Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Firefox keeps collapsing

Started by RedSuedePump , Nov 23 2014 05:29 AM

  • This topic is locked This topic is locked

#1
RedSuedePump
Posted 23 November 2014 - 05:29 AM

RedSuedePump

    Member

  • Member
  • PipPipPip
  • 260 posts

Hello,

 

I'm not sure if this is relevant to this forum, but Firefox keeps closing on my computer, in particular when I access hotmail or yahoo mail.

 

The computer also won't turn off in the normal way (i.e. via Start/turn off) and Norton seems to 'encounter problems' and then shut down. They look like standard malware symptoms to me, but I've no idea what.

 

I've run OTL and have posted the results below. OTL also generated an Extras file. Should I post this too?

 

Would appreciate some help.

 

RSP

 

OTL logfile created on: 23/11/2014 11:01:40 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Sarl York Edward\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: Royaume-Uni | Language: ENG | Date Format: dd/MM/yyyy
 
2.00 Gb Total Physical Memory | 1.42 Gb Available Physical Memory | 71.13% Memory free
3.85 Gb Paging File | 3.48 Gb Available in Paging File | 90.41% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 94.61 Gb Free Space | 63.48% Space Free | Partition Type: NTFS
Drive E: | 14.43 Gb Total Space | 9.70 Gb Free Space | 67.23% Space Free | Partition Type: FAT32
Drive F: | 14.43 Gb Total Space | 12.41 Gb Free Space | 86.00% Space Free | Partition Type: FAT32
 
Computer Name: WILLIAMWOTTENGE | User Name: Sarl York Edward | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/11/23 11:54:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sarl York Edward\Bureau\OTL.exe
PRC - [2014/09/21 10:17:47 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\21.6.0.32\n360.exe
PRC - [2014/09/05 20:11:56 | 000,153,072 | ---- | M] (Coupons.com Inc.) -- C:\Program Files\Coupon Printer\CouponPrinterService.exe
PRC - [2014/07/11 16:14:20 | 000,118,272 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2014/07/11 15:58:08 | 007,241,728 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2013/10/08 16:46:36 | 000,208,424 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Program Files\Lexware\Update Manager\LxUpdateManager.exe
PRC - [2013/09/26 12:18:02 | 001,620,520 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Program Files\Fichiers communs\Lexware\LxWebAccess\LxWebAccess.exe
PRC - [2012/07/05 14:11:14 | 000,008,192 | ---- | M] (Microsoft) -- C:\Program Files\Fichiers communs\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe
PRC - [2012/05/17 08:59:56 | 000,053,248 | ---- | M] (Sage (UK) Limited) -- C:\Program Files\Fichiers communs\Sage SData\Sage.SData.Service.exe
PRC - [2008/04/14 02:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/11/09 15:40:32 | 000,110,592 | ---- | M] ( ) -- C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe
PRC - [2005/11/09 15:19:38 | 000,634,880 | ---- | M] (Maxtor Corporation) -- C:\Program Files\Maxtor\OneTouch\Utils\OneTouch.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/03/26 13:17:29 | 000,680,960 | ---- | M] () -- C:\windows\assembly\GAC_32\Sage.Central.AutoUpdateManager\1.0.0.0__021b26c6762d83c5\Sage.Central.AutoUpdateManager.dll
MOD - [2014/03/26 13:16:37 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Sage.Common.Web.Server\1.0.0.0__c59b718b5ca510a8\Sage.Common.Web.Server.dll
MOD - [2014/03/26 13:16:36 | 000,258,048 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Sage.Integration.Server\1.0.0.0__3f422f0ff54abde1\Sage.Integration.Server.dll
MOD - [2014/03/26 13:16:36 | 000,077,824 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Sage.Utilities\1.0.0.0__c59b718b5ca510a8\Sage.Utilities.dll
MOD - [2014/03/26 13:16:36 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Sage.Integration.Server.Model\1.0.0.0__3f422f0ff54abde1\Sage.Integration.Server.Model.dll
MOD - [2014/03/26 13:16:36 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Sage.Integration.Server.Feeds\1.0.0.0__3f422f0ff54abde1\Sage.Integration.Server.Feeds.dll
MOD - [2014/03/26 13:16:35 | 000,851,968 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Sage.Common.Syndication\1.0.0.0__c59b718b5ca510a8\Sage.Common.Syndication.dll
MOD - [2014/03/26 13:16:34 | 000,010,240 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Sage.Integration.Diagnostics\1.0.0.0__3f422f0ff54abde1\Sage.Integration.Diagnostics.dll
MOD - [2014/02/15 09:00:23 | 018,109,440 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\dd733c6f1f9f50f3517d48da5bea80d2\System.ServiceModel.ni.dll
MOD - [2014/02/15 08:57:53 | 000,649,728 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\fc7255cccb69c45a808b3d7e6abf55c5\System.Transactions.ni.dll
MOD - [2014/02/15 08:57:52 | 001,021,440 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\469dd20488c4a9606abe21189a3c1ab9\System.Runtime.DurableInstancing.ni.dll
MOD - [2014/02/15 08:57:51 | 000,143,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\27bdc6196968e44234654e30e1028750\SMDiagnostics.ni.dll
MOD - [2014/02/15 08:57:50 | 002,658,304 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\fa954900a6cf3a095efadfa4c683a32c\System.Runtime.Serialization.ni.dll
MOD - [2014/02/15 08:57:47 | 000,393,216 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\05be173cbacba4b7604a67a267acdfe4\System.Xml.Linq.ni.dll
MOD - [2014/02/15 08:57:46 | 001,801,728 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d116eda30a35c490e59221b0ebac6fcd\System.Xaml.ni.dll
MOD - [2014/02/15 08:57:37 | 000,011,776 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\211925af2639b2445fda3b8c040e5a8a\Microsoft.VisualC.ni.dll
MOD - [2014/02/15 08:57:24 | 000,194,048 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\d7785512895a0427dad1bef2155b7ffc\CustomMarshalers.ni.dll
MOD - [2014/02/15 08:57:10 | 011,906,048 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\90e490c25be955a75f133cb359569009\System.Web.ni.dll
MOD - [2014/02/14 15:06:08 | 013,199,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\2781e84862746a34f026d0ee179eed2b\System.Windows.Forms.ni.dll
MOD - [2014/02/14 15:05:53 | 001,667,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\243ff1822abc8282cb8fee37538170b4\System.Drawing.ni.dll
MOD - [2014/02/14 15:05:46 | 001,014,272 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\991c4e11f571a4074b9c4a5841222338\System.Configuration.ni.dll
MOD - [2014/02/14 15:05:44 | 007,053,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\a4b5a1a06d2d7f77258943c8c228a5e0\System.Core.ni.dll
MOD - [2014/02/14 15:05:34 | 005,628,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\850fa7110c7423c324762c1ad3130219\System.Xml.ni.dll
MOD - [2014/02/14 15:05:21 | 009,099,776 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\4c906eb82e6f56aea01b2a7291fab7ea\System.ni.dll
MOD - [2014/02/14 15:05:03 | 014,416,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\4e62d1d9b7dd2c2d14915abb73c22d50\mscorlib.ni.dll
MOD - [2014/02/14 14:57:01 | 000,141,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\f254328a10638e87223d401b39197c91\System.Configuration.Install.ni.dll
MOD - [2014/02/14 14:56:56 | 000,978,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b6e70acd99dc22e29b7fc8f9ac340c4\System.Configuration.ni.dll
MOD - [2014/02/14 14:56:55 | 000,212,992 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8cd995f00848816e3ec49dc326e3d49b\System.ServiceProcess.ni.dll
MOD - [2014/02/14 14:51:15 | 005,462,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb722edf9e1e738\System.Xml.ni.dll
MOD - [2014/02/14 14:49:31 | 007,977,984 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll
MOD - [2014/02/14 14:49:08 | 011,497,984 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll
MOD - [2014/02/01 13:30:46 | 000,861,184 | ---- | M] () -- C:\Program Files\LeapFrog\LeapFrog Connect\platforms\qwindows.dll
MOD - [2013/09/26 12:20:40 | 000,176,168 | ---- | M] () -- C:\Program Files\Lexware\Update Manager\Haufe.Core.Diagnostics.Logging.Targets.Etw.dll
MOD - [2013/09/26 12:20:40 | 000,043,048 | ---- | M] () -- C:\Program Files\Lexware\Update Manager\Haufe.Core.Diagnostics.Etw.dll
MOD - [2012/06/18 15:24:30 | 000,260,096 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_05.dll
MOD - [2012/04/08 14:10:06 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2007/08/21 12:32:44 | 000,098,304 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - File not found [Disabled | Stopped] -- C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe -- (DCService.exe)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2014/11/11 10:12:02 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/09/21 10:17:47 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe -- (N360)
SRV - [2014/09/05 20:11:56 | 000,153,072 | ---- | M] (Coupons.com Inc.) [Auto | Running] -- C:\Program Files\Coupon Printer\CouponPrinterService.exe -- (CouponPrinterService)
SRV - [2014/07/11 15:58:08 | 007,241,728 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2014/06/23 06:13:07 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/05 14:11:14 | 000,008,192 | ---- | M] (Microsoft) [Auto | Running] -- C:\Program Files\Fichiers communs\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe -- (Sage AutoUpdate Manager Service)
SRV - [2012/05/17 08:59:56 | 000,053,248 | ---- | M] (Sage (UK) Limited) [Auto | Running] -- C:\Program Files\Fichiers communs\Sage SData\Sage.SData.Service.exe -- (Sage SData Service)
SRV - [2012/04/02 14:36:58 | 000,096,768 | ---- | M] (Freemake) [Disabled | Stopped] -- C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2011/07/20 03:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011/05/25 12:06:20 | 000,037,664 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/12/28 16:25:40 | 000,036,864 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Belkin\F7D4101\V1\wlansrv.exe -- (WLANBelkinService)
SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/11/09 16:44:08 | 000,184,320 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe -- (MaxBackServiceInt)
SRV - [2005/11/09 15:40:32 | 000,110,592 | ---- | M] ( ) [Auto | Running] -- C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe -- (NTService1)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbfake.sys -- (hwusbfake)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ewfiltertdidriver.sys -- (filtertdidriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2014/11/21 05:39:10 | 001,636,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20141120.039\navex15.sys -- (NAVEX15)
DRV - [2014/11/21 05:39:10 | 000,095,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20141120.039\naveng.sys -- (NAVENG)
DRV - [2014/11/19 18:28:38 | 000,453,264 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20141121.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2014/10/03 19:19:32 | 001,138,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20141118.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2014/09/08 21:09:46 | 000,378,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2014/09/08 21:09:46 | 000,111,408 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/08/26 02:20:22 | 000,664,792 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\srtsp.sys -- (SRTSP)
DRV - [2014/08/26 02:20:22 | 000,032,984 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\srtspx.sys -- (SRTSPX)
DRV - [2014/08/06 19:48:16 | 000,209,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\ironx86.sys -- (SymIRON)
DRV - [2014/04/01 06:14:56 | 000,142,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2014/03/04 04:18:12 | 000,936,152 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\symefa.sys -- (SymEFA)
DRV - [2014/02/18 01:32:41 | 000,423,256 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\symtdi.sys -- (SYMTDI)
DRV - [2013/09/26 02:50:25 | 000,127,064 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\ccsetx86.sys -- (ccSet_N360)
DRV - [2013/09/10 02:47:26 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\symds.sys -- (SymDS)
DRV - [2012/04/08 14:18:34 | 000,038,976 | ---- | M] (microOLAP Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pssdk42.sys -- (PSSDK42)
DRV - [2012/04/08 14:18:33 | 000,053,312 | ---- | M] (microOLAP Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pssdklbf.sys -- (PSSDKLBF)
DRV - [2012/01/10 10:07:36 | 000,179,200 | R--- | M] (Dexetek ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DxVGrb.sys -- (DxVGrb)
DRV - [2011/04/13 13:56:34 | 000,057,144 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\25973\RapportCerberus_25973.sys -- (RapportCerberus_25973)
DRV - [2011/04/08 08:17:38 | 000,066,360 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2011/04/08 08:17:38 | 000,053,816 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2011/04/08 08:17:36 | 000,158,904 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2010/10/20 12:24:22 | 000,302,720 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0700Afx.sys -- (V0700Afx)
DRV - [2010/10/17 23:00:00 | 000,322,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0700Vid.sys -- (V0700Vid)
DRV - [2010/08/31 09:28:56 | 000,147,040 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2009/11/06 07:26:36 | 000,642,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwlhigh5.sys -- (BCMH43XX)
DRV - [2009/10/02 08:59:16 | 000,489,952 | ---- | M] (ITETech                  ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2008/04/13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2006/07/11 13:38:30 | 000,020,480 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/07/11 13:38:28 | 000,057,856 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/03/17 09:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005/04/06 13:05:24 | 000,015,360 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2004/08/13 02:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.msn.com/?p...97&ocid=UP97DHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 55 66 AE 52 3C CE 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.startup.homepage: "http://uk.msn.com/?p....google.co.uk/"
FF - prefs.js..extensions.enabledAddons: 2020Player_IKEA%402020Technologies.com:5.0.94.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1
FF - prefs.js..keyword.URL: "http://www.bing.com/...7DF&PC=UP97&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@xunlei.com/DapCtrl: C:\Program Files\Fichiers communs\Thunder Network\KanKan\npDapCtrl.2.3.7201.375.(310).dll (ShenZhen Thunder Networking Technologies Ltd.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012/04/13 13:14:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/11/23 08:56:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2011/05/09 09:05:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sarl York Edward\Application Data\Mozilla\Extensions
[2011/05/09 09:05:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sarl York Edward\Application Data\Mozilla\Extensions\[email protected]
[2014/08/09 15:30:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sarl York Edward\Application Data\Mozilla\Firefox\Profiles\a9pd4jm0.default-1378115927906\extensions
[2014/08/09 15:30:02 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Documents and Settings\Sarl York Edward\Application Data\Mozilla\Firefox\Profiles\a9pd4jm0.default-1378115927906\extensions\[email protected]
[2014/05/16 05:47:00 | 000,006,057 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Application Data\Mozilla\Firefox\Profiles\a9pd4jm0.default-1378115927906\searchplugins\bingp.xml
[2014/11/11 10:11:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/11/11 10:12:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2013/04/07 10:19:18 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\21.6.0.32\ips\ipsbho.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\Utils\OneTouch.exe (Maxtor Corporation)
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1296281020859 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2A16B10F-0DC3-4FF8-8757-BC0178BABDFF}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{304248DE-D864-4DA2-BC1F-37647F12762F}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{434BAE2E-E7AE-4FDF-AED9-92FF05DFE4D4}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{589E56EB-0645-46EB-8220-C47F606F3023}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CAE209F7-72D9-4EBD-9ECC-667C5384A88C}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll ()
O18 - Protocol\Handler\haufereader - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Sarl York Edward\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sarl York Edward\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/07/21 08:26:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/11/23 11:00:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sarl York Edward\Bureau\OTL.exe
[2014/11/11 10:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
 
