37 replies to this topic

[Maniac]

Regarding step 1, what is removed McAfee was something that we have already removed and is in backup folder of TDSSKiller. There is nothing scary. Yes, it is okay for Extras.txt , I don't need it.

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :OTL
  [2009/03/29 12:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gilles\Application Data\Uniblue
  [2011/12/22 11:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hélène\Application Data\mystarttb
  [2012/06/01 13:56:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mystarttb
  
  :files
  ipconfig /flushdns /c
  
  :Commands
  [emptytemp]
  [clearallrestorepoints]

  
  
• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot the PC when it is done
  
• Please post the OTL fix log in your next reply.

Note: A copy of an OTL fix log is saved in a text file at C:\_OTL\MovedFiles

[Picsou]

Bonjour Maniac,
See below, I posted the OTL Custom Scan Fixes:

All processes killed
========== OTL ==========
C:\Documents and Settings\Gilles\Application Data\Uniblue folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\widgets_cache folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\weather folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\shopping folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\games folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\coupons folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\widgets\net.vmn.www.Shopzilla folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\widgets folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.Shopzilla\skin\scripts folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.Shopzilla\skin\images folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.Shopzilla\skin\css folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.Shopzilla\skin folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.Shopzilla\js folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.Shopzilla\images folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.Shopzilla\css folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.Shopzilla folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\css folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.MyStartFacebook\js folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.MyStartFacebook\css folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.MyStartFacebook folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content\widgets folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content\lib folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome\content folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb\chrome folder moved successfully.
C:\Documents and Settings\Hélène\Application Data\mystarttb folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\widgets_cache folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\weather folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\shopping folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\search folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\games folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\coupons folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.Shopzilla\skin\scripts folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.Shopzilla\skin\images folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.Shopzilla\skin\css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.Shopzilla\skin folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.Shopzilla\js folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.Shopzilla\images folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.Shopzilla\css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.Shopzilla folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.MyStartFacebook\js folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.MyStartFacebook\css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content\widgets\net.vmn.www.MyStartFacebook folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content\widgets folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content\lib folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome\content folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb\chrome folder moved successfully.
C:\Documents and Settings\Owner\Application Data\mystarttb folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Gilles\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Gilles\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Elise

User: Gilles
->Temp folder emptied: 140755237 bytes
->Temporary Internet Files folder emptied: 551219270 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 3271 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Hélène
->Temp folder emptied: 522615 bytes
->Temporary Internet Files folder emptied: 55784839 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 790 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 7202 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Owner
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Premier ministre

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 543044 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 714.00 mb

Error creating restore point.

OTL by OldTimer - Version 3.2.50.0 log created on 06212012_130252
Files\Folders moved on Reboot...
C:\Documents and Settings\Gilles\Local Settings\Temporary Internet Files\Content.IE5\T7WT2ATW\index[2].htm moved successfully.
C:\Documents and Settings\Gilles\Local Settings\Temporary Internet Files\Content.IE5\MWHCHZI9\s-BiyweUPV0v-yRb-cjciFQlYEbsez9cZjKsNMjLOwM[1].eot moved successfully.
C:\Documents and Settings\Gilles\Local Settings\Temporary Internet Files\Content.IE5\CB61PKRI\fastbutton[2].htm moved successfully.
C:\Documents and Settings\Gilles\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File\Folder C:\WINDOWS\temp\TMP0000000DE3230FC4610EF0B7 not found!
Registry entries deleted on Reboot...

what is next?

Cordialement,
Picsou

[Maniac]

Any progress?

[Picsou]

Bonjour Maniac,
i was waiting for the next step... but was away for the last 3 days. Not sure what progress you refer to ? I do not want to test the redirection (i-e clicking on the advertisement) until we are finished. Should I test it?
Cordialement,

Picsou

[Maniac]

Yes, I would like to know whether the steps we are working on give any results.

[Picsou]

Bonjour Maniac,
I just tested the advertisement link within my bank web site and I am still getting a redirection. I navigated within the web site and found another advertisement that had a similar url : (ex:https://rbc.bridgetr...=643277&r=26192) and this one also redirected me to a web page advertising a Panda AV website. When I clicked to other advertisement that had a URL not starting with " https://rbc.bridgetrack.com..." , I did not get any redirection.

