OTPLE rapport

Chacal_Endimanché Messages postés 3 Statut Membre -  
kalimusic Messages postés 14619 Statut Contributeur sécurité -
Bonjour,
je me suis retrouvé avec le virus hadopi et j'ai suivi les instructions des autres sujets à la lettre je poste donc ici le rapport du scan.

Je vous remercie ,par avance, de bien vouloir m'aider.

4 réponses

  1. Chacal_Endimanché Messages postés 3 Statut Membre
     
    OTL logfile created on: 6/13/2013 5:45:38 PM - Run
    OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
    64bit-Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
    3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 465.76 Gb Total Space | 382.46 Gb Free Space | 82.12% Space Free | Partition Type: NTFS
    Drive D: | 455.68 Gb Total Space | 443.43 Gb Free Space | 97.31% Space Free | Partition Type: NTFS
    Drive E: | 3.60 Gb Total Space | 3.60 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
    Drive J: | 10.00 Gb Total Space | 4.70 Gb Free Space | 47.03% Space Free | Partition Type: NTFS
    Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

    Computer Name: REATOGO | User Name: SYSTEM
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
    Using ControlSet: ControlSet001

    [color=#E56717]========== Win32 Services (SafeList) ==========[/color]

    SRV:[b]64bit:[/b] - [2013/03/06 19:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV:[b]64bit:[/b] - [2013/02/05 11:07:18 | 000,428,928 | ---- | M] (CybelSoft) [On_Demand] -- C:\Program Files\ma-config.com\x64\maconfservice.exe -- (maconfservice)
    SRV:[b]64bit:[/b] - [2009/11/17 13:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
    SRV:[b]64bit:[/b] - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2013/06/03 05:57:49 | 003,085,264 | ---- | M] () [Auto] -- C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
    SRV - [2013/05/25 05:17:37 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2013/03/13 07:13:27 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/02/28 07:28:43 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
    SRV - [2012/12/18 15:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2011/03/16 05:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
    SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2009/04/11 12:23:49 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

    [color=#E56717]========== Driver Services (SafeList) ==========[/color]

    DRV:[b]64bit:[/b] - [2013/03/06 19:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV:[b]64bit:[/b] - [2011/07/21 14:55:50 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys -- (driverhardwarev2x64)
    DRV:[b]64bit:[/b] - [2011/05/31 22:17:35 | 000,806,400 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rtl8192cu.sys -- (RTL8192cu)
    DRV:[b]64bit:[/b] - [2010/06/23 04:21:34 | 000,318,568 | ---- | M] (Realtek ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh64.sys -- (RTL8169)
    DRV:[b]64bit:[/b] - [2010/05/30 21:02:14 | 000,075,776 | ---- | M] (ASIX Electronics Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ax88772.sys -- (AX88772)
    DRV:[b]64bit:[/b] - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb)
    DRV:[b]64bit:[/b] - [2006/09/18 17:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)

    [color=#E56717]========== Standard Registry (SafeList) ==========[/color]

    [color=#E56717]========== Internet Explorer ==========[/color]

    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\UpdatusUser_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    IE - HKU\UpdatusUser_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKU\UpdatusUser_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\Yoann_ON_C\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=121845&tt=gc_&babsrc=HP_ss_din2g&mntrId=CC52EC1A59635F69
    IE - HKU\Yoann_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.safefinder.com/?st=ds&q={searchTerms}&fr=linkury-tb&installDate=20/05/2013&type=hp1000
    IE - HKU\Yoann_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.safefinder.com/?st=hp&q=
    IE - HKU\Yoann_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKU\Yoann_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = https://search.safefinder.com/?st=ds&q={searchTerms}&fr=linkury-tb&installDate=20/05/2013&type=hp1000
    IE - HKU\Yoann_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://search.safefinder.com/?st=ds&q={searchTerms}&fr=linkury-tb&installDate=20/05/2013&type=hp1000
    IE - HKU\Yoann_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    [color=#E56717]========== FireFox ==========[/color]

    FF - prefs.js..browser.search.order.1: "Delta Search"
    FF - prefs.js..browser.search.selectedEngine: ""
    FF - prefs.js..browser.search.suggest.enabled: false
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..keyword.URL: "https://search.safefinder.com/?st=ds&q="

    FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF64_11_6_602_180.dll ()
    FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\System32\npDeployJava1.dll (Oracle Corporation)
    FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\x64\nphardwaredetection.dll (Cybelsoft)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

    FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/13 07:24:25 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
    FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