========== Files - Modified Within 30 Days ==========
 
[2014/11/23 11:54:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sarl York Edward\Bureau\OTL.exe
[2014/11/23 10:23:11 | 000,000,875 | ---- | M] () -- C:\windows\BRWMARK.INI
[2014/11/23 10:22:15 | 000,001,002 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/11/23 10:13:09 | 000,545,360 | ---- | M] () -- C:\windows\System32\perfh00C.dat
[2014/11/23 10:13:09 | 000,475,510 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2014/11/23 10:13:09 | 000,091,660 | ---- | M] () -- C:\windows\System32\perfc00C.dat
[2014/11/23 10:13:09 | 000,077,202 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2014/11/23 08:54:42 | 000,000,244 | ---- | M] () -- C:\windows\tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
[2014/11/23 08:54:38 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2014/11/22 17:14:39 | 000,113,664 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/11/19 13:25:38 | 000,002,575 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Bureau\Microsoft Office Word 2007.lnk
[2014/11/18 11:47:30 | 000,002,529 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Bureau\Microsoft Office Excel 2007.lnk
[2014/11/17 12:37:03 | 000,012,598 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2014/11/14 18:11:18 | 004,065,015 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\PIIEYorkLimited.pdf
[2014/11/14 18:10:01 | 004,065,926 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\Télécopie pleine page.pdf
[2014/11/09 14:37:08 | 000,000,102 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\Dry Beds Now.cue
[2014/11/09 14:31:26 | 034,892,801 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\Dry Beds Now.mp3
[2014/11/08 15:00:00 | 000,000,238 | ---- | M] () -- C:\windows\tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job
[2014/11/07 14:34:55 | 017,445,872 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\DryBedsNow.mp3
[2014/11/06 11:09:06 | 000,263,229 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\R5N7UV-BoardingPass.pdf
[2014/11/05 14:38:01 | 000,000,284 | ---- | M] () -- C:\windows\tasks\AppleSoftwareUpdate.job
 
========== Files Created - No Company Name ==========
 
[2014/11/14 18:11:17 | 004,065,015 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\PIIEYorkLimited.pdf
[2014/11/14 18:09:53 | 004,065,926 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\Télécopie pleine page.pdf
[2014/11/09 14:37:08 | 000,000,102 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\Dry Beds Now.cue
[2014/11/09 14:30:09 | 034,892,801 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\Dry Beds Now.mp3
[2014/11/07 14:34:54 | 017,445,872 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\DryBedsNow.mp3
[2014/11/06 11:09:06 | 000,263,229 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\R5N7UV-BoardingPass.pdf
[2014/09/15 15:21:43 | 000,000,000 | -H-- | C] () -- C:\windows\uccspecc.sys
[2014/03/26 12:56:32 | 000,000,538 | ---- | C] () -- C:\windows\ODBC.INI
[2012/04/14 15:21:23 | 002,082,478 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3763518644-895795467-4165139698-1006-0.dat
[2012/04/14 15:21:21 | 000,190,078 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/05/01 18:00:51 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Application Data\CoreAVC.ini
[2008/09/17 07:13:40 | 000,001,514 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Application Data\SAS7_000.DAT
[2008/01/30 11:18:03 | 000,000,040 | --S- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2007/12/24 16:40:20 | 000,122,030 | R--- | C] () -- C:\Documents and Settings\Sarl York Edward\Backup Status
[2007/12/19 11:17:35 | 000,113,664 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2011/04/30 14:21:43 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 02:33:41 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 10:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 02:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2014/01/26 19:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DatacardService
[2009/03/07 13:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2012/04/13 13:16:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freemake
[2008/06/11 13:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fssg
[2012/04/08 13:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc
[2011/04/30 14:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Haufe
[2013/12/22 12:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leapfrog
[2011/04/30 14:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lexware
[2007/12/19 08:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor
[2011/09/16 11:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\mquadr.at
[2008/09/16 15:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2010/05/28 17:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2014/03/26 13:36:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sage
[2008/09/18 09:35:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2008/01/30 11:19:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2014/09/29 10:51:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/01/29 15:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TerraTec
[2012/01/07 15:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Thunder Network
[2011/07/21 11:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\tmp
[2011/04/02 04:58:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2011/02/12 15:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/12/05 18:30:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{D423354A-E70D-49AC-B74E-9DB73BB8ACA3}
[2014/10/01 12:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\avidemux
[2011/12/03 13:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\co.uk.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2007/12/17 10:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\F-Secure
[2011/05/09 09:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Haufe Mediengruppe
[2014/01/29 10:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\HMRC
[2013/04/14 07:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\ImgBurn
[2011/04/30 14:37:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Lexware
[2013/02/11 15:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\LiveCAD3
[2012/08/19 06:16:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Notepad++
[2008/09/16 15:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Nuance
[2011/09/21 10:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Orange
[2013/08/04 06:16:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\pdfforge
[2007/12/20 16:16:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\ScanSoft
[2011/09/21 10:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Schnellstart-DVD
[2014/02/27 10:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\TeamViewer
[2011/08/02 11:18:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Telekom
[2011/08/02 11:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Telekom Internet Manager
[2011/01/29 15:04:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\TerraTec
[2012/02/11 07:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Tific
[2011/04/02 04:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Trusteer
 
========== Purity Check ==========
 
 

< End of report >
 


  • 0

Advertisements

#2
zep516
Posted 23 November 2014 - 01:02 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

Yes please post the Extra's .txt log.

Then and make sure you download FRST TO THE DESKTOP.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Thanks
Joe :)
  • 0

#3
RedSuedePump
Posted 24 November 2014 - 03:45 AM

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 260 posts

Hi Joe,

 

Thanks for the reply.

 

First of all, the OTL Extras file is as follows:

 

OTL Extras logfile created on: 23/11/2014 11:01:40 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Sarl York Edward\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: Royaume-Uni | Language: ENG | Date Format: dd/MM/yyyy
 
2.00 Gb Total Physical Memory | 1.42 Gb Available Physical Memory | 71.13% Memory free
3.85 Gb Paging File | 3.48 Gb Available in Paging File | 90.41% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 94.61 Gb Free Space | 63.48% Space Free | Partition Type: NTFS
Drive E: | 14.43 Gb Total Space | 9.70 Gb Free Space | 67.23% Space Free | Partition Type: FAT32
Drive F: | 14.43 Gb Total Space | 12.41 Gb Free Space | 86.00% Space Free | Partition Type: FAT32
 
Computer Name: WILLIAMWOTTENGE | User Name: Sarl York Edward | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"9997:TCP" = 9997:TCP:*:Disabled:hyjli
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe" = C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe:*:Enabled:LeapFrog Connect -- (LeapFrog Enterprises, Inc.)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify AB)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Fichiers communs\Thunder Network\DS\Ver1\1.0.2.95\ThunderService.exe" = C:\Program Files\Fichiers communs\Thunder Network\DS\Ver1\1.0.2.95\ThunderService.exe:*:Enabled:ThunderService1.0.2.95 -- (ShenZhen Xunlei Networking Technologies,LTD)
"C:\Program Files\Fichiers communs\Thunder Network\DS\Ver1\1.0.2.95\ThunderLiveUD.exe" = C:\Program Files\Fichiers communs\Thunder Network\DS\Ver1\1.0.2.95\ThunderLiveUD.exe:*:Enabled:ThunderLiveUD1.0.2.95 -- (ShenZhen Xunlei Networking Technologies,LTD)
"C:\Program Files\Fichiers communs\Thunder Network\DS\Ver1\1.0.2.95\XLBugReport.exe" = C:\Program Files\Fichiers communs\Thunder Network\DS\Ver1\1.0.2.95\XLBugReport.exe:*:Enabled:XLBugReport1.0.2.95 -- (ShenZhen Xunlei Networking Technologies,LTD)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\TerraTec\TerraTec Home Cinema\InstTool.exe" = C:\Program Files\TerraTec\TerraTec Home Cinema\InstTool.exe:*:Enabled:TerraTec Home Cinema Basic (Setup) -- (TerraTec Electronic GmbH)
"C:\Program Files\TerraTec\TerraTec Home Cinema\CinergyDvr.exe" = C:\Program Files\TerraTec\TerraTec Home Cinema\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema Basic -- (TerraTec Electronic GmbH)
"C:\Program Files\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe" = C:\Program Files\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe:*:Enabled:TerraTec Home Cinema Basic (Auto Update) -- (TerraTec Electronic GmbH)
"C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe" = C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe:*:Enabled:LeapFrog Connect -- (LeapFrog Enterprises, Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0F32914F-A633-4516-B531-7084C8F19F93}" = Haufe iDesk-Browser
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 21
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{27F10580-E040-11DF-8C28-005056B12123}" = Haufe iDesk-Service
"{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}" = PaperPort Image Printer
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F7924B9-D148-3141-87B1-68F36043A940}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
"{45ECE61A-C8EE-4847-852C-6E8A8192D424}" = Accounts
"{4A5A427F-BA39-4BF0-9A47-9999FBE60C9F}" = Visual C++ Runtime for Dragon NaturallySpeaking
"{4D21F997-85AD-42D2-986F-D91C4836438D}" = Accounts
"{511DF669-2930-30C0-8EB6-552887E29EC8}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA
"{52DD1288-FA17-4062-8280-532C89A7E2F2}" = QuickSteuer 2014
"{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}" = Microsoft .NET Framework 3.5 Language Pack - fra
"{60EEB642-E9E0-45A2-A676-B9D8FE17C4A9}" = Maxtor OneTouch III
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{6A49E82E-EA41-4D70-B805-EFEC3AD5FF8E}" = Accountants' Dataset Manager
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7061F715-D782-4120-A034-2B4B4F28CC1D}" = Accounts
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85BF9FDB-BD5B-407C-9CAE-3542E5164783}" = Lexware Info Service
"{88E62BD7-A532-48F6-8428-D949BB93A2D7}" = Play Wireless USB Adapter
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A0C34E5-01A6-476B-87F3-321ABAA3948D}" = LeapFrog Connect
"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (French) 12
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{939FF87B-4ADE-4CB3-A363-153984CD4A49}" = QuickSteuer Wissens-Center 2011
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C3F9580-F5CF-4288-894E-9FF0EB24A21C}" = Maxtor Backup
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5ADE061-1F47-11D3-85DE-0090271BEEEA}" = VBA (2816b)
"{A7D849DD-D940-4ECF-ABF2-2022C60F85C9}" = LeapFrog LeapPad Explorer Plugin
"{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.1
"{B6C89654-A6A2-477C-873B-724EC1C56407}" = ScanSoft PaperPort 11
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C83FB11D-9EC6-49D7-99A7-DDDB2264883C}" = Brother MFL-Pro Suite
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D18E9DB2-AC98-4399-8878-C1059403144D}" = Iminent
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EFC6C877-6E77-4E3B-B350-DF4F35D66B51}" = Accounts
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{FC9D0B7B-5D95-411B-B14D-CD074E5CCA4A}" = Accounts
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Avidemux 2.6" = Avidemux 2.6 (32-bit)
"Basic PAYE Tools - Real Time Information" = Basic PAYE Tools
"CDex" = CDex extraction audio
"Cinergy T Stick MKII" = Cinergy T Stick MKII V9.06.3.01
"Coupon Printer2.2.0.9" = Coupon Printer
"Creative Live! Central 2" = Creative Live! Central 3
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative VF0700" = Creative Live! Cam Chat HD (VF0700) (1.00.05.00)
"DVDFab HD Decrypter 4_is1" = DVDFab HD Decrypter 4.0.6.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"InstallShield_{45ECE61A-C8EE-4847-852C-6E8A8192D424}" = Sage 50 Accounts 2013
"InstallShield_{4D21F997-85AD-42D2-986F-D91C4836438D}" = Sage 50 Accounts 2011
"InstallShield_{60EEB642-E9E0-45A2-A676-B9D8FE17C4A9}" = Maxtor OneTouch III
"InstallShield_{6A49E82E-EA41-4D70-B805-EFEC3AD5FF8E}" = Accountants' Dataset Manager
"InstallShield_{7061F715-D782-4120-A034-2B4B4F28CC1D}" = Sage 50 Accounts 2010
"InstallShield_{88E62BD7-A532-48F6-8428-D949BB93A2D7}" = Play Wireless USB Adapter
"InstallShield_{9C3F9580-F5CF-4288-894E-9FF0EB24A21C}" = Maxtor Backup
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{EFC6C877-6E77-4E3B-B350-DF4F35D66B51}" = Sage 50 Accounts 2012
"InstallShield_{FC9D0B7B-5D95-411B-B14D-CD074E5CCA4A}" = Sage 50 Accounts 2009
"LeapPadExplorerPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack - fra" = Module linguistique Microsoft .NET Framework 3.5 - fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 33.1 (x86 en-US)" = Mozilla Firefox 33.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"N360" = Norton 360
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"Rapport_msi" = Rapport
"SysInfo" = Creative System Information
"UPCShell" = LeapFrog Connect
"VID_1D19&PID_6109&MI_00" = Conexant Polaris Unused CIR Function
"VID_1D19&PID_6109&MI_01" = Video Grabber
"VLC media player" = VLC media player 2.1.3
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 21/11/2014 07:02:33 | Computer Name = WILLIAMWOTTENGE | Source = Application Error | ID = 1000
Description = Application défaillante wuauclt.exe, version 7.6.7600.256, module
défaillant esent.dll, version 5.1.2600.5512, adresse de défaillance 0x0001f916.
 