I had my work Portable PC opened and i went to the bank web site. But this time there was no redirection when I clicked on the same advertisement.

The only thing I can conclude is the following:

1. I still have redirection with my PC .
2. Seems to happens when the url is starting with : https://rbc.bridgetrack.com/..."

The problem is not yet resolved.

Cordialement
Picsou

[Maniac]

Please try to reset IE settings and try again:
http://support.microsoft.com/kb/923737

[Picsou]

hello Maniac,
Did the Microsoft FixIt as instructed. Did it 3 times, 1 for my partition, 1 for my wife and 1 for the Admin. Each time, I closed IE and restarted it.

After that, I retested the redirection. I found an advertisement on the welcome page of the bank before accessing the bank site. this advertisement has an URL similar to the one inside the bank site. So I clicked on it and was redirected to the Panda site: www.cloudantivirus.com. The URL was: https://rbc.bridgetr...D=653267&r=9878

I also did a test: In a word file, I created an hyperlink with the url: https://rbc.bridgetr...D=653267&r=9878 and surprise, when I clicked on it, I was not redirected to the Panda web site but to the real web page related to the advertisement.

I am not sure if this could help you

What is next?.
Regards,

Picsou

[Maniac]

This means that the problem is only associated with Internet Explorer.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

• Flush DNS
  
• Report IE Proxy Settings
  
• Reset IE Proxy Settings
  
• Report FF Proxy Settings
  
• Reset FF Proxy Settings
  
• List content of Hosts
  
• List IP configuration
  
• List Winsock Entries
  
• List last 10 Event Viewer log
  
• List Installed Programs
  
• List Devices
  
• List Users, Partitions and Memory size.
  
• List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

[Picsou]

Hello Maniac,

find below the Minitoolbox Result.txt report:

MiniToolBox by Farbar Version: 25-06-2012
Ran by Gilles (administrator) on 29-06-2012 at 13:30:00
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8139/810X Family PCI Fast Ethernet NIC = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : owner-akf11bv1p

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Realtek RTL8139/810X Family PCI Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-C0-A8-80-43-45

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.100

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 192.168.0.1

Lease Obtained. . . . . . . . . . : June 28, 2012 8:30:51 PM

Lease Expires . . . . . . . . . . : July 5, 2012 8:30:51 PM

Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 74.125.228.100, 74.125.228.104, 74.125.228.99, 74.125.228.96
74.125.228.103, 74.125.228.101, 74.125.228.102, 74.125.228.97, 74.125.228.98
74.125.228.110, 74.125.228.105



Pinging google.com [74.125.228.66] with 32 bytes of data:



Reply from 74.125.228.66: bytes=32 time=36ms TTL=56

Reply from 74.125.228.66: bytes=32 time=36ms TTL=56



Ping statistics for 74.125.228.66:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 36ms, Maximum = 36ms, Average = 36ms

Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 72.30.38.140, 209.191.122.70, 98.139.183.24



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=51ms TTL=55

Reply from 209.191.122.70: bytes=32 time=56ms TTL=55



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 51ms, Maximum = 56ms, Average = 53ms

Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 c0 a8 80 43 45 ...... Realtek RTL8139 Family PCI Fast Ethernet NIC - McAfee Core NDIS Intermediate Filter Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.100 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.0.100 192.168.0.100 20
192.168.0.0 255.255.255.0 192.168.0.100 192.168.0.100 20
192.168.0.100 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.100 192.168.0.100 20
224.0.0.0 240.0.0.0 192.168.0.100 192.168.0.100 20
255.255.255.255 255.255.255.255 192.168.0.100 192.168.0.100 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/29/2012 00:35:50 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.

Error: (06/29/2012 00:35:49 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.

Error: (06/29/2012 00:35:30 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (06/28/2012 02:57:01 PM) (Source: Application Error) (User: )
Description: Faulting application nmindexstoresvr.exe, version 3.3.8.0, faulting module unknown, version 0.0.0.0, fault address 0x01ec9fe2.
Processing media-specific event for [nmindexstoresvr.exe!ws!]

Error: (06/27/2012 10:36:29 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (06/24/2012 05:10:45 PM) (Source: Application Error) (User: )
Description: Faulting application nmindexstoresvr.exe, version 3.3.8.0, faulting module unknown, version 0.0.0.0, fault address 0x01ea3f3c.
Processing media-specific event for [nmindexstoresvr.exe!ws!]

Error: (06/23/2012 02:37:02 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19258, fault address 0x001095b3.
Processing media-specific event for [iexplore.exe!ws!]

Error: (06/22/2012 04:36:19 PM) (Source: Application Hang) (User: )
Description: Hanging application ImageReady.exe, version 3.0.1.192, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (06/22/2012 09:23:34 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (06/21/2012 10:37:58 PM) (Source: Application Error) (User: )
Description: Faulting application nmindexstoresvr.exe, version 3.3.8.0, faulting module unknown, version 0.0.0.0, fault address 0x01de5fd2.
Processing media-specific event for [nmindexstoresvr.exe!ws!]


System errors:
=============
Error: (06/29/2012 00:35:13 AM) (Source: DCOM) (User: OWNER-AKF11BV1P)
Description: DCOM got error "%%1053" attempting to start the service gusvc with arguments ""
in order to run the server:
{89DAE4CD-9F17-4980-902A-99BA84A8F5C8}

Error: (06/29/2012 00:35:13 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Google Software Updater service to connect.

Error: (06/29/2012 00:33:31 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} did not register with DCOM within the required timeout.

Error: (06/27/2012 07:42:59 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} did not register with DCOM within the required timeout.

Error: (06/24/2012 07:22:14 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.

Error: (06/24/2012 05:13:17 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} did not register with DCOM within the required timeout.

Error: (06/21/2012 01:03:07 PM) (Source: Service Control Manager) (User: )
Description: The NMIndexingService service terminated unexpectedly. It has done this 1 time(s).

Error: (06/21/2012 01:03:02 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (06/21/2012 01:03:02 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Network Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (06/21/2012 01:03:02 PM) (Source: Service Control Manager) (User: )
Description: The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (12/30/2010 01:55:42 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16093 seconds with 120 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

AceHTML Freeware (Version: Build 11)
Adobe Acrobat 5.0 (Version: 5.0)
Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.62)
Adobe Photoshop 6.0 (Version: 6.0)
Adobe Photoshop Elements 8.0 (Version: 8.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Anti-phishing Domain Advisor (Version: 1.0.0.5)
Apple Application Support (Version: 1.4.1)
Apple Mobile Device Support (Version: 3.3.1.3)
Apple Software Update (Version: 2.1.1.116)
ArcSoft PhotoStudio 6 (Version: 6.0.1.148)
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.4
Bonjour (Version: 2.0.4.0)
CameraHelperMsi (Version: 13.00.1774.0)
Canon MP Navigator EX 3.1
Canon Utilities Solution Menu
CanoScan 9000F Scanner Driver
CanoScan Toolbox 4.1
Coffret de pilotes Logitech Webcam Software (Version: 12.10.1110)
Dell ResourceCD
Driver Detective (Version: 8.0.1)
DVD Solution
erLT (Version: 1.20.138.34)
ESET Online Scanner v3
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
HP Deskjet 6500 Series
ImpôtRapide 2009 (Version: 1.00.0000)
ImpôtRapide 2010 (Version: 1.00.0000)
ImpôtRapide 2011 (Version: 1.00.0000)
InCD (Version: 4.3.18.0)
iTunes (Version: 10.1.2.17)
LightScribe 1.4.74.1 (Version: 1.4.74.1)
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.00.1777.0)
LWS Gallery (Version: 13.00.1778.0)
LWS Help_main (Version: 13.00.1783.0)
LWS Launcher (Version: 13.00.1776.0)
LWS Motion Detection (Version: 13.00.1778.0)
LWS Pictures And Video (Version: 13.00.1778.0)
LWS Video Mask Maker (Version: 13.00.1774.0)
LWS VideoEffects (Version: 13.00.1774.0)
LWS Webcam Software (Version: 13.00.1774.0)
LWS WLM Plugin (Version: 1.00.1774.0)
LWS YouTube Plugin (Version: 13.00.1777.0)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
McAfee AntiVirus Plus (Version: 11.0.678)
McAfee Security Scan Plus (Version: 2.0.181.2)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Combat Flight Simulator 3 Mission Pack (Version: 3.0.0.0921)
Microsoft Combat Flight Simulator 3.1
Microsoft Download Manager (Version: 1.2.1)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Dutch) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office XP Web Components (Version: 10.0.6765.0)
Microsoft Picture It! Photo 2002 (Version: 6.0.0.0000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Software Update for Web Folders (French) 12 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Multimedia Launcher
MyFonts Order M3792118 (Version: 1.0)
Nero 8 (Version: 8.3.305)
Nero MediaHome CE
Nero OEM
Nero Recode CE
Nero ShowTime CE
neroxml (Version: 1.0.0)
Nikon Message Center (Version: 0.91.000)
NVIDIA Display Driver
NVIDIA Drivers
OmniPage SE (Version: 11.00.0001)
PhotoInPress BookDesigner
PictureProject (Version: 1.0)
Presto! PageManager 6
Print@Fujicolor (Version: 2.73)
QuickTime (Version: 7.69.80.9)
RegCure (Version: 2.1.0.0)
Samsung_MonSetup (Version: 1.00.0000)
Skype Toolbars (Version: 5.0.4137)
Skype™ 5.1 (Version: 5.1.112)
SoundMAX
Spybot - Search & Destroy (Version: 1.6.2)
SpyHunter (Version: 4.9.11.3987)
System Requirements Lab
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VCRedistSetup (Version: 1.0.0)
WebFldrs XP (Version: 9.50.5318)
Winamp (Version: 5.572 )
Winamp Toolbar
Windows Defender (Version: 1.1.1593.21)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows XP Service Pack 3 (Version: 20080414.031525)

