Fenêtres publicitaires intempestives

[syphilis]

et la suite avec OTL:

 

OTL logfile created on: 03/01/2011 16:41:38 - Run 1

OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\FABULEUZ\Desktop

64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.7930.16406)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

12,00 Gb Total Physical Memory | 10,00 Gb Available Physical Memory | 81,00% Memory free

24,00 Gb Paging File | 22,00 Gb Available in Paging File | 90,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 931,41 Gb Total Space | 389,43 Gb Free Space | 41,81% Space Free | Partition Type: NTFS

Drive F: | 931,51 Gb Total Space | 920,16 Gb Free Space | 98,78% Space Free | Partition Type: NTFS

Drive H: | 3,73 Gb Total Space | 2,65 Gb Free Space | 71,06% Space Free | Partition Type: FAT32

 

Computer Name: FABULEUZ-PC | User Name: FABULEUZ | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/01/03 16:38:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\FABULEUZ\Desktop\OTL.scr

PRC - [2011/01/01 19:00:01 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

PRC - [2010/11/19 08:19:00 | 001,579,408 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files (x86)\Fun4IM\BndCore.exe

PRC - [2010/11/17 17:19:44 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe

PRC - [2010/10/23 12:07:23 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

PRC - [2010/09/06 13:44:10 | 000,689,016 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\BitTorrent\bittorrent.exe

PRC - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

PRC - [2010/08/17 13:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

PRC - [2010/06/21 12:55:02 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

PRC - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011/01/03 16:38:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\FABULEUZ\Desktop\OTL.scr

MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2011/01/01 19:00:01 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2010/11/19 08:18:58 | 001,942,416 | ---- | M] (Bandoo Media Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Fun4IM\Bandoo.exe -- (Fun4IM Coordinator)

SRV - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)

SRV - [2009/07/16 16:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - File not found [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dmeoaaew.sys -- (dmeoaaew)

DRV:64bit: - [2011/01/01 19:00:09 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2010/08/17 13:39:11 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2010/06/23 09:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2010/06/17 22:21:25 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2009/07/16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)

DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/09 02:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2007/06/28 10:47:14 | 000,173,056 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdx64.sys -- (nmwcdx64)

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-698820930-825607945-331214559-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKU\S-1-5-21-698820930-825607945-331214559-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKU\S-1-5-21-698820930-825607945-331214559-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKU\S-1-5-21-698820930-825607945-331214559-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C7 EC A8 49 EF 0D CB 01 [binary data]

IE - HKU\S-1-5-21-698820930-825607945-331214559-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/06/17 22:40:48 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

 

[2011/01/03 13:21:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2010/09/17 03:15:35 | 000,000,000 | ---D | M] (BarQuery) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{D5493C6A-FD62-4255-AA85-AB7E7D0F0001}

[2010/09/01 16:51:20 | 000,000,000 | ---D | M] (z) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{db34f72a-2801-eaed-3b93-397b7a52fdc3}

[2010/10/23 14:43:25 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

 

O1 HOSTS File: ([2010/06/17 22:18:43 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 activate.adobe.com

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)

O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)

O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files (x86)\Fun4IM\Plugins\IE\ieplugin.dll (Bandoo Media Inc.)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)

O3:64bit: - HKU\S-1-5-21-698820930-825607945-331214559-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKU\S-1-5-21-698820930-825607945-331214559-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3:64bit: - HKU\S-1-5-21-698820930-825607945-331214559-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-698820930-825607945-331214559-1000..\Run: [JP595IR86O] C:\Users\FABULEUZ\AppData\Local\Temp\Ffq.exe File not found

O4 - HKU\S-1-5-21-698820930-825607945-331214559-1000..\Run: [steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

O4 - HKU\S-1-5-21-698820930-825607945-331214559-1000..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKU\S-1-5-21-698820930-825607945-331214559-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{07117579-be4d-11df-8c78-e0cb4ea68c46}\Shell - "" = AutoRun

O33 - MountPoints2\{07117579-be4d-11df-8c78-e0cb4ea68c46}\Shell\AutoRun\command - "" = E:\RunGame.exe -- File not found

O33 - MountPoints2\{73e0da44-7a56-11df-8d3e-e0cb4ea68c46}\Shell - "" = AutoRun

O33 - MountPoints2\{73e0da44-7a56-11df-8d3e-e0cb4ea68c46}\Shell\AutoRun\command - "" = G:\OblivionLauncher.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()

 

CREATERESTOREPOINT

Error creating restore point.

