windows Live Messenger (Phone)”

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\Messenger\msmsgs.exe”="C:\Program Files\Messenger\msmsgs.exe:
:Enabled:Windows Messenger"
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000"
“C:\StubInstaller.exe”="C:\StubInstaller.exe:
:Enabled:LimeWire swarmed installer"
“C:\Program Files\LimeWire\LimeWire.exe”=“C:\Program Files\LimeWire\LimeWire.exe::Enabled:LimeWire"
“C:\Program Files\IncrediMail\bin\IMApp.exe”="C:\Program Files\IncrediMail\bin\IMApp.exe:
:Enabled:IncrediMail”
“C:\Program Files\IncrediMail\bin\IncMail.exe”=“C:\Program Files\IncrediMail\bin\IncMail.exe::Enabled:IncrediMail"
“C:\Program Files\IncrediMail\bin\ImpCnt.exe”="C:\Program Files\IncrediMail\bin\ImpCnt.exe:
:Enabled:IncrediMail”
“C:\Documents and Settings\OCEANE\Bureau\msnmsgr.exe”=“C:\Documents and Settings\OCEANE\Bureau\msnmsgr.exe::Enabled:Messenger"
“C:\Program Files\Avant Browser\avant.exe”="C:\Program Files\Avant Browser\avant.exe:
:Enabled:Avant Browser”
“C:\Program Files\Internet Explorer\iexplore.exe”=“C:\Program Files\Internet Explorer\iexplore.exe::Enabled:Internet Explorer"
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:
:Enabled:Windows Live Messenger”
“C:\Program Files\Windows Live\Messenger\livecall.exe”=“C:\Program Files\Windows Live\Messenger\livecall.exe::Enabled:Windows Live Messenger (Phone)"
“C:\Program Files\eMule\emule.exe”="C:\Program Files\eMule\emule.exe:
:Enabled:eMule”

– Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\VALERIE\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=PC_OCEANE
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\VALERIE
LOGONSERVER=\PC_OCEANE
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 9 Stepping 5, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0905
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\VALERIE\LOCALS~1\Temp
TMP=C:\DOCUME~1\VALERIE\LOCALS~1\Temp
USERDOMAIN=PC_OCEANE
USERNAME=VALERIE
USERPROFILE=C:\Documents and Settings\VALERIE
windir=C:\WINDOWS

– User Profiles ---------------------------------------------------------------

OCEANE I[/I]
VALERIE I[/I]

– Add/Remove Programs ---------------------------------------------------------

–> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
–> VTUninst.exe -reg 5 ‘HKLM\Software\S3\VT\S3Uninst\S3Timer’
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
adsl TV --> C:\Program Files\adslTV\Uninstal.exe
Agere Systems AC’97 Modem --> agrsmdel
Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live --> MsiExec.exe /I{CB5EA99C-8A5B-49F2-9A1A-2EF78BE4DB41}
AusLogics Disk Defrag --> “C:\Program Files\AusLogics Disk Defrag\unins000.exe”
avast! Antivirus --> rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
CCleaner (remove only) --> “C:\Program Files\CCleaner\uninst.exe”
Conquete 2.0 --> C:\Program Files\InstallShield Installation Information{44C9E2F4-4C6F-4C33-A2F2-145BE1A10524}\setup.exe -runfromtemp -l0x0009 -removeonly
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
eMule --> “C:\Program Files\eMule\Uninstall.exe”
Java™ 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
K-Lite Codec Pack 3.7.0 Full --> “C:\Program Files\K-Lite Codec Pack\unins000.exe”
LimeWire 4.16.6 --> “C:\Program Files\LimeWire\uninstall.exe”
Messenger Plus! Live & Sponsor (CiD) --> “C:\Program Files\Messenger Plus! Live\Uninstall.exe”
Microsoft Compression Client Pack 1.0 for Windows XP --> “C:\WINDOWS$NtUninstallMSCompPackV1$\spuninst\spuninst.exe”
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> “C:\WINDOWS$NtUninstallWudf01000$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB923789) --> C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mozilla Firefox (2.0.0.12) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Norton 360 --> MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
Package de base Microsoft de service de chiffrement pour cartes à puce --> “C:\WINDOWS$NtUninstallbasecsp$\spuninst\spuninst.exe”
PC-1100S --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{ECD03DA7-5952-406A-8156-5F0C93618D1F}\Setup.exe” -l0x40c
S3 S3Chromo --> vtuninst.exe -reg 5 ‘HKLM\Software\S3\VT\S3Uninst\S3Chromo’
S3 S3Config3D --> vtuninst.exe -reg 5 ‘HKLM\Software\S3\VT\S3Uninst\S3Config3D’
S3 S3Display --> vtuninst.exe -reg 5 ‘HKLM\Software\S3\VT\S3Uninst\S3Display’
S3 S3Gamma2 --> vtuninst.exe -reg 5 ‘HKLM\Software\S3\VT\S3Uninst\S3Gamma2’
S3 S3Info2 --> vtuninst.exe -reg 5 ‘HKLM\Software\S3\VT\S3Uninst\S3Info2’
S3 S3Overlay --> vtuninst.exe -reg 5 ‘HKLM\Software\S3\VT\S3Uninst\S3Overlay’
S3 S3TrayPlus --> vtuninst.exe -reg 5 ‘HKLM\Software\S3\VT\S3Uninst\S3TrayPlus’
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Spybot - Search & Destroy --> “C:\Program Files\Spybot - Search & Destroy\unins000.exe”
SweetIM For Internet Explorer 3.0b --> MsiExec.exe /X{F6D63A65-BD23-46F3-B9A3-87F442423481}
VIA Rhine-Family Fast-Ethernet Adapter --> Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
Winbond WLAN --> C:\PROGRA~1\winbond\w89c33\UNWISE.EXE C:\PROGRA~1\winbond\w89c33\INSTALL.LOG
Windows Imaging Component --> “C:\WINDOWS$NtUninstallWIC$\spuninst\spuninst.exe”
Windows Live installer --> MsiExec.exe /X{1F1D4D23-6189-486B-A36B-11CE16DF59F1}
Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime --> “C:\WINDOWS$NtUninstallWMFDist11$\spuninst\spuninst.exe”
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Presentation Foundation Language Pack (FRA) --> MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Workflow Foundation FR Language Pack --> MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
XML Paper Specification Shared Components Language Pack 1.0 --> “C:\WINDOWS$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe”
XML Paper Specification Shared Components Pack 1.0 -->