Error - 21/11/2014 07:08:19 | Computer Name = WILLIAMWOTTENGE | Source = ESENT | ID = 474
Description = wuauclt (772) La lecture de pages de base de données à partir du fichier
 "C:\windows\SoftwareDistribution\DataStore\DataStore.edb" à l'adresse relative
44695552 (0x0000000002aa0000) de 4096 (0x00001000) octets a échoué lors de la vérification
 en raison d'une non-concordance des totaux de contrôle. Le total de contrôle attendu
 était 2889233711 (0xac36352f) tandis que le total de contrôle réel était 2889250095
 (0xac36752f). L'opération de lecture échouera en indiquant l'erreur -1018 (0xfffffc06).
 Si le problème persiste, restaurez la base de données à partir d'une version de
 sauvegarde antérieure.
 
Error - 21/11/2014 07:09:03 | Computer Name = WILLIAMWOTTENGE | Source = ESENT | ID = 474
Description = wuauclt (772) La lecture de pages de base de données à partir du fichier
 "C:\windows\SoftwareDistribution\DataStore\DataStore.edb" à l'adresse relative
58318848 (0x000000000379e000) de 4096 (0x00001000) octets a échoué lors de la vérification
 en raison d'une non-concordance des totaux de contrôle. Le total de contrôle attendu
 était 1031954846 (0x3d82619e) tandis que le total de contrôle réel était 1031938462
 (0x3d82219e). L'opération de lecture échouera en indiquant l'erreur -1018 (0xfffffc06).
 Si le problème persiste, restaurez la base de données à partir d'une version de
 sauvegarde antérieure.
 
Error - 21/11/2014 08:46:28 | Computer Name = WILLIAMWOTTENGE | Source = Application Error | ID = 1000
Description = Application défaillante n360.exe, version 12.11.4.4, module défaillant
 ntdll.dll, version 5.1.2600.6055, adresse de défaillance 0x00029f07.
 
Error - 21/11/2014 09:23:20 | Computer Name = WILLIAMWOTTENGE | Source = Application Error | ID = 1000
Description = Application défaillante n360.exe, version 12.11.4.4, module défaillant
 isdatapr.dll, version 21.6.0.32, adresse de défaillance 0x000383b1.
 
Error - 22/11/2014 09:04:01 | Computer Name = WILLIAMWOTTENGE | Source = Application Error | ID = 1000
Description = Application défaillante plugin-container.exe, version 33.1.0.5423,
 module défaillant mozalloc.dll, version 33.1.0.5423, adresse de défaillance 0x00001425.
 
Error - 22/11/2014 09:04:06 | Computer Name = WILLIAMWOTTENGE | Source = Application Error | ID = 1001
Description = Détecteur d'erreurs 633022389.
 
Error - 22/11/2014 15:31:04 | Computer Name = WILLIAMWOTTENGE | Source = Application Error | ID = 1000
Description = Application défaillante n360.exe, version 12.11.4.4, module défaillant
 ntdll.dll, version 5.1.2600.6055, adresse de défaillance 0x00011689.
 
Error - 22/11/2014 16:09:18 | Computer Name = WILLIAMWOTTENGE | Source = Application Error | ID = 1001
Description = Détecteur d'erreurs 531247906.
 
Error - 23/11/2014 06:03:05 | Computer Name = WILLIAMWOTTENGE | Source = Application Error | ID = 1000
Description = Application défaillante svchost.exe, version 5.1.2600.5512, module
 défaillant wuaueng.dll, version 7.6.7600.256, adresse de défaillance 0x000ddecc.
 
[ OSession Events ]
Error - 14/03/2008 12:05:51 | Computer Name = SARL_YORK_ED | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 12
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 21/11/2014 08:51:31 | Computer Name = WILLIAMWOTTENGE | Source = Service Control Manager | ID = 7031
Description = Le service Norton 360 s'est terminé de manière inattendue. Ceci s'est
 produit 1 fois. L'action corrective suivante va être effectuée dans 120000 millisecondes :
 Redémarrer le service.
 
Error - 21/11/2014 09:21:09 | Computer Name = WILLIAMWOTTENGE | Source = System Error | ID = 1003
Description = Code erreur 00000024, paramètre 1 001902fe, paramètre 2 b35783f0,
paramètre 3 b35780ec, paramètre 4 b7d3c1f3.
 
Error - 21/11/2014 09:24:16 | Computer Name = WILLIAMWOTTENGE | Source = Service Control Manager | ID = 7022
Description = Le service Automatic Updates est en attente de démarrage.
 
Error - 21/11/2014 09:24:16 | Computer Name = WILLIAMWOTTENGE | Source = Service Control Manager | ID = 7031
Description = Le service Norton 360 s'est terminé de manière inattendue. Ceci s'est
 produit 1 fois. L'action corrective suivante va être effectuée dans 120000 millisecondes :
 Redémarrer le service.
 
Error - 21/11/2014 09:27:19 | Computer Name = WILLIAMWOTTENGE | Source = Service Control Manager | ID = 7031
Description = Le service Norton 360 s'est terminé de manière inattendue. Ceci s'est
 produit 2 fois. L'action corrective suivante va être effectuée dans 120000 millisecondes :
 Redémarrer le service.
 
Error - 21/11/2014 09:30:22 | Computer Name = WILLIAMWOTTENGE | Source = Service Control Manager | ID = 7034
Description = Le service Norton 360 s'est terminé de façon inattendue pour la 3ème
 fois.
 
Error - 22/11/2014 09:22:20 | Computer Name = WILLIAMWOTTENGE | Source = Service Control Manager | ID = 7031
Description = Le service Norton 360 s'est terminé de manière inattendue. Ceci s'est
 produit 1 fois. L'action corrective suivante va être effectuée dans 120000 millisecondes :
 Redémarrer le service.
 
Error - 23/11/2014 04:55:22 | Computer Name = WILLIAMWOTTENGE | Source = DCOM | ID = 10010
Description = Le serveur {4C785741-7F95-4309-B372-41BF7CD4804C} ne s'est pas enregistré
 sur DCOM avant la fin du temps imparti.
 
Error - 23/11/2014 06:08:38 | Computer Name = WILLIAMWOTTENGE | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
 sur DCOM avant la fin du temps imparti.
 
Error - 23/11/2014 06:22:50 | Computer Name = WILLIAMWOTTENGE | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
stisvc à une transaction.
 