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/01/03 16:38:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\FABULEUZ\Desktop\OTL.scr

[2011/01/03 14:33:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2011/01/03 09:00:40 | 000,000,000 | ---D | C] -- C:\Users\FABULEUZ\Desktop\perrine malwares

[2011/01/02 08:24:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag

[2011/01/02 08:24:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP

[2011/01/02 08:06:29 | 000,000,000 | ---D | C] -- C:\Users\FABULEUZ\AppData\Roaming\Bandoo

[2010/12/31 19:02:58 | 000,000,000 | ---D | C] -- C:\Users\FABULEUZ\AppData\Roaming\Avira

[2010/12/31 14:03:58 | 000,000,000 | ---D | C] -- C:\Users\FABULEUZ\Desktop\HOW_TO_DESTROY_ANGELS_-_EP

[2010/12/31 11:04:10 | 001,633,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2010/12/31 11:04:10 | 001,502,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2010/12/31 11:04:10 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2010/12/31 11:04:10 | 001,355,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll

[2010/12/31 11:04:10 | 000,819,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2010/12/31 11:04:10 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2010/12/31 11:04:10 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2010/12/31 11:04:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2010/12/31 11:04:10 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2010/12/31 11:04:10 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2010/12/31 11:04:10 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2010/12/31 11:04:10 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2010/12/31 11:04:10 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2010/12/31 11:04:10 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2010/12/31 11:04:10 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2010/12/31 11:04:10 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2010/12/31 11:04:10 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2010/12/31 11:04:10 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll

[2010/12/31 11:04:09 | 000,690,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2010/12/31 11:04:09 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll

[2010/12/31 11:04:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2010/12/31 11:04:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2010/12/31 11:04:08 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2010/12/31 11:04:08 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2010/12/31 11:04:07 | 003,695,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2010/12/31 11:04:07 | 003,695,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2010/12/31 11:04:07 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2010/12/31 11:04:07 | 000,532,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2010/12/31 11:04:07 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2010/12/31 11:04:07 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2010/12/31 11:04:07 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2010/12/31 11:04:07 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll

[2010/12/31 11:04:07 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2010/12/31 11:04:07 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll

[2010/12/31 11:04:07 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll

[2010/12/31 11:04:07 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll

[2010/12/31 11:04:07 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe

[2010/12/31 11:04:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll

[2010/12/31 11:04:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll

[2010/12/31 11:04:07 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll

[2010/12/31 11:04:07 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2010/12/31 11:04:07 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2010/12/31 11:04:07 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll

[2010/12/31 11:04:07 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2010/12/31 11:04:07 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2010/12/31 11:04:07 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2010/12/31 11:04:07 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2010/12/31 11:04:07 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2010/12/31 11:04:07 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2010/12/31 11:04:07 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll

[2010/12/31 11:04:07 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2010/12/31 11:04:07 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll

[2010/12/31 11:04:07 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2010/12/31 11:04:07 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2010/12/31 11:04:07 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2010/12/31 11:04:06 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2010/12/31 11:04:06 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2010/12/31 11:04:06 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2010/12/31 11:04:06 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2010/12/31 11:04:06 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll

[2010/12/31 11:04:06 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2010/12/31 11:04:06 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2010/12/31 11:04:06 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2010/12/31 11:04:06 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2010/12/31 11:04:06 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2010/12/31 11:04:06 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2010/12/31 11:04:06 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2010/12/31 11:04:06 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2010/12/31 11:04:06 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2010/12/31 11:04:06 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx

[2010/12/31 11:04:06 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2010/12/31 11:04:06 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2010/12/31 11:04:06 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2010/12/31 11:04:06 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2010/12/31 11:04:06 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx

[2010/12/31 11:04:06 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2010/12/31 11:04:06 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2010/12/31 11:04:06 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2010/12/31 11:03:37 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll

[2010/12/31 11:03:36 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll

[2010/12/31 11:03:36 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll

[2010/12/31 11:03:36 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL

[2010/12/31 11:03:36 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL

[2010/12/31 11:03:36 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll

[2010/12/31 11:03:36 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll

[2010/12/31 11:03:19 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll

[2010/12/31 11:03:19 | 000,899,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll

[2010/12/31 11:03:19 | 000,737,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll

[2010/12/31 11:03:19 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll

[2010/12/31 11:03:18 | 001,844,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll

[2010/12/31 11:03:18 | 001,543,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll

[2010/12/31 11:03:18 | 001,076,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll

[2010/12/31 11:03:18 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll

[2010/12/31 11:03:01 | 000,466,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll

[2010/12/31 11:03:01 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll

[2010/12/31 11:03:01 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll

[2010/12/31 11:03:01 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll

[2010/12/31 11:02:43 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll

[2010/12/31 11:02:43 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll

[2010/12/31 11:02:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Feedback Tool

[2010/12/31 10:53:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

[2010/12/31 10:52:58 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys

[2010/12/31 10:52:58 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys

[2010/12/31 10:52:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2010/12/31 10:52:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira

[2010/12/21 20:45:44 | 000,000,000 | ---D | C] -- C:\Users\FABULEUZ\Desktop\factures

[2010/12/21 20:42:25 | 000,000,000 | ---D | C] -- C:\Users\FABULEUZ\Desktop\divers

[2010/12/21 20:04:48 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll

[2010/12/21 20:04:48 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll

[2010/12/21 20:04:48 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll

[2010/12/21 20:04:48 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll

[2010/12/21 20:04:48 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe

[2010/12/21 20:04:48 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll

[2010/12/21 20:04:48 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe

[2010/12/21 20:04:48 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe

[2010/12/21 20:04:47 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll

[2010/12/21 20:04:47 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll

[2010/12/21 20:04:44 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll

[2010/12/21 20:04:43 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll

[2010/12/21 20:04:43 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll

[2010/12/21 20:04:43 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll

[2010/12/21 20:03:25 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe

[2010/12/15 12:02:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\icons

[2010/12/15 12:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fun4IM

[2010/12/15 12:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Fun4IM

[2010/12/15 12:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fun4IM

[2010/12/06 12:27:22 | 000,000,000 | ---D | C] -- C:\Users\FABULEUZ\AppData\Roaming\Mozilla

 

========== Files - Modified Within 30 Days ==========

 

[2011/01/03 16:38:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\FABULEUZ\Desktop\OTL.scr

[2011/01/03 16:34:02 | 000,000,298 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

[2011/01/03 16:21:46 | 617,866,682 | ---- | M] () -- C:\Users\FABULEUZ\Desktop\august.avi

[2011/01/03 16:05:03 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/01/03 15:57:02 | 000,000,252 | -H-- | M] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job

[2011/01/03 15:53:03 | 000,000,298 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job

[2011/01/03 14:33:48 | 002,672,312 | ---- | M] () -- C:\Users\FABULEUZ\Desktop\esetsmartinstaller_enu.exe

[2011/01/03 13:46:46 | 001,549,700 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011/01/03 13:46:46 | 000,704,242 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat

[2011/01/03 13:46:46 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011/01/03 13:46:46 | 000,130,548 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat

[2011/01/03 13:46:46 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011/01/03 13:28:21 | 000,019,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/01/03 13:28:21 | 000,019,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/01/03 13:21:14 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/01/03 13:20:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/01/03 13:20:49 | 1066,754,046 | -HS- | M] () -- C:\hiberfil.sys

[2011/01/03 13:07:20 | 812,187,198 | ---- | M] () -- C:\Users\FABULEUZ\Desktop\august brass band.avi

[2011/01/03 12:28:42 | 850,703,238 | ---- | M] () -- C:\Users\FABULEUZ\Desktop\bon kam.avi

[2011/01/03 11:22:54 | 2789,372,086 | ---- | M] () -- C:\Users\FABULEUZ\Desktop\kam.avi

[2011/01/03 08:16:50 | 000,000,382 | ---- | M] () -- C:\Users\FABULEUZ\defogger_reenable

[2011/01/02 20:52:09 | 000,000,023 | ---- | M] () -- C:\Windows\BlendSettings.ini

[2011/01/01 19:00:09 | 000,083,120 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys

[2010/12/31 19:00:14 | 000,001,449 | ---- | M] () -- C:\Users\FABULEUZ\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2010/12/31 14:02:35 | 069,723,698 | ---- | M] () -- C:\Users\FABULEUZ\Desktop\HOW_TO_DESTROY_ANGELS_-_EP.zip

[2010/12/31 13:54:20 | 039,356,510 | ---- | M] () -- C:\Users\FABULEUZ\Desktop\La Gare 16 D2.m4v

[2010/12/31 10:53:08 | 000,002,062 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk

[2010/12/30 08:06:09 | 004,866,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2010/12/27 11:56:27 | 000,166,056 | ---- | M] () -- C:\Users\FABULEUZ\Desktop\bon_a_priori_je_ne_peux_plus_envoyer_de_piece_jointe_par_mozilla_mais.....heureusement_explorer_est_la_haha!!.zip

[2010/12/16 13:00:50 | 000,013,049 | -HS- | M] () -- C:\Users\FABULEUZ\Desktop\Folder.jpg

[2010/12/16 13:00:50 | 000,013,049 | -HS- | M] () -- C:\Users\FABULEUZ\Desktop\AlbumArt_{11AD0C50-892B-41BA-AED0-8000D58A7217}_Large.jpg

[2010/12/16 13:00:49 | 000,003,166 | -HS- | M] () -- C:\Users\FABULEUZ\Desktop\AlbumArtSmall.jpg

[2010/12/16 13:00:49 | 000,003,166 | -HS- | M] () -- C:\Users\FABULEUZ\Desktop\AlbumArt_{11AD0C50-892B-41BA-AED0-8000D58A7217}_Small.jpg

 

========== Files Created - No Company Name ==========

 

[2011/01/03 16:17:25 | 617,866,682 | ---- | C] () -- C:\Users\FABULEUZ\Desktop\august.avi

[2011/01/03 14:33:48 | 002,672,312 | ---- | C] () -- C:\Users\FABULEUZ\Desktop\esetsmartinstaller_enu.exe

[2011/01/03 14:16:45 | 039,356,510 | ---- | C] () -- C:\Users\FABULEUZ\Desktop\La Gare 16 D2.m4v

[2011/01/03 13:03:54 | 812,187,198 | ---- | C] () -- C:\Users\FABULEUZ\Desktop\august brass band.avi

[2011/01/03 12:24:56 | 850,703,238 | ---- | C] () -- C:\Users\FABULEUZ\Desktop\bon kam.avi

[2011/01/03 11:01:09 | 2789,372,086 | ---- | C] () -- C:\Users\FABULEUZ\Desktop\kam.avi

[2011/01/03 08:16:50 | 000,000,382 | ---- | C] () -- C:\Users\FABULEUZ\defogger_reenable

[2010/12/31 14:02:35 | 069,723,698 | ---- | C] () -- C:\Users\FABULEUZ\Desktop\HOW_TO_DESTROY_ANGELS_-_EP.zip

[2010/12/31 11:04:10 | 000,072,533 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf

[2010/12/31 11:04:10 | 000,072,533 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf

[2010/12/31 10:53:08 | 000,002,062 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk

[2010/12/27 11:56:25 | 000,166,056 | ---- | C] () -- C:\Users\FABULEUZ\Desktop\bon_a_priori_je_ne_peux_plus_envoyer_de_piece_jointe_par_mozilla_mais.....heureusement_explorer_est_la_haha!!.zip

[2010/12/16 13:00:51 | 000,013,049 | -HS- | C] () -- C:\Users\FABULEUZ\Desktop\Folder.jpg

[2010/12/16 13:00:51 | 000,013,049 | -HS- | C] () -- C:\Users\FABULEUZ\Desktop\AlbumArt_{11AD0C50-892B-41BA-AED0-8000D58A7217}_Large.jpg

[2010/12/16 13:00:51 | 000,003,166 | -HS- | C] () -- C:\Users\FABULEUZ\Desktop\AlbumArtSmall.jpg

[2010/12/16 13:00:51 | 000,003,166 | -HS- | C] () -- C:\Users\FABULEUZ\Desktop\AlbumArt_{11AD0C50-892B-41BA-AED0-8000D58A7217}_Small.jpg

[2010/12/15 12:02:15 | 000,000,298 | -H-- | C] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

[2010/12/15 12:01:51 | 000,000,298 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job

[2010/12/15 12:01:35 | 000,000,252 | -H-- | C] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job

[2010/10/23 13:26:14 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini

[2010/08/23 09:34:17 | 000,011,264 | ---- | C] () -- C:\Windows\SysWow64\Utils.dll

[2010/08/20 17:35:34 | 000,001,456 | ---- | C] () -- C:\Users\FABULEUZ\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs

[2010/08/20 16:42:02 | 000,000,132 | ---- | C] () -- C:\Users\FABULEUZ\AppData\Roaming\Adobe GIF Format CS5 Prefs

[2010/06/20 19:56:35 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll

[2010/06/19 18:41:58 | 000,000,224 | ---- | C] () -- C:\Windows\FORGE32.INI

[2010/06/17 23:08:43 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI

[2010/06/17 21:53:48 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll

[2010/06/16 17:59:19 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini

[2010/06/16 17:57:17 | 000,024,206 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2007/12/28 08:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS

 

========== LOP Check ==========

 

[2010/10/12 10:47:33 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\DAEMON Tools Lite

[2010/10/12 11:00:01 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\TuneUp Software

[2010/08/03 09:50:35 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\36-image converter

[2010/08/03 09:54:57 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\Any Image

[2010/10/08 19:32:39 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\Audacity

[2011/01/02 08:06:29 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\Bandoo

[2011/01/03 16:42:41 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\BitTorrent

[2010/06/17 22:24:42 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\DAEMON Tools Lite

[2010/09/11 18:31:01 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\HTML Executable

[2010/08/23 10:26:04 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\OpenOffice.org

[2010/06/17 23:08:43 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\PACE Anti-Piracy

[2010/09/16 12:33:53 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\Poser Pro

[2010/09/16 12:36:17 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\Queue Manager

[2010/06/17 23:09:10 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2010/09/13 10:26:44 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\TuneUp Software

[2010/09/02 17:43:51 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\Uniblue

[2010/11/21 14:57:45 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2011/01/03 15:53:03 | 000,000,298 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job

[2011/01/03 15:57:02 | 000,000,252 | -H-- | M] () -- C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job

[2011/01/03 16:34:02 | 000,000,298 | -H-- | M] () -- C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.exe >

[1997/03/25 18:21:22 | 000,265,396 | R--- | M] () -- C:\DOS4GW.EXE

[1997/03/25 18:21:22 | 001,643,223 | R--- | M] () -- C:\HOSPITAL.EXE

[2002/03/21 23:00:00 | 000,005,120 | ---- | M] () -- C:\vieux jeux.exe

 

< %ALLUSERSPROFILE%\Application Data\*. >

 

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

 

< %appdata% *.exe /s >

 

 

< MD5 for: AGP440.SYS >

[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys

[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

 

< MD5 for: ATAPI.SYS >

[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys

[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

 

< MD5 for: CDROM.SYS >

[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys

[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

 

< MD5 for: CNGAUDIT.DLL >

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

 

< MD5 for: CSRSS.EXE >

[2009/07/14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

 

< MD5 for: EXPLORER.EXE >

[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe

[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe

[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe

[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe

[2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe

[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe

[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe

[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe

[2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe

[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe

[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe

[2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

 

< MD5 for: IASTORV.SYS >

[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys

[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

 

< MD5 for: NDIS.SYS >

[2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

 

< MD5 for: NETLOGON.DLL >

[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll

[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll

[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll

[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

 

< MD5 for: NVSTOR.SYS >

[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys

[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

 

< MD5 for: SCECLI.DLL >

[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll

[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll

[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll

[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

 

< MD5 for: TCPIP.SYS >

[2010/06/14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys

[2010/06/14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys

[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

 

< MD5 for: USERINIT.EXE >

[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe

[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe

[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

 

< MD5 for: WININIT.EXE >

[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe

[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe

[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe

[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

 

< MD5 for: WINLOGON.EXE >

[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

[2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe

[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

 

< %systemroot%\*. /mp /s >

 

< >

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:EEE39B00

@Alternate Data Stream - 1232 bytes -> C:\ProgramData\Microsoft:dgahiEprLljUVLQrU

@Alternate Data Stream - 1223 bytes -> C:\Program Files\Common Files\System:KtR1tMU0RvjCnLjjGPOHpcYhx

@Alternate Data Stream - 1095 bytes -> C:\ProgramData\Microsoft:2YhhLnHkrjm4rRDmOW3JWjB

@Alternate Data Stream - 1093 bytes -> C:\Program Files\Common Files\Microsoft Shared:vh8R7UKznwW13qNrhinLCb41H

@Alternate Data Stream - 1074 bytes -> C:\ProgramData\Microsoft:SDOyeYl1wleId3SCmOp

 

< End of report >

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

et enfin,

 

 

OTL Extras logfile created on: 03/01/2011 16:41:38 - Run 1

OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\FABULEUZ\Desktop

64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.7930.16406)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

12,00 Gb Total Physical Memory | 10,00 Gb Available Physical Memory | 81,00% Memory free

24,00 Gb Paging File | 22,00 Gb Available in Paging File | 90,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 931,41 Gb Total Space | 389,43 Gb Free Space | 41,81% Space Free | Partition Type: NTFS

Drive F: | 931,51 Gb Total Space | 920,16 Gb Free Space | 98,78% Space Free | Partition Type: NTFS

Drive H: | 3,73 Gb Total Space | 2,65 Gb Free Space | 71,06% Space Free | Partition Type: FAT32

 

Computer Name: FABULEUZ-PC | User Name: FABULEUZ | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

========== Authorized Applications List ==========

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64

"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll

"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64

"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64

"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64

"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64

"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64

"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver

"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"NVIDIA Display Control Panel" = NVIDIA Display Control Panel

"NVIDIA Drivers" = NVIDIA Drivers

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20

"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion

"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX

"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call of Pripyat [v1.6.02]

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher

"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A99968BE-C155-474C-0089-33239DEE1CE2}" = Need For Speed Underground

"{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.2 - Français

"{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin

"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BE}" = WinZip 15.0

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{E9AE9A91-AB45-4321-87BD-AD34855D944F}" = Chessmaster 10ème Edition

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"ASIO4ALL" = ASIO4ALL

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"BitTorrent" = BitTorrent

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"CoreAAC" = CoreAAC

"eMule" = eMule

"ffdshow_is1" = ffdshow

"FL Studio 8" = FL Studio 8

"FL Studio 9" = FL Studio 9

"Forms Data Loader Free Edition_is1" = Forms Data Loader Free Edition

"GOM ENCODER" = GOM ENCODER

"GOM Player" = GOM Player

"Hardcore" = Hardcore

"Hitman: Contracts" = Hitman: Contracts

"IL Download Manager" = IL Download Manager

"InstallShield_{E9AE9A91-AB45-4321-87BD-AD34855D944F}" = Chessmaster 10ème Edition

"PoiZone" = PoiZone

"Road To Fame_is1" = Road To Fame

"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl

"Sawer" = Sawer

"Steam App 50130" = Mafia II

"TOWeb-SetupID-0003_is1" = Lauyan TOWeb V3

"Toxic Biohazard" = Toxic Biohazard

"VLC media player" = VLC media player 1.0.5

"ZHPDiag_is1" = ZHPDiag 1.27

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-698820930-825607945-331214559-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 31/12/2010 13:12:29 | Computer Name = FABULEUZ-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante Oblivion.exe, version : 0.1.0.228,

horodatage : 0x44045dcb Nom du module défaillant : unknown, version : 0.0.0.0, horodatage

: 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x78457453 ID du processus

défaillant : 0xa80 Heure de début de l’application défaillante : 0x01cba8f248cf4757

Chemin

d’accès de l’application défaillante : C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe

Chemin

d’accès du module défaillant: unknown ID de rapport : 2587ecd8-1501-11e0-befa-e0cb4ea68c46

 

Error - 31/12/2010 20:28:54 | Computer Name = FABULEUZ-PC | Source = SideBySide | ID = 16842815

Description = La création du contexte d’activation a échoué pour « C:\Program Files

(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier

de manifeste ou de stratégie « C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR »

de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.

 

Error - 01/01/2011 23:58:27 | Computer Name = FABULEUZ-PC | Source = SideBySide | ID = 16842815

Description = La création du contexte d’activation a échoué pour « C:\Program Files

(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier

de manifeste ou de stratégie « C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR »

de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.

 

Error - 02/01/2011 08:37:45 | Computer Name = FABULEUZ-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante Oblivion.exe, version : 0.1.0.228,

horodatage : 0x44045dcb Nom du module défaillant : unknown, version : 0.0.0.0, horodatage

: 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x02000080 ID du processus

défaillant : 0xe60 Heure de début de l’application défaillante : 0x01cbaa6db55682e9

Chemin

d’accès de l’application défaillante : C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe

Chemin

d’accès du module défaillant: unknown ID de rapport : 190e64a0-166d-11e0-8707-e0cb4ea68c46

 

Error - 02/01/2011 11:24:55 | Computer Name = FABULEUZ-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante Oblivion.exe, version : 0.1.0.228,

horodatage : 0x44045dcb Nom du module défaillant : Oblivion.exe, version : 0.1.0.228,

horodatage : 0x44045dcb Code d’exception : 0xc0000005 Décalage d’erreur : 0x002c7c6c

ID

du processus défaillant : 0x100 Heure de début de l’application défaillante : 0x01cbaa85b5c9d88a

Chemin

d’accès de l’application défaillante : C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe

Chemin

d’accès du module défaillant: C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe

ID

de rapport : 73356df1-1684-11e0-8707-e0cb4ea68c46

 

