Voici le fichier OTListIt.txt obtenu :
OTListIt logfile created on: 16/02/2009 09:26:10 - Run
OTListIt2 by OldTimer - Version 2.0.0.12 Folder = C:\Documents and Settings\Administrateur.DOMAINE\Bureau\Nettoyage PC
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1,24 Gb Total Physical Memory | 0,64 Gb Available Physical Memory | 51,24% Memory free
1,46 Gb Paging File | 0,99 Gb Available in Paging File | 67,49% Paging File free
Paging file location(s): C:\pagefile.sys 372 744;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 28,37 Gb Free Space | 76,13% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC1
Current User Name: Administrateur
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - [2004/06/14 01:00:00 | 00,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\BRSVC01A.EXE
PRC - [2001/12/13 01:01:00 | 00,045,056 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\BRSS01A.EXE
PRC - [2004/09/16 10:23:31 | 00,039,936 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE
PRC - [2009/01/08 08:23:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2003/02/26 11:00:00 | 00,106,586 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
PRC - [2008/04/14 03:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/03/21 06:00:00 | 00,233,595 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\VirusScan\Mcshield.exe
PRC - [2003/03/21 06:00:00 | 00,127,050 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
PRC - [2003/02/26 11:00:00 | 00,127,058 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\Common Framework\naPrdMgr.exe
PRC - [2006/12/21 19:15:56 | 00,624,376 | ---- | M] (Orange) -- C:\Program Files\Controle Parental\bin\optproxy.exe
PRC - [2009/01/08 08:23:48 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2003/03/21 06:00:00 | 00,090,182 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\VirusScan\shstat.exe
PRC - [2003/02/26 11:00:00 | 00,139,347 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
PRC - [2006/12/20 10:14:58 | 00,404,536 | ---- | M] (Orange) -- C:\Program Files\Controle Parental\bin\OPTGui.exe
PRC - [2005/03/17 18:17:36 | 00,057,393 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2005/07/22 20:36:10 | 00,933,888 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter2\brctrcen.exe
PRC - [2008/04/14 03:34:20 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2004/11/29 10:55:11 | 00,053,248 | ---- | M] (Alcor Micro, Corp.) -- C:\WINDOWS\system32\DrvMon.exe
PRC - [2003/05/16 15:21:16 | 00,073,728 | ---- | M] () -- C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
PRC - [2006/09/11 13:08:41 | 00,212,992 | ---- | M] () -- C:\Program Files\KeyConfiguration\Password.exe
PRC - [2009/02/16 08:56:10 | 00,491,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur.DOMAINE\Bureau\Nettoyage PC\OTListIt2.exe
========== Win32 Services (SafeList) ==========
SRV - [2004/06/14 01:00:00 | 00,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\BRSVC01A.EXE -- (Brother XP spl Service [Auto | Running])
SRV - [2004/09/16 10:23:31 | 00,039,936 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA [Auto | Running])
SRV - [2008/04/14 03:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009/01/08 08:23:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2003/02/26 11:00:00 | 00,106,586 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe -- (McAfeeFramework [Auto | Running])
SRV - [2003/03/21 06:00:00 | 00,233,595 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\VirusScan\Mcshield.exe -- (McShield [Auto | Running])
SRV - [2003/03/21 06:00:00 | 00,127,050 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe -- (McTaskManager [Auto | Running])
SRV - [2006/12/21 19:15:56 | 00,624,376 | ---- | M] (Orange) -- C:\Program Files\Controle Parental\bin\optproxy.exe -- (OPTENET_FILTER [Auto | Running])
SRV - [2007/08/16 15:17:24 | 00,098,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
SRV - [2003/08/01 17:28:24 | 00,474,624 | ---- | M] (Constantin Kaplinsky) -- C:\Program Files\TightVNC\WinVNC.exe -- (winvnc [Auto | Stopped])
SRV - [2007/08/23 14:32:00 | 00,261,120 | ---- | M] () -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
========== Driver Services (SafeList) ==========
DRV - [2001/08/17 15:20:04 | 00,096,256 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc [On_Demand | Stopped])
DRV - [2002/05/08 19:44:42 | 00,105,472 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2002/04/01 15:15:00 | 00,004,816 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio [On_Demand | Running])
DRV - [2000/07/24 00:01:00 | 00,019,537 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BRPAR.SYS -- (BrPar [Auto | Running])
DRV - [2006/04/12 17:42:09 | 00,008,864 | ---- | M] () -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA [Auto | Running])
DRV - [2005/12/05 06:20:46 | 00,080,384 | ---- | M] (OMNIKEY) -- C:\WINDOWS\system32\drivers\cxbu0wdm.sys -- (cxbu0wdm [On_Demand | Running])
DRV - [2003/09/18 02:44:00 | 00,145,408 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B [On_Demand | Running])
DRV - [2004/08/03 21:29:38 | 00,161,020 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x [On_Demand | Stopped])
DRV - [2004/08/03 21:29:38 | 00,012,415 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\wadv01nt.sys -- (iAimFP0 [On_Demand | Stopped])
DRV - [2004/08/03 21:29:38 | 00,012,127 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\wadv02nt.sys -- (iAimFP1 [On_Demand | Stopped])
DRV - [2004/08/03 21:29:38 | 00,011,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\wadv05nt.sys -- (iAimFP2 [On_Demand | Stopped])
DRV - [2004/08/03 21:29:48 | 00,012,063 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\wsiintxx.sys -- (iAimFP3 [On_Demand | Stopped])
DRV - [2004/08/03 21:29:50 | 00,019,455 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\wvchntxx.sys -- (iAimFP4 [On_Demand | Stopped])
DRV - [2004/08/03 21:29:42 | 00,029,311 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\watv01nt.sys -- (iAimTV0 [On_Demand | Stopped])
DRV - [2004/08/03 21:29:44 | 00,019,551 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\watv02nt.sys -- (iAimTV1 [On_Demand | Stopped])
DRV - [2004/08/03 21:29:44 | 00,033,599 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\watv04nt.sys -- (iAimTV3 [On_Demand | Stopped])
DRV - [2004/08/03 21:29:46 | 00,023,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\wch7xxnt.sys -- (iAimTV4 [On_Demand | Stopped])
DRV - [2003/08/04 00:15:04 | 00,091,419 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm [On_Demand | Running])
DRV - [2003/03/21 06:00:00 | 00,084,448 | ---- | M] (Network Associates, Inc.) -- C:\WINDOWS\system32\drivers\naiavf5x.sys -- (NaiAvFilter1 [On_Demand | Running])
DRV - [2003/04/24 03:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2000/10/24 04:39:00 | 00,073,216 | ---- | M] () -- C:\WINDOWS\system32\drivers\SENTINEL.SYS -- (Sentinel [Auto | Running])
DRV - [2003/08/29 14:09:00 | 00,578,304 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm [On_Demand | Running])
DRV - [2001/08/17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
DRV - [2001/08/23 16:20:50 | 00,006,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serscan.sys -- (StillCam [On_Demand | Running])
DRV - [2001/08/17 16:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\drivers\symc810.sys -- (symc810 [Disabled | Stopped])
DRV - [2001/08/17 16:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\symc8xx.sys -- (symc8xx [Disabled | Stopped])
DRV - [2002/04/04 07:32:06 | 00,028,416 | R--- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\symmpi.sys -- (Symmpi [Disabled | Stopped])
DRV - [2001/08/17 16:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\sym_hi.sys -- (sym_hi [Disabled | Stopped])
DRV - [2001/08/17 16:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\sym_u3.sys -- (sym_u3 [Disabled | Stopped])
DRV - [2003/08/04 00:16:08 | 00,120,094 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ialmsbw.sys -- ({6080A529-897E-4629-A488-ABA0C29B635E} [On_Demand | Running])
DRV - [2003/08/04 00:16:00 | 00,096,858 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ialmkchw.sys -- ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91} [On_Demand | Running])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.fr/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2447563937-1575804264-685246572-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-2447563937-1575804264-685246572-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.com
IE - HKU\S-1-5-21-2447563937-1575804264-685246572-500\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-2447563937-1575804264-685246572-500\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-2447563937-1575804264-685246572-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.fr/
IE - HKU\S-1-5-21-2447563937-1575804264-685246572-500\S-1-5-21-2447563937-1575804264-685246572-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: (267356 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 hityou.com
O1 - Hosts: 127.0.0.1
www.hityou.com
O1 - Hosts: 127.0.0.1 180searchassistant.com
O1 - Hosts: 127.0.0.1
www.180searchassistant.com
O1 - Hosts: 127.0.0.1 180solutions.com
O1 - Hosts: 127.0.0.1
www.180solutions.com
O1 - Hosts: 127.0.0.1 bis.180solutions.com
O1 - Hosts: 127.0.0.1 config.180solutions.com
O1 - Hosts: 127.0.0.1 cts.180solutions.com
O1 - Hosts: 127.0.0.1 downloads.180solutions.com
O1 - Hosts: 127.0.0.1 installs.180solutions.com
O1 - Hosts: 127.0.0.1 nowhere.180solutions.com
O1 - Hosts: 127.0.0.1 ping.180solutions.com
O1 - Hosts: 127.0.0.1 tv.180solutions.com
O1 - Hosts: 127.0.0.1 uploads.180solutions.com
O1 - Hosts: 127.0.0.1 public.zangocash.com
O1 - Hosts: 127.0.0.1
www.public.zangocash.com
O1 - Hosts: 127.0.0.1 static.zangocash.com
O1 - Hosts: 127.0.0.1
www.static.zangocash.com
O1 - Hosts: 127.0.0.1
www.zangocash.com
O1 - Hosts: 127.0.0.1 zangocash.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1
www.007guard.com
O1 - Hosts: 127.0.0.1 2search.com
O1 - Hosts: 9260 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {E474D8AA-8B9E-4F24-8E3B-1913E22CA5B9} - C:\WINDOWS\system32\iifgEtqq.dll ()
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-2447563937-1575804264-685246572-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [2b043de2] rundll32.exe "C:\WINDOWS\system32\fyoemjxe.dll",b ()
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" (Network Associates, Inc.)
O4 - HKLM..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe (Orange)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE (Network Associates, Inc.)
O4 - HKLM..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe ()
O4 - HKLM..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot (Scansoft, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper (Constantin Kaplinsky)
O4 - HKCU..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe (Alcor Micro, Corp.)
O4 - HKU\S-1-5-21-2447563937-1575804264-685246572-500..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe (Alcor Micro, Corp.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Password.lnk = C:\Program Files\KeyConfiguration\Password.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2447563937-1575804264-685246572-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-21-2447563937-1575804264-685246572-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2447563937-1575804264-685246572-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKU\S-1-5-21-2447563937-1575804264-685246572-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O15 - HKLM\..Trusted Domains: 47 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 46 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 46 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 46 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 29 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 29 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-2447563937-1575804264-685246572-500\..Trusted Domains: 46 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4C57C98A-E582-46E4-8FD8-5EBDC94CEA39}
http://www.mindjet.com/viewer/eng/MjMmViewer.cab (Mindjet MindManager Viewer Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}
http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.4.2_01)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{625C7A89-C64F-4A4A-928B-D3337895AA05}\\NameServer = 80.10.246.2,80.10.246.129
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1288.0816.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1288.0816.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\crypt: DllName - crypts.dll - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - File not found
O20 - Winlogon\Notify\ljJbBQJy: DllName - ljJbBQJy.dll - File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\iifgEtqq) - C:\WINDOWS\system32\iifgEtqq.dll ()
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e8fe0f3c-c54d-11da-a558-0002e3533810}\Shell - "" = AutoRun
O33 - MountPoints2\{e8fe0f3c-c54d-11da-a558-0002e3533810}\Shell\AutoRun\command - "" = E:\loader.exe -- File not found
O33 - MountPoints2\{e8fe0f3d-c54d-11da-a558-0002e3533810}\Shell - "" = AutoRun
========== Files/Folders - Created Within 30 Days ==========
[3 C:\WINDOWS\*.tmp files]
[2009/02/16 08:53:44 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/02/16 08:53:44 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/02/16 08:53:41 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/02/16 08:53:40 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/02/16 08:53:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/02/16 08:03:53 | 01,682,820 | -HS- | C] () -- C:\WINDOWS\System32\exjmeoyf.ini
[2009/02/16 08:03:51 | 00,068,096 | ---- | C] () -- C:\WINDOWS\System32\fyoemjxe.dll
[2009/02/13 16:17:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/02/13 11:58:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.DOMAINE\Bureau\Nettoyage PC
[2009/02/13 11:38:31 | 01,682,820 | -HS- | C] () -- C:\WINDOWS\System32\ggmmwveu.ini
[2009/02/13 11:20:27 | 00,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2009/02/13 08:51:49 | 00,000,000 | ---D | C] -- C:\VundoFix Backups
[2009/02/13 08:20:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2009/02/13 08:12:34 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Administrateur.DOMAINE\Bureau\CCleaner.lnk
[2009/02/13 08:12:34 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/02/12 10:26:31 | 00,000,512 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/02/12 10:24:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/02/11 18:13:01 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/02/11 18:12:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.DOMAINE\Local Settings\Application Data\Mozilla
[2009/02/11 17:21:12 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/02/11 08:50:26 | 00,000,334 | ---- | C] () -- C:\WINDOWS\tasks\stswjgaj.job
[2009/02/11 08:41:37 | 00,034,314 | -HS- | C] () -- C:\WINDOWS\System32\qqtEgfii.ini2
[2009/02/11 08:41:37 | 00,034,314 | -HS- | C] () -- C:\WINDOWS\System32\qqtEgfii.ini
[2009/02/11 08:41:32 | 00,236,544 | ---- | C] () -- C:\WINDOWS\System32\iifgEtqq.dll
[2009/02/11 08:36:32 | 00,000,000 | ---D | C] -- C:\quarantine
[2009/02/11 08:36:25 | 00,002,638 | ---- | C] () -- C:\WINDOWS\System32\khfEtTli.dll
[2009/02/11 08:36:21 | 00,038,912 | ---- | C] () -- C:\WINDOWS\System32\ljjbbqjy.dll.ren
========== Files - Modified Within 30 Days ==========
[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/02/16 09:26:22 | 00,034,314 | -HS- | M] () -- C:\WINDOWS\System32\qqtEgfii.ini
[2009/02/16 09:26:04 | 00,034,314 | -HS- | M] () -- C:\WINDOWS\System32\qqtEgfii.ini2
[2009/02/16 09:21:01 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/02/16 09:19:18 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/02/16 09:16:43 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/02/16 09:16:42 | 00,000,334 | ---- | M] () -- C:\WINDOWS\tasks\stswjgaj.job
[2009/02/16 09:16:29 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/02/16 09:04:54 | 00,000,588 | ---- | M] () -- C:\Documents and Settings\Administrateur.DOMAINE\Mes documents\Mes dossiers de partage.lnk
[2009/02/16 08:11:38 | 00,002,539 | ---- | M] () -- C:\Documents and Settings\Administrateur.DOMAINE\Bureau\Microsoft Excel.lnk
[2009/02/16 08:04:30 | 00,000,512 | ---- | M] () -- C:\WINDOWS\randseed.rnd
[2009/02/16 08:04:03 | 01,682,820 | -HS- | M] () -- C:\WINDOWS\System32\exjmeoyf.ini
[2009/02/16 08:03:51 | 00,068,096 | ---- | M] () -- C:\WINDOWS\System32\fyoemjxe.dll
[2009/02/16 08:03:50 | 01,682,820 | -HS- | M] () -- C:\WINDOWS\System32\ggmmwveu.ini
[2009/02/13 19:53:46 | 04,320,670 | -H-- | M] () -- C:\Documents and Settings\Administrateur.DOMAINE\Local Settings\Application Data\IconCache.db
[2009/02/13 18:11:55 | 00,000,621 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/02/13 08:12:34 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Administrateur.DOMAINE\Bureau\CCleaner.lnk
[2009/02/12 11:49:42 | 00,772,642 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/02/12 11:49:42 | 00,367,658 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009/02/12 11:49:42 | 00,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/02/12 11:49:42 | 00,048,616 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009/02/12 11:49:42 | 00,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/02/12 10:26:31 | 00,000,512 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/02/11 18:13:01 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/02/11 10:19:42 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/02/11 10:19:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/02/11 08:41:35 | 00,236,544 | ---- | M] () -- C:\WINDOWS\System32\iifgEtqq.dll
[2009/02/11 08:36:32 | 00,002,638 | ---- | M] () -- C:\WINDOWS\System32\khfEtTli.dll
[2009/02/11 08:36:21 | 00,038,912 | ---- | M] () -- C:\WINDOWS\System32\ljjbbqjy.dll.ren
[2009/02/10 09:23:07 | 00,000,478 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2009/01/30 09:10:39 | 00,018,488 | ---- | M] () -- C:\Documents and Settings\Administrateur.DOMAINE\Application Data\GDIPFONTCACHEV1.DAT
<End>