 
< End of report >
 

The FRST report (run on 64) is as follows:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2014
Ran by Sarl York Edward (administrator) on WILLIAMWOTTENGE on 24-11-2014 09:35:34
Running from C:\Documents and Settings\Sarl York Edward\Bureau
Loaded Profile: Sarl York Edward (Available profiles: Sarl York Edward)
Platform: Microsoft Windows XP Édition familiale Service Pack 3 (X86) OS Language: Français (France)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Coupons.com Inc.) C:\Program Files\Coupon Printer\CouponPrinterService.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\21.6.0.32\n360.exe
( ) C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft) C:\Program Files\Fichiers communs\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\21.6.0.32\n360.exe
(Sage (UK) Limited) C:\Program Files\Fichiers communs\Sage SData\Sage.SData.Service.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Maxtor Corporation) C:\Program Files\Maxtor\OneTouch\Utils\OneTouch.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Lexware\Update Manager\LxUpdateManager.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Fichiers communs\Lexware\LxWebAccess\LxWebAccess.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PPort11reminder] => C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [255528 2007-02-01] (Nuance Communications, Inc.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [868352 2006-12-18] (Analog Devices, Inc.)
HKLM\...\Run: [MaxtorOneTouch] => C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe [634880 2005-11-09] (Maxtor Corporation)
HKLM\...\Run: [Monitor] => C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe [118272 2014-07-11] (LeapFrog Enterprises, Inc.)
HKLM\...\Run: [LexwareInfoService] => C:\Program Files\Lexware\Update Manager\LxUpdateManager.exe [208424 2013-10-08] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [UpdatePDRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2011-02-01] (CyberLink Corp.)
HKLM\...\Run: [UserFaultCheck] => %systemroot%\system32\dumprep 0 -u
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-19\...\Policies\Explorer: [NofolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NofolderOptions] 0
HKU\S-1-5-21-3763518644-895795467-4165139698-1006\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\windows\System32\cscui.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton 360\Engine\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton 360\Engine\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton 360\Engine\21.6.0.32\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...r/fix_homepage/
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...r/fix_homepage/
HKU\S-1-5-21-3763518644-895795467-4165139698-1006\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-3763518644-895795467-4165139698-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x505566AE523CCE01
HKU\S-1-5-21-3763518644-895795467-4165139698-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.msn.com/?p...97&ocid=UP97DHP
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.google.com" <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3763518644-895795467-4165139698-1006\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing.
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
Toolbar: HKU\S-1-5-21-3763518644-895795467-4165139698-1006 -> &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1296281020859
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
Handler: haufereader - No CLSID Value -
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Sarl York Edward\Application Data\Mozilla\Firefox\Profiles\a9pd4jm0.default-1378115927906
FF SearchEngineOrder.3: Bing
FF Homepage: hxxp://uk.msn.com/?pc=UP97&ocid=UP97DHP|hxxp://www.google.co.uk/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @xunlei.com/DapCtrl -> C:\Program Files\Fichiers communs\Thunder Network\KanKan\npDapCtrl.2.3.7201.375.(310).dll (ShenZhen Thunder Networking Technologies Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Documents and Settings\Sarl York Edward\Application Data\Mozilla\Firefox\Profiles\a9pd4jm0.default-1378115927906\searchplugins\bingp.xml
FF Extension: 20-20 3D Viewer - IKEA - C:\Documents and Settings\Sarl York Edward\Application Data\Mozilla\Firefox\Profiles\a9pd4jm0.default-1378115927906\Extensions\[email protected] [2014-08-09]
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2011-04-30]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-09-21]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2012-04-13]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-11-24]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2012-04-13]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-09-23]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664 2011-05-25] (Apple Inc.)
R2 CouponPrinterService; C:\Program Files\Coupon Printer\CouponPrinterService.exe [153072 2014-09-05] (Coupons.com Inc.)
S4 Freemake Improver; C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [96768 2012-04-02] (Freemake) [File not signed]
S3 IDriverT; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S4 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2011-04-30] (Sun Microsystems, Inc.)
R2 LeapFrog Connect Device Service; C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe [7241728 2014-07-11] (LeapFrog Enterprises, Inc.) [File not signed]
S4 MaxBackServiceInt; C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe [184320 2005-11-09] () [File not signed]
R2 N360; C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
R2 NTService1; C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe [110592 2005-11-09] ( ) [File not signed]
S4 NVSvc; C:\windows\system32\nvsvc32.exe [172100 2009-09-27] (NVIDIA Corporation) [File not signed]
S3 odserv; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S4 ose; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [247152 2010-08-19] ()
R2 Sage AutoUpdate Manager Service; C:\Program Files\Fichiers communs\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe [8192 2012-07-05] (Microsoft) [File not signed]
R2 Sage SData Service; C:\Program Files\Fichiers communs\Sage SData\Sage.SData.Service.exe [53248 2012-05-17] (Sage (UK) Limited) [File not signed]
S4 WLANBelkinService; C:\Program Files\Belkin\F7D4101\V1\wlansrv.exe [36864 2009-12-28] () [File not signed]
S4 DCService.exe; C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe [X]
S4 NMIndexingService; "C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF15BDA; C:\windows\System32\DRIVERS\AF15BDA.sys [489952 2009-10-02] (ITETech                  )
R3 BCMH43XX; C:\windows\System32\DRIVERS\bcmwlhigh5.sys [642432 2009-11-06] (Broadcom Corporation)
R1 BHDrvx86; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20141118.001\BHDrvx86.sys [1138392 2014-10-03] (Symantec Corporation)
S3 BrScnUsb; C:\windows\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.)
S3 CCDECODE; C:\windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 ccSet_N360; C:\windows\system32\drivers\N360\1506000.020\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation)
S3 DxVGrb; C:\windows\System32\drivers\DxVGrb.sys [179200 2012-01-10] (Dexetek )
R1 eeCtrl; C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys [378672 2014-09-08] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [111408 2014-09-08] (Symantec Corporation)
R3 IDSxpx86; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20141121.001\IDSxpx86.sys [453264 2014-11-19] (Symantec Corporation)
S3 MPE; C:\windows\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
R3 MTsensor; C:\windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 MXOPSWD; C:\windows\System32\DRIVERS\mxopswd.sys [15360 2005-04-06] (Maxtor Corp.)
R3 NAVENG; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20141120.039\NAVENG.SYS [95704 2014-11-21] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20141120.039\NAVEX15.SYS [1636696 2014-11-21] (Symantec Corporation)
S3 NdisIP; C:\windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NVENETFD; C:\windows\System32\DRIVERS\NVENETFD.sys [57856 2006-07-11] (NVIDIA Corporation)
R3 nvnetbus; C:\windows\System32\DRIVERS\nvnetbus.sys [20480 2006-07-11] (NVIDIA Corporation)
R1 PSSDK42; C:\WINDOWS\system32\Drivers\pssdk42.sys [38976 2012-04-08] (microOLAP Technologies LTD)
R1 PSSDKLBF; C:\WINDOWS\system32\Drivers\pssdklbf.sys [53312 2012-04-08] (microOLAP Technologies LTD)
R1 RapportCerberus_25973; C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\25973\RapportCerberus_25973.sys [57144 2011-04-13] (Trusteer Ltd.)
R3 SenFiltService; C:\windows\System32\drivers\Senfilt.sys [392960 2006-03-17] (Sensaura)
R3 SRTSP; C:\windows\System32\Drivers\N360\1506000.020\SRTSP.SYS [664792 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\windows\system32\drivers\N360\1506000.020\SRTSPX.SYS [32984 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\windows\System32\drivers\N360\1506000.020\SYMDS.SYS [367704 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\windows\System32\drivers\N360\1506000.020\SYMEFA.SYS [936152 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT.SYS [142936 2014-04-01] (Symantec Corporation)
R1 SymIRON; C:\windows\system32\drivers\N360\1506000.020\Ironx86.SYS [209624 2014-08-06] (Symantec Corporation)
R1 SYMTDI; C:\windows\System32\Drivers\N360\1506000.020\SYMTDI.SYS [423256 2014-02-18] (Symantec Corporation)
R3 V0700Afx; C:\windows\System32\DRIVERS\V0700Afx.sys [302720 2010-10-20] (Creative Technology Ltd.)
R3 V0700Vid; C:\windows\System32\DRIVERS\V0700Vid.sys [322304 2010-10-17] (Creative Technology Ltd.)
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 filtertdidriver; system32\drivers\ewfiltertdidriver.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr; No ImagePath
U2 wuaserv; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-24 09:35 - 2014-11-24 09:37 - 00019404 _____ () C:\Documents and Settings\Sarl York Edward\Bureau\FRST.txt
2014-11-24 09:35 - 2014-11-24 09:35 - 00000000 ____D () C:\FRST
2014-11-24 08:14 - 2014-11-24 08:14 - 01110016 _____ (Farbar) C:\Documents and Settings\Sarl York Edward\Bureau\FRST.exe
2014-11-23 11:38 - 2014-11-23 11:38 - 00000000 ___HD () C:\Documents and Settings\Sarl York Edward\Mes documents\Freemake_do_not_remove_this_folder635523395355132500
2014-11-23 11:09 - 2014-11-23 11:09 - 00054146 _____ () C:\Documents and Settings\Sarl York Edward\Bureau\Extras.Txt
2014-11-23 11:08 - 2014-11-23 11:08 - 00083036 _____ () C:\Documents and Settings\Sarl York Edward\Bureau\OTL.Txt
2014-11-23 11:00 - 2014-11-23 11:54 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Sarl York Edward\Bureau\OTL.exe
2014-11-21 13:20 - 2014-11-21 13:20 - 00094208 _____ () C:\windows\Minidump\Mini112114-01.dmp
2014-11-18 13:02 - 2014-11-18 13:01 - 00094208 _____ () C:\windows\Minidump\Mini111814-04.dmp
2014-11-18 11:39 - 2014-11-18 11:39 - 00094208 _____ () C:\windows\Minidump\Mini111814-03.dmp
2014-11-18 11:38 - 2014-11-18 11:38 - 00094208 _____ () C:\windows\Minidump\Mini111814-02.dmp
2014-11-18 08:09 - 2014-11-18 08:09 - 00094208 _____ () C:\windows\Minidump\Mini111814-01.dmp
2014-11-15 09:17 - 2014-11-15 09:16 - 00094208 _____ () C:\windows\Minidump\Mini111514-01.dmp
2014-11-11 10:11 - 2014-11-11 10:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-09 14:37 - 2014-11-09 14:37 - 00000102 _____ () C:\Documents and Settings\Sarl York Edward\Mes documents\Dry Beds Now.cue

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-24 09:37 - 2012-08-19 06:37 - 00000000 ____D () C:\Documents and Settings\Sarl York Edward\Local Settings\temp
2014-11-24 09:35 - 2007-12-07 09:55 - 00000000 ____D () C:\Documents and Settings\Sarl York Edward\Bureau
2014-11-24 09:34 - 2012-07-23 19:13 - 01720380 _____ () C:\windows\WindowsUpdate.log
2014-11-24 09:33 - 2014-03-22 06:53 - 00000244 _____ () C:\windows\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
2014-11-24 09:33 - 2007-07-21 10:14 - 00000159 _____ () C:\windows\wiadebug.log
2014-11-24 09:33 - 2007-07-21 10:14 - 00000050 _____ () C:\windows\wiaservc.log
2014-11-24 09:33 - 2007-07-21 08:47 - 00032546 _____ () C:\windows\SchedLgU.Txt
2014-11-24 09:33 - 2007-07-21 08:47 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-24 08:18 - 2007-12-17 10:32 - 00000875 _____ () C:\windows\BRWMARK.INI
2014-11-24 08:11 - 2007-07-21 10:12 - 01205944 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-24 08:10 - 2012-08-18 06:11 - 00626538 _____ () C:\windows\setupapi.log
2014-11-23 19:22 - 2012-03-31 06:38 - 00001002 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-23 15:51 - 2014-10-11 09:55 - 00000000 ____D () C:\Documents and Settings\Sarl York Edward\Bureau\11102014
2014-11-23 15:51 - 2007-12-19 11:17 - 00115200 _____ () C:\Documents and Settings\Sarl York Edward\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-23 14:20 - 2013-08-04 08:29 - 00000000 ____D () C:\Documents and Settings\Sarl York Edward\Mes documents\Sophia
2014-11-23 12:55 - 2013-10-12 11:28 - 00000000 ____D () C:\Documents and Settings\Sarl York Edward\Mes documents\Sophia Homework
2014-11-23 12:42 - 2012-09-29 06:36 - 00000000 ____D () C:\Documents and Settings\Sarl York Edward\Application Data\avidemux
2014-11-23 12:42 - 2012-04-08 14:03 - 00000000 ____D () C:\Documents and Settings\Sarl York Edward\Application Data\vlc
2014-11-23 12:25 - 2014-07-28 15:45 - 00000451 _____ () C:\windows\TT_VTX.log
2014-11-23 10:23 - 2014-10-20 11:55 - 00000000 ____D () C:\Documents and Settings\Sarl York Edward\Bureau\Refurb files
2014-11-22 15:22 - 2007-12-07 09:55 - 00000000 ____D () C:\Documents and Settings\Sarl York Edward
2014-11-21 14:07 - 2014-03-26 13:00 - 00000000 ____D () C:\Program Files\Fichiers communs\Sage SData
2014-11-19 13:25 - 2007-12-17 11:14 - 00002575 _____ () C:\Documents and Settings\Sarl York Edward\Bureau\Microsoft Office Word 2007.lnk
2014-11-18 13:02 - 2008-01-05 13:39 - 00000000 ____D () C:\windows\Minidump
2014-11-18 11:47 - 2007-12-07 11:13 - 00002529 _____ () C:\Documents and Settings\Sarl York Edward\Bureau\Microsoft Office Excel 2007.lnk
2014-11-17 12:37 - 2004-08-05 12:00 - 00012598 _____ () C:\windows\system32\wpa.dbl
2014-11-14 10:46 - 2007-12-07 11:11 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-11-14 10:43 - 2013-08-15 12:05 - 00000000 ____D () C:\windows\system32\MRT
2014-11-14 10:40 - 2007-07-21 10:16 - 100445232 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-11-13 11:03 - 2013-04-01 07:05 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-09 15:06 - 2013-12-22 13:00 - 00018468 _____ () C:\windows\DPINST.LOG
2014-11-09 15:06 - 2013-12-22 13:00 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\LeapFrog Connect
2014-11-09 14:26 - 2007-12-07 09:55 - 00000184 __SHC () C:\Documents and Settings\Sarl York Edward\ntuser.ini
2014-11-08 15:00 - 2014-03-22 06:53 - 00000238 _____ () C:\windows\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job
2014-11-05 14:38 - 2011-02-12 15:45 - 00000284 _____ () C:\windows\Tasks\AppleSoftwareUpdate.job
2014-11-02 11:45 - 2014-10-08 15:52 - 00000000 ____D () C:\Documents and Settings\Sarl York Edward\Bureau\Copystick08102014

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

 

and here's the Addition file:

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-11-2014
Ran by Sarl York Edward at 2014-11-24 09:37:51
Running from C:\Documents and Settings\Sarl York Edward\Bureau
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Disabled - Up to date) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 (Disabled) {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Accountants' Dataset Manager (HKLM\...\InstallShield_{6A49E82E-EA41-4D70-B805-EFEC3AD5FF8E}) (Version: 2.00.0000 - Sage (UK) Ltd)
Accountants' Dataset Manager (Version: 2.00.0000 - Sage (UK) Ltd) Hidden
Accounts (Version: 15.0.11.159 - Sage (UK) Ltd) Hidden
Accounts (Version: 16.0.14.147 - Sage (UK) Ltd) Hidden
Accounts (Version: 17.0.12.196 - Sage (UK) Ltd) Hidden
Accounts (Version: 18.0.10.208 - Sage (UK) Ltd) Hidden
Accounts (Version: 19.0.11.260 - Sage (UK) Ltd) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.47.0 - Adobe Systems Incorporated)
Adobe Reader 8.3.1 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A83000000003}) (Version: 8.3.1 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{C23CD6DA-1958-43A5-ADD0-59396572E02E}) (Version: 3.4.1.2 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.0.8179 - )
Basic PAYE Tools (HKLM\...\Basic PAYE Tools - Real Time Information) (Version: 14.1.14168.197 - HM Revenue & Customs)
Brother MFL-Pro Suite (HKLM\...\{C83FB11D-9EC6-49D7-99A7-DDDB2264883C}) (Version: 1.00 - Brother Industries, Ltd.)
CDex extraction audio (HKLM\...\CDex) (Version:  - )
Cinergy T Stick MKII V9.06.3.01 (HKLM\...\Cinergy T Stick MKII) (Version: 9.06.3.01 - )
Conexant Polaris Unused CIR Function (HKLM\...\VID_1D19&PID_6109&MI_00) (Version: 1.0.0.0 - Conexant Systems)
ConvertHelper 2.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
Correctif pour Lecteur Windows Media 11 (KB939683) (HKLM\...\KB939683) (Version:  - Microsoft Corporation)
Correctif pour Windows Internet Explorer 7 (KB947864) (Version: 1 - Microsoft Corporation) Hidden
Correctif pour Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation)
Correctif pour Windows XP (KB2633952) (HKLM\...\KB2633952) (Version: 1 - Microsoft Corporation)
Correctif pour Windows XP (KB2756822) (HKLM\...\KB2756822) (Version: 1 - Microsoft Corporation)
Correctif pour Windows XP (KB2779562) (HKLM\...\KB2779562) (Version: 1 - Microsoft Corporation)
Correctif pour Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Correctif pour Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
Coupon Printer (HKLM\...\Coupon Printer2.2.0.9) (Version: 2.2.0.9 - Coupons.com Inc.)
Creative Live! Cam Chat HD (VF0700) (1.00.05.00) (HKLM\...\Creative VF0700) (Version:  - Creative Technology Ltd.)
Creative Live! Central 3 (HKLM\...\Creative Live! Central 2) (Version: 3.00.33 - Creative Technology Ltd)
Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
Creative System Information (HKLM\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3815b - CyberLink Corp.)
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version:  - )
DVDFab HD Decrypter 4.0.6.2 (HKLM\...\DVDFab HD Decrypter 4_is1) (Version:  - Fengtao Software Inc.)
Haufe iDesk-Browser (HKLM\...\{0F32914F-A633-4516-B531-7084C8F19F93}) (Version: 10.10.14.0000 - Haufe-Lexware GmbH & Co. KG)
Haufe iDesk-Service (HKLM\...\{27F10580-E040-11DF-8C28-005056B12123}) (Version: 10.10.25.7810 - Haufe)
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.1.0 - LIGHTNING UK!)
Iminent (Version: 5.26.21.0 - Iminent) Hidden <==== ATTENTION
iTunes (HKLM\...\{69995C7A-062A-4A90-A4DF-8C22895DF522}) (Version: 10.4.1.10 - Apple Inc.)
Java™ 6 Update 21 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.210 - Oracle)
LeapFrog Connect (HKLM\...\UPCShell) (Version: 6.0.19.19317 - LeapFrog)
LeapFrog Connect (Version: 6.0.19.19317 - LeapFrog) Hidden
LeapFrog LeapPad Explorer Plugin (Version: 6.0.19.19317 - LeapFrog) Hidden
Lecteur Windows Media 11 (HKLM\...\Windows Media Player) (Version:  - )
Lexware Info Service (HKLM\...\{85BF9FDB-BD5B-407C-9CAE-3542E5164783}) (Version: 4.00.00.0075 - Haufe-Lexware GmbH & Co.KG)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Maxtor Backup (HKLM\...\InstallShield_{9C3F9580-F5CF-4288-894E-9FF0EB24A21C}) (Version: 1.00.0011 - Maxtor)
Maxtor Backup (Version: 1.00.0011 - Maxtor) Hidden
Maxtor OneTouch III (HKLM\...\InstallShield_{60EEB642-E9E0-45A2-A676-B9D8FE17C4A9}) (Version: 3.00.0015 - Maxtor)
Maxtor OneTouch III (Version: 3.00.0015 - Maxtor) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA (HKLM\...\{3F7924B9-D148-3141-87B1-68F36043A940}) (Version: 2.1.21022 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA (HKLM\...\{511DF669-2930-30C0-8EB6-552887E29EC8}) (Version: 3.1.21022 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mise à jour de sécurité pour Lecteur Windows Media (KB2378111) (HKLM\...\KB2378111_WM9) (Version:  - Microsoft Corporation)
Mise à jour de sécurité pour Lecteur Windows Media (KB2834904) (HKLM\...\KB2834904_WM11) (Version:  - Microsoft Corporation)
Mise à jour de sécurité pour Lecteur Windows Media (KB2834904-v2) (HKLM\...\KB2834904-v2_WM11) (Version:  - Microsoft Corporation)
Mise à jour de sécurité pour Lecteur Windows Media (KB911564) (Version:  - Microsoft Corporation) Hidden
Mise à jour de sécurité pour Lecteur Windows Media (KB952069) (HKLM\...\KB952069_WM9) (Version:  - Microsoft Corporation)
Mise à jour de sécurité pour Lecteur Windows Media (KB954155) (HKLM\...\KB954155_WM9) (Version:  - Microsoft Corporation)
Mise à jour de sécurité pour Lecteur Windows Media (KB973540) (HKLM\...\KB973540_WM9) (Version:  - Microsoft Corporation)
Mise à jour de sécurité pour Lecteur Windows Media (KB975558) (HKLM\...\KB975558_WM8) (Version:  - Microsoft Corporation)
Mise à jour de sécurité pour Lecteur Windows Media (KB978695) (HKLM\...\KB978695_WM9) (Version:  - Microsoft Corporation)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) (HKLM\...\KB936782_WMP11) (Version:  - Microsoft Corporation)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154) (HKLM\...\KB954154_WM11) (Version:  - Microsoft Corporation)
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) (HKLM\...\KB925398_WMP64) (Version:  - Microsoft Corporation)
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) (Version:  - Microsoft Corporation) Hidden
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB936782) (Version:  - Microsoft Corporation) Hidden
Mise à jour de sécurité pour Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version:  - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB2544521) (HKLM\...\KB2544521-IE7) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB2559049) (HKLM\...\KB2559049-IE7) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) (Version: 1 - Microsoft Corporation) Hidden
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653) (Version: 1 - Microsoft Corporation) Hidden
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) (Version: 1 - Microsoft Corporation) Hidden
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533) (Version: 1 - Microsoft Corporation) Hidden
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759) (Version: 1 - Microsoft Corporation) Hidden
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) (Version: 1 - Microsoft Corporation) Hidden
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390) (Version: 1 - Microsoft Corporation) Hidden
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215) (Version: 1 - Microsoft Corporation) Hidden
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714) (Version: 1 - Microsoft Corporation) Hidden
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2559049) (HKLM\...\KB2559049-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2586448) (HKLM\...\KB2586448-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2503665) (HKLM\...\KB2503665) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2510581) (HKLM\...\KB2510581) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2544893) (HKLM\...\KB2544893) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2555917) (HKLM\...\KB2555917) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2618451) (HKLM\...\KB2618451) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2621440) (HKLM\...\KB2621440) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2624667) (HKLM\...\KB2624667) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2633171) (HKLM\...\KB2633171) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2639417) (HKLM\...\KB2639417) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2641653) (HKLM\...\KB2641653) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2646524) (HKLM\...\KB2646524) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2647518) (HKLM\...\KB2647518) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2660465) (HKLM\...\KB2660465) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2685939) (HKLM\...\KB2685939) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2695962) (HKLM\...\KB2695962) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2705219) (HKLM\...\KB2705219) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2707511) (HKLM\...\KB2707511) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2709162) (HKLM\...\KB2709162) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2718523) (HKLM\...\KB2718523) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2723135) (HKLM\...\KB2723135) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2724197) (HKLM\...\KB2724197) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2731847) (HKLM\...\KB2731847) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2753842) (HKLM\...\KB2753842) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2753842-v2) (HKLM\...\KB2753842-v2) (Version: 2 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2761226) (HKLM\...\KB2761226) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2778344) (HKLM\...\KB2778344) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2779030) (HKLM\...\KB2779030) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2799494) (HKLM\...\KB2799494) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2808735) (HKLM\...\KB2808735) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2813170) (HKLM\...\KB2813170) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2820197) (HKLM\...\KB2820197) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2829361) (HKLM\...\KB2829361) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2839229) (HKLM\...\KB2839229) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2849470) (HKLM\...\KB2849470) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2850851) (HKLM\...\KB2850851) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2876315) (HKLM\...\KB2876315) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2883150) (HKLM\...\KB2883150) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2893984) (HKLM\...\KB2893984) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB923689) (HKLM\...\KB923689) (Version:  - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB938464) (HKLM\...\KB938464) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB941569) (HKLM\...\KB941569) (Version:  - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB950760) (HKLM\...\KB950760) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB951066) (HKLM\...\KB951066) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB951376) (HKLM\...\KB951376) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB951698) (HKLM\...\KB951698) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB953839) (HKLM\...\KB953839) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB954211) (HKLM\...\KB954211) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB954459) (HKLM\...\KB954459) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB954600) (HKLM\...\KB954600) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB956391) (HKLM\...\KB956391) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB956841) (HKLM\...\KB956841) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB957095) (HKLM\...\KB957095) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB957097) (HKLM\...\KB957097) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB958687) (HKLM\...\KB958687) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB980436) (HKLM\...\KB980436) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Mise à jour de sécurité pour Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
Mise à jour pour Windows Internet Explorer 8 (KB2447568) (HKLM\...\KB2447568-IE8) (Version: 1 - Microsoft Corporation)
Mise à jour pour Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Mise à jour pour Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Mise à jour pour Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Mise à jour pour Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)
Mise à jour pour Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Mise à jour pour Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Mise à jour pour Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Mise à jour pour Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Mise à jour pour Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Mise à jour pour Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Mise à jour pour Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Mise à jour pour Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Mise à jour pour Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Mise à jour pour Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Mise à jour pour Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Mise à jour pour Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Mise à jour pour Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Mise à jour pour Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Mise à jour pour Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Mise à jour pour Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Mise à jour pour Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Module linguistique Microsoft .NET Framework 3.5 - fra (HKLM\...\Microsoft .NET Framework 3.5 Language Pack - fra) (Version:  - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 en-US) (HKLM\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton 360 (HKLM\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
Notepad++ (HKLM\...\Notepad++) (Version: 6.1.6 - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
PaperPort Image Printer (HKLM\...\{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.3 - Frank Heindörfer, Philip Chinery)
Play Wireless USB Adapter (HKLM\...\InstallShield_{88E62BD7-A532-48F6-8428-D949BB93A2D7}) (Version: 1.0.0.03 - Belkin)
Play Wireless USB Adapter (Version: 1.0.0.03 - Belkin) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2414.0 - CyberLink Corporation)
QuickSteuer 2014 (HKLM\...\{52DD1288-FA17-4062-8280-532C89A7E2F2}) (Version: 20.04.00.0003 - Haufe-Lexware GmbH & Co.KG)
QuickSteuer Wissens-Center 2011 (HKLM\...\{939FF87B-4ADE-4CB3-A363-153984CD4A49}) (Version: 17.10.0.0 - Haufe-Lexware GmbH & Co. KG)
QuickTime (HKLM\...\{C9E14402-3631-4182-B377-6B0DFB1C0339}) (Version: 7.70.80.34 - Apple Inc.)
Rapport (HKLM\...\Rapport_msi) (Version: 3.5.1008.35 - Trusteer)
Rapport (Version: 3.5.1008.35 - Trusteer) Hidden
Sage 50 Accounts 2009 (HKLM\...\InstallShield_{FC9D0B7B-5D95-411B-B14D-CD074E5CCA4A}) (Version: 15.0.11.159 - Sage (UK) Ltd)
Sage 50 Accounts 2010 (HKLM\...\InstallShield_{7061F715-D782-4120-A034-2B4B4F28CC1D}) (Version: 16.0.14.147 - Sage (UK) Ltd)
Sage 50 Accounts 2011 (HKLM\...\InstallShield_{4D21F997-85AD-42D2-986F-D91C4836438D}) (Version: 17.0.12.196 - Sage (UK) Ltd)
Sage 50 Accounts 2012 (HKLM\...\InstallShield_{EFC6C877-6E77-4E3B-B350-DF4F35D66B51}) (Version: 18.0.10.208 - Sage (UK) Ltd)
Sage 50 Accounts 2013 (HKLM\...\InstallShield_{45ECE61A-C8EE-4847-852C-6E8A8192D424}) (Version: 19.0.11.260 - Sage (UK) Ltd)
ScanSoft PaperPort 11 (HKLM\...\{B6C89654-A6A2-477C-873B-724EC1C56407}) (Version: 11.1.0000 - Nuance Communications, Inc.)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.10.01.6110 - Analog Devices)
TerraTec Home Cinema (HKLM\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.11.5 - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) (HKLM\...\LeapPadExplorerPlugin) (Version:  - LeapFrog)
VBA (2816b) (Version: 6.01.00.1234 - Microsoft Corporation) Hidden
Video Grabber (HKLM\...\VID_1D19&PID_6109&MI_01) (Version: 1.0.0.0 - Conexant Systems)
Visual C++ Runtime for Dragon NaturallySpeaking (HKLM\...\{4A5A427F-BA39-4BF0-9A47-9999FBE60C9F}) (Version: 10.00.000.038 - Nuance Communications Inc.)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service) (Version: 20080413.144513 - Microsoft Corporation)
XML Paper Specification Shared Components Language Pack 1.0 (Version:  - Microsoft Corporation) Hidden
XML Paper Specification Shared Components Pack 1.0 (Version:  - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

16-09-2015 14:25:48 Point de vérification système
16-09-2014 16:54:45 Point de vérification système
17-09-2014 17:15:59 Point de vérification système
18-09-2014 17:33:49 Point de vérification système
19-09-2014 17:56:09 Point de vérification système
22-09-2014 11:50:07 Point de vérification système
23-09-2014 13:58:57 Point de vérification système
24-09-2014 14:20:38 Point de vérification système
25-09-2014 15:56:01 Point de vérification système
26-09-2014 16:31:44 Point de vérification système
27-09-2014 16:33:22 Point de vérification système
28-09-2014 16:46:52 Point de vérification système
29-09-2014 10:51:51 Installed PowerDirector
01-10-2014 07:09:07 Point de vérification système
02-10-2014 09:24:44 Point de vérification système
03-10-2014 09:54:56 Point de vérification système
04-10-2014 10:40:09 Point de vérification système
05-10-2014 11:27:37 Point de vérification système
06-10-2014 12:22:12 Point de vérification système
07-10-2014 13:07:17 Point de vérification système
08-10-2014 13:21:29 Point de vérification système
09-10-2014 13:54:10 Point de vérification système
10-10-2014 14:06:44 Point de vérification système
11-10-2014 14:24:24 Point de vérification système
12-10-2014 15:12:58 Point de vérification système
13-10-2014 15:44:21 Point de vérification système
14-10-2014 15:53:08 Point de vérification système
15-10-2014 16:18:17 Point de vérification système
16-10-2014 16:30:14 Point de vérification système
16-10-2014 19:30:55 Software Distribution Service 3.0
18-10-2014 07:35:49 Point de vérification système
19-10-2014 07:51:53 Point de vérification système
20-10-2014 17:48:13 Point de vérification système
21-10-2014 18:03:01 Point de vérification système
23-10-2014 08:00:08 Point de vérification système
28-10-2014 15:51:49 Point de vérification système
31-10-2014 17:25:36 Point de vérification système
02-11-2014 12:46:13 Point de vérification système
03-11-2014 16:37:28 Point de vérification système
05-11-2014 12:51:16 Point de vérification système
06-11-2014 15:18:53 Point de vérification système
07-11-2014 16:21:21 Point de vérification système
08-11-2014 17:37:46 Point de vérification système
09-11-2014 19:37:50 Point de vérification système
11-11-2014 13:03:43 Point de vérification système
13-11-2014 14:25:50 Point de vérification système
14-11-2014 10:40:00 Software Distribution Service 3.0
16-11-2014 10:41:17 Point de vérification système
18-11-2014 13:19:23 Point de vérification système
21-11-2014 14:13:01 Point de vérification système
22-11-2014 14:27:11 Point de vérification système
23-11-2014 14:55:42 Point de vérification système