Error - 02/01/2011 12:27:48 | Computer Name = FABULEUZ-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante Oblivion.exe, version : 0.1.0.228,

horodatage : 0x44045dcb Nom du module défaillant : Oblivion.exe, version : 0.1.0.228,

horodatage : 0x44045dcb Code d’exception : 0xc0000005 Décalage d’erreur : 0x002c7c6c

ID

du processus défaillant : 0x834 Heure de début de l’application défaillante : 0x01cbaa9358eff545

Chemin

d’accès de l’application défaillante : C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe

Chemin

d’accès du module défaillant: C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe

ID

de rapport : 3bc78e1c-168d-11e0-8707-e0cb4ea68c46

 

Error - 02/01/2011 21:38:33 | Computer Name = FABULEUZ-PC | Source = SideBySide | ID = 16842815

Description = La création du contexte d’activation a échoué pour « C:\Program Files

(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier

de manifeste ou de stratégie « C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR »

de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.

 

Error - 03/01/2011 03:27:19 | Computer Name = FABULEUZ-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante gmer.exe, version : 1.0.15.15530,

horodatage : 0x4cd7c3b7 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage

: 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000 ID du processus

défaillant : 0xdbc Heure de début de l’application défaillante : 0x01cbab177d28ea06

Chemin

d’accès de l’application défaillante : C:\Users\FABULEUZ\Desktop\gmer.exe Chemin

d’accès du module défaillant: unknown ID de rapport : e5646f2d-170a-11e0-959a-e0cb4ea68c46

 

Error - 03/01/2011 09:33:53 | Computer Name = FABULEUZ-PC | Source = SideBySide | ID = 16842832

Description = La création du contexte d’activation a échoué pour « C:\Users\FABULEUZ\Desktop\esetsmartinstaller_enu.exe ».

Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version

de composant nécessaire à l’application est en conflit avec une autre version de

composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

Composant

2 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

 

Error - 03/01/2011 09:33:56 | Computer Name = FABULEUZ-PC | Source = SideBySide | ID = 16842832

Description = La création du contexte d’activation a échoué pour « C:\Users\FABULEUZ\Desktop\esetsmartinstaller_enu.exe ».

Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version

de composant nécessaire à l’application est en conflit avec une autre version de

composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

Composant

2 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

 

[ Media Center Events ]

Error - 29/08/2010 19:15:20 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0

Description = 01:15:20 - Erreur de connexion à Internet. 01:15:20 - Impossible

de contacter le service..

 

Error - 29/08/2010 19:15:27 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0

Description = 01:15:25 - Erreur de connexion à Internet. 01:15:25 - Impossible

de contacter le service..

 

Error - 29/08/2010 20:15:30 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0

Description = 02:15:30 - Erreur de connexion à Internet. 02:15:30 - Impossible

de contacter le service..

 

Error - 29/08/2010 20:15:37 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0

Description = 02:15:35 - Erreur de connexion à Internet. 02:15:35 - Impossible

de contacter le service..

 

Error - 30/08/2010 17:19:50 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0

Description = 23:19:50 - Erreur de connexion à Internet. 23:19:50 - Impossible

de contacter le service..

 

Error - 30/08/2010 17:20:00 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0

Description = 23:19:55 - Erreur de connexion à Internet. 23:19:55 - Impossible

de contacter le service..

 

Error - 28/12/2010 22:34:17 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0

Description = 03:34:17 - Erreur de connexion à Internet. 03:34:17 - Impossible

de contacter le service..

 

Error - 28/12/2010 23:35:03 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0

Description = 04:35:02 - Erreur de connexion à Internet. 04:35:02 - Impossible

de contacter le service..

 

Error - 29/12/2010 00:35:48 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0

Description = 05:35:47 - Erreur de connexion à Internet. 05:35:47 - Impossible

de contacter le service..

 

Error - 29/12/2010 01:36:33 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0

Description = 06:36:32 - Erreur de connexion à Internet. 06:36:32 - Impossible

de contacter le service..

 

[ System Events ]

Error - 02/01/2011 07:05:15 | Computer Name = FABULEUZ-PC | Source = EventLog | ID = 6008

Description = L’arrêt système précédant à 12:03:51 le ?02/?01/?2011 n’était pas

prévu.

 

Error - 02/01/2011 07:05:22 | Computer Name = FABULEUZ-PC | Source = Service Control Manager | ID = 7009

Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de

l’attente de la connexion du service Fun4IM Coordinator.

