OTL logfile created on: 2014-09-19 23:01:28 - Run OTLPE by OldTimer - Version 3.1.29.0 Folder = Y:\Programs\OTLPE Windows (TM) Code Name "Longhorn" Preinstallation Environment Service Pack 1 (Version = 6.1.7601) - Type = System Internet Explorer (Version = 8.0.7100.0) Locale: 0000040C | Country: France | Language: FRA | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 82,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = X: | %SystemRoot% = X:\windows | %ProgramFiles% = X:\Program Files Drive C: | 465,76 Gb Total Space | 66,86 Gb Free Space | 14,35% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 931,41 Gb Total Space | 215,81 Gb Free Space | 23,17% Space Free | Partition Type: NTFS Drive F: | 100,00 Mb Total Space | 71,58 Mb Free Space | 71,58% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive X: | 254,75 Mb Total Space | 252,32 Mb Free Space | 99,05% Space Free | Partition Type: NTFS Drive Y: | 14,92 Gb Total Space | 14,31 Gb Free Space | 95,89% Space Free | Partition Type: FAT32 Computer Name: MININT-PEZV34 Current User Name: Système Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard Using ControlSet: ControlSet001 [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand] -- -- (TrustedInstaller) SRV - [2010-11-20 23:29:13 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto] -- X:\Windows\System32\umpo.dll -- (Power) SRV - [2010-11-20 23:29:12 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto] -- X:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2010-11-20 14:21:03 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- X:\Windows\System32\sacsvr.dll -- (sacsvr) SRV - [2009-07-14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand] -- X:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009-07-14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Auto] -- X:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009-07-14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand] -- X:\Windows\System32\defragsvc.dll -- (defragsvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Adapter | On_Demand] -- -- (Winsock) DRV - File not found [Kernel | On_Demand] -- -- (MTsensor) DRV - [2012-06-01 19:51:56 | 000,375,336 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- X:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink (TM) DRV - [2012-04-11 03:40:50 | 000,029,824 | ---- | M] (Advanced Micro Devices) [Kernel | Boot] -- X:\Windows\System32\drivers\amd_xata.sys -- (amd_xata) DRV - [2012-04-11 03:40:48 | 000,070,784 | ---- | M] (Advanced Micro Devices) [Kernel | Boot] -- X:\Windows\System32\drivers\amd_sata.sys -- (amd_sata) DRV - [2012-03-27 10:13:20 | 000,792,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- X:\windows\system32\drivers\iusb3xhc.sys -- (iusb3xhc) Pilote du contrôleur d'hôte extensible Intel(R) DRV - [2012-03-27 10:13:20 | 000,349,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- X:\windows\system32\drivers\iusb3hub.sys -- (iusb3hub) Pilote de concentrateur Intel(R) DRV - [2012-03-15 09:16:08 | 000,168,960 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand] -- X:\windows\system32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2012-03-15 09:16:06 | 000,075,776 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand] -- X:\windows\system32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2012-03-15 09:11:16 | 000,172,032 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand] -- X:\windows\system32\drivers\rusb3xhc.sys -- (rusb3xhc) Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0) DRV - [2012-03-15 09:11:14 | 000,080,896 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand] -- X:\windows\system32\drivers\rusb3hub.sys -- (rusb3hub) Renesas Electronics USB 3.0 Hub Driver (Version 3.0) DRV - [2012-03-01 22:58:16 | 000,069,120 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand] -- X:\windows\System32\Drivers\EtronXHCI.sys -- (EtronXHCI) DRV - [2012-03-01 22:58:16 | 000,047,744 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand] -- X:\windows\System32\Drivers\EtronHub3.sys -- (EtronHub3) DRV - [2012-02-21 19:46:20 | 000,315,368 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand] -- X:\windows\system32\drivers\asmtxhci.sys -- (asmtxhci) DRV - [2012-02-21 19:46:18 | 000,102,888 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand] -- X:\windows\system32\drivers\asmthub3.sys -- (asmthub3) DRV - [2012-02-07 10:06:06 | 000,325,440 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand] -- X:\windows\system32\drivers\tixhci.sys -- (tixhci) DRV - [2012-01-30 17:48:18 | 000,108,352 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand] -- X:\windows\system32\drivers\tihub3.sys -- (tihub3) DRV - [2012-01-20 12:38:14 | 000,174,592 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand] -- X:\windows\system32\drivers\ViaHub3.sys -- (VUSB3HUB) DRV - [2012-01-20 12:38:06 | 000,210,432 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand] -- X:\windows\system32\drivers\xhcdrv.sys -- (xhcdrv) DRV - [2012-01-10 10:44:58 | 000,177,664 | ---- | M] (Fresco Logic) [Kernel | On_Demand] -- X:\windows\system32\drivers\FLxHCIc.sys -- (FLxHCIc) Fresco Logic xHCI (USB3) DRV - [2012-01-10 10:44:58 | 000,050,176 | ---- | M] (Fresco Logic) [Kernel | On_Demand] -- X:\windows\system32\drivers\FLxHCIh.sys -- (FLxHCIh) Fresco Logic xHCI (USB3) DRV - [2012-01-04 06:24:16 | 000,173,184 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand] -- X:\windows\system32\drivers\amdxhc.sys -- (amdxhc) DRV - [2012-01-04 06:24:14 | 000,082,560 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand] -- X:\windows\system32\drivers\amdhub30.sys -- (amdhub30) DRV - [2010-11-20 16:41:28 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 16:41:28 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 16:41:28 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 16:41:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- X:\windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 16:41:27 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- X:\windows\system32\drivers\evbdx.sys -- (ebdrv) DRV - [2010-11-20 16:41:27 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- X:\windows\system32\drivers\bxvbdx.sys -- (b06bdrv) DRV - [2010-11-20 16:41:27 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- X:\Windows\System32\drivers\djsvs.sys -- (aic78xx) DRV - [2010-11-20 16:41:27 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- X:\windows\system32\drivers\MTConfig.sys -- (MTConfig) DRV - [2010-11-20 16:41:26 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\ql2300.sys -- (ql2300) DRV - [2010-11-20 16:41:26 | 000,453,712 | ---- | M] (Emulex) [Kernel | Boot] -- X:\Windows\System32\drivers\elxstor.sys -- (elxstor) DRV - [2010-11-20 16:41:26 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- X:\Windows\System32\drivers\adp94xx.sys -- (adp94xx) DRV - [2010-11-20 16:41:26 | 000,332,160 | ---- | M] (Intel Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\iaStorV.sys -- (iaStorV) DRV - [2010-11-20 16:41:26 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- X:\Windows\System32\drivers\adpahci.sys -- (adpahci) DRV - [2010-11-20 16:41:26 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot] -- X:\Windows\System32\drivers\MegaSR.sys -- (MegaSR) DRV - [2010-11-20 16:41:26 | 000,164,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- X:\windows\system32\drivers\1394ohci.sys -- (1394ohci) DRV - [2010-11-20 16:41:26 | 000,160,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- X:\windows\system32\drivers\vhdmp.sys -- (vhdmp) DRV - [2010-11-20 16:41:26 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot] -- X:\Windows\System32\drivers\amdsbs.sys -- (amdsbs) DRV - [2010-11-20 16:41:26 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- X:\Windows\System32\drivers\adpu320.sys -- (adpu320) DRV - [2010-11-20 16:41:26 | 000,143,744 | ---- | M] (NVIDIA Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\nvstor.sys -- (nvstor) DRV - [2010-11-20 16:41:26 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot] -- X:\Windows\System32\drivers\vsmraid.sys -- (vsmraid) DRV - [2010-11-20 16:41:26 | 000,117,120 | ---- | M] (NVIDIA Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\nvraid.sys -- (nvraid) DRV - [2010-11-20 16:41:26 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\ql40xx.sys -- (ql40xx) DRV - [2010-11-20 16:41:26 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2010-11-20 16:41:26 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2010-11-20 16:41:26 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2010-11-20 16:41:26 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- X:\Windows\System32\drivers\arcsas.sys -- (arcsas) DRV - [2010-11-20 16:41:26 | 000,080,256 | ---- | M] (Advanced Micro Devices) [Kernel | Boot] -- X:\Windows\System32\drivers\amdsata.sys -- (amdsata) DRV - [2010-11-20 16:41:26 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot] -- X:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2010-11-20 16:41:26 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- X:\Windows\System32\drivers\arc.sys -- (arc) DRV - [2010-11-20 16:41:26 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot] -- X:\Windows\System32\drivers\HpSAMD.sys -- (HpSAMD) DRV - [2010-11-20 16:41:26 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV - [2010-11-20 16:41:26 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- X:\windows\system32\drivers\amdppm.sys -- (AmdPPM) DRV - [2010-11-20 16:41:26 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\nfrd960.sys -- (nfrd960) DRV - [2010-11-20 16:41:26 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot] -- X:\Windows\System32\drivers\iirsp.sys -- (iirsp) DRV - [2010-11-20 16:41:26 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot] -- X:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2010-11-20 16:41:26 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\vdrvroot.sys -- (vdrvroot) DRV - [2010-11-20 16:41:26 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\megasas.sys -- (megasas) DRV - [2010-11-20 16:41:26 | 000,022,400 | ---- | M] (Advanced Micro Devices) [Kernel | Boot] -- X:\Windows\System32\drivers\amdxata.sys -- (amdxata) DRV - [2010-11-20 16:41:26 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- X:\windows\system32\drivers\HidBatt.sys -- (HidBatt) DRV - [2010-11-20 16:41:26 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | Boot] -- X:\Windows\System32\drivers\stexstor.sys -- (stexstor) DRV - [2010-11-20 16:41:26 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot] -- X:\Windows\System32\drivers\viaide.sys -- (viaide) DRV - [2010-11-20 16:41:26 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot] -- X:\Windows\System32\drivers\cmdide.sys -- (cmdide) DRV - [2010-11-20 16:41:26 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot] -- X:\Windows\System32\drivers\aliide.sys -- (aliide) DRV - [2010-11-20 16:41:26 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- X:\windows\system32\drivers\umpass.sys -- (UmPass) DRV - [2010-11-20 14:30:10 | 000,080,256 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\sacdrv.sys -- (sacdrv) DRV - [2009-07-14 03:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\ksecpkg.sys -- (KSecPkg) DRV - [2009-07-14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- X:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009-07-14 03:20:28 | 000,019,536 | ---- | M] (Microsoft Corporation) [Recognizer | Boot] -- X:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- X:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009-07-14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009-07-14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\cng.sys -- (CNG) DRV - [2009-07-14 01:46:05 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- X:\Windows\System32\drivers\ramdisk.sys -- (Ramdisk) DRV - [2009-07-14 01:18:10 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- X:\Windows\System32\drivers\fbwf.sys -- (FBWF) DRV - [2009-07-14 01:17:59 | 000,053,248 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- X:\Windows\System32\drivers\wimfsf.sys -- (WimFsf) [color=#E56717]========== Standard Registry (All) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - X:\Windows\System32\drivers\etc\hosts O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLockWorkstation = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableMIC = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIPI = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecycleFiles = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecycleFiles = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - X:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - X:\Windows\System32\winrnr.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - X:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - X:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - X:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - X:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - X:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - X:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - X:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - X:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - X:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - X:\Windows\System32\mswsock.dll (Microsoft Corporation) O13 - ftp Prefix: missing O13 - gopher Prefix: missing O13 - home Prefix: missing O13 - mosaic Prefix: missing O13 - www Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - X:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - X:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - X:\Windows\System32\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - X:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - X:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - X:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - X:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - X:\windows\System32\itss.dll File not found O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - X:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - X:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - X:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - X:\Windows\System32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - X:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - X:\windows\System32\itss.dll File not found O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - X:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - X:\Windows\System32\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - X:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - X:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - X:\Windows\System32\urlmon.dll (Microsoft Corporation) O20 - AppInit_DLLs: (SPEHook.dll) - X:\windows\System32\SPEHook.dll (Swan River Computers) O20 - HKLM Winlogon: Shell - (explorer.exe) - X:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (X:\Windows\system32\userinit.exe) - X:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - X:\windows\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - X:\windows\System32\sysdm.cpl (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - X:\windows\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - X:\windows\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - X:\windows\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - X:\windows\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - X:\windows\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* NetSvcs: AeLookupSvc - File not found NetSvcs: CertPropSvc - File not found NetSvcs: SCPolicySvc - File not found NetSvcs: AudioSrv - File not found NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Irmon - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Remoteaccess - File not found NetSvcs: Sharedaccess - File not found NetSvcs: SRService - File not found NetSvcs: Tapisrv - File not found NetSvcs: Wmi - X:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: TermService - File not found NetSvcs: wuauserv - File not found NetSvcs: BITS - File not found NetSvcs: ShellHWDetection - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: iphlpsvc - File not found NetSvcs: seclogon - File not found NetSvcs: MMCSS - File not found NetSvcs: wercplsupport - File not found NetSvcs: schedule - File not found NetSvcs: hkmsvc - File not found NetSvcs: SessionEnv - File not found NetSvcs: Themes - File not found NetSvcs: BDESVC - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Power - X:\Windows\System32\umpo.dll (Microsoft Corporation) SafeBootMin: Primary disk - Driver Group SafeBootMin: RpcEptMapper - X:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SafeBootMin: sacsvr - X:\Windows\System32\sacsvr.dll (Microsoft Corporation) SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: TabletInputService - Service SafeBootMin: TrustedInstaller - File not found SafeBootMin: vga.sys - Driver SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: Browser - Service SafeBootNet: Dhcp - X:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: ipnat.sys - Driver SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Power - X:\Windows\System32\umpo.dll (Microsoft Corporation) SafeBootNet: Primary disk - Driver Group SafeBootNet: rdpencdd.sys - Driver SafeBootNet: rdsessmgr - Service SafeBootNet: RpcEptMapper - X:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SafeBootNet: sacsvr - X:\Windows\System32\sacsvr.dll (Microsoft Corporation) SafeBootNet: SCardSvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: SharedAccess - File not found SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TabletInputService - Service SafeBootNet: TDI - Driver Group SafeBootNet: TrustedInstaller - File not found SafeBootNet: vga.sys - Driver SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-09-19 22:58:57 | 000,000,000 | -H-D | C] -- X:\Program Files\Uninstall Information [2014-09-19 22:56:57 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Roaming\Macromedia [2014-09-19 22:56:57 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Roaming\Adobe [2014-09-19 22:56:38 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Roaming\Opera [2014-09-19 22:56:38 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Local\Opera [2014-09-19 22:55:45 | 000,069,120 | ---- | C] (Etron Technology Inc) -- X:\windows\System32\drivers\EtronXHCI.sys [2014-09-19 22:55:39 | 000,000,000 | ---D | C] -- X:\windows\LastGood [2014-09-19 22:55:39 | 000,000,000 | ---D | C] -- X:\windows\System32\catroot2 [2014-09-19 22:55:39 | 000,000,000 | ---D | C] -- X:\windows\System32\catroot [2014-09-19 22:55:37 | 000,000,000 | ---D | C] -- X:\windows\System32\DRVSTORE [2014-09-19 22:55:14 | 000,070,784 | ---- | C] (Advanced Micro Devices) -- X:\windows\System32\drivers\amd_sata.sys [2014-09-19 22:55:14 | 000,029,824 | ---- | C] (Advanced Micro Devices) -- X:\windows\System32\drivers\amd_xata.sys [2014-09-19 22:54:10 | 000,375,336 | ---- | C] (Broadcom Corporation) -- X:\windows\System32\drivers\k57nd60x.sys [2014-09-19 22:52:51 | 000,000,000 | ---D | C] -- X:\windows\debug [2014-09-19 22:52:36 | 000,000,000 | -HSD | C] -- X:\$RECYCLE.BIN [2014-09-19 22:52:31 | 000,000,000 | ---D | C] -- X:\windows\ServiceProfiles [2014-09-19 22:52:31 | 000,000,000 | ---D | C] -- X:\windows\Security [2014-09-19 22:52:30 | 000,000,000 | --SD | C] -- X:\windows\System32\Microsoft [2014-09-19 22:52:30 | 000,000,000 | ---D | C] -- X:\windows\temp [2014-09-19 22:52:23 | 000,000,000 | ---D | C] -- X:\windows\System32\Logfiles [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-09-19 23:01:38 | 000,075,968 | ---- | M] () -- X:\windows\System32\FNTCACHE.DAT [2014-09-19 22:52:33 | 000,001,663 | ---- | M] () -- X:\Users\Default\Desktop\PENetwork.lnk [2014-09-19 22:52:33 | 000,001,560 | ---- | M] () -- X:\Users\Default\Desktop\Command Prompt.lnk [2014-09-19 22:52:33 | 000,001,444 | ---- | M] () -- X:\Users\Default\Desktop\Explorer.lnk [2014-09-19 22:52:33 | 000,000,891 | ---- | M] () -- X:\Users\Default\Desktop\OTLPE.lnk [2014-09-19 22:52:33 | 000,000,692 | ---- | M] () -- X:\Users\Default\Desktop\RogueKiller.lnk [2014-09-19 22:52:33 | 000,000,632 | ---- | M] () -- X:\Users\Default\Desktop\HD Tune v2.55.lnk [2014-09-19 22:52:33 | 000,000,620 | ---- | M] () -- X:\Users\Default\Desktop\Opera12.lnk [2014-09-19 22:52:33 | 000,000,586 | ---- | M] () -- X:\Users\Default\Desktop\FRST.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-09-19 22:52:33 | 000,001,663 | ---- | C] () -- X:\Users\Default\Desktop\PENetwork.lnk [2014-09-19 22:52:33 | 000,001,560 | ---- | C] () -- X:\Users\Default\Desktop\Command Prompt.lnk [2014-09-19 22:52:33 | 000,001,444 | ---- | C] () -- X:\Users\Default\Desktop\Explorer.lnk [2014-09-19 22:52:33 | 000,000,891 | ---- | C] () -- X:\Users\Default\Desktop\OTLPE.lnk [2014-09-19 22:52:33 | 000,000,692 | ---- | C] () -- X:\Users\Default\Desktop\RogueKiller.lnk [2014-09-19 22:52:33 | 000,000,632 | ---- | C] () -- X:\Users\Default\Desktop\HD Tune v2.55.lnk [2014-09-19 22:52:33 | 000,000,620 | ---- | C] () -- X:\Users\Default\Desktop\Opera12.lnk [2014-09-19 22:52:33 | 000,000,586 | ---- | C] () -- X:\Users\Default\Desktop\FRST.lnk [2014-09-19 22:52:30 | 000,075,968 | ---- | C] () -- X:\windows\System32\FNTCACHE.DAT [2013-07-11 11:17:31 | 000,004,608 | ---- | C] () -- X:\windows\System32\RunScannerRes.dll [2013-07-11 11:16:36 | 000,065,536 | ---- | C] () -- X:\windows\System32\RunScannerDLL.dll [2013-07-11 11:14:43 | 000,000,039 | ---- | C] () -- X:\windows\System32\ShutdownPE.ini [2013-07-11 10:48:53 | 000,002,490 | ---- | C] () -- X:\windows\System32\MountPEmedia.ini [2013-07-11 10:47:21 | 000,000,241 | ---- | C] () -- X:\windows\System32\winpeshl.ini [color=#E56717]========== LOP Check ==========[/color] [2014-09-19 22:56:38 | 000,000,000 | ---D | M] -- X:\Users\Default\AppData\Roaming\Opera [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2010-11-20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- X:\Windows\explorer.exe [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- X:\Windows\System32\svchost.exe [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2010-11-20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- X:\Windows\System32\userinit.exe [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2009-07-14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- X:\Windows\System32\wininit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- X:\Windows\System32\winlogon.exe [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*. Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe Invalid Environment Variable: %APPDATA%\*. Invalid Environment Variable: %APPDATA%\*.exe [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< hklm\software\clients\startmenuinternet|command /rs >[/color] [color=#A23BEC]< hklm\software\clients\startmenuinternet|command /64 /rs >[/color] [color=#A23BEC]< nslookup http://www.google.fr /c >[/color] [color=#A23BEC]< CREATERESTOREPOINT >[/color] < End of report >