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-05 12:00 - 2013-04-07 10:19 - 00000098 ____N C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\windows\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job => C:\windows\system32\xp_eos.exe
Task: C:\windows\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job => C:\windows\system32\xp_eos.exe

==================== Loaded Modules (whitelisted) =============

2011-12-14 18:21 - 2007-08-21 12:32 - 00098304 _____ () C:\windows\system32\redmonnt.dll
2007-07-21 09:50 - 2010-08-19 09:43 - 00247152 ____N () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2014-02-01 13:30 - 2014-02-01 13:30 - 00861184 _____ () C:\Program Files\LeapFrog\LeapFrog Connect\platforms\qwindows.dll
2013-09-26 12:20 - 2013-09-26 12:20 - 00176168 _____ () C:\Program Files\Lexware\Update Manager\Haufe.Core.Diagnostics.Logging.Targets.Etw.dll
2013-09-26 12:20 - 2013-09-26 12:20 - 00043048 _____ () C:\Program Files\Lexware\Update Manager\Haufe.Core.Diagnostics.Etw.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^McAfee Security Scan Plus.lnk => C:\WINDOWS\pss\McAfee Security Scan Plus.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Play Wireless USB Adapter Utility.lnk => C:\WINDOWS\pss\Play Wireless USB Adapter Utility.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^Sarl York Edward^Menu Démarrer^Programmes^Démarrage^Dragon NaturallySpeaking.lnk => C:\WINDOWS\pss\Dragon NaturallySpeaking.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Sarl York Edward^Menu Démarrer^Programmes^Démarrage^Netzmanager.lnk => C:\WINDOWS\pss\Netzmanager.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Sarl York Edward^Menu Démarrer^Programmes^Démarrage^OneNote 2007 - Capture d'écran et lancement.lnk => C:\WINDOWS\pss\OneNote 2007 - Capture d'écran et lancement.lnkStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: CreativeTaskScheduler => "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: HW_OPENEYE_OUC_Telekom Internet Manager => "C:\Program Files\Telekom\InternetManager_H\UpdateDog\ouc.exe"
MSCONFIG\startupreg: IndexSearch => "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
MSCONFIG\startupreg: LexwareInfoService => C:\Program Files\Fichiers communs\Lexware\Update Manager\LxUpdateManager.exe /autostart
MSCONFIG\startupreg: Live! Central 3 => "C:\Program Files\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe" /mode2
MSCONFIG\startupreg: MaxtorOneTouch => C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: mxomssmenu => "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SoundMAX => "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files\Analog Devices\Core\smax4pnp.exe
MSCONFIG\startupreg: SSBkgdUpdate => "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
MSCONFIG\startupreg: V0700Mon.exe => C:\WINDOWS\V0700Mon.exe

========================= Accounts: ==========================

Administrateur (S-1-5-21-3763518644-895795467-4165139698-500 - Administrator - Enabled)
HelpAssistant (S-1-5-21-3763518644-895795467-4165139698-1005 - Limited - Disabled)
Invité (S-1-5-21-3763518644-895795467-4165139698-501 - Limited - Enabled)
Sarl York Edward (S-1-5-21-3763518644-895795467-4165139698-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Sarl York Edward
SUPPORT_388945a0 (S-1-5-21-3763518644-895795467-4165139698-1002 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/24/2014 09:36:26 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download....authrootseq.txt> avec l'erreur : Cette connexion réseau n'existe pas.

Error: (11/24/2014 09:36:26 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download....authrootseq.txt> avec l'erreur : Cette connexion réseau n'existe pas.

Error: (11/24/2014 09:36:17 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download....authrootseq.txt> avec l'erreur : Cette connexion réseau n'existe pas.

Error: (11/24/2014 09:36:15 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download....authrootseq.txt> avec l'erreur : Cette connexion réseau n'existe pas.

Error: (11/24/2014 09:36:11 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download....authrootseq.txt> avec l'erreur : The server name or address could not be resolved

Error: (11/23/2014 11:47:40 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeVC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
Stack:
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at System.Threading.ExecutionContext.runTryCode(System.Object)
   at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at VideoConverter.App.Main()

Error: (11/23/2014 11:45:54 AM) (Source: .NET Runtime 4.0 Error Reporting) (EventID: 5000) (User: )
Description: EventType clr20r3, P1 freemakevc.exe, P2 3.0.2.0, P3 4f7985bc, P4 system.xml, P5 4.0.0.0, P6 51ee8eb3, P7 21f4, P8 22a, P9 clr20r30, P10 clr20r31.

Error: (11/23/2014 11:45:50 AM) (Source: Microsoft ® Visual C# 2010 Compiler) (EventID: 1000) (User: )
Description: csc.exe4.0.30319.14ba20a1bcsc.exe4.0.30319.14ba20a1b0000381a4

Error: (11/23/2014 10:03:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Application défaillante svchost.exe, version 5.1.2600.5512, module défaillant wuaueng.dll, version 7.6.7600.256, adresse de défaillance 0x000ddecc.
Traitement de l'événement propre au support pour [svchost.exe!ws!]

Error: (11/22/2014 08:09:18 PM) (Source: Application Error) (EventID: 1001) (User: )
Description: Détecteur d'erreurs 531247906.
L'échange de clé Wep n'a pas abouti à une installation de connexion sécurisée après l'authentification 802.1x. Le paramètre actuel a été marqué comme défectueux, et la connexion sans fil va être déconnectée.


System errors:
=============
Error: (11/23/2014 03:52:39 PM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: Le périphérique 'Video Grabber' (USB\Vid_1d19&Pid_6109&MI_01\6&537e2dd&0&0001) a disparu du système sans que sa suppression ait tout d'abord été préparée.

Error: (11/23/2014 10:22:50 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Délai (30000 millisecondes) d'attente pour une réponse du service stisvc à une transaction.

Error: (11/23/2014 10:08:38 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (11/23/2014 08:55:22 AM) (Source: DCOM) (EventID: 10010) (User: WILLIAMWOTTENGE)
Description: Le serveur {4C785741-7F95-4309-B372-41BF7CD4804C} ne s'est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (11/22/2014 01:22:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Norton 360 s'est terminé de manière inattendue. Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service.

Error: (11/21/2014 01:30:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Norton 360 s'est terminé de façon inattendue pour la 3ème fois.

Error: (11/21/2014 01:27:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Norton 360 s'est terminé de manière inattendue. Ceci s'est produit 2 fois. L'action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service.

Error: (11/21/2014 01:24:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Norton 360 s'est terminé de manière inattendue. Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service.

Error: (11/21/2014 01:24:16 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Automatic Updates est en attente de démarrage.

Error: (11/21/2014 01:21:09 PM) (Source: System Error) (EventID: 1003) (User: )
Description: Code erreur 00000024, paramètre 1 001902fe, paramètre 2 b35783f0, paramètre 3 b35780ec, paramètre 4 b7d3c1f3.


Microsoft Office Sessions:
=========================
Error: (03/14/2008 04:05:51 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 12 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Processor: AMD Athlon™ 64 X2 Dual Core Processor 4200+
Percentage of memory in use: 27%
Total physical RAM: 2047.29 MB
Available physical RAM: 1489.18 MB
Total Pagefile: 3939.23 MB
Available Pagefile: 3565.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 1935.17 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.05 GB) (Free:93.7 GB) NTFS
Drive e: (KINGSTON) (Removable) (Total:14.43 GB) (Free:9.7 GB) FAT32
Drive f: (KINGSTON) (Removable) (Total:14.43 GB) (Free:9.55 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 9EB79EB7)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 14.4 GB) (Disk ID: 176A63FA)
Partition 1: (Not Active) - (Size=14.4 GB) - (Type=0B)

========================================================
Disk: 2 (Size: 14.4 GB) (Disk ID: 5D405CD7)
Partition 1: (Not Active) - (Size=14.4 GB) - (Type=0B)

==================== End Of Log ============================

 

Hope this is useful

 

Regards

 

RSP


  • 0

#4
zep516
Posted 24 November 2014 - 03:39 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello,
Not seeing much

Program to uninstall
Java 6 Update 21<----- Old versions of Java are an infection risk

Note
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.

We need to do a fix with OTL,
  • Double click on the OTLicon.jpg to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :COMMANDS
[CREATERESTOREPOINT]

:OTL
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21) 
O18 - Protocol\Handler\haufereader - No CLSID value found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope =

:reg

:Files
ipconfig /flushdns /c

:Commands
[emptytemp]
[resethosts]
  • Make sure all other windows are closed.
  • Click the Run Fix button at the top
  • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
  • Post the log that is found in C:\_OTL\Moved Files in your next reply.
  • Open OTL again and click the Quick Scan button.
  • Next

    Please download AdwCleaner by Xplode onto your Desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click the Scan button and wait for the process to complete.
    • Click the Report button and the report will open in Notepad.
    • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
    • Click on the Clean button follow the prompts.
    • A log file will automatically open after the scan has finished and the PC has rebooted.
    • Please post the content of that log file with your next answer.
    • You can find the log file at C:\AdwCleaner
    Next

    thisisujrt.gif Please download Junkware Removal Tool to your Desktop.

    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.


    Your next reply please include the following log reports
    • The OTL Fix log, after you run the fix and the computer reboots, the fix log should pop up.
    • New OTL after quick scan is run.
    • The adwCleaner log S1.txt after you run the clean option.
    • The JRT.txt Log.
    Thanks
    Joe :)

  • 0

#5
RedSuedePump
Posted 25 November 2014 - 04:35 AM

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 260 posts

Hi,

 

I ran the fix in OTL and then got the following report:

 

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UserFaultCheck deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\haufereader\ deleted successfully.
File Protocol\Handler\haufereader - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Configuration IP de Windows
Cache de résolution DNS vidé.
C:\Documents and Settings\Sarl York Edward\Bureau\cmd.bat deleted successfully.
C:\Documents and Settings\Sarl York Edward\Bureau\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Administrateur.SARL_YORK_ED
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
 
User: Edward
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 10274401 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 865576 bytes
 
User: Sarl York Edward
->Temp folder emptied: 1935352 bytes
->Temporary Internet Files folder emptied: 1196166 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 384787398 bytes
->Flash cache emptied: 170023 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16931 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 283053932 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 682271000 bytes
 
Total Files Cleaned = 1,301.00 mb
 
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 11252014_094313

Files\Folders moved on Reboot...
File\Folder C:\windows\temp\Perflib_Perfdata_69c.dat not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 

 

However, when I try to run a quick scan in OTL, it just freezes up after a while and no report is generated (i.e. if I press Ctrl/Alt/Del, the programme is not responding).

 

I then ran AdwCleaner and got the following report:

 

# AdwCleaner v4.102 - Rapport créé le 25/11/2014 à 10:01:39
# Mis à jour le 23/11/2014 par Xplode
# Database : 2014-11-23.7 [Local]
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : Sarl York Edward - WILLIAMWOTTENGE
# Exécuté depuis : C:\Documents and Settings\Sarl York Edward\Bureau\adwcleaner_4.102.exe
# Option : Scanner

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Dossier Présent : C:\Documents and Settings\Sarl York Edward\Application Data\pdfforge
Dossier Présent : C:\Documents and Settings\Sarl York Edward\Local Settings\Application Data\PackageAware
Fichier Présent : C:\Documents and Settings\Sarl York Edward\Application Data\Mozilla\Firefox\Profiles\a9pd4jm0.default-1378115927906\searchplugins\bingp.xml

***** [ Tâches planifiées ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Présente : HKCU\Software\dsiteproducts
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Clé Présente : HKCU\Software\Plus-HD-2.3
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Clé Présente : HKLM\SOFTWARE\Classes\d
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B424109-6F99-4306-8F2B-0B2BB1C8C415}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C0EB0A9-265F-4D9D-AF96-0EF2403A73E8}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9DF046E1-80F7-43E0-80C0-0AD696799C8F}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Coupon Printer2.2.0.9
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\openit open it!
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\206AF45B775E3A445B3B2273827DA85F
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\225C3CBCEB850204D860A6C7CC7724AF
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29C79786B109AC443B0DC7BFD61B1896
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60ECC80C54085B141A40437A96CA2618
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4223BBC9438CAD49BBE10B4E344B1DD
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDA2534BD056D1F44B6EC96AAA7F1F6E
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E05B987540A9E2849AAF9E5B06C27DA8
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F6704141BAAF6884785EC6843143D6A7
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer2.2.0.9
Clé Présente : HKLM\SOFTWARE\Plus-HD-2.3

***** [ Navigateurs ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v33.1 (x86 en-US)


*************************

AdwCleaner[R0].txt - [3257 octets] - [25/11/2014 10:01:39]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3317 octets] ##########
 

I then ran JRT, which also froze mid process. Strangely, I didn't need to switch off Norton, as it didn't start after the reboot.