 

Error - 02/01/2011 07:05:22 | Computer Name = FABULEUZ-PC | Source = Service Control Manager | ID = 7000

Description = Le service Fun4IM Coordinator n’a pas pu démarrer en raison de l’erreur :

%%1053

 

Error - 03/01/2011 03:16:59 | Computer Name = FABULEUZ-PC | Source = DCOM | ID = 10010

Description =

 

Error - 03/01/2011 03:18:03 | Computer Name = FABULEUZ-PC | Source = Service Control Manager | ID = 7009

Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de

l’attente de la connexion du service Fun4IM Coordinator.

 

Error - 03/01/2011 03:18:03 | Computer Name = FABULEUZ-PC | Source = Service Control Manager | ID = 7000

Description = Le service Fun4IM Coordinator n’a pas pu démarrer en raison de l’erreur :

%%1053

 

Error - 03/01/2011 08:14:54 | Computer Name = FABULEUZ-PC | Source = Service Control Manager | ID = 7009

Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de

l’attente de la connexion du service Fun4IM Coordinator.

 

Error - 03/01/2011 08:14:54 | Computer Name = FABULEUZ-PC | Source = Service Control Manager | ID = 7000

Description = Le service Fun4IM Coordinator n’a pas pu démarrer en raison de l’erreur :

%%1053

 

Error - 03/01/2011 08:21:04 | Computer Name = FABULEUZ-PC | Source = Service Control Manager | ID = 7009

Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de

l’attente de la connexion du service Fun4IM Coordinator.

 

Error - 03/01/2011 08:21:04 | Computer Name = FABULEUZ-PC | Source = Service Control Manager | ID = 7000

Description = Le service Fun4IM Coordinator n’a pas pu démarrer en raison de l’erreur :

%%1053

 

 

< End of report >

 

 

 

 

 

 

 

à bientot

[pear]

Bonsoir,

 

Relancez Otl:

 

Sous Custom scan Files ou Personnalisation

Copiez Collez

:OTL

PRC - [2010/11/19 08:19:00 | 001,579,408 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files (x86)\Fun4IM\BndCore.exe

SRV - [2010/11/19 08:18:58 | 001,942,416 | ---- | M] (Bandoo Media Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Fun4IM\Bandoo.exe -- (Fun4IM Coordinator)

DRV:64bit: - File not found [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dmeoaaew.sys -- (dmeoaaew)

O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files (x86)\Fun4IM\Plugins\IE\ieplugin.dll (Bandoo Media Inc.)

O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found

O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)

O3:64bit: - HKU\S-1-5-21-698820930-825607945-331214559-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found

O4 - HKU\S-1-5-21-698820930-825607945-331214559-1000..\Run: [JP595IR86O] C:\Users\FABULEUZ\AppData\Local\Temp\Ffq.exe File not found

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O33 - MountPoints2\{07117579-be4d-11df-8c78-e0cb4ea68c46}\Shell\AutoRun\command - "" = E:\RunGame.exe -- File not found

O33 - MountPoints2\{73e0da44-7a56-11df-8d3e-e0cb4ea68c46}\Shell\AutoRun\command - "" = G:\OblivionLauncher.exe -- File not found

[2010/12/15 12:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fun4IM

[2010/12/15 12:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Fun4IM

[2010/12/15 12:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fun4IM

[2011/01/03 16:05:03 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/01/03 13:21:14 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/01/03 16:34:02 | 000,000,298 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

[2011/01/03 15:57:02 | 000,000,252 | -H-- | M] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job

[2011/01/03 15:53:03 | 000,000,298 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job

2011/01/02 08:06:29 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\Bandoo

 

 

:reg

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]

""=""%1" %*"

 

64bit: -[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]

""=""%1" %*"

[purity]

[emptytemp]

[resethosts]

[Reboot]

-------->Cliquer Runfix ou Correction

 

OTL redémarrera le système automatiquement.

Postez le rapport.

[syphilis]

alors...

 

j'ai fais comme préconisé, mais au redémarrage, le rapport n'a pas pu etre inscrit dans le bloc note pour un problème de syntaxe, selon le message d'erreur...de plus internet explorer ne se lance plus, j'ai donc réinstaller une version de mozilla firefox pour pouvoir continuer de naviguer, où des fenetres s'ouvrent à tous bouts de champs... ça devient critique!

[syphilis]

rectification: j'ai récupéré internet explorer, il s'ouvre meme sans que je lui demande rien depuis que je lui ai demandé de "start in private bouncing", mais bref, ça doit etre une simple histoire de configuration