    [2013/03/20 13:41:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Yoann\AppData\Roaming\Mozilla\Extensions
    [2013/05/20 12:01:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\nbc7r2ng.default\extensions
    [2013/05/20 12:00:26 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\nbc7r2ng.default\extensions\ffxtlbr@delta.com
    [2013/05/20 12:00:13 | 000,006,505 | ---- | M] () -- C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\nbc7r2ng.default\searchplugins\babylon.xml
    [2013/05/20 12:00:27 | 000,001,294 | ---- | M] () -- C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\nbc7r2ng.default\searchplugins\delta.xml
    [2013/06/08 06:46:21 | 000,002,507 | ---- | M] () -- C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\nbc7r2ng.default\searchplugins\Web Search.xml
    [2013/05/26 03:01:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\Extensions
    [2013/05/25 05:17:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2013/05/25 05:17:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    File not found (No name found) --
    [2013/03/13 07:24:25 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
    () (No name found) -- C:\USERS\YOANN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NBC7R2NG.DEFAULT\EXTENSIONS\{4DC70064-89E2-4A55-8FC6-E8CDEAE3618C}.XPI
    () (No name found) -- C:\USERS\YOANN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NBC7R2NG.DEFAULT\EXTENSIONS\KILLJASMIN@PIERROS14.COM.XPI
    () (No name found) -- C:\USERS\YOANN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NBC7R2NG.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
    [2013/03/13 11:02:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

    O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4:[b]64bit:[/b] - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
    O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
    O4 - HKU\UpdatusUser_ON_C..\Run: [BrowserChoice] File not found
    O4 - HKU\UpdatusUser_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\UpdatusUser_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
    O4 - HKU\Yoann_ON_C..\Run: [Browser Infrastructure Helper] C:\Users\Yoann\AppData\Local\Smartbar\Application\Smartbar.exe (Smartbar)
    O4 - HKU\Yoann_ON_C..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
    O4 - HKU\Yoann_ON_C..\Run: [ctfmon32.exe] C:\ProgramData\6ztodo8.dat (Microsoft Corporation)
    O4 - HKU\Yoann_ON_C..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
    O4 - HKU\Yoann_ON_C..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
    O4 - Startup: C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
    O13:[b]64bit:[/b] - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} https://www.touslesdrivers.com/index.php?v_page=29 ("Ma-Config.com control)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20 - AppInit_DLLs: (c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll) - C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
    O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (C:\PROGRA~3\8odotz6.bat) - C:\ProgramData\8odotz6.bat ()
    O24 - Desktop WallPaper:
    O24 - Desktop BackupWallPaper:
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
    O33 - MountPoints2\{4b7be61e-8bcc-11e2-a6aa-a76d5e8438b1}\Shell\AutoRun\command - "" = Office.exe
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    [b]64bit:[/b] O35 - HKLM\..comfile [open] -- "%1" %* File not found
    [b]64bit:[/b] O35 - HKLM\..exefile [open] -- "%1" %* File not found
    O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
    O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    SafeBootNet:[b]64bit:[/b] AppMgmt - Service
    SafeBootNet:[b]64bit:[/b] Base - Driver Group
    SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
    SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
    SafeBootNet:[b]64bit:[/b] File system - Driver Group
    SafeBootNet:[b]64bit:[/b] Filter - Driver Group
    SafeBootNet:[b]64bit:[/b] HelpSvc - Service
    SafeBootNet:[b]64bit:[/b] Messenger - Service
    SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
    SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
    SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
    SafeBootNet:[b]64bit:[/b] Network - Driver Group
    SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
    SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
    SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
    SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
    SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
    SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
    SafeBootNet:[b]64bit:[/b] sacsvr - Service
    SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
    SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
    SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
    SafeBootNet:[b]64bit:[/b] TDI - Driver Group
    SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
    SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
    SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
    SafeBootNet: AppMgmt - Service
    SafeBootNet: Base - Driver Group
    SafeBootNet: Boot Bus Extender - Driver Group
    SafeBootNet: Boot file system - Driver Group
    SafeBootNet: File system - Driver Group
    SafeBootNet: Filter - Driver Group
    SafeBootNet: HelpSvc - Service
    SafeBootNet: Messenger - Service
    SafeBootNet: NDIS Wrapper - Driver Group
    SafeBootNet: NetBIOSGroup - Driver Group
    SafeBootNet: NetDDEGroup - Driver Group
    SafeBootNet: Network - Driver Group
    SafeBootNet: NetworkProvider - Driver Group
    SafeBootNet: PCI Configuration - Driver Group
    SafeBootNet: PNP Filter - Driver Group
    SafeBootNet: PNP_TDI - Driver Group
    SafeBootNet: Primary disk - Driver Group
    SafeBootNet: rdsessmgr - Service
    SafeBootNet: sacsvr - Service
    SafeBootNet: SCSI Class - Driver Group
    SafeBootNet: Streams Drivers - Driver Group
    SafeBootNet: System Bus Extender - Driver Group
    SafeBootNet: TDI - Driver Group
    SafeBootNet: WudfUsbccidDriver - Driver
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
    SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