 

I think something went wrong here, but I'm sure I followed your instructions closely. I thought it would be a good idea to run an OTL scan at the end, but it froze again, so there's no report to add in. Anyway, I've rebooted again and Norton is back in action.

 

Would appreciate your thoughts.

 

RSP


  • 0

#6
RedSuedePump
Posted 25 November 2014 - 04:54 AM

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 260 posts

Hi,
 
As an add-on the the above, I rebooted and tried to do a quick scan in OTL. Whilst running, the computer rebooted automatically and when it restarted I got the Windows error message as in the attached paint file.

 

It appears that something serious has happened, not sure what though.

 

RSP

Attached Thumbnails

  • Windows Error Message.JPG

  • 0

#7
zep516
Posted 25 November 2014 - 05:56 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
I can't read that report(Attached Thumbnails) it's in french.

Reboot the computer again tell me what happens ?

Joe
  • 0

#8
RedSuedePump
Posted 29 November 2014 - 09:56 AM

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 260 posts

HI,

 

I've rebooted and have a red cross on the Norton icon on the tool bar, so I assume there's a problem there.

 

I tried to run a quick scan on OTL and got the same error message again as attached. I've disconnected the computer from the internet (worried about malware/lack of Norton protection) and so the computer can't access the Microsoft site for a solution.

 

You're right, the messages are all in French as I bought the computer in France. I can translate the messages if you want, but I'm not sure that will get us anywhere. I assume, given that OTL won't run, that there's something serious wrong - that's certainly my interpretation of the French error messages.

 

It also still doesn't turn off in the normal way i.e. via 'Start'.

 

Are we left with no option here but to format and reload?

 

RSP

Attached Files


  • 0

#9
zep516
Posted 29 November 2014 - 12:51 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello,

Can you do a System restore and see if we can stabilize the computer.

http://support.micro....com/kb/306084/

Joe
  • 0

#10
RedSuedePump
Posted 01 December 2014 - 03:01 AM

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 260 posts

Hi,

 

I tried to restore back to 24 and 25 November (before I ran JRT and FRST), but for some reason, the computer said this wasn't possible, so I restored to 26 November and this appears to have worked.

 

I also ran a quick scan on OTL, which worked this time (report file below). However, the computer still doesn't switch off from 'Start' and there's a red cross on my Norton icon on the toolbar.

 

RSP

 

OTL logfile created on: 01/12/2014 08:43:17 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Sarl York Edward\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: Royaume-Uni | Language: ENG | Date Format: dd/MM/yyyy
 
2.00 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 74.08% Memory free
3.85 Gb Paging File | 3.51 Gb Available in Paging File | 91.22% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 94.21 Gb Free Space | 63.20% Space Free | Partition Type: NTFS
Drive F: | 14.43 Gb Total Space | 9.53 Gb Free Space | 66.00% Space Free | Partition Type: FAT32
 
Computer Name: WILLIAMWOTTENGE | User Name: Sarl York Edward | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/11/23 11:54:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sarl York Edward\Bureau\OTL.exe
PRC - [2014/09/21 10:17:47 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\21.6.0.32\n360.exe
PRC - [2014/09/05 20:11:56 | 000,153,072 | ---- | M] (Coupons.com Inc.) -- C:\Program Files\Coupon Printer\CouponPrinterService.exe
PRC - [2014/07/11 16:14:20 | 000,118,272 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2014/07/11 15:58:08 | 007,241,728 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2013/10/08 16:46:36 | 000,208,424 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Program Files\Lexware\Update Manager\LxUpdateManager.exe
PRC - [2013/09/26 12:18:02 | 001,620,520 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Program Files\Fichiers communs\Lexware\LxWebAccess\LxWebAccess.exe
PRC - [2012/07/05 14:11:14 | 000,008,192 | ---- | M] (Microsoft) -- C:\Program Files\Fichiers communs\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe
PRC - [2012/05/17 08:59:56 | 000,053,248 | ---- | M] (Sage (UK) Limited) -- C:\Program Files\Fichiers communs\Sage SData\Sage.SData.Service.exe
PRC - [2008/04/14 02:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/11/09 15:40:32 | 000,110,592 | ---- | M] ( ) -- C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe
PRC - [2005/11/09 15:19:38 | 000,634,880 | ---- | M] (Maxtor Corporation) -- C:\Program Files\Maxtor\OneTouch\Utils\OneTouch.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/03/26 13:17:29 | 000,680,960 | ---- | M] () -- C:\windows\assembly\GAC_32\Sage.Central.AutoUpdateManager\1.0.0.0__021b26c6762d83c5\Sage.Central.AutoUpdateManager.dll
MOD - [2014/03/26 13:16:37 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Sage.Common.Web.Server\1.0.0.0__c59b718b5ca510a8\Sage.Common.Web.Server.dll
MOD - [2014/03/26 13:16:36 | 000,258,048 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Sage.Integration.Server\1.0.0.0__3f422f0ff54abde1\Sage.Integration.Server.dll
MOD - [2014/03/26 13:16:36 | 000,077,824 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Sage.Utilities\1.0.0.0__c59b718b5ca510a8\Sage.Utilities.dll
MOD - [2014/03/26 13:16:36 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Sage.Integration.Server.Model\1.0.0.0__3f422f0ff54abde1\Sage.Integration.Server.Model.dll
MOD - [2014/03/26 13:16:36 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Sage.Integration.Server.Feeds\1.0.0.0__3f422f0ff54abde1\Sage.Integration.Server.Feeds.dll
MOD - [2014/03/26 13:16:35 | 000,851,968 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Sage.Common.Syndication\1.0.0.0__c59b718b5ca510a8\Sage.Common.Syndication.dll
MOD - [2014/03/26 13:16:34 | 000,010,240 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Sage.Integration.Diagnostics\1.0.0.0__3f422f0ff54abde1\Sage.Integration.Diagnostics.dll
MOD - [2014/02/15 09:00:23 | 018,109,440 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\dd733c6f1f9f50f3517d48da5bea80d2\System.ServiceModel.ni.dll
MOD - [2014/02/15 08:57:53 | 000,649,728 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\fc7255cccb69c45a808b3d7e6abf55c5\System.Transactions.ni.dll
MOD - [2014/02/15 08:57:52 | 001,021,440 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\469dd20488c4a9606abe21189a3c1ab9\System.Runtime.DurableInstancing.ni.dll
MOD - [2014/02/15 08:57:51 | 000,143,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\27bdc6196968e44234654e30e1028750\SMDiagnostics.ni.dll
MOD - [2014/02/15 08:57:50 | 002,658,304 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\fa954900a6cf3a095efadfa4c683a32c\System.Runtime.Serialization.ni.dll
MOD - [2014/02/15 08:57:47 | 000,393,216 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\05be173cbacba4b7604a67a267acdfe4\System.Xml.Linq.ni.dll
MOD - [2014/02/15 08:57:46 | 001,801,728 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d116eda30a35c490e59221b0ebac6fcd\System.Xaml.ni.dll
MOD - [2014/02/15 08:57:37 | 000,011,776 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\211925af2639b2445fda3b8c040e5a8a\Microsoft.VisualC.ni.dll
MOD - [2014/02/15 08:57:10 | 011,906,048 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\90e490c25be955a75f133cb359569009\System.Web.ni.dll
MOD - [2014/02/14 15:06:08 | 013,199,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\2781e84862746a34f026d0ee179eed2b\System.Windows.Forms.ni.dll
MOD - [2014/02/14 15:05:53 | 001,667,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\243ff1822abc8282cb8fee37538170b4\System.Drawing.ni.dll
MOD - [2014/02/14 15:05:46 | 001,014,272 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\991c4e11f571a4074b9c4a5841222338\System.Configuration.ni.dll
MOD - [2014/02/14 15:05:44 | 007,053,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\a4b5a1a06d2d7f77258943c8c228a5e0\System.Core.ni.dll
MOD - [2014/02/14 15:05:34 | 005,628,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\850fa7110c7423c324762c1ad3130219\System.Xml.ni.dll
MOD - [2014/02/14 15:05:21 | 009,099,776 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\4c906eb82e6f56aea01b2a7291fab7ea\System.ni.dll
MOD - [2014/02/14 15:05:03 | 014,416,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\4e62d1d9b7dd2c2d14915abb73c22d50\mscorlib.ni.dll
MOD - [2014/02/14 14:57:01 | 000,141,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\f254328a10638e87223d401b39197c91\System.Configuration.Install.ni.dll
MOD - [2014/02/14 14:56:56 | 000,978,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b6e70acd99dc22e29b7fc8f9ac340c4\System.Configuration.ni.dll
MOD - [2014/02/14 14:56:55 | 000,212,992 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8cd995f00848816e3ec49dc326e3d49b\System.ServiceProcess.ni.dll
MOD - [2014/02/14 14:51:15 | 005,462,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb722edf9e1e738\System.Xml.ni.dll
MOD - [2014/02/14 14:49:31 | 007,977,984 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll
MOD - [2014/02/14 14:49:08 | 011,497,984 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll
MOD - [2014/02/01 13:30:46 | 000,861,184 | ---- | M] () -- C:\Program Files\LeapFrog\LeapFrog Connect\platforms\qwindows.dll
MOD - [2013/09/26 12:20:40 | 000,176,168 | ---- | M] () -- C:\Program Files\Lexware\Update Manager\Haufe.Core.Diagnostics.Logging.Targets.Etw.dll
MOD - [2013/09/26 12:20:40 | 000,043,048 | ---- | M] () -- C:\Program Files\Lexware\Update Manager\Haufe.Core.Diagnostics.Etw.dll
MOD - [2012/04/08 14:10:06 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2007/08/21 12:32:44 | 000,098,304 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - File not found [Disabled | Stopped] -- C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe -- (DCService.exe)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2014/11/11 10:12:02 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/09/21 10:17:47 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe -- (N360)
SRV - [2014/09/05 20:11:56 | 000,153,072 | ---- | M] (Coupons.com Inc.) [Auto | Running] -- C:\Program Files\Coupon Printer\CouponPrinterService.exe -- (CouponPrinterService)
SRV - [2014/07/11 15:58:08 | 007,241,728 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2014/06/23 06:13:07 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/05 14:11:14 | 000,008,192 | ---- | M] (Microsoft) [Auto | Running] -- C:\Program Files\Fichiers communs\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe -- (Sage AutoUpdate Manager Service)
SRV - [2012/05/17 08:59:56 | 000,053,248 | ---- | M] (Sage (UK) Limited) [Auto | Running] -- C:\Program Files\Fichiers communs\Sage SData\Sage.SData.Service.exe -- (Sage SData Service)
SRV - [2012/04/02 14:36:58 | 000,096,768 | ---- | M] (Freemake) [Disabled | Stopped] -- C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2011/07/20 03:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011/05/25 12:06:20 | 000,037,664 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/12/28 16:25:40 | 000,036,864 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Belkin\F7D4101\V1\wlansrv.exe -- (WLANBelkinService)
SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/11/09 16:44:08 | 000,184,320 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe -- (MaxBackServiceInt)
SRV - [2005/11/09 15:40:32 | 000,110,592 | ---- | M] ( ) [Auto | Running] -- C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe -- (NTService1)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbfake.sys -- (hwusbfake)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ewfiltertdidriver.sys -- (filtertdidriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2014/11/21 05:39:10 | 001,636,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20141120.039\navex15.sys -- (NAVEX15)
DRV - [2014/11/21 05:39:10 | 000,111,408 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/11/21 05:39:10 | 000,095,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20141120.039\naveng.sys -- (NAVENG)
DRV - [2014/11/19 18:28:38 | 000,453,264 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20141121.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2014/10/03 19:19:32 | 001,138,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20141118.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2014/09/08 21:09:46 | 000,378,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2014/08/26 02:20:22 | 000,664,792 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\srtsp.sys -- (SRTSP)
DRV - [2014/08/26 02:20:22 | 000,032,984 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\srtspx.sys -- (SRTSPX)
DRV - [2014/08/06 19:48:16 | 000,209,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\ironx86.sys -- (SymIRON)
DRV - [2014/04/01 06:14:56 | 000,142,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2014/03/04 04:18:12 | 000,936,152 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\symefa.sys -- (SymEFA)
DRV - [2014/02/18 01:32:41 | 000,423,256 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\symtdi.sys -- (SYMTDI)
DRV - [2013/09/26 02:50:25 | 000,127,064 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\ccsetx86.sys -- (ccSet_N360)
DRV - [2013/09/10 02:47:26 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\symds.sys -- (SymDS)
DRV - [2012/04/08 14:18:34 | 000,038,976 | ---- | M] (microOLAP Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pssdk42.sys -- (PSSDK42)
DRV - [2012/04/08 14:18:33 | 000,053,312 | ---- | M] (microOLAP Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pssdklbf.sys -- (PSSDKLBF)
DRV - [2012/01/10 10:07:36 | 000,179,200 | R--- | M] (Dexetek ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DxVGrb.sys -- (DxVGrb)
DRV - [2011/04/13 13:56:34 | 000,057,144 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\25973\RapportCerberus_25973.sys -- (RapportCerberus_25973)
DRV - [2011/04/08 08:17:38 | 000,066,360 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2011/04/08 08:17:38 | 000,053,816 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2011/04/08 08:17:36 | 000,158,904 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2010/10/20 12:24:22 | 000,302,720 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0700Afx.sys -- (V0700Afx)
DRV - [2010/10/17 23:00:00 | 000,322,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0700Vid.sys -- (V0700Vid)
DRV - [2010/08/31 09:28:56 | 000,147,040 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2009/11/06 07:26:36 | 000,642,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcmwlhigh5.sys -- (BCMH43XX)
DRV - [2009/10/02 08:59:16 | 000,489,952 | ---- | M] (ITETech                  ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2008/04/13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2006/07/11 13:38:30 | 000,020,480 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/07/11 13:38:28 | 000,057,856 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/03/17 09:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005/04/06 13:05:24 | 000,015,360 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2004/08/13 02:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.msn.com/?p...97&ocid=UP97DHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 55 66 AE 52 3C CE 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.startup.homepage: "http://uk.msn.com/?p....google.co.uk/"
FF - prefs.js..extensions.enabledAddons: 2020Player_IKEA%402020Technologies.com:5.0.94.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1
FF - prefs.js..keyword.URL: "http://www.bing.com/...7DF&PC=UP97&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@xunlei.com/DapCtrl: C:\Program Files\Fichiers communs\Thunder Network\KanKan\npDapCtrl.2.3.7201.375.(310).dll (ShenZhen Thunder Networking Technologies Ltd.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012/04/13 13:14:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/12/01 08:38:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014/04/01 06:15:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2011/05/09 09:05:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sarl York Edward\Application Data\Mozilla\Extensions
[2011/05/09 09:05:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sarl York Edward\Application Data\Mozilla\Extensions\[email protected]
[2014/08/09 15:30:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sarl York Edward\Application Data\Mozilla\Firefox\Profiles\a9pd4jm0.default-1378115927906\extensions
[2014/08/09 15:30:02 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Documents and Settings\Sarl York Edward\Application Data\Mozilla\Firefox\Profiles\a9pd4jm0.default-1378115927906\extensions\[email protected]
[2014/11/11 10:11:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/11/11 10:12:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2014/11/25 09:46:53 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\21.6.0.32\ips\ipsbho.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\Utils\OneTouch.exe (Maxtor Corporation)
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1296281020859 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2A16B10F-0DC3-4FF8-8757-BC0178BABDFF}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{304248DE-D864-4DA2-BC1F-37647F12762F}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{434BAE2E-E7AE-4FDF-AED9-92FF05DFE4D4}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{589E56EB-0645-46EB-8220-C47F606F3023}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CAE209F7-72D9-4EBD-9ECC-667C5384A88C}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Sarl York Edward\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sarl York Edward\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/07/21 08:26:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/11/25 12:20:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sarl York Edward\Application Data\pdfforge
[2014/11/25 10:11:20 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2014/11/25 10:00:59 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/11/25 09:31:07 | 001,707,532 | ---- | C] (Thisisu) -- C:\Documents and Settings\Sarl York Edward\Bureau\JRT.exe
[2014/11/24 09:35:17 | 000,000,000 | ---D | C] -- C:\FRST
[2014/11/24 08:14:27 | 001,110,016 | ---- | C] (Farbar) -- C:\Documents and Settings\Sarl York Edward\Bureau\FRST.exe
[2014/11/23 11:38:55 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Sarl York Edward\Mes documents\Freemake_do_not_remove_this_folder635523395355132500
[2014/11/23 11:00:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sarl York Edward\Bureau\OTL.exe
[2014/11/11 10:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
 