========================= Devices: ================================

Name: ACPI Uniprocessor PC
Description: ACPI Uniprocessor PC
Class Guid: {4D36E966-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPI

Name: Intel® Pentium® 4 CPU 1.80GHz
Description: Processor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: Processor

Name: PCI bus
Description: PCI bus
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Intel® 82845 Processor to I/O Controller - 1A30
Description: Intel® 82845 Processor to I/O Controller - 1A30
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:

Name: Intel® 82845 Processor to AGP Controller - 1A31
Description: Intel® 82845 Processor to AGP Controller - 1A31
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci

Name: NVIDIA GeForce4 MX 420
Description: NVIDIA GeForce4 MX 420
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: NVIDIA
Service: nv

Name: SyncMaster B2030 (Analog)
Description: SyncMaster B2030 (Analog)
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: Samsung
Service:

Name: Intel® 82801DB/DBM USB Universal Host Controller - 24C2
Description: Intel® 82801DB/DBM USB Universal Host Controller - 24C2
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: USB Printing Support
Description: USB Printing Support
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Microsoft
Service: usbprint

Name: HP Deskjet 6500 Series
Description: HP Deskjet 6500 Series
Class Guid: {4D36E979-E325-11CE-BFC1-08002BE10318}
Manufacturer: Hewlett-Packard
Service:

Name: Intel® 82801DB/DBM USB Universal Host Controller - 24C4
Description: Intel® 82801DB/DBM USB Universal Host Controller - 24C4
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® 82801DB/DBM USB Universal Host Controller - 24C7
Description: Intel® 82801DB/DBM USB Universal Host Controller - 24C7
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® 82801DB/DBM USB 2.0 Enhanced Host Controller - 24CD
Description: Intel® 82801DB/DBM USB 2.0 Enhanced Host Controller - 24CD
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub

Name: Logitech USB Camera (Webcam 905)
Description: Logitech USB Camera (Webcam 905)
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Logitech
Service: usbccgp

Name: Logitech Webcam 905
Description: Logitech Webcam 905
Class Guid: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
Manufacturer: Logitech
Service: LVUVC

Name: Webcam 905
Description: Webcam 905
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Logitech
Service: usbaudio

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: USB Audio Device
Description: USB Audio Device
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Generic USB Audio)
Service: usbaudio

Name: USB Human Interface Device
Description: USB Human Interface Device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: Microsoft
Service:

Name: USB Human Interface Device
Description: USB Human Interface Device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: mouhid

Name: Intel® 82801DB PCI Bridge - 244E
Description: Intel® 82801DB PCI Bridge - 244E
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci

Name: SoftV90 Data Fax Modem
Description: SoftV90 Data Fax Modem
Class Guid: {4D36E96D-E325-11CE-BFC1-08002BE10318}
Manufacturer: CXT
Service: Modem

Name: Realtek RTL8139/810X Family PCI Fast Ethernet NIC
Description: Realtek RTL8139/810X Family PCI Fast Ethernet NIC
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek
Service: rtl8139

Name: Intel® 82801DB LPC Interface Controller - 24C0
Description: Intel® 82801DB LPC Interface Controller - 24C0
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: isapnp

Name: ISAPNP Read Data Port
Description: ISAPNP Read Data Port
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System timer
Description: System timer
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System speaker
Description: System speaker
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Communications Port (COM1)
Description: Communications Port
Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard port types)
Service: Serial

Name: Standard floppy disk controller
Description: Standard floppy disk controller
Class Guid: {4D36E969-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard floppy disk controllers)
Service: fdc

Name: Floppy disk drive
Description: Floppy disk drive
Class Guid: {4D36E980-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard floppy disk drives)
Service: flpydisk

Name: ECP Printer Port (LPT1)
Description: ECP Printer Port
Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard port types)
Service: Parport

Name: Printer Port Logical Interface
Description: Printer Port Logical Interface
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® 82802 Firmware Hub Device
Description: Intel® 82802 Firmware Hub Device
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:

Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard keyboards)
Service: i8042prt

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® 82801DB Ultra ATA Storage Controller - 24CB
Description: Intel® 82801DB Ultra ATA Storage Controller - 24CB
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pciide

Name: Primary IDE Channel
Description: Primary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: MAXTOR 6L040J2
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: MAXTOR STM3200820A
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Secondary IDE Channel
Description: Secondary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: HL-DT-ST DVD-RAM GSA-H22L
Description: CD-ROM Drive
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: _NEC NR-7900A
Description: CD-ROM Drive
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: Intel® 82801DB/DBM SMBus Controller - 24C3
Description: Intel® 82801DB/DBM SMBus Controller - 24C3
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:

Name: SoundMAX Integrated Digital Audio
Description: SoundMAX Integrated Digital Audio
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Analog Devices, Inc.
Service: smwdm

Name: System board
Description: System board
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Sleep Button
Description: ACPI Sleep Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Volume Manager
Description: Volume Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: ftdisk

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: AFD Networking Support Environment
Description: AFD Networking Support Environment
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep

Name: catchme
Description: catchme
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: catchme

Name: McAfee Inc. cfwids
Description: McAfee Inc. cfwids
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: cfwids

Name: dmboot
Description: dmboot
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmboot

Name: dmload
Description: dmload
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmload

Name: esgiguard
Description: esgiguard
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: esgiguard

Name: Fallback
Description: Fallback
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Fallback

Name: Fips
Description: Fips
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Fips

Name: Fsks
Description: Fsks
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Fsks

Name: Generic Packet Classifier
Description: Generic Packet Classifier
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Gpc

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpFilterDriver

Name: IP Network Address Translator
Description: IP Network Address Translator
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpNat

Name: IPSEC driver
Description: IPSEC driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IPSec

Name: K56
Description: K56
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: K56

Name: ksecdd
Description: ksecdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ksecdd

Name: Logitech LVPr2Mon Driver
Description: Logitech LVPr2Mon Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: LVPr2Mon

Name: mdmxsdk
Description: mdmxsdk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mdmxsdk

Name: McAfee Inc. mfeapfk
Description: McAfee Inc. mfeapfk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfeapfk

Name: McAfee Inc. mfeavfk
Description: McAfee Inc. mfeavfk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfeavfk

Name: McAfee Inc.
Description: McAfee Inc.
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfeavfk01

Name: McAfee Inc. mfebopk
Description: McAfee Inc. mfebopk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfebopk

Name: McAfee Inc. mfefirek
Description: McAfee Inc. mfefirek
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfefirek

Name: McAfee Inc. mfehidk
Description: McAfee Inc. mfehidk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfehidk

Name: McAfee Inc. mferkdet
Description: McAfee Inc. mferkdet
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mferkdet

Name: McAfee Inc. mfetdi2k
Description: McAfee Inc. mfetdi2k
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfetdi2k

Name: mnmdd
Description: mnmdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mnmdd

Name: mountmgr
Description: mountmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NdisTapi

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: NetBios over Tcpip
Description: NetBios over Tcpip
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: OMCI
Description: OMCI
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: OMCI

Name: PartMgr
Description: PartMgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PartMgr

Name: ParVdm
Description: ParVdm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ParVdm

Name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RasAcd

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: Secdrv
Description: Secdrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Secdrv

Name: SoftFax
Description: SoftFax
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SoftFax

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: Tones
Description: Tones
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tones

Name: V124
Description: V124
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: V124

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: VolSnap
Description: VolSnap
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VolSnap

Name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarp

Name: Windows Socket 2.0 Non-IFS Service Provider Support Environment
Description: Windows Socket 2.0 Non-IFS Service Provider Support Environment
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WS2IFSL

Name: Audio Codecs
Description: Audio Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Legacy Audio Drivers
Description: Legacy Audio Drivers
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Media Control Devices
Description: Media Control Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Legacy Video Capture Devices
Description: Legacy Video Capture Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Video Codecs
Description: Video Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: WAN Miniport (IP) - McAfee Core NDIS Intermediate Filter Miniport
Description: McAfee Core NDIS Intermediate Filter Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: McAfee
Service: mfendiskmp

Name: Realtek RTL8139 Family PCI Fast Ethernet NIC - McAfee Core NDIS Intermediate Filter Miniport
Description: McAfee Core NDIS Intermediate Filter Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: McAfee
Service: mfendiskmp

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: Realtek RTL8139 Family PCI Fast Ethernet NIC - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: WAN Miniport (IP) - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Direct Parallel
Description: Direct Parallel
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Raspti

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: Microsoft WINMM WDM Audio Compatibility Driver
Description: Microsoft WINMM WDM Audio Compatibility Driver
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: wdmaud

Name: Microsoft Kernel System Audio Device
Description: Microsoft Kernel System Audio Device
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: sysaudio

Name: RAS Async Adapter
Description: RAS Async Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: AsyncMac

Name: Microsoft Kernel Wave Audio Mixer
Description: Microsoft Kernel Wave Audio Mixer
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: kmixer

Name: Microcode Update Device
Description: Microcode Update Device
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: update

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: mssmbios


========================= Memory info: ===================================

Percentage of memory in use: 65%
Total physical RAM: 766.8 MB
Available physical RAM: 266.03 MB
Total Pagefile: 1876.23 MB
Available Pagefile: 1182.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.49 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:37.24 GB) (Free:5.45 GB) NTFS
3 Drive d: (DRV2_VOL1) (Fixed) (Total:186.31 GB) (Free:88.76 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-AKF11BV1P

Administrator Gilles Guest
H‚lŠne HelpAssistant Owner
SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found


**** End of log ****


Cordialement,
Picsou

[Maniac]

Do you still have a problem?

[Picsou]

Bonjour Maniac,
Yes, I still have the problem. Sorry if I did not come back but I was away for 3 days. I just tested it again, few minutes ago, and I still get the redirection. The Minitoolbox did not change any thing.

Cordialement,
Picsou

PS: Should I uninstall IE 8 and reinstall it?

[Maniac]

It's not a bad idea. Please try it and let me know.

[Picsou]

hello Maniac,

Good news ! I uninstalled IE 8 and reinstalled it with updates and tested the redirection. And... there was no redirection. I tested numerous pages inside and outside the bank firewall and I did not get any redirection where before I had. It seems that the uninstall and reinstall after all other corrections and validations resolved the problem.

So Thank you very much . Mnogo blagodaria!

Cordialement
Picsou

[Picsou]

Hello Maniac,
I will do a last test, to ensure that at start-up, that nothing happens.

[Picsou]

Hello Maniac,
I did the test again and no redirection. Seems OK . Last question: How to uninstall the following tools or shoul I uninstall them:
- DDS
-aswMBR
- OTL
- TDSkiller
- Kaspersky
- MinitoolBox ?

Regards,
Picsou

[Maniac]

Nice work!

Okay, let's clean this mess.

Please run OTL and click on CleanUp button. Next, manually delete aswMBR, Kaspersky AVP and MiniToolBox.

Some malware prevention tips:
http://forums.malwar...=0


Safe surfing!

[LDTate]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!