    ActiveX:[b]64bit:[/b] {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
    ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
    ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX:[b]64bit:[/b] {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
    ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
    ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
    ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX:[b]64bit:[/b] {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
    ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
    ActiveX:[b]64bit:[/b] >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
    ActiveX:[b]64bit:[/b] >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

    Drivers32:[b]64bit:[/b] aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32:[b]64bit:[/b] midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32:[b]64bit:[/b] midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
    Drivers32:[b]64bit:[/b] mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32:[b]64bit:[/b] msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
    Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32:[b]64bit:[/b] msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32:[b]64bit:[/b] msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
    Drivers32:[b]64bit:[/b] msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
    Drivers32:[b]64bit:[/b] msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
    Drivers32:[b]64bit:[/b] VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
    Drivers32:[b]64bit:[/b] vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
    Drivers32:[b]64bit:[/b] vidc.iyuv - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
    Drivers32:[b]64bit:[/b] VIDC.LAGS - C:\Windows\System32\lagarith.dll ( )
    Drivers32:[b]64bit:[/b] vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
    Drivers32:[b]64bit:[/b] vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
    Drivers32:[b]64bit:[/b] vidc.uyvy - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
    Drivers32:[b]64bit:[/b] vidc.yuy2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
    Drivers32:[b]64bit:[/b] vidc.yvu9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
    Drivers32:[b]64bit:[/b] vidc.yvyu - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
    Drivers32:[b]64bit:[/b] wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32:[b]64bit:[/b] wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)
    Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: VIDC.FFDS - ff_vfw.dll File not found
    Drivers32: VIDC.LAGS - lagarith.dll File not found

    [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

    [2013/06/13 17:10:39 | 000,000,000 | -HSD | C] -- C:\RECYCLER
    [2013/06/10 12:17:54 | 000,000,000 | -HSD | C] -- C:\found.000
    [2013/06/10 12:09:05 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\6ztodo8.dat
    [2013/06/10 12:09:05 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\rundll32.exe
    [2013/06/10 08:32:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
    [2013/06/10 08:31:47 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
    [2013/06/10 08:31:14 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
    [2013/06/10 08:31:14 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
    [2013/06/10 08:31:14 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    [2013/06/10 08:26:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
    [2013/06/10 08:25:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2013/06/05 06:09:54 | 000,000,000 | ---D | C] -- C:\Users\Yoann\AppData\Roaming\.minecraft
    [2013/05/30 09:37:25 | 000,903,072 | ---- | C] (Oracle Corporation) -- C:\Users\Yoann\Desktop\jxpiinstall.exe
    [2013/05/20 12:00:46 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
    [2013/05/20 12:00:31 | 000,000,000 | ---D | C] -- C:\Users\Yoann\AppData\Roaming\BabSolution
    [2013/05/20 12:00:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Delta
    [2013/05/20 12:00:25 | 000,000,000 | ---D | C] -- C:\Users\Yoann\AppData\Roaming\Delta
    [2013/05/20 12:00:03 | 000,000,000 | ---D | C] -- C:\Users\Yoann\AppData\Roaming\Babylon
    [2013/05/20 12:00:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
    [2013/05/20 06:41:54 | 000,000,000 | ---D | C] -- C:\Users\Yoann\AppData\Local\Smartbar
    [2013/05/20 06:41:20 | 000,000,000 | ---D | C] -- C:\Users\Yoann\Documents\My Cheat Tables
    [2013/05/20 06:41:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2
    [2013/05/20 06:41:14 | 000,000,000 | ---D | C] -- C:\Users\Yoann\AppData\Roaming\OpenCandy
    [2013/05/20 06:41:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.2
    [2013/05/16 03:54:41 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
    [2013/05/16 03:54:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2013/05/16 03:54:39 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2013/05/16 03:54:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2013/05/16 03:54:39 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2013/05/16 03:54:39 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2013/05/16 03:54:38 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2013/05/16 03:54:38 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2013/05/16 03:54:38 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
    [2013/05/16 03:54:38 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
    [2013/05/16 03:54:37 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2013/05/16 03:54:37 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2013/05/16 03:54:37 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
    [2013/05/16 03:54:36 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
    [2013/05/16 03:54:36 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2013/05/16 03:54:36 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2013/05/16 03:54:36 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
    [2013/05/15 03:01:47 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll

    [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

    [2013/06/13 10:33:19 | 095,023,320 | ---- | M] () -- C:\ProgramData\8odotz6.pad
    [2013/06/13 10:32:51 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/06/13 10:32:51 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/06/13 10:32:31 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/06/13 10:32:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/06/10 12:25:51 | 000,678,776 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2013/06/10 12:25:51 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2013/06/10 12:25:51 | 000,126,420 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2013/06/10 12:25:51 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2013/06/10 12:25:04 | 000,000,680 | ---- | M] () -- C:\Users\Yoann\AppData\Local\d3d9caps.dat
    [2013/06/10 12:20:05 | 000,002,694 | ---- | M] () -- C:\ProgramData\8odotz6.js
    [2013/06/10 12:09:39 | 000,000,868 | ---- | M] () -- C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
    [2013/06/10 12:09:26 | 000,000,153 | ---- | M] () -- C:\ProgramData\8odotz6.reg
    [2013/06/10 12:09:26 | 000,000,058 | ---- | M] () -- C:\ProgramData\8odotz6.bat
    [2013/06/10 12:09:05 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\6ztodo8.dat
    [2013/06/10 12:09:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\rundll32.exe
    [2013/06/10 11:52:45 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/06/10 11:43:30 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/06/10 08:27:16 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    [2013/06/10 08:26:49 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
    [2013/06/10 08:26:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
    [2013/06/10 08:26:48 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
    [2013/06/10 08:26:47 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
    [2013/06/10 08:26:44 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
    [2013/06/10 08:21:09 | 000,903,072 | ---- | M] (Oracle Corporation) -- C:\Users\Yoann\Desktop\jxpiinstall.exe
    [2013/06/05 03:32:24 | 000,128,900 | ---- | M] () -- C:\Users\Yoann\Desktop\ChestFinder Mod 1.5.2.zip
    [2013/06/05 03:32:15 | 001,975,130 | ---- | M] () -- C:\Users\Yoann\Desktop\minecraftforge-universal-1.5.2- mc minecraft.zip
    [2013/06/01 14:14:57 | 000,170,028 | ---- | M] () -- C:\Users\Yoann\Desktop\4295177-jolie-tarsier-winking-avec-un-oeil.jpg
    [2013/06/01 14:02:49 | 000,004,268 | ---- | M] () -- C:\Users\Yoann\Desktop\images.jpg
    [2013/05/30 11:36:31 | 016,217,268 | ---- | M] () -- C:\Users\Yoann\Desktop\ChromaHills-64x_SEUS_1.5 - Copie.zip
    [2013/05/29 13:30:13 | 003,029,382 | ---- | M] () -- C:\Users\Yoann\Documents\Sans nom 1.odt
    [2013/05/22 10:43:25 | 000,003,832 | ---- | M] () -- C:\Users\Yoann\Desktop\MoreXP-500x.zip
    [2013/05/21 04:04:20 | 000,064,388 | ---- | M] () -- C:\Users\Yoann\Desktop\X-RayMod_v039.zip
    [2013/05/20 06:41:16 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2
    [2013/05/18 07:59:37 | 000,000,510 | ---- | M] () -- C:\Windows\WORDPAD.INI
    [2013/05/17 02:33:32 | 000,283,136 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2013/05/16 07:10:05 | 000,097,946 | ---- | M] () -- C:\Users\Yoann\Desktop\TooManyItems2013_04_25_1.5.2.zip

    [color=#E56717]========== Files Created - No Company Name ==========[/color]

    [2013/06/10 12:20:01 | 000,002,694 | ---- | C] () -- C:\ProgramData\8odotz6.js
    [2013/06/10 12:09:39 | 000,000,868 | ---- | C] () -- C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
    [2013/06/10 12:09:26 | 000,000,153 | ---- | C] () -- C:\ProgramData\8odotz6.reg
    [2013/06/10 12:09:26 | 000,000,058 | ---- | C] () -- C:\ProgramData\8odotz6.bat
    [2013/06/10 12:09:22 | 095,023,320 | ---- | C] () -- C:\ProgramData\8odotz6.pad
    [2013/06/05 03:32:23 | 000,128,900 | ---- | C] () -- C:\Users\Yoann\Desktop\ChestFinder Mod 1.5.2.zip
    [2013/06/05 03:32:13 | 001,975,130 | ---- | C] () -- C:\Users\Yoann\Desktop\minecraftforge-universal-1.5.2- mc minecraft.zip
    [2013/06/01 14:14:57 | 000,170,028 | ---- | C] () -- C:\Users\Yoann\Desktop\4295177-jolie-tarsier-winking-avec-un-oeil.jpg
    [2013/06/01 14:02:48 | 000,004,268 | ---- | C] () -- C:\Users\Yoann\Desktop\images.jpg
    [2013/05/30 11:36:55 | 016,217,268 | ---- | C] () -- C:\Users\Yoann\Desktop\ChromaHills-64x_SEUS_1.5 - Copie.zip
    [2013/05/29 13:30:09 | 003,029,382 | ---- | C] () -- C:\Users\Yoann\Documents\Sans nom 1.odt
    [2013/05/22 10:43:24 | 000,003,832 | ---- | C] () -- C:\Users\Yoann\Desktop\MoreXP-500x.zip
    [2013/05/21 04:04:20 | 000,064,388 | ---- | C] () -- C:\Users\Yoann\Desktop\X-RayMod_v039.zip
    [2013/05/18 07:59:37 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
    [2013/05/16 07:10:05 | 000,097,946 | ---- | C] () -- C:\Users\Yoann\Desktop\TooManyItems2013_04_25_1.5.2.zip
    [2013/03/20 13:19:46 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
    [2013/03/13 07:16:18 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
    [2013/03/13 07:14:45 | 000,000,680 | ---- | C] () -- C:\Users\Yoann\AppData\Local\d3d9caps.dat
    [2013/03/13 06:58:19 | 000,000,732 | ---- | C] () -- C:\Users\Yoann\AppData\Local\d3d9caps64.dat
    [2009/04/11 12:23:17 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2009/04/11 12:22:30 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
    [2009/04/11 12:22:29 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
    [2009/04/11 12:22:25 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
    [2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
    [2006/11/02 11:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2006/11/02 11:02:31 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll
    [2006/11/02 08:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
    [2006/11/02 08:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
    [2006/11/02 08:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
    [2006/11/02 05:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

    [color=#E56717]========== LOP Check ==========[/color]

    [2013/06/06 13:45:42 | 000,000,000 | ---D | M] -- C:\Users\Yoann\AppData\Roaming\.minecraft
    [2013/05/20 12:00:34 | 000,000,000 | ---D | M] -- C:\Users\Yoann\AppData\Roaming\BabSolution
    [2013/05/20 12:00:03 | 000,000,000 | ---D | M] -- C:\Users\Yoann\AppData\Roaming\Babylon
    [2013/03/13 07:23:12 | 000,000,000 | ---D | M] -- C:\Users\Yoann\AppData\Roaming\Canneverbe Limited
    [2013/05/20 12:00:25 | 000,000,000 | ---D | M] -- C:\Users\Yoann\AppData\Roaming\Delta
    [2013/03/13 07:30:40 | 000,000,000 | ---D | M] -- C:\Users\Yoann\AppData\Roaming\LibreOffice
    [2013/03/21 03:53:52 | 000,000,000 | ---D | M] -- C:\Users\Yoann\AppData\Roaming\LolClient
    [2013/05/20 06:41:14 | 000,000,000 | ---D | M] -- C:\Users\Yoann\AppData\Roaming\OpenCandy
    [2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
    [2013/03/13 07:23:31 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software
    [2013/05/20 12:00:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
    [2013/06/04 02:02:20 | 000,000,000 | ---D | M] -- C:\ProgramData\BrowserProtect
    [2013/03/13 06:56:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
    [2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
    [2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
    [2013/03/13 06:56:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris
    [2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
    [2013/03/13 10:00:19 | 000,000,000 | ---D | M] -- C:\ProgramData\ma-config.com
    [2013/03/13 06:56:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
    [2013/03/13 06:56:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
    [2013/06/10 09:59:46 | 000,000,000 | ---D | M] -- C:\ProgramData\PMB Files
    [2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
    [2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
    [2013/06/13 10:30:57 | 000,032,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    [color=#E56717]========== Purity Check ==========[/color]

    [color=#E56717]========== Custom Scans ==========[/color]

    [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

    [color=#A23BEC]< MD5 for: ACPI.SYS >[/color]
    [2009/04/11 12:22:02 | 000,325,608 | ---- | M] (Microsoft Corporation) MD5=1965AAFFAB07E3FB03C77F81BEBA3547 -- C:\Windows\System32\drivers\acpi.sys
    [2009/04/11 12:22:02 | 000,325,608 | ---- | M] (Microsoft Corporation) MD5=1965AAFFAB07E3FB03C77F81BEBA3547 -- C:\Windows\System32\DriverStore\FileRepository\acpi.inf_8b85bb9b\acpi.sys
    [2009/04/11 12:22:02 | 000,325,608 | ---- | M] (Microsoft Corporation) MD5=1965AAFFAB07E3FB03C77F81BEBA3547 -- C:\Windows\winsxs\amd64_acpi.inf_31bf3856ad364e35_6.0.6002.18005_none_8092d89383870bca\acpi.sys
    [2008/01/20 22:46:50 | 000,326,712 | ---- | M] (Microsoft Corporation) MD5=8C99ED256A889D647935A97C543B7B85 -- C:\Windows\System32\DriverStore\FileRepository\acpi.inf_31eef03f\acpi.sys
    [2008/01/20 22:46:50 | 000,326,712 | ---- | M] (Microsoft Corporation) MD5=8C99ED256A889D647935A97C543B7B85 -- C:\Windows\winsxs\amd64_acpi.inf_31bf3856ad364e35_6.0.6001.18000_none_7ea75f878665407e\acpi.sys
    [2006/11/02 07:51:51 | 000,313,960 | ---- | M] (Microsoft Corporation) MD5=B10C33BF685AC7D2A80DAF585F993821 -- C:\Windows\System32\DriverStore\FileRepository\acpi.inf_c99b4d33\acpi.sys

    [color=#A23BEC]< MD5 for: AFD.SYS >[/color]
    [2012/01/03 10:21:38 | 000,404,992 | ---- | M] (Microsoft Corporation) MD5=022ED7EB19DFECF39C106E0F9CF2BB19 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22770_none_362b4e6b2d472f6a\afd.sys
    [2009/04/11 12:22:37 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=12415CCFD3E7CEC55B5184E67B039FE4 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_35f2572213ec5bd2\afd.sys
    [2012/01/03 10:25:21 | 000,404,992 | ---- | M] (Microsoft Corporation) MD5=C4F6CE6087760AD70960C9EB130E7943 -- C:\Windows\System32\drivers\afd.sys
    [2012/01/03 10:25:21 | 000,404,992 | ---- | M] (Microsoft Corporation) MD5=C4F6CE6087760AD70960C9EB130E7943 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18564_none_35b080ce141ddbe4\afd.sys

    [color=#A23BEC]< MD5 for: ASYNCMAC.SYS >[/color]
    [2008/01/20 22:51:01 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=22D13FF3DAFEC2A80634752B1EAA2DE6 -- C:\Windows\System32\drivers\asyncmac.sys
    [2008/01/20 22:51:01 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=22D13FF3DAFEC2A80634752B1EAA2DE6 -- C:\Windows\winsxs\amd64_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.0.6001.18000_none_80766a66ed36afa5\asyncmac.sys

    [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
    [2008/01/20 22:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_1d87dda2\atapi.sys
    [2008/01/20 22:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
    [2006/11/02 08:01:02 | 000,020,072 | ---- | M] (Microsoft Corporation) MD5=DF96CF8885724430024B7522E5C95722 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_f8cccc79\atapi.sys
    [2009/04/11 12:22:03 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\System32\drivers\atapi.sys
    [2009/04/11 12:22:03 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b6d20d6f\atapi.sys
    [2009/04/11 12:22:03 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

    [color=#A23BEC]< MD5 for: BRIDGE.SYS >[/color]
    [2008/01/20 22:50:24 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=71142FA02068CB93C9319417737C915D -- C:\Windows\System32\drivers\bridge.sys
    [2008/01/20 22:50:24 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=71142FA02068CB93C9319417737C915D -- C:\Windows\winsxs\amd64_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6002.18005_none_65f4056abb94d5a9\bridge.sys

    [color=#A23BEC]< MD5 for: BTHPORT.SYS >[/color]
    [2006/11/02 05:44:06 | 000,276,480 | ---- | M] (Microsoft Corporation) MD5=0E7EC3E0872574F9126BF19714C93884 -- C:\Windows\System32\DriverStore\FileRepository\bth.inf_0143882e\bthport.sys
    [2009/04/11 12:22:05 | 000,694,272 | ---- | M] (Microsoft Corporation) MD5=2FF122EEB3A712FEDA238FB331F738B9 -- C:\Windows\System32\DriverStore\FileRepository\bth.inf_5980e57e\bthport.sys
    [2009/04/11 12:22:05 | 000,694,272 | ---- | M] (Microsoft Corporation) MD5=2FF122EEB3A712FEDA238FB331F738B9 -- C:\Windows\winsxs\amd64_bth.inf_31bf3856ad364e35_6.0.6002.18005_none_d04ed8cb71107417\bthport.sys
    [2008/01/20 22:47:03 | 000,276,480 | ---- | M] (Microsoft Corporation) MD5=422D812E231EC3A25F43A881061BE5A0 -- C:\Windows\System32\DriverStore\FileRepository\bth.inf_b6dd5cca\bthport.sys
    [2008/01/20 22:47:03 | 000,276,480 | ---- | M] (Microsoft Corporation) MD5=422D812E231EC3A25F43A881061BE5A0 -- C:\Windows\winsxs\amd64_bth.inf_31bf3856ad364e35_6.0.6001.18000_none_ce635fbf73eea8cb\bthport.sys
    [2011/04/21 09:51:11 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=7F39B6EAF1D31D0E7BF9B4B42BFCE74D -- C:\Windows\winsxs\amd64_bth.inf_31bf3856ad364e35_6.0.6002.22629_none_d0c6e0648a3aa2e2\bthport.sys
    [2011/04/21 10:17:10 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=E1466882252FF51EDDE48C3F7EDA2591 -- C:\Windows\System32\DriverStore\FileRepository\bth.inf_204106c4\bthport.sys
    [2011/04/21 10:17:10 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=E1466882252FF51EDDE48C3F7EDA2591 -- C:\Windows\winsxs\amd64_bth.inf_31bf3856ad364e35_6.0.6002.18457_none_d01ad15b71372716\bthport.sys