========== Files - Modified Within 30 Days ==========
 
[2014/12/01 08:38:20 | 000,000,875 | ---- | M] () -- C:\windows\BRWMARK.INI
[2014/12/01 08:36:46 | 000,000,244 | ---- | M] () -- C:\windows\tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
[2014/12/01 08:36:43 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2014/12/01 08:22:00 | 000,001,002 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/11/29 15:35:54 | 000,002,529 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Bureau\Microsoft Office Excel 2007.lnk
[2014/11/29 15:34:11 | 000,231,729 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Bureau\Error Message.JPG
[2014/11/29 15:21:28 | 000,012,598 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2014/11/27 15:51:53 | 000,115,200 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/11/26 14:38:01 | 000,000,284 | ---- | M] () -- C:\windows\tasks\AppleSoftwareUpdate.job
[2014/11/25 10:52:30 | 000,254,659 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Bureau\Windows Error Message.JPG
[2014/11/25 10:51:49 | 003,108,038 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Bureau\Windows Error Message.bmp
[2014/11/25 09:46:53 | 000,000,098 | ---- | M] () -- C:\windows\System32\drivers\etc\Hosts
[2014/11/25 09:31:12 | 001,707,532 | ---- | M] (Thisisu) -- C:\Documents and Settings\Sarl York Edward\Bureau\JRT.exe
[2014/11/25 09:30:41 | 002,148,864 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Bureau\adwcleaner_4.102.exe
[2014/11/24 10:11:03 | 000,137,662 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\Ivanhoe pdf.pdf
[2014/11/24 08:14:43 | 001,110,016 | ---- | M] (Farbar) -- C:\Documents and Settings\Sarl York Edward\Bureau\FRST.exe
[2014/11/24 08:11:55 | 000,545,360 | ---- | M] () -- C:\windows\System32\perfh00C.dat
[2014/11/24 08:11:55 | 000,475,510 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2014/11/24 08:11:55 | 000,091,660 | ---- | M] () -- C:\windows\System32\perfc00C.dat
[2014/11/24 08:11:54 | 000,077,202 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2014/11/23 11:54:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sarl York Edward\Bureau\OTL.exe
[2014/11/19 13:25:38 | 000,002,575 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Bureau\Microsoft Office Word 2007.lnk
[2014/11/14 18:11:18 | 004,065,015 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\PIIEYorkLimited.pdf
[2014/11/14 18:10:01 | 004,065,926 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\Télécopie pleine page.pdf
[2014/11/09 14:37:08 | 000,000,102 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\Dry Beds Now.cue
[2014/11/09 14:31:26 | 034,892,801 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\Dry Beds Now.mp3
[2014/11/08 15:00:00 | 000,000,238 | ---- | M] () -- C:\windows\tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job
[2014/11/07 14:34:55 | 017,445,872 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\DryBedsNow.mp3
[2014/11/06 11:09:06 | 000,263,229 | ---- | M] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\R5N7UV-BoardingPass.pdf
 
========== Files Created - No Company Name ==========
 
[2014/11/29 15:34:10 | 000,231,729 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Bureau\Error Message.JPG
[2014/11/25 10:52:30 | 000,254,659 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Bureau\Windows Error Message.JPG
[2014/11/25 10:51:49 | 003,108,038 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Bureau\Windows Error Message.bmp
[2014/11/25 09:30:31 | 002,148,864 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Bureau\adwcleaner_4.102.exe
[2014/11/24 10:10:57 | 000,137,662 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\Ivanhoe pdf.pdf
[2014/11/14 18:11:17 | 004,065,015 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\PIIEYorkLimited.pdf
[2014/11/14 18:09:53 | 004,065,926 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\Télécopie pleine page.pdf
[2014/11/09 14:37:08 | 000,000,102 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\Dry Beds Now.cue
[2014/11/09 14:30:09 | 034,892,801 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\Dry Beds Now.mp3
[2014/11/07 14:34:54 | 017,445,872 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\DryBedsNow.mp3
[2014/11/06 11:09:06 | 000,263,229 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Mes documents\R5N7UV-BoardingPass.pdf
[2014/09/15 15:21:43 | 000,000,000 | -H-- | C] () -- C:\windows\uccspecc.sys
[2014/03/26 12:56:32 | 000,000,538 | ---- | C] () -- C:\windows\ODBC.INI
[2012/04/14 15:21:23 | 002,082,478 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3763518644-895795467-4165139698-1006-0.dat
[2012/04/14 15:21:21 | 000,190,078 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/05/01 18:00:51 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Application Data\CoreAVC.ini
[2008/09/17 07:13:40 | 000,001,514 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Application Data\SAS7_000.DAT
[2008/01/30 11:18:03 | 000,000,040 | --S- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2007/12/24 16:40:20 | 000,122,030 | R--- | C] () -- C:\Documents and Settings\Sarl York Edward\Backup Status
[2007/12/19 11:17:35 | 000,115,200 | ---- | C] () -- C:\Documents and Settings\Sarl York Edward\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2011/04/30 14:21:43 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 02:33:41 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 10:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 02:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2014/01/26 19:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DatacardService
[2009/03/07 13:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2012/04/13 13:16:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freemake
[2008/06/11 13:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fssg
[2012/04/08 13:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc
[2011/04/30 14:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Haufe
[2013/12/22 12:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leapfrog
[2011/04/30 14:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lexware
[2007/12/19 08:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor
[2011/09/16 11:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\mquadr.at
[2008/09/16 15:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2010/05/28 17:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2014/03/26 13:36:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sage
[2008/09/18 09:35:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2008/01/30 11:19:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2014/09/29 10:51:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/01/29 15:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TerraTec
[2012/01/07 15:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Thunder Network
[2011/07/21 11:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\tmp
[2011/04/02 04:58:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2011/02/12 15:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/12/05 18:30:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{D423354A-E70D-49AC-B74E-9DB73BB8ACA3}
[2014/11/23 12:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\avidemux
[2011/12/03 13:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\co.uk.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2007/12/17 10:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\F-Secure
[2011/05/09 09:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Haufe Mediengruppe
[2014/01/29 10:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\HMRC
[2013/04/14 07:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\ImgBurn
[2011/04/30 14:37:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Lexware
[2013/02/11 15:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\LiveCAD3
[2012/08/19 06:16:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Notepad++
[2008/09/16 15:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Nuance
[2011/09/21 10:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Orange
[2014/11/25 12:20:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\pdfforge
[2007/12/20 16:16:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\ScanSoft
[2011/09/21 10:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Schnellstart-DVD
[2014/02/27 10:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\TeamViewer
[2011/08/02 11:18:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Telekom
[2011/08/02 11:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Telekom Internet Manager
[2011/01/29 15:04:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\TerraTec
[2012/02/11 07:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Tific
[2011/04/02 04:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarl York Edward\Application Data\Trusteer
 
========== Purity Check ==========
 
 

< End of report >
 


  • 0

Advertisements

#11
zep516
Posted 01 December 2014 - 03:48 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello,
 

so I restored to 26 November and this appears to have worked.


Now then go back to my post # 4

In that post 4 look for the instructions for running AdwCleaner and JRT. Don't worry about any OTL stuff just yet.

Run them and post the log files. Don't forget to Run the clean option in adwcleaner. Read the instructions in post 4 for these 2 tools all the information is there.

I need 2 log reports

1. AdwCleaner log [S1].txt
2. JRT Log
  • 0

#12
RedSuedePump
Posted 02 December 2014 - 12:32 PM

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 260 posts

Hi,

 

That seemed to go better this time. Files as requested:

 

# AdwCleaner v4.102 - Rapport créé le 02/12/2014 à 17:44:00
# Mis à jour le 23/11/2014 par Xplode
# Database : 2014-11-23.7 [Local]
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : Sarl York Edward - WILLIAMWOTTENGE
# Exécuté depuis : C:\Documents and Settings\Sarl York Edward\Bureau\adwcleaner_4.102.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\Documents and Settings\Sarl York Edward\Application Data\pdfforge

***** [ Tâches planifiées ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****


***** [ Navigateurs ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v33.1 (x86 en-US)


*************************

AdwCleaner[R0].txt - [3397 octets] - [25/11/2014 10:01:39]
AdwCleaner[R1].txt - [1044 octets] - [02/12/2014 17:35:26]
AdwCleaner[S0].txt - [3482 octets] - [25/11/2014 10:05:56]
AdwCleaner[S1].txt - [968 octets] - [02/12/2014 17:44:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1027 octets] ##########
 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Microsoft Windows XP x86
Ran by Sarl York Edward on 02/12/2014 at 18:25:14.71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] couponprinterservice
Successfully deleted: [Service] couponprinterservice



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\windows\couponprinter.ocx"



~~~ Folders



~~~ FireFox

Emptied folder: C:\Documents and Settings\Sarl York Edward\Application Data\mozilla\firefox\profiles\a9pd4jm0.default-1378115927906\minidumps [1 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02/12/2014 at 18:28:26.15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

Regards

 

RSP


  • 0

#13
RedSuedePump
Posted 02 December 2014 - 12:34 PM

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 260 posts

By the way, forgot to mention, the computer still doesn't turn off from the 'Start' menu.

 

RSP


  • 0

#14
zep516
Posted 02 December 2014 - 12:48 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
What does it do, you click Start, shutdown, and it just sits there ??? and does nothing.
  • 0

#15
RedSuedePump
Posted 02 December 2014 - 12:51 PM

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 260 posts

Yes, I click Start/Shut down computer/Shut down and it just carries on as normal.

 

RSP


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP