User and Admin account big troubles !

I made a scan with the default settings recommended by the tutorial:

OTL Tutorial - How to use OldTimer ListIt

Something seems to be wrong on your settings Niemiro :o

Here is what I have with these settings OTL.txt:

OTL logfile created on: 3/12/2010 0:44:10 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Fleur de Vie\Desktop
Windows Vista Business Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16711)
Locale: 0000080c | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

1.014,00 Mb Total Physical Memory | 236,00 Mb Available Physical Memory | 23,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 46,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,53 Gb Total Space | 5,51 Gb Free Space | 18,67% Space Free | Partition Type: NTFS
Drive D: | 49,73 Gb Total Space | 5,39 Gb Free Space | 10,84% Space Free | Partition Type: NTFS
Drive F: | 30,52 Gb Total Space | 1,78 Gb Free Space | 5,85% Space Free | Partition Type: NTFS

Computer Name: PC-DE-WINDOWS | User Name: Secours | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Fleur de Vie\Desktop\OTL.exe (OldTimer Tools)
PRC - F:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - F:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - F:\Program Files\Online Armor\oahlp.exe (Emsi Software GmbH)
PRC - F:\Program Files\Online Armor\oasrv.exe (Emsi Software GmbH)
PRC - C:\Program Files\AntiLogger\AntiLogger.exe (Zemana Ltd.)
PRC - F:\Program Files\Online Armor\oaui.exe (Emsi Software GmbH)
PRC - F:\Program Files\Online Armor\oacat.exe (Emsi Software GmbH)
PRC - F:\Program Files\Online Armor\a2\avgate.exe (Emsi Software GmbH)
PRC - C:\Program Files\CometBird\CometBird.exe (CometNetwork)
PRC - F:\Program Files\Sandboxie\SandboxieRpcSs.exe (SANDBOXIE L.T.D)
PRC - F:\Program Files\Sandboxie\SandboxieDcomLaunch.exe (SANDBOXIE L.T.D)
PRC - F:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
PRC - F:\Program Files\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
PRC - C:\Program Files\Shadow Defender\DefenderDaemon.exe (SHADOWDEFENDER.COM)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)


========== Modules (SafeList) ==========

MOD - C:\Users\Fleur de Vie\Desktop\OTL.exe (OldTimer Tools)
MOD - F:\Program Files\Online Armor\oawatch.dll (Emsi Software GmbH)
MOD - C:\Windows\System32\wtsapi32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dhcpcsvc6.dll (Microsoft Corporation)
MOD - C:\Windows\System32\winnsi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wsock32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\IPHLPAPI.DLL (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (scan) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll File not found
SRV - (Arrakis3) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe File not found
SRV - (MBAMService) -- F:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (SvcOnlineArmor) -- F:\Program Files\Online Armor\oasrv.exe (Emsi Software GmbH)
SRV - (OAcat) -- F:\Program Files\Online Armor\OAcat.exe (Emsi Software GmbH)
SRV - (SbieSvc) -- F:\Program Files\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies)


========== Driver Services (SafeList) ==========

DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (DrvAgent32) -- C:\Windows\System32\drivers\DrvAgent32.sys (Phoenix Technologies)
DRV - (AntiLog32) -- C:\Program Files\AntiLogger\AntiLog32.sys (Zemana Ltd.)
DRV - (OAnet) -- C:\Windows\System32\drivers\OAnet.sys (Emsisoft)
DRV - (oahlpXX) -- C:\Windows\System32\drivers\oahlp32.sys ()
DRV - (OAmon) -- C:\Windows\System32\drivers\OAmon.sys (Emsisoft)
DRV - (OADevice) -- C:\Windows\System32\drivers\OADriver.sys ()
DRV - (SbieDrv) -- F:\Program Files\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - (diskpt) -- C:\Windows\SYSTEM32\drivers\diskpt.sys (SHADOWDEFENDER.COM)
DRV - (cpuz132) -- C:\Windows\System32\drivers\cpuz132_x32.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (rspSanity) -- C:\Windows\System32\drivers\rspSanity32.sys (Resplendence Software Projects Sp.)
DRV - (phylock) -- C:\Windows\system32\drivers\phylock.sys (TeraByte, Inc.)
DRV - (IRPFile) -- F:\Program Files\atool\IRPFile.sys (Antiy Labs)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (gmer) -- C:\Windows\System32\drivers\gmer.sys (GMER)
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (ElbyCDFL) -- C:\Windows\System32\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) NVIDIA nForce(tm) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (NETw3v32) Pilote de carte Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (ESDCR) -- C:\Windows\System32\drivers\ESD7SK.sys (ENE Technology Inc.)
DRV - (EMSCR) -- C:\Windows\System32\drivers\EMS7SK.sys (ENE Technology Inc.)
DRV - (flash) -- C:\Windows\System32\drivers\flash.sys ()


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2010/11/25 01:16:28 | 002,618,915 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 fr.a2dfp.net m.fr.a2dfp.net asy.a8ww.net acezip.net Freeware | Lock folder | Lock files | Freeware Download | Photo to puzzle Game | Compress jpeg | Compress files | Batch resize | Duplicate file remover | Encrypt text in picture - Acezip Soft. - Freeware publisher. phpadsnew.abac.com a.abnad.net b.abnad.net c.abnad.net
O1 - Hosts: 127.0.0.1 d.abnad.net e.abnad.net t.abnad.net z.abnad.net banners.absolpublisher.com tracking.absolstats.com adv.abv.bg bimg.abv.bg www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com accuserveadsystem.com Accuserve Online Ad Delivery System gtb5.acecounter.com gtb19.acecounter.com gtp1.acecounter.com wgc1.acecounter.com achmedia.com ads.active.com
O1 - Hosts: 127.0.0.1 am1.activemeter.com Active Meter: Free Invisible Hit Counter, Web Tracker, Web Analytic and Web Stats ads.activepower.net stat.active24stats.nl ad2games.com ad.ad24.ru cms.ad2click.nl ads.ad2games.com as.ad611.com
O1 - Hosts: 127.0.0.1 cl21.v4.adaction.se www.adagencypro.com ads.adap.tv tag1.adaptiveads.com ff.adatoms.com update.adatoms.com Retea de banner exchange gratuita rata 1:1 adbard.net web.adblade.com
O1 - Hosts: 127.0.0.1 ad.pop1.adbn.ru ad.top1.adbn.ru ad.rich1.adbn.ru AdBlick.com james.adbutler.de adbutler: Partnerprogramm | Partnerprogramme und Affiliate-Marketing adc2.adcentriconline.com adcp.adcentriconline.com content.adcentriconline.com
O1 - Hosts: 127.0.0.1 publicis.adcentriconline.com ad-clix.com Internet Marketing Insight - free marketing training & resources AdComplete.com Advertising Software | Affiliate Software, Email Marketing Software, Ad Management Software for online web advertising axa.addcontrol.net e13.media.addynamix.com Sie werden weitergeleitet ad4ever.com track.adform.net
O1 - Hosts: 127.0.0.1 ads.adfox.ru gazeta.adfox.ru AdGroups.com The Black Web Network host1.adhese.be host2.adhese.be host3.adhese.be host4.adhese.be ads.adhsm.adhese.com
O1 - Hosts: 127.0.0.1 pool.adhsm.adhese.com www2.adhost.com mztag.ad-indicator.com zone10.adicate.com adfarm1.adition.com imagesrv.adition.com ad.adition.net hosting.adjug.com tracking.adjug.com
O1 - Hosts: 127.0.0.1 adsearch.adkontekst.pl community.adlandpro.com pk.adlandpro.com trafficex.adlandpro.com Free Classifieds, Advertising And Promotion @ Adlandpro publicidad.adlead.com gzpace.net classic.adlink.de rc.de.adlink.net
O1 - Hosts: 127.0.0.1 tr.de.adlink.net ads3.adman.gr r2d2.adman.gr js.admeld.com tag.admeld.com admigo.ru data.admigo.ru apps.admission.net appcache.admission.net
O1 - Hosts: 127.0.0.1 view.admission.net rms.admeta.com ads.admodus.com adnext.fr ib.adnxs.com adpixel.com.ru tt11.adobe.com agoraua.adocean.pl s1.ad.adocean.pl
O1 - Hosts: 127.0.0.1 s1.advicepl.adocean.pl s1.centrumcz.adocean.pl s1.cz.adocean.pl s1.czgde.adocean.pl s1.gg.adocean.pl s1.gojobsru.adocean.pl s1.idg.adocean.pl s1.my.adocean.pl s1.myao.adocean.pl
O1 - Hosts: 127.0.0.1 s1.pracuj.adocean.pl s1.skgde.adocean.pl s2.ad.adocean.pl webgroundbg.adocean.pl ad01.adonspot.com ad02.adonspot.com www.adplz.com ab.adpro.com.ua system.adquick.nl
O1 - Hosts: 127.0.0.1 AdQuest | Uw partner in online advertisment AdReap - Professional Domain Name Parking! adx.adrenaline.cz adroll.com c.adroll.com www.adsforindians.com Ranking Pagerank ohne Toolbar und Textlink mit Ranking Adreporting.com cntr.adrime.com
O1 - Hosts: 127.0.0.1 images.adrime.com ad.adriver.ru AdRotate.net ad.ads8.com vip.ads8.com antevenio.flux.ads-click.com engage2.advanstar.com Welcome To ADVPoints acnetwork.flux.acsyndication.com
O1 - Hosts: 127.0.0.1 img.ads-click.com js.adscale.de ih.adscale.de Selamat Datang di AdSentra.com Index of / adservicedomain.info images.adshuffle.com this.content.served.by.adshuffle.com Adshot.de - Ihr Webseiten-Sponsor
O1 - Hosts: 127.0.0.1 network.adsmarket.com allchix.adsmax.com www2.adsmax.com www.adsodainteractive.com AdSpace - Professional Advertising ads.adsponse.de adserve.adster.com images.adster.com www.adstreamsupply.com
O1 - Hosts: 127.0.0.1 o.adtargeter.com openx.adtext.ro ads.adtiger.de ads.adgoto.com ad.adtoma.com www.adtoolsinc.com adtrade.ro DirectTrack Affiliate Tracking Platform Adtrade.net - Marknadsföring på Internet
O1 - Hosts: 127.0.0.1 adtraf.ru ads.adtube.de adultadmoney.com at Adultadmoney.com advertisingpurchase.com ad.adverticum.net img.adverticum.net imgs.adverticum.net Advertising365.com - Pseudo Popup & Browser Advertising Network
O1 - Hosts: 127.0.0.1 ad.advertstream.com usas1.advfn.com images.adviews.de www.adviews.de www.ad-z.de hits.affiliatetraction.com banners.affilimatch.de tracker.affistats.com stats.agent.co.il
O1 - Hosts: 127.0.0.1 rmbannerserver.agestado.com.br stats.agentinteractive.com d.aggregateknowledge.com ads.airamerica.com certify.alexametrics.com download.china.alibaba.com tracking.allposters.com network.alluremedia.com.au adtaobao.allyes.cn
O1 - Hosts: 127.0.0.1 taobaoafp.allyes.cn bokee.allyes.com demoafp.allyes.com eastmoney.allyes.com smarttrade.allyes.com sroomafp.allyes.com taobaoafp.allyes.com tom.allyes.com uuseeafp.allyes.com
O1 - Hosts: 13280 more lines...
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (2nd &Speech Center) - {CFE40ED8-564E-4693-A9D9-80DB70C8E460} - F:\Program Files\2nd Speech Center\tts4ie.dll ()
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [@OnlineArmor GUI] F:\Program Files\Online Armor\oaui.exe (Emsi Software GmbH)
O4 - HKLM..\Run: [AntiLogger] C:\Program Files\AntiLogger\AntiLogger.exe (Zemana Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] F:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Shadow Defender Daemon] C:\Program Files\Shadow Defender\DefenderDaemon.exe (SHADOWDEFENDER.COM)
O4 - HKCU..\Run: [SandboxieControl] F:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} http://support.f-secure.com/ols/fscax.cab (F-Secure Online Scanner 3.1)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky.com/kos/eng/partner/71706/kavwebscan_unicode.cab (CKAVWebScan Object)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} http://downloads.ewido.net/ewidoOnlineScan.cab (ewidoOnlineScan Control)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {664088B0-6AF3-4514-AF9D-A0DC3A3DF24A} http://support.f-secure.com/ols3beta/fscax.cab (F-Secure Online Scanner 3.3)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - F:\Program Files\Online Armor\oaevent.dll (Emsi Software GmbH)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/02 15:29:11 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/12/02 15:29:00 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/11/30 22:00:57 | 000,000,000 | ---D | C] -- C:\Windows\RegBak
[2010/11/28 18:53:22 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2010/11/27 18:34:59 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2010/11/26 14:31:28 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2010/11/22 20:18:00 | 000,023,456 | ---- | C] (Phoenix Technologies) -- C:\Windows\System32\drivers\DrvAgent32.sys
[2010/11/22 01:26:40 | 000,000,000 | -H-D | C] -- C:\ProgramData\{BCC83DF0-C0A5-46A9-A9DA-F739BEAA7DF8}
[2010/11/22 01:26:39 | 000,000,000 | ---D | C] -- C:\Program Files\AntiLogger
[2010/11/20 23:28:54 | 000,000,000 | R--D | C] -- C:\Users\Fleur de Vie\Searches
[2010/11/20 21:45:24 | 000,000,000 | R--D | C] -- C:\Users\Fleur de Vie\Contacts
[2010/11/20 21:45:15 | 000,000,000 | R--D | C] -- C:\Users\Fleur de Vie\Videos
[2010/11/20 21:45:15 | 000,000,000 | R--D | C] -- C:\Users\Fleur de Vie\Pictures
[2010/11/20 21:45:15 | 000,000,000 | R--D | C] -- C:\Users\Fleur de Vie\Music
[2010/11/20 21:45:15 | 000,000,000 | R--D | C] -- C:\Users\Fleur de Vie\Links
[2010/11/20 21:45:15 | 000,000,000 | R--D | C] -- C:\Users\Fleur de Vie\Favorites
[2010/11/20 21:45:15 | 000,000,000 | R--D | C] -- C:\Users\Fleur de Vie\Downloads
[2010/11/20 21:45:15 | 000,000,000 | R--D | C] -- C:\Users\Fleur de Vie\Documents
[2010/11/20 21:45:15 | 000,000,000 | R--D | C] -- C:\Users\Fleur de Vie\Desktop
[2010/11/20 21:45:15 | 000,000,000 | -HSD | C] -- C:\Users\Fleur de Vie\Voisinage réseau
[2010/11/20 21:45:15 | 000,000,000 | -HSD | C] -- C:\Users\Fleur de Vie\Voisinage d'impression
[2010/11/20 21:45:15 | 000,000,000 | -HSD | C] -- C:\Users\Fleur de Vie\SendTo
[2010/11/20 21:45:15 | 000,000,000 | -HSD | C] -- C:\Users\Fleur de Vie\Recent
[2010/11/20 21:45:15 | 000,000,000 | -HSD | C] -- C:\Users\Fleur de Vie\Modèles
[2010/11/20 21:45:15 | 000,000,000 | -HSD | C] -- C:\Users\Fleur de Vie\Mes documents
[2010/11/20 21:45:15 | 000,000,000 | -HSD | C] -- C:\Users\Fleur de Vie\Menu Démarrer
[2010/11/20 21:45:15 | 000,000,000 | -HSD | C] -- C:\Users\Fleur de Vie\Local Settings
[2010/11/20 21:45:15 | 000,000,000 | -HSD | C] -- C:\Users\Fleur de Vie\Cookies
[2010/11/20 21:45:15 | 000,000,000 | -HSD | C] -- C:\Users\Fleur de Vie\Application Data
[2010/11/20 21:45:15 | 000,000,000 | -H-D | C] -- C:\Users\Fleur de Vie\AppData
[2010/11/20 21:45:15 | 000,000,000 | ---D | C] -- C:\Users\Fleur de Vie\Saved Games
[2010/11/18 01:58:09 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Resource Kits
[2010/11/18 00:43:29 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/11/18 00:26:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TVU Networks
[2010/11/16 01:47:59 | 000,134,464 | ---- | C] (SurfRight B.V.) -- C:\Windows\System32\LnkProtect.dll
[2010/11/16 01:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2010/11/16 01:31:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2010/11/13 12:59:20 | 000,000,000 | ---D | C] -- C:\ProgramData\OnlineArmor
[2010/11/13 12:58:17 | 000,029,120 | ---- | C] (Emsisoft) -- C:\Windows\System32\drivers\OAnet.sys
[2010/11/13 12:58:17 | 000,025,000 | ---- | C] (Emsisoft) -- C:\Windows\System32\drivers\OAmon.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/03 00:33:42 | 000,000,579 | ---- | M] () -- C:\Users\Fleur de Vie\Application Data\Microsoft\Internet Explorer\Quick Launch\Autorun Angel.lnk
[2010/12/03 00:33:32 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/03 00:33:32 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/03 00:21:58 | 000,005,250 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/12/02 19:22:46 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/12/02 18:55:29 | 000,690,832 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/12/02 18:55:28 | 000,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/12/02 18:55:28 | 000,117,572 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/12/02 18:55:28 | 000,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/12/02 15:33:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/02 15:29:16 | 000,000,714 | ---- | M] () -- C:\Users\Fleur de Vie\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/12/02 13:31:04 | 000,000,384 | ---- | M] () -- C:\Windows\wininit.ini
[2010/12/02 04:47:22 | 000,016,968 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/11/30 23:46:59 | 000,007,628 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2010/11/30 12:49:50 | 000,134,464 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\LnkProtect.dll
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/11/29 14:00:27 | 000,000,848 | RHS- | M] () -- C:\Users\Fleur de Vie\ntuser.pol
[2010/11/28 18:53:23 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2010/11/28 13:54:36 | 000,000,949 | ---- | M] () -- C:\Users\Fleur de Vie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/11/27 18:34:59 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2010/11/26 19:04:25 | 001,048,576 | ---- | M] () -- C:\Users\Fleur de Vie\NTUSER.bak
[2010/11/26 18:35:41 | 000,241,744 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/11/26 18:28:40 | 1063,444,480 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/26 12:00:00 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\Schedule Task Weekly.job
[2010/11/25 01:16:28 | 002,618,915 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/11/25 01:16:25 | 002,618,915 | ---- | M] () -- C:\Windows\System32\drivers\etc\HOSTS.bak
[2010/11/24 02:07:09 | 000,001,791 | ---- | M] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2010/11/23 14:33:27 | 154,052,411 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/11/22 20:17:58 | 000,023,456 | ---- | M] (Phoenix Technologies) -- C:\Windows\System32\drivers\DrvAgent32.sys
[2010/11/22 01:26:47 | 000,034,704 | ---- | M] () -- C:\Windows\syscall.dat
[2010/11/22 01:26:40 | 000,000,814 | ---- | M] () -- C:\Users\Public\Desktop\Zemana AntiLogger.lnk
[2010/11/21 18:57:46 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010/11/21 18:57:46 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
[2010/11/21 12:26:46 | 000,000,742 | ---- | M] () -- C:\Windows\System32\.crusader
[2010/11/18 14:39:51 | 000,000,608 | ---- | M] () -- C:\Users\Public\Desktop\AIMP2.lnk
[2010/11/18 02:46:26 | 000,319,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010/11/18 00:26:48 | 000,000,648 | ---- | M] () -- C:\Users\Public\Desktop\TVUPlayer.lnk
[2010/11/17 23:34:08 | 000,017,068 | ---- | M] () -- C:\Windows\diskpt.dat
[2010/11/16 11:48:33 | 000,000,023 | -HS- | M] () -- C:\Windows\System32\fabcdaeaa5_d.dll
[2010/11/16 11:48:32 | 000,000,023 | ---- | M] () -- C:\Windows\System32\caefcbefc_d.ocx
[2010/11/16 02:56:52 | 000,000,052 | ---- | M] () -- C:\Windows\System32\ashttpstats.csv
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pcwords2.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pcwords.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_webproxy.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_video.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_tabloids.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_sign.slf
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_searchengines.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_pornography.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlineshop.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinepay.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinedating.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_news.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_im.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_illegal.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_hate.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_games.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_gambling.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_drugs.dat
[2010/11/13 15:19:55 | 000,000,814 | ---- | M] () -- C:\Users\Fleur de Vie\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2010/11/03 16:00:52 | 000,029,120 | ---- | M] (Emsisoft) -- C:\Windows\System32\drivers\OAnet.sys
[2010/11/03 15:57:12 | 000,038,856 | ---- | M] () -- C:\Windows\System32\drivers\oahlp32.sys
[2010/11/03 15:55:12 | 000,025,000 | ---- | M] (Emsisoft) -- C:\Windows\System32\drivers\OAmon.sys
[2010/11/03 15:52:36 | 000,202,064 | ---- | M] () -- C:\Windows\System32\drivers\OADriver.sys
[2010/11/03 11:32:32 | 011,162,447 | ---- | M] () -- C:\PhotoFiltre_Studio_X_10.3.2.zip.part
[2010/11/03 11:29:28 | 000,000,000 | ---- | M] () -- C:\PhotoFiltre_Studio_X_10.3.2.zip
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/03 00:33:42 | 000,000,579 | ---- | C] () -- C:\Users\Fleur de Vie\Application Data\Microsoft\Internet Explorer\Quick Launch\Autorun Angel.lnk
[2010/12/02 15:29:16 | 000,000,714 | ---- | C] () -- C:\Users\Fleur de Vie\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/12/02 15:06:46 | 000,000,343 | ---- | C] () -- \rkill.log
[2010/11/28 13:54:36 | 000,000,949 | ---- | C] () -- C:\Users\Fleur de Vie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/11/26 18:32:52 | 001,048,576 | ---- | C] () -- C:\Users\Fleur de Vie\NTUSER.bak
[2010/11/26 18:28:40 | 1063,444,480 | -HS- | C] () -- C:\hiberfil.sys
[2010/11/26 18:28:40 | 1063,444,480 | -HS- | C] () -- \hiberfil.sys
[2010/11/23 13:18:39 | 000,008,064 | ---- | C] () -- C:\Windows\System32\drivers\flash.sys
[2010/11/22 01:26:47 | 000,034,704 | ---- | C] () -- C:\Windows\syscall.dat
[2010/11/22 01:26:40 | 000,000,814 | ---- | C] () -- C:\Users\Public\Desktop\Zemana AntiLogger.lnk
[2010/11/21 13:06:45 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml
[2010/11/21 13:06:45 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml
[2010/11/21 12:26:46 | 000,000,742 | ---- | C] () -- C:\Windows\System32\.crusader
[2010/11/20 22:17:12 | 000,000,814 | ---- | C] () -- C:\Users\Fleur de Vie\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2010/11/20 21:45:16 | 000,000,848 | RHS- | C] () -- C:\Users\Fleur de Vie\ntuser.pol
[2010/11/20 21:45:15 | 000,000,258 | ---- | C] () -- C:\Users\Fleur de Vie\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/11/20 21:45:15 | 000,000,240 | ---- | C] () -- C:\Users\Fleur de Vie\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/11/19 23:05:44 | 154,052,411 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/11/19 13:48:44 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/11/18 14:39:50 | 000,000,608 | ---- | C] () -- C:\Users\Public\Desktop\AIMP2.lnk
[2010/11/18 00:26:48 | 000,000,648 | ---- | C] () -- C:\Users\Public\Desktop\TVUPlayer.lnk
[2010/11/16 11:48:33 | 000,000,023 | -HS- | C] () -- C:\Windows\System32\fabcdaeaa5_d.dll
[2010/11/16 11:48:32 | 000,000,023 | ---- | C] () -- C:\Windows\System32\caefcbefc_d.ocx
[2010/11/16 02:29:30 | 000,000,052 | ---- | C] () -- C:\Windows\System32\ashttpstats.csv
[2010/11/16 02:29:29 | 000,004,400 | ---- | C] () -- \bdlog.txt
[2010/11/16 02:24:16 | 000,000,000 | ---- | C] () -- \pcversion.txt
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords2.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_sign.slf
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
[2010/11/16 02:24:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
[2010/11/16 01:31:44 | 000,016,968 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/11/16 01:31:43 | 000,001,791 | ---- | C] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2010/11/13 12:58:17 | 000,202,064 | ---- | C] () -- C:\Windows\System32\drivers\OADriver.sys
[2010/11/13 12:58:17 | 000,038,856 | ---- | C] () -- C:\Windows\System32\drivers\oahlp32.sys
[2010/11/03 11:29:28 | 000,000,000 | ---- | C] () -- C:\PhotoFiltre_Studio_X_10.3.2.zip
[2010/11/03 11:29:28 | 000,000,000 | ---- | C] () -- \PhotoFiltre_Studio_X_10.3.2.zip
[2010/11/03 11:29:17 | 011,162,447 | ---- | C] () -- C:\PhotoFiltre_Studio_X_10.3.2.zip.part
[2010/11/03 11:29:17 | 011,162,447 | ---- | C] () -- \PhotoFiltre_Studio_X_10.3.2.zip.part
[2010/09/05 13:46:03 | 000,000,047 | ---- | C] () -- \JTR.txt
[2009/12/29 15:12:29 | 000,000,010 | ---- | C] () -- C:\Windows\MS_Ext_Sion.DLL
[2009/12/29 12:50:45 | 000,188,416 | ---- | C] () -- C:\Windows\System32\CTM_enc.dll
[2009/10/11 22:36:02 | 000,015,424 | ---- | C] () -- C:\Windows\System32\drivers\nod32drv.sys
[2009/08/01 19:00:24 | 000,185,344 | ---- | C] () -- C:\Windows\System32\drivers\KeDetective130.sys
[2009/07/19 12:07:58 | 000,000,512 | ---- | C] () -- \E64B73CE.wip
[2009/07/19 00:30:45 | 000,000,512 | ---- | C] () -- \EA6DE25F.wip
[2009/07/17 11:42:37 | 000,007,628 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2009/06/29 19:16:09 | 000,000,512 | ---- | C] () -- \E5A46D4D.wip
[2009/06/24 21:42:18 | 000,000,512 | ---- | C] () -- \E666CD0E.wip
[2009/06/22 02:06:42 | 000,000,375 | ---- | C] () -- C:\Windows\ActiveSkin.ini
[2009/04/19 10:34:52 | 000,003,282 | ---- | C] () -- \Rooter.txt
[2009/04/16 13:50:53 | 000,019,183 | ---- | C] () -- \ComboFix.txt
[2009/01/15 13:45:34 | 000,181,248 | ---- | C] () -- C:\Windows\System32\txmlutil.dll
[2008/12/30 01:23:52 | 000,000,152 | ---- | C] () -- C:\Windows\System32\sysplog2.dll
[2008/12/30 01:23:49 | 000,000,152 | ---- | C] () -- C:\Windows\System32\sysplog.dll
[2008/12/30 01:21:42 | 000,000,640 | ---- | C] () -- C:\Program Files\PCT.exe.lnk
[2008/12/30 01:21:42 | 000,000,515 | ---- | C] () -- C:\Program Files\Chessimo.lnk
[2008/11/12 21:14:06 | 000,000,000 | -H-- | C] () -- \ProgramData.LOG2
[2008/11/12 21:14:06 | 000,000,000 | -H-- | C] () -- \ProgramData.LOG1
[2008/11/06 22:20:20 | 000,000,384 | ---- | C] () -- C:\Windows\wininit.ini
[2008/10/27 23:44:29 | 000,000,059 | ---- | C] () -- C:\Windows\tone.ini
[2008/07/22 17:13:00 | 000,000,123 | ---- | C] () -- C:\Windows\rootkitno.ini
[2008/06/26 23:05:48 | 000,043,775 | ---- | C] () -- \t1h0.f
[2008/06/26 23:05:48 | 000,004,692 | ---- | C] () -- \t1h0.v
[2008/06/26 23:05:48 | 000,004,692 | ---- | C] () -- \t1h0.t
[2008/06/26 23:05:48 | 000,004,692 | ---- | C] () -- \t1h0.r
[2008/06/26 23:05:48 | 000,004,692 | ---- | C] () -- \t1h0.p
[2008/06/26 23:05:48 | 000,004,692 | ---- | C] () -- \t1h0.n
[2008/06/26 23:05:48 | 000,004,692 | ---- | C] () -- \t1h0.l
[2008/06/26 23:05:48 | 000,004,692 | ---- | C] () -- \t1h0.j
[2008/06/26 23:05:48 | 000,004,692 | ---- | C] () -- \t1h0.h
[2008/06/26 23:05:48 | 000,004,692 | ---- | C] () -- \t1h0.e
[2008/06/26 23:05:48 | 000,004,692 | ---- | C] () -- \t1h0.c
[2008/06/26 23:05:48 | 000,004,692 | ---- | C] () -- \t1h0.13
[2008/06/26 23:05:48 | 000,004,692 | ---- | C] () -- \t1h0.11
[2008/06/26 23:05:48 | 000,000,080 | ---- | C] () -- \t1h0.u
[2008/06/26 23:05:48 | 000,000,080 | ---- | C] () -- \t1h0.s
[2008/06/26 23:05:48 | 000,000,080 | ---- | C] () -- \t1h0.q
[2008/06/26 23:05:48 | 000,000,080 | ---- | C] () -- \t1h0.o
[2008/06/26 23:05:48 | 000,000,080 | ---- | C] () -- \t1h0.m
[2008/06/26 23:05:48 | 000,000,080 | ---- | C] () -- \t1h0.k
[2008/06/26 23:05:48 | 000,000,080 | ---- | C] () -- \t1h0.i
[2008/06/26 23:05:48 | 000,000,080 | ---- | C] () -- \t1h0.g
[2008/06/26 23:05:48 | 000,000,080 | ---- | C] () -- \t1h0.d
[2008/06/26 23:05:48 | 000,000,080 | ---- | C] () -- \t1h0.b
[2008/06/26 23:05:48 | 000,000,080 | ---- | C] () -- \t1h0.14
[2008/06/26 23:05:48 | 000,000,080 | ---- | C] () -- \t1h0.12
[2008/06/26 23:05:47 | 000,035,194 | ---- | C] () -- \t1h0.2
[2008/06/26 23:05:47 | 000,021,456 | ---- | C] () -- \t1h0.1
[2008/06/26 23:05:47 | 000,009,667 | ---- | C] () -- \t1h0
[2008/06/26 23:05:47 | 000,004,692 | ---- | C] () -- \t1h0.a
[2008/06/26 23:05:47 | 000,004,692 | ---- | C] () -- \t1h0.8
[2008/06/26 23:05:47 | 000,004,692 | ---- | C] () -- \t1h0.6
[2008/06/26 23:05:47 | 000,004,692 | ---- | C] () -- \t1h0.4
[2008/06/26 23:05:47 | 000,000,080 | ---- | C] () -- \t1h0.9
[2008/06/26 23:05:47 | 000,000,080 | ---- | C] () -- \t1h0.7
[2008/06/26 23:05:47 | 000,000,080 | ---- | C] () -- \t1h0.5
[2008/06/26 23:05:47 | 000,000,080 | ---- | C] () -- \t1h0.3
[2008/06/18 12:51:06 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1504.dll
[2008/05/12 22:32:45 | 000,056,320 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
[2008/03/31 11:53:28 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2008/03/31 11:53:28 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2008/03/05 19:13:11 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008/03/05 18:17:47 | 000,013,030 | ---- | C] () -- \PDOXUSRS.NET
[2008/03/02 17:12:47 | 000,005,250 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/02/29 01:29:10 | 000,003,387 | ---- | C] () -- \register.reg
[2008/02/27 01:09:42 | 000,000,250 | ---- | C] () -- C:\Windows\gmer.ini
[2008/02/25 23:00:27 | 000,819,200 | ---- | C] () -- C:\Windows\gmer.dll
[2008/02/23 13:57:49 | 000,017,654 | ---- | C] () -- \ComboFix1.txt
[2008/02/15 19:14:59 | 000,000,068 | ---- | C] () -- C:\Windows\MyProg.ini
[2008/01/17 13:11:26 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll
[2008/01/09 15:01:48 | 000,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2007/12/30 20:54:53 | 000,000,081 | -HS- | C] () -- C:\ProgramData\.zreglib
[2007/11/06 21:19:28 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2007/08/25 18:25:09 | 1377,370,112 | -HS- | C] () --
[2007/02/02 10:36:19 | 000,438,840 | RHS- | C] () -- \bootmgr
[2007/02/02 10:30:44 | 000,002,227 | ---- | C] () -- \Lang.txt
[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
[2006/11/02 11:23:09 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 07:25:08 | 000,028,672 | ---- | C] () -- C:\Windows\System32\NSREG.DLL
[2006/11/02 07:25:08 | 000,000,010 | ---- | C] () -- \config.sys
[2004/06/17 03:09:40 | 000,285,696 | ---- | C] () -- C:\Windows\System32\CNCS232.DLL
[2000/06/28 02:00:00 | 000,124,416 | ---- | C] () -- C:\Windows\System32\dXCtrls.dll
[1999/08/12 00:36:00 | 000,044,544 | ---- | C] () -- C:\Windows\System32\Gif89.dll

========== LOP Check ==========

[2010/12/02 15:32:18 | 000,032,522 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/11/26 12:00:00 | 000,000,398 | ---- | M] () -- C:\Windows\Tasks\Schedule Task Weekly.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:E965A533

< End of report >
 

My Computer

System One

  • Manufacturer/Model
    Amilo Pro v3505
    CPU
    Intel Core 2 T5300 1.73 Ghz
    Memory
    1 Gb
    Graphics Card(s)
    Intel Graphics Media Accelerator Driver for Mobile
    Sound Card
    Realteck
Here is the extras.txt :

OTL Extras logfile created on: 3/12/2010 0:44:10 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Fleur de Vie\Desktop
Windows Vista Business Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16711)
Locale: 0000080c | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

1.014,00 Mb Total Physical Memory | 236,00 Mb Available Physical Memory | 23,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 46,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,53 Gb Total Space | 5,51 Gb Free Space | 18,67% Space Free | Partition Type: NTFS
Drive D: | 49,73 Gb Total Space | 5,39 Gb Free Space | 10,84% Space Free | Partition Type: NTFS
Drive F: | 30,52 Gb Total Space | 1,78 Gb Free Space | 5,85% Space Free | Partition Type: NTFS

Computer Name: PC-DE-WINDOWS | User Name: Secours | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = CometBirdHTML] -- C:\Program Files\CometBird\CometBird.exe (CometNetwork)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\CometBird\CometBird.exe" -requestPending -osint -url "%1" (CometNetwork)
https [open] -- "C:\Program Files\CometBird\CometBird.exe" -requestPending -osint -url "%1" (CometNetwork)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [hitmanpro] -- "C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe" "%1\"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [takeownership] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3070288754-2817330209-3067176432-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 14

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3070288754-2817330209-3067176432-1002]
"EnableNotifications" = 0
"EnableNotificationsRef" = 2

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{651A3191-AB11-4AF4-B647-F960A7F90A91}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{68D5E78D-9FE7-4BA0-9A48-66834FBA8E09}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B34F3DE4-2421-4F00-891C-A7C38153957E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F59651A2-66E3-4BD0-A2A2-138335BA4993}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"TCP Query User{11AC9C92-1DF6-4A3E-B03D-8857BE5DBA52}F:\program files\lphant\elephantclient.exe" = rport=1755 | protocol=6 | dir=in | app=f:\program files\lphant\elephantclient.exe |
"UDP Query User{36522A54-4009-488B-963C-9511E8B80F7E}F:\program files\lphant\elephantclient.exe" = rport=1756 | protocol=17 | dir=in | app=f:\program files\lphant\elephantclient.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{47339BEC-C303-4779-AF6E-3C5FBAF0D6C8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{50C28577-1D05-400D-B57F-1A3BC6D88138}" = protocol=17 | dir=in | app=c:\users\windows\desktop\utorrent-1.7.5-4602.exe |
"{9AE0341F-4002-459C-9B51-2B633EFB13B5}" = protocol=6 | dir=in | app=c:\users\windows\desktop\utorrent-1.7.5-4602.exe |
"TCP Query User{8316D59B-CC7C-4B31-B654-EACE09DEC2D3}F:\program files\tvants\tvants.exe" = protocol=6 | dir=in | app=f:\program files\tvants\tvants.exe |
"TCP Query User{B592F12D-135A-437E-B8D1-7A8ED5066B1A}F:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=f:\program files\zattoo\zattood.exe |
"TCP Query User{C1B20507-4256-4496-AF5B-098354644271}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{F2F72BF4-1369-422C-A631-00E52564B8BC}F:\program files\zattoo\zattoo.exe" = protocol=6 | dir=in | app=f:\program files\zattoo\zattoo.exe |
"UDP Query User{1479A237-5C43-46AA-AA1B-7B5726D2B81C}F:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=f:\program files\zattoo\zattood.exe |
"UDP Query User{22600E97-3F4E-4D9B-BD0D-2167A18AFAC5}F:\program files\zattoo\zattoo.exe" = protocol=17 | dir=in | app=f:\program files\zattoo\zattoo.exe |
"UDP Query User{4BCA48A6-B23A-44CC-9A7E-8CC4147F003F}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{668AA61C-60C1-4A82-8547-450215006096}F:\program files\tvants\tvants.exe" = protocol=17 | dir=in | app=f:\program files\tvants\tvants.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{014534FF-1D46-4A77-9B48-29EFD145995B}" = AntiLogger
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{210F3CE3-C716-416C-99AE-7151A0968BF2}_is1" = Autorun Angel 1.0.30
"{253AD5C7-94ED-44BF-AA0C-890A80817A87}_is1" = Boilsoft Video Splitter 6.03
"{2E383FC0-28C1-468D-922E-CB45409F2DF0}_is1" = Rife Generator 2.3
"{30283233-3BE6-473D-A47C-ED964A2F78B4}_is1" = Inpaint 2.3
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{3AFDD2C6-8663-46B5-B195-6CEB00D44768}" = adsl TV
"{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}" = Skype Plugin Manager
"{503D6E3E-1A48-44F5-BB7C-EB3B593FAED0}" = Opera 9.27
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6EFA70F2-D6C3-4ECA-BEA9-C1A31277C63A}_is1" = FLV Converter 2.4
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B62C5CC-6B3D-47EF-A680-FCAC0265C2E0}" = SITTER Light MDFD
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A5F34E2-37CF-4AD4-808C-2D413786E31A}" = Microsoft Visual C Runtime
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{93A07A0D-454E-43d1-86A9-5DE9C5F4411A}" = Shadow Defender
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{B8971880-0060-11D8-87CB-C2A1A3E71907}_is1" = Index.dat Suite
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D6FE40C1-790D-4684-AF45-E468EC1E6E27}" = Chessimo 3.02
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1" = Boilsoft Video Joiner 6.27
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"2nd Speech Center_is1" = 2nd Speech Center 3.30.7.1129
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced PDF Repair v2.0" = Advanced PDF Repair v2.0
"AIMP2" = AIMP2
"AIMP2at" = AIMP2: Audio Tools
"AnalogX AnonyMac" = AnalogX AnonyMac
"AntiLogger" = AntiLogger
"AnyDVD" = AnyDVD
"Ashampoo Magical UnInstall" = Ashampoo Magical UnInstall
"Atlantis Word Processor" = Atlantis Word Processor
"Bytescout XLS Viewer_is1" = Bytescout XLS Viewer 2.10 (FREEWARE)
"CamStudio" = CamStudio
"CloneCD" = CloneCD
"CometBird (3.6.12)" = CometBird (3.6.12)
"Conversor Textos a MP3_is1" = [ Conversor Textos a MP3 - Ver:3.4.0 ]
"Cool PDF Reader_is1" = Cool PDF Reader 2.0
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.14
"Defraggler" = Defraggler (remove only)
"Diondine 5.0" = Diondine 5.0
"DriverAgent.exe" = DriverAgent by eSupport.com
"East-Tec Eraser 2009_is1" = East-Tec Eraser 2009 Version 9.3
"Elite Proxy Switcher_is1" = Elite Proxy Switcher 1.08
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"FDA ULTRA MK MIRACLE 6" = FDA ULTRA MK MIRACLE 6
"Flv Recorder_is1" = FlvRecorder
"Forum Proxy Leecher_is1" = Forum Proxy Leecher 1.10
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.4
"Frenchdiet" = Frenchdiet
"Handy Recovery 4.0" = Handy Recovery 4.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Hide My MAC Address_is1" = Hide My MAC Address 2.2
"HijackThis" = HijackThis 2.0.2
"HitmanPro35" = Hitman Pro 3.5
"HTTP-Bugger v 2.2" = HTTP-Bugger v 2.2
"ID_POLYSOFT_POLYEDIT_is1" = PolyEdit 5.3
"Image for Windows (V2)_is1" = Image for Windows 2.30 Trial
"InternetTV_is1" = InternetTV 7.11
"IrfanView" = IrfanView (remove only)
"jv16 PowerTools 2009_is1" = jv16 PowerTools 2009
"jv16 PowerTools 2010" = jv16 PowerTools 2010
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"LoqTTS-Bernard_is1" = Loquendo TTS: Bernard (French)
"lphant_is1" = Lphant v3.51
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MayaTzolkin_is1" = Maya Tzolkin
"MediaInfo" = MediaInfo 0.7.5.9
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"MRU-Blaster_is1" = MRU-Blaster v1.5 (Database 3/28/2004)
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"Nero8Lite_is1" = Nero 8 Micro 8.2.8.0
"Numeyoga 4.5" = Numeyoga 4.5
"OnlineArmor_is1" = Online Armor 4.5
"Process Tamer_is1" = Process Tamer 2.10.02
"Proximodo" = Proximodo 0.2.5
"QuicktimeAlt_is1" = QuickTime Alternative 3.1.1
"RealAlt_is1" = Real Alternative 1.8.0 Lite
"Recuva" = Recuva (remove only)
"RegSupreme Pro_is1" = RegSupreme Pro
"Revo Uninstaller" = Revo Uninstaller 1.88
"RKU" = Rootkit Unhooker Uninstall
"Sandboxie" = Sandboxie 3.50
"SanityCheck_is1" = SanityCheck 1.02
"Skype_is1" = Skype 3.0
"SMAC 2.0" = SMAC 2.0
"Snapshot" = Snapshot (remove only)
"SopCast" = SopCast 3.2.4
"SpywareBlaster_is1" = SpywareBlaster 4.2
"ST6UNST #1" = C-Force
"ST6UNST #2" = Miracle 6 startup
"ST6UNST #4" = Cybershaman 7 free
"ST6UNST #6" = Magnetronfree
"StAPH_is1" = StAPH ver 1.25 - "Rise Of The Themes"
"StealthNet_is1" = StealthNet 0.8.6.2
"SumatraPDF" = Sumatra PDF reader
"System TuneUp_is1" = System TuneUp
"TBIView_is1" = TBIView 4.08
"The KMPlayer" = The KMPlayer (remove only)
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"TVAnts 1.0" = TVAnts 1.0
"TVUPlayer" = TVUPlayer 2.5.3.1
"UltimateDefrag 2008 Trial" = UltimateDefrag 2008 Trial
"Ultra Spiritual Protection" = Ultra Spiritual Protection
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.5
"WinPcapInst" = WinPcap 4.0.2
"WM Capture" = WM Capture
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"ZSoft Uninstaller" = ZSoft Uninstaller 2.4.1

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/12/2010 23:24:27 | Computer Name = PC-de-Windows | Source = Schedule | ID = 0
Description =

Error - 1/12/2010 23:26:49 | Computer Name = PC-de-Windows | Source = EventSystem | ID = 4609
Description =

Error - 1/12/2010 23:30:04 | Computer Name = PC-de-Windows | Source = System Restore | ID = 8193
Description =

Error - 1/12/2010 23:30:30 | Computer Name = PC-de-Windows | Source = System Restore | ID = 8193
Description =

Error - 2/12/2010 8:23:28 | Computer Name = PC-de-Windows | Source = SecurityCenter | ID = 3
Description = Le service Centre de sécurité de Windows n’a pas pu établir de requêtes
d’événements avec WMI pour contrôler le programme antivirus, le logiciel anti-espion
et le pare-feu tiers.

Error - 2/12/2010 9:01:59 | Computer Name = PC-de-Windows | Source = SecurityCenter | ID = 3
Description = Le service Centre de sécurité de Windows n’a pas pu établir de requêtes
d’événements avec WMI pour contrôler le programme antivirus, le logiciel anti-espion
et le pare-feu tiers.

Error - 2/12/2010 9:07:48 | Computer Name = PC-de-Windows | Source = SecurityCenter | ID = 3
Description = Le service Centre de sécurité de Windows n’a pas pu établir de requêtes
d’événements avec WMI pour contrôler le programme antivirus, le logiciel anti-espion
et le pare-feu tiers.

Error - 2/12/2010 10:23:52 | Computer Name = PC-de-Windows | Source = EventSystem | ID = 4609
Description =

Error - 2/12/2010 10:28:42 | Computer Name = PC-de-Windows | Source = SecurityCenter | ID = 3
Description = Le service Centre de sécurité de Windows n’a pas pu établir de requêtes
d’événements avec WMI pour contrôler le programme antivirus, le logiciel anti-espion
et le pare-feu tiers.

Error - 2/12/2010 10:36:31 | Computer Name = PC-de-Windows | Source = SecurityCenter | ID = 3
Description = Le service Centre de sécurité de Windows n’a pas pu établir de requêtes
d’événements avec WMI pour contrôler le programme antivirus, le logiciel anti-espion
et le pare-feu tiers.

[ System Events ]
Error - 2/12/2010 10:25:26 | Computer Name = PC-de-Windows | Source = Ntfs | ID = 262281
Description = Le gestionnaire des ressources de la transaction par défaut sur le
volume C: a rencontré une erreur non renouvelable et n’a pas pu démarrer. Les données
contiennent le code de l’erreur.

Error - 2/12/2010 10:25:35 | Computer Name = PC-de-Windows | Source = Ntfs | ID = 262281
Description = Le gestionnaire des ressources de la transaction par défaut sur le
volume D: a rencontré une erreur non renouvelable et n’a pas pu démarrer. Les données
contiennent le code de l’erreur.

Error - 2/12/2010 10:25:36 | Computer Name = PC-de-Windows | Source = Ntfs | ID = 262281
Description = Le gestionnaire des ressources de la transaction par défaut sur le
volume F: a rencontré une erreur non renouvelable et n’a pas pu démarrer. Les données
contiennent le code de l’erreur.

Error - 2/12/2010 10:27:20 | Computer Name = PC-de-Windows | Source = Service Control Manager | ID = 7001
Description =

Error - 2/12/2010 10:27:20 | Computer Name = PC-de-Windows | Source = Service Control Manager | ID = 7001
Description =

Error - 2/12/2010 10:33:00 | Computer Name = PC-de-Windows | Source = Ntfs | ID = 262281
Description = Le gestionnaire des ressources de la transaction par défaut sur le
volume C: a rencontré une erreur non renouvelable et n’a pas pu démarrer. Les données
contiennent le code de l’erreur.

Error - 2/12/2010 10:33:10 | Computer Name = PC-de-Windows | Source = Ntfs | ID = 262281
Description = Le gestionnaire des ressources de la transaction par défaut sur le
volume D: a rencontré une erreur non renouvelable et n’a pas pu démarrer. Les données
contiennent le code de l’erreur.

Error - 2/12/2010 10:33:10 | Computer Name = PC-de-Windows | Source = Ntfs | ID = 262281
Description = Le gestionnaire des ressources de la transaction par défaut sur le
volume F: a rencontré une erreur non renouvelable et n’a pas pu démarrer. Les données
contiennent le code de l’erreur.

Error - 2/12/2010 10:34:54 | Computer Name = PC-de-Windows | Source = Service Control Manager | ID = 7001
Description =

Error - 2/12/2010 10:34:54 | Computer Name = PC-de-Windows | Source = Service Control Manager | ID = 7001
Description =


< End of report >
 

My Computer

System One

  • Manufacturer/Model
    Amilo Pro v3505
    CPU
    Intel Core 2 T5300 1.73 Ghz
    Memory
    1 Gb
    Graphics Card(s)
    Intel Graphics Media Accelerator Driver for Mobile
    Sound Card
    Realteck
Do you mind giving it just one more try? I just wonder whether it has crashed. For me, I get a 15 minute scan for 1624 GB of storage, quite a bit more than 80 :) Also, the settings have been used on countless users before you :confused:
 

My Computer

System One

  • Manufacturer/Model
    Dell XPS 420
    CPU
    Intel Core 2 Quad Q9300 2.50GHz
    Motherboard
    Stock Dell 0TP406
    Memory
    4 gb (DDR2 800) 400MHz
    Graphics Card(s)
    ATI Radeon HD 3870 (512 MBytes)
    Sound Card
    Onboard
    Monitor(s) Displays
    1 x Dell 2007FP and 1 x (old) Sonic flat screen
    Screen Resolution
    1600 x 1200 and 1280 x 1204
    Hard Drives
    1 x 640Gb (SATA 300)
    Western Digital: WDC WD6400AAKS-75A7B0

    1 x 1Tb (SATA 600)
    Western Digital: Caviar Black, SATA 6GB/S, 64Mb cache, 8ms
    Western Digital: WDC WD1002FAEX-00Z3A0 ATA Device
    PSU
    Stock PSU - 375W
    Case
    Dell XPS 420
    Cooling
    Stock Fan
    Keyboard
    Dell Bluetooth
    Mouse
    Advent Optical ADE-WG01 (colour change light up)
    Internet Speed
    120 kb/s
    Other Info
    ASUS USB 3.0 5Gbps/SATA 6Gbps - PCI-Express Combo Controller Card (U3S6)
I'm also a bit surprised at the somewhat low available space on all the partitions and what seems to be an extensive number of running programs, processes, and services (and quite a bit installed as well). It seems to me like you're pushing your system quite a bit hard. I'm not sure I'd call it excessive yet - but it does seem to be getting there. Do you really use all of that? I suspect a bit of maintenance might be useful (but that can wait) - I'll bet we can clear up more space on all the drives (and suspect a defrag wouldn't hurt though I notice you have defraggler so you're probably already doing that) and also decrease the number of things running at the same time and this may help. But again, this is probably something for later and not of immediate concern to fix the most pressing problems with the system.

I just thought I'd mention this as one of the first impressions I got from the report you posted (I haven't really checked out the details yet though I did scan most of it). That plus the fact that the last 10 events reported were back in January & February - so Event Viewer has either stopped recording events or the test did not complete properly.

Richard is right, and it needs to run again - and I'd suggest in case you didn't the first time, you close any other open programs before you start - I don't mean a clean boot, just anything you have running in the taskbar tray (which may help it run faster and decrease the possibility that it is maxing out the system).

Good luck!

P.S. I noticed Ultimate Defrag 2008 Trial. I assume that costs money after the trial. I suggest this is not needed and that spending money on this is not required. The free Defraggler wll do fine. Or, if you want to try a different free product that I personally prefer and use, check out http://www.auslogics.com/en/software/disk-defrag/download/.
 
Last edited:

My Computer

System One

  • Manufacturer/Model
    Dell Inc. MP061 Inspiron E1705
    CPU
    2.00 gigahertz Intel Core 2 Duo 64 kilobyte primary memory
    Motherboard
    Board: Dell Inc. 0YD479 Bus Clock: 166 megahertz
    Memory
    2046 Megabytes Usable Installed Memory
    Graphics Card(s)
    ATI Mobility Radeon X1400 (Microsoft Corporation - WDDM) [Di
    Sound Card
    SigmaTel High Definition Audio CODEC
    Monitor(s) Displays
    Generic PnP Monitor (17.2"vis)
    Screen Resolution
    1920 x 1200 pixels
    Hard Drives
    Hitachi HTS541616J9SA00 [Hard drive] (160.04 GB) -- drive 0, s/n SB2411SJGLLRMB, rev SB4OC74P, SMART Status: Healthy
    Case
    Chassis Serial Number: 5YK95C1
    Keyboard
    Standard PS/2 Keyboard
    Mouse
    Logitech HID-compliant Cordless Mouse
    Internet Speed
    1958 Kbps download ; 754.8 Kbps upload
    Other Info
    Optiarc DVD+-RW AD-5540A ATA Device [CD-ROM drive]

    Dell AIO Printer A940

    Conexant HDA D110 MDC V.92 Modem

    6TO4 Adapter
    Broadcom 440x 10/100 Integrated Controller
    Broadcom 802.11n Network Adapter
    Microsoft ISATAP Adapter
    Teredo Tunneling Pseudo-Interface

    Router Linksys / WRT54G -01
I was actually surprised how short your OTL log was! I thought that very little was showing! To get an idea, maybe I should post an OTL log as some point, just to show a long one!
 

My Computer

System One

  • Manufacturer/Model
    Dell XPS 420
    CPU
    Intel Core 2 Quad Q9300 2.50GHz
    Motherboard
    Stock Dell 0TP406
    Memory
    4 gb (DDR2 800) 400MHz
    Graphics Card(s)
    ATI Radeon HD 3870 (512 MBytes)
    Sound Card
    Onboard
    Monitor(s) Displays
    1 x Dell 2007FP and 1 x (old) Sonic flat screen
    Screen Resolution
    1600 x 1200 and 1280 x 1204
    Hard Drives
    1 x 640Gb (SATA 300)
    Western Digital: WDC WD6400AAKS-75A7B0

    1 x 1Tb (SATA 600)
    Western Digital: Caviar Black, SATA 6GB/S, 64Mb cache, 8ms
    Western Digital: WDC WD1002FAEX-00Z3A0 ATA Device
    PSU
    Stock PSU - 375W
    Case
    Dell XPS 420
    Cooling
    Stock Fan
    Keyboard
    Dell Bluetooth
    Mouse
    Advent Optical ADE-WG01 (colour change light up)
    Internet Speed
    120 kb/s
    Other Info
    ASUS USB 3.0 5Gbps/SATA 6Gbps - PCI-Express Combo Controller Card (U3S6)
Here you are, Niemiro ;) :


OTL logfile created on: 3/12/2010 20:53:11 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Fleur de Vie\Desktop
Windows Vista Business Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16711)
Locale: 0000080c | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

1.014,00 Mb Total Physical Memory | 537,00 Mb Available Physical Memory | 53,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,53 Gb Total Space | 5,49 Gb Free Space | 18,58% Space Free | Partition Type: NTFS
Drive D: | 49,73 Gb Total Space | 5,39 Gb Free Space | 10,84% Space Free | Partition Type: NTFS
Drive F: | 30,52 Gb Total Space | 1,79 Gb Free Space | 5,87% Space Free | Partition Type: NTFS

Computer Name: PC-DE-WINDOWS | User Name: Secours | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Custom Scans ==========



< MD5 for: MPSSVC.DAT >
[2007/12/31 15:30:08 | 000,000,049 | ---- | M] () MD5=43CFEB34E871ACD655E79627927CDF29 -- C:\Windows\winsxs\x86_networking-mpssvc-svc-dir_31bf3856ad364e35_6.0.6000.16531_none_69dcb6a77f86c3ef\mpssvc.dat
[2007/12/31 15:30:08 | 000,000,049 | ---- | M] () MD5=43CFEB34E871ACD655E79627927CDF29 -- C:\Windows\winsxs\x86_networking-mpssvc-svc-dir_31bf3856ad364e35_6.0.6000.20647_none_6a61854298a717b4\mpssvc.dat

< MD5 for: TCPIP.SYS >
[2008/01/11 22:20:32 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=028061C7F6D2D03068C72E2A27E4228A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16567_none_5f6577ce925d75a7\tcpip.sys
[2010/09/25 10:45:16 | 000,803,896 | ---- | M] (Microsoft Corporation) MD5=2F34906DD03EFBA0E039F47F6D873730 -- C:\Windows\System32\drivers\tcpip.sys
[2008/01/11 22:20:32 | 000,804,352 | ---- | M] (Microsoft Corporation) MD5=43EAE40B50FE3E60D194DD9C97EBB1FD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20689_none_5fdb7555ab898001\tcpip.sys
[2006/11/02 09:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys

< MD5 for: USER32.DLL.MUI >
[2007/10/08 19:16:21 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=FF524497A864EDF9C040E31DB29D6449 -- C:\Windows\winsxs\x86_microsoft-windows-user32.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_de4a08b1212b3140\user32.dll.mui
[2010/09/25 10:41:38 | 000,020,480 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\fr-FR\user32.dll.mui

< MD5 for: VER.DLL >
[2009/06/24 18:10:18 | 000,009,008 | ---- | M] (Microsoft Corporation) MD5=98D1E149F4BE824DFFF7184D17C58A28 -- C:\Windows\system\ver.dll
[2009/06/24 18:10:18 | 000,009,008 | ---- | M] (Microsoft Corporation) MD5=98D1E149F4BE824DFFF7184D17C58A28 -- C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.0.6000.16386_none_1e1753ed2313c813\ver.dll
[2009/06/24 19:05:59 | 000,009,008 | ---- | M] (Microsoft Corporation) MD5=D022D32A7BCB0B54C34BD687AC00564C -- C:\Windows\System32\ver.dll
[2009/06/24 19:05:59 | 000,009,008 | ---- | M] (Microsoft Corporation) MD5=D022D32A7BCB0B54C34BD687AC00564C -- C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\ver.dll

< End of report >
 

My Computer

System One

  • Manufacturer/Model
    Amilo Pro v3505
    CPU
    Intel Core 2 T5300 1.73 Ghz
    Memory
    1 Gb
    Graphics Card(s)
    Intel Graphics Media Accelerator Driver for Mobile
    Sound Card
    Realteck
NOTES TO SELF: Do not action any of these.

[DEL]C:\Windows\system\ver.dll
C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.0.6000.16386_none_1e1753ed2313c813\ver.dll[/DEL]

8: Hard Link File: Source = [l:254{127}]"\SystemRoot\WinSxS\x86_microsoft-windows-user32.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_de4a08b1212b3140\user32.dll.mui", Destination =
2010-11-28 19:45:33, Info CSI [l:88{44}]"\??\C:\Windows\System32\fr-FR\user32.dll.mui"

10: Hard Link File: Source = [l:220{110}]"\SystemRoot\WinSxS\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16567_none_5f6577ce925d75a7\tcpip.sys", Destination = [l:82{41}]"\??\C:\Windows\System32\drivers\tcpip.sys"

12: Hard Link File: Source = [l:226{113}]"\SystemRoot\WinSxS\x86_networking-mpssvc-svc-dir_31bf3856ad364e35_6.0.6000.16531_none_69dcb6a77f86c3ef\mpssvc.dat", Destination = [l:104{52}]"\??\C:\Windows\System32\LogFiles\Firewall\mpssvc.dat"
 

My Computer

System One

  • Manufacturer/Model
    Dell XPS 420
    CPU
    Intel Core 2 Quad Q9300 2.50GHz
    Motherboard
    Stock Dell 0TP406
    Memory
    4 gb (DDR2 800) 400MHz
    Graphics Card(s)
    ATI Radeon HD 3870 (512 MBytes)
    Sound Card
    Onboard
    Monitor(s) Displays
    1 x Dell 2007FP and 1 x (old) Sonic flat screen
    Screen Resolution
    1600 x 1200 and 1280 x 1204
    Hard Drives
    1 x 640Gb (SATA 300)
    Western Digital: WDC WD6400AAKS-75A7B0

    1 x 1Tb (SATA 600)
    Western Digital: Caviar Black, SATA 6GB/S, 64Mb cache, 8ms
    Western Digital: WDC WD1002FAEX-00Z3A0 ATA Device
    PSU
    Stock PSU - 375W
    Case
    Dell XPS 420
    Cooling
    Stock Fan
    Keyboard
    Dell Bluetooth
    Mouse
    Advent Optical ADE-WG01 (colour change light up)
    Internet Speed
    120 kb/s
    Other Info
    ASUS USB 3.0 5Gbps/SATA 6Gbps - PCI-Express Combo Controller Card (U3S6)
I noticed that if I change Enablelua to 0 and I reboot my computer, my Registry don't take an account the changing value, it's always set to 1.

I tried to do the same trough the UAC in the Control Panel by unchecking UAC box but when rebooting my computer it comes again checked.

These are the permissions I have under : HKLM\Software\Windows\Currentversion\Policies

Authentified Users
System
Administrators

with the Owner is System.

I tried to change to the following:
Owner Creator System
Administrators
Users
With the owner to Administrators

When I reboot my computer, I checked it and I noticed that it didn't take an account my changing settings.

PS: I have Zemana Antilogger, MBAM, Online Armor ++, Shadow Defender. I disabled Zemana, OA++ and MBAM when changing settings.
 

My Computer

System One

  • Manufacturer/Model
    Amilo Pro v3505
    CPU
    Intel Core 2 T5300 1.73 Ghz
    Memory
    1 Gb
    Graphics Card(s)
    Intel Graphics Media Accelerator Driver for Mobile
    Sound Card
    Realteck
Lorien,

You didn't tell me anything about Windows_NT6_BSOD_jcgriff2 I sent you by your request to solve my black screen issue. ;)

I only remind you ...
 

My Computer

System One

  • Manufacturer/Model
    Amilo Pro v3505
    CPU
    Intel Core 2 T5300 1.73 Ghz
    Memory
    1 Gb
    Graphics Card(s)
    Intel Graphics Media Accelerator Driver for Mobile
    Sound Card
    Realteck
Niemiro,

I download from a friend who have Vista Familial the following files:

tcpip.sys
ver.dll
user32.dll

I suppose it can work on my Vista Business.

Anyway, I will waiting for your recommendations. :D
 

My Computer

System One

  • Manufacturer/Model
    Amilo Pro v3505
    CPU
    Intel Core 2 T5300 1.73 Ghz
    Memory
    1 Gb
    Graphics Card(s)
    Intel Graphics Media Accelerator Driver for Mobile
    Sound Card
    Realteck
Do you have a bootable CD/DVD? Could you please boot into it > Repair my Computer > Start Command Prompt > sfc /scannow because all the files are on your system already, just in use. Anything we try from within Windows will be slightly dodgy.

Thanks!
 

My Computer

System One

  • Manufacturer/Model
    Dell XPS 420
    CPU
    Intel Core 2 Quad Q9300 2.50GHz
    Motherboard
    Stock Dell 0TP406
    Memory
    4 gb (DDR2 800) 400MHz
    Graphics Card(s)
    ATI Radeon HD 3870 (512 MBytes)
    Sound Card
    Onboard
    Monitor(s) Displays
    1 x Dell 2007FP and 1 x (old) Sonic flat screen
    Screen Resolution
    1600 x 1200 and 1280 x 1204
    Hard Drives
    1 x 640Gb (SATA 300)
    Western Digital: WDC WD6400AAKS-75A7B0

    1 x 1Tb (SATA 600)
    Western Digital: Caviar Black, SATA 6GB/S, 64Mb cache, 8ms
    Western Digital: WDC WD1002FAEX-00Z3A0 ATA Device
    PSU
    Stock PSU - 375W
    Case
    Dell XPS 420
    Cooling
    Stock Fan
    Keyboard
    Dell Bluetooth
    Mouse
    Advent Optical ADE-WG01 (colour change light up)
    Internet Speed
    120 kb/s
    Other Info
    ASUS USB 3.0 5Gbps/SATA 6Gbps - PCI-Express Combo Controller Card (U3S6)
Don't forget that I can't boot with CD (Bios troubles).

If I click on F8, I have 'Repair my Computer' but this don't work, it stops after checking system files, the blank lines is full filled in.
 

My Computer

System One

  • Manufacturer/Model
    Amilo Pro v3505
    CPU
    Intel Core 2 T5300 1.73 Ghz
    Memory
    1 Gb
    Graphics Card(s)
    Intel Graphics Media Accelerator Driver for Mobile
    Sound Card
    Realteck
I hear there is command in DOS (debug) to clear CMOS without having to remove devices and all hardware to reach the CMOS battery.
 

My Computer

System One

  • Manufacturer/Model
    Amilo Pro v3505
    CPU
    Intel Core 2 T5300 1.73 Ghz
    Memory
    1 Gb
    Graphics Card(s)
    Intel Graphics Media Accelerator Driver for Mobile
    Sound Card
    Realteck
I installed Malwarebytes, and I contacted the support because the context menu of MBAM doesn't appear in the Explorer while wanted to scan a file. I had again an error message when trying to register mbamext.dll


Context menu missing - Malwarebytes Forum

I told me to use a script with SUBINACL to reset all permissions.

I'd like to install your perm.bat but I need to understand what's the difference between Malwarebytes suggestion, your perm.bat and the following :

subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=administrators=f /grant=system=f
subinacl /subkeyreg HKEY_CURRENT_USER /grant=administrators=f /grant=system=f
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=administrators=f /grant=system=f
subinacl /subdirectories %SystemDrive% /grant=administrators=f /grant=system=f
subinacl /subdirectories %windir%\*.* /grant=administrators=f /grant=system=f


Thanks in advance !
 

My Computer

System One

  • Manufacturer/Model
    Amilo Pro v3505
    CPU
    Intel Core 2 T5300 1.73 Ghz
    Memory
    1 Gb
    Graphics Card(s)
    Intel Graphics Media Accelerator Driver for Mobile
    Sound Card
    Realteck
I submitted your script to reset permissions in the Registry.

Here are a few screenshots when perm.bat is running :

You will see a few failed responses

Do you need the subinacl output file ?
 

Attachments

  • subinacl.jpg
    subinacl.jpg
    196.3 KB · Views: 58
  • subinacl command prompt.jpg
    subinacl command prompt.jpg
    202.7 KB · Views: 110

My Computer

System One

  • Manufacturer/Model
    Amilo Pro v3505
    CPU
    Intel Core 2 T5300 1.73 Ghz
    Memory
    1 Gb
    Graphics Card(s)
    Intel Graphics Media Accelerator Driver for Mobile
    Sound Card
    Realteck
I've not more troubles to enter into the Control Panel and running Explorer from the start menu with my old admin account, Fleur de Vie.

Thanks Niemiro, this account is unlocked !

The troubles still alive are :

1. BIOS
2. Black screen
3. SFC stopping during the scan at 99%
4. UAC checkbox always checked !

I discover something news that it could give you the clue to fix the issue of UAC.

My Fleur de Vie admin account, seems to be a user account which belong to the Administrator Group.

What the next screenshots.

After that, can I have 2 admin accounts under Vista ? How can I change Fleur de Vie into an admin account and keeping also Secours admin account ?

If we give Fleur de Vie to an admin account, I'm sure we'll fix the issues 3 and 4.
 

Attachments

  • UAC window old admin account.jpg
    UAC window old admin account.jpg
    210.8 KB · Views: 16
  • Fleur de Vie.jpg
    Fleur de Vie.jpg
    151.5 KB · Views: 21
  • Fleur de Vie admin cant modify.jpg
    Fleur de Vie admin cant modify.jpg
    160.2 KB · Views: 19
  • Administrators Group.jpg
    Administrators Group.jpg
    149.1 KB · Views: 16

My Computer

System One

  • Manufacturer/Model
    Amilo Pro v3505
    CPU
    Intel Core 2 T5300 1.73 Ghz
    Memory
    1 Gb
    Graphics Card(s)
    Intel Graphics Media Accelerator Driver for Mobile
    Sound Card
    Realteck
Well that is excellent news! We are making progress! Try it from Safe Mode, just to see if that works. Also, you have enabled the built in Administrator account, I think. Have you tried changing your settings from that? Thanks!
 

My Computer

System One

  • Manufacturer/Model
    Dell XPS 420
    CPU
    Intel Core 2 Quad Q9300 2.50GHz
    Motherboard
    Stock Dell 0TP406
    Memory
    4 gb (DDR2 800) 400MHz
    Graphics Card(s)
    ATI Radeon HD 3870 (512 MBytes)
    Sound Card
    Onboard
    Monitor(s) Displays
    1 x Dell 2007FP and 1 x (old) Sonic flat screen
    Screen Resolution
    1600 x 1200 and 1280 x 1204
    Hard Drives
    1 x 640Gb (SATA 300)
    Western Digital: WDC WD6400AAKS-75A7B0

    1 x 1Tb (SATA 600)
    Western Digital: Caviar Black, SATA 6GB/S, 64Mb cache, 8ms
    Western Digital: WDC WD1002FAEX-00Z3A0 ATA Device
    PSU
    Stock PSU - 375W
    Case
    Dell XPS 420
    Cooling
    Stock Fan
    Keyboard
    Dell Bluetooth
    Mouse
    Advent Optical ADE-WG01 (colour change light up)
    Internet Speed
    120 kb/s
    Other Info
    ASUS USB 3.0 5Gbps/SATA 6Gbps - PCI-Express Combo Controller Card (U3S6)
niemiro said:
Well that is excellent news! We are making progress! Try it from Safe Mode, just to see if that works. Also, you have enabled the built in Administrator account, I think. Have you tried changing your settings from that? Thanks!
Click to expand...


I will try it from Secours admin account in Safe Mode and will let you know.

Look at the third picture, I can't change Fleur de Vie into an admin account, something is still wrong ("modify this account" appears in grey). Did you notice ?

I think to fix this issues I need to change the permissions on Policies in the Registry.

Look at what I wrote a fews days ago here :

These are the permissions I have under : HKLM\Software\Windows\Currentversion\Policies

Authentified Users
System
Administrators

with the Owner is System.

I tried to change to the following:
Owner Creator System
Administrators
Users
With the owner to Administrators

When I reboot my computer, I checked it and I noticed that it didn't take an account my changing settings.
 

My Computer

System One

  • Manufacturer/Model
    Amilo Pro v3505
    CPU
    Intel Core 2 T5300 1.73 Ghz
    Memory
    1 Gb
    Graphics Card(s)
    Intel Graphics Media Accelerator Driver for Mobile
    Sound Card
    Realteck
I tried to disable UAC under the three accounts in Safe Mode, but it's not possible to make those changes.

When clicking "enable or disable UAC" in Safe Mode, nothing happens, no window appears.

Here you are a screenshot:
 

Attachments

  • UAC.jpg
    UAC.jpg
    62.2 KB · Views: 45

My Computer

System One

  • Manufacturer/Model
    Amilo Pro v3505
    CPU
    Intel Core 2 T5300 1.73 Ghz
    Memory
    1 Gb
    Graphics Card(s)
    Intel Graphics Media Accelerator Driver for Mobile
    Sound Card
    Realteck
Big big news Niemiro !! :D:D:D :party:

Bios trouble is fixed now thanks to the Fujitsu-Siemens support !

I downloaded a Vista Recovery Environment iso file and burn with Nero in a free CD Rom.

I booted up with the CD boot, it loads the CD but nothing happens, no window with the WINRE. I booted also from my USB stick with the same iso file, and I get the same scenario.

How to format a USB stick with vista ? I cliked on the H drive with a right click, Format, and I choose FAT by default one. Is that correct to boot up with my USB stick ?
 

My Computer

System One

  • Manufacturer/Model
    Amilo Pro v3505
    CPU
    Intel Core 2 T5300 1.73 Ghz
    Memory
    1 Gb
    Graphics Card(s)
    Intel Graphics Media Accelerator Driver for Mobile
    Sound Card
    Realteck
You must log in or register to reply here.
Back
Top