    [color=#A23BEC]< MD5 for: CDFS.SYS >[/color]
    [2008/01/20 22:50:39 | 000,090,624 | ---- | M] (Microsoft Corporation) MD5=B4D787DB8D30793A4D4DF9FEED18F136 -- C:\Windows\System32\drivers\cdfs.sys
    [2008/01/20 22:50:39 | 000,090,624 | ---- | M] (Microsoft Corporation) MD5=B4D787DB8D30793A4D4DF9FEED18F136 -- C:\Windows\winsxs\amd64_microsoft-windows-cdfs_31bf3856ad364e35_6.0.6001.18000_none_02862e92d55159fc\cdfs.sys

    [color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
    [2008/01/20 22:46:54 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_b2045cb8\cdrom.sys
    [2008/01/20 22:46:54 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys
    [2006/11/02 05:38:24 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B70B898241C890D91ECF1C8F254680A -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_1691dd07\cdrom.sys
    [2009/04/11 12:22:05 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\System32\drivers\cdrom.sys
    [2009/04/11 12:22:05 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_b16d4bd8\cdrom.sys
    [2009/04/11 12:22:05 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys

    [color=#A23BEC]< MD5 for: CLASSPNP.SYS >[/color]
    [2009/04/11 12:23:08 | 000,164,840 | ---- | M] (Microsoft Corporation) MD5=6B6BEA1421FC416E35B2D17495380104 -- C:\Windows\System32\drivers\Classpnp.sys
    [2009/04/11 12:23:08 | 000,164,840 | ---- | M] (Microsoft Corporation) MD5=6B6BEA1421FC416E35B2D17495380104 -- C:\Windows\winsxs\amd64_microsoft-windows-classpnp_31bf3856ad364e35_6.0.6002.18005_none_738d432b619111c4\Classpnp.sys

    [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
    [2006/11/02 07:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\System32\cngaudit.dll
    [2006/11/02 07:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
    [2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
    [2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

    [color=#A23BEC]< MD5 for: DFSC.SYS >[/color]
    [2011/04/14 10:57:17 | 000,097,792 | ---- | M] (Microsoft Corporation) MD5=0DC9972EAD8BFD314CB7E629D9ACF7EA -- C:\Windows\winsxs\amd64_microsoft-windows-dfsclient_31bf3856ad364e35_6.0.6002.22625_none_e61848deb4c8eacf\dfsc.sys
    [2011/04/13 09:48:46 | 000,097,792 | ---- | M] (Microsoft Corporation) MD5=344BA11B04A702BF0D164B2A90708C2D -- C:\Windows\winsxs\amd64_microsoft-windows-dfsclient_31bf3856ad364e35_6.0.6001.22899_none_e3ea26c4b7d7c177\dfsc.sys
    [2009/04/11 12:23:22 | 000,097,792 | ---- | M] (Microsoft Corporation) MD5=36CD31121F228E7E79BAE60AA45764C6 -- C:\Windows\winsxs\amd64_microsoft-windows-dfsclient_31bf3856ad364e35_6.0.6002.18005_none_e5a4426d9b9b2160\dfsc.sys
    [2011/04/14 10:45:13 | 000,097,792 | ---- | M] (Microsoft Corporation) MD5=3725C43C9E90731ECA651D506CC599A3 -- C:\Windows\winsxs\amd64_microsoft-windows-dfsclient_31bf3856ad364e35_6.0.6001.18633_none_e39b65df9e8ee4d6\dfsc.sys
    [2011/04/14 11:14:19 | 000,097,792 | ---- | M] (Microsoft Corporation) MD5=8B722BA35205C71E7951CDC4CDBADE19 -- C:\Windows\System32\drivers\dfsc.sys
    [2011/04/14 11:14:19 | 000,097,792 | ---- | M] (Microsoft Corporation) MD5=8B722BA35205C71E7951CDC4CDBADE19 -- C:\Windows\winsxs\amd64_microsoft-windows-dfsclient_31bf3856ad364e35_6.0.6002.18451_none_e56a39419bc73c55\dfsc.sys