– Application Event Log -------------------------------------------------------

Event Record #/Type9722 / Success
Event Submitted/Written: 03/06/2008 00:01:53 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type9697 / Success
Event Submitted/Written: 03/05/2008 09:08:02 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type9693 / Success
Event Submitted/Written: 03/05/2008 08:01:45 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type9692 / Error
Event Submitted/Written: 03/05/2008 08:00:28 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Application bloquée iexplore.exe, version 7.0.6000.16608, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Event Record #/Type9684 / Success
Event Submitted/Written: 03/05/2008 05:11:55 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

– Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

– System Event Log ------------------------------------------------------------

Event Record #/Type45755 / Warning
Event Submitted/Written: 03/06/2008 00:44:29 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Votre ordinateur n’a pas pu renouveler son adresse à partir du réseau (à partir
du serveur DHCP) pour la carte réseau dont l’adresse réseau est 0060B3CD880C. Il s’est
produit l’erreur suivante :
%%1223.
Votre ordinateur va continuer à essayer d’obtenir sa propre adresse auprès du
serveur d’adresse réseau (DHCP).

Event Record #/Type45735 / Warning
Event Submitted/Written: 03/06/2008 00:34:46 PM
Event ID/Source: 2504 / Server
Event Description:
Le serveur n’a pas pu se lier au transport \Device\NetBT_Tcpip_{C7477D88-FAB1-406A-A933-A1524BC05619}.

Event Record #/Type45731 / Warning
Event Submitted/Written: 03/06/2008 00:34:21 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Votre ordinateur n’a pas pu renouveler son adresse à partir du réseau (à partir
du serveur DHCP) pour la carte réseau dont l’adresse réseau est 0060B3CD880C. Il s’est
produit l’erreur suivante :
%%1223.
Votre ordinateur va continuer à essayer d’obtenir sa propre adresse auprès du
serveur d’adresse réseau (DHCP).

Event Record #/Type45726 / Error
Event Submitted/Written: 03/06/2008 00:23:59 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
Le service Gestion d’applications s’est arrêté avec l’erreur :
%%126

Event Record #/Type45723 / Error
Event Submitted/Written: 03/06/2008 00:23:59 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
Le service Gestion d’applications s’est arrêté avec l’erreur :
%%126

– End of Deckard’s System Scanner: finished at 2008-03-06 12:55:32 ------------

tu as installé msn messenger + ? si c’est le cas, il suffit d’aller dans ajout supression de programmes, cliquer sur messenger plus…et la de désinstaller le sponsor c i d !! et voilà !! bye

pour avast, prend plutôt antivir ( question de moteur de recherche sur virus + éfficasse, ancienement sous avast )
Edité le 07/03/2008 à 21:20

merci Maccoy

+1 Maccoy

Et pour ceux que ça interesse lorsque c’est pas avec msn + les procedures ici
@+