    [color=#A23BEC]< MD5 for: DISK.SYS >[/color]
    [2008/01/20 22:46:53 | 000,068,664 | ---- | M] (Microsoft Corporation) MD5=2DC415FC05FB8A079F896CBBACB19324 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_da6e67b4\disk.sys
    [2008/01/20 22:46:53 | 000,068,664 | ---- | M] (Microsoft Corporation) MD5=2DC415FC05FB8A079F896CBBACB19324 -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_55e51d682c89f490\disk.sys
    [2009/04/11 12:22:03 | 000,067,032 | ---- | M] (Microsoft Corporation) MD5=B0107E40ECDB5FA692EBF832F295D905 -- C:\Windows\System32\drivers\disk.sys
    [2009/04/11 12:22:03 | 000,067,032 | ---- | M] (Microsoft Corporation) MD5=B0107E40ECDB5FA692EBF832F295D905 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_f14e87fb\disk.sys
    [2009/04/11 12:22:03 | 000,067,032 | ---- | M] (Microsoft Corporation) MD5=B0107E40ECDB5FA692EBF832F295D905 -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_57d0967429abbfdc\disk.sys
    [2006/11/02 08:03:35 | 000,066,152 | ---- | M] (Microsoft Corporation) MD5=F0357B772621B2C86CF11C62E8EA9E9D -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_12ba9935\disk.sys

    [color=#A23BEC]< MD5 for: DISKDUMP.SYS >[/color]
    [2009/04/11 12:23:00 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=3333213D1902942196D7BFF8E34FFB7F -- C:\Windows\System32\drivers\Diskdump.sys
    [2009/04/11 12:23:00 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=3333213D1902942196D7BFF8E34FFB7F -- C:\Windows\winsxs\amd64_microsoft-windows-diskdump_31bf3856ad364e35_6.0.6002.18005_none_c4c84a9c4cc56d5f\Diskdump.sys

    [color=#A23BEC]< MD5 for: DRMK.SYS >[/color]
    [2006/11/02 06:52:47 | 000,120,832 | ---- | M] (Microsoft Corporation) MD5=289950C6894C2F410C7BA1BB7C3A6318 -- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_469dd54e\drmk.sys
    [2008/01/20 22:46:51 | 000,122,368 | ---- | M] (Microsoft Corporation) MD5=A54FA007FD0349AB68DE6D3016A95C8C -- C:\Windows\System32\drivers\drmk.sys
    [2008/01/20 22:46:51 | 000,122,368 | ---- | M] (Microsoft Corporation) MD5=A54FA007FD0349AB68DE6D3016A95C8C -- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_6ca05e42\drmk.sys
    [2008/01/20 22:46:51 | 000,122,368 | ---- | M] (Microsoft Corporation) MD5=A54FA007FD0349AB68DE6D3016A95C8C -- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_ef351a85\drmk.sys
    [2008/01/20 22:46:51 | 000,122,368 | ---- | M] (Microsoft Corporation) MD5=A54FA007FD0349AB68DE6D3016A95C8C -- C:\Windows\winsxs\amd64_wdmaudio.inf_31bf3856ad364e35_6.0.6001.18000_none_bc85f496d28319f7\drmk.sys
    [2008/01/20 22:46:51 | 000,122,368 | ---- | M] (Microsoft Corporation) MD5=A54FA007FD0349AB68DE6D3016A95C8C -- C:\Windows\winsxs\amd64_wdmaudio.inf_31bf3856ad364e35_6.0.6002.18005_none_be716da2cfa4e543\drmk.sys

    [color=#A23BEC]< MD5 for: DRMKAUD.SYS >[/color]
    [2008/01/20 22:46:51 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F1A78A98CFC2EE02144C6BEC945447E6 -- C:\Windows\System32\drivers\drmkaud.sys
    [2006/11/02 05:43:33 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F1A78A98CFC2EE02144C6BEC945447E6 -- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_469dd54e\drmkaud.sys
    [2008/01/20 22:46:51 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F1A78A98CFC2EE02144C6BEC945447E6 -- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_6ca05e42\drmkaud.sys
    [2008/01/20 22:46:51 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F1A78A98CFC2EE02144C6BEC945447E6 -- C:\Windows\System32\Drive
    0
  2. kalimusic Messages postés 14619 Statut Contributeur sécurité 3 027
     
    Bonsoir,

    ● Double-clique sur l'icône jaune OTLPE.
    ● Sous "Custom Scans/Fixes", copie/colle les instructions suivantes :

    :OTL
    O4 - HKU\UpdatusUser_ON_C..\Run: [BrowserChoice] File not found
    O4 - HKU\Yoann_ON_C..\Run: [Browser Infrastructure Helper] C:\Users\Yoann\AppData\Local\Smartbar\Application\Smartbar.exe (Smartbar)
    O4 - HKU\Yoann_ON_C..\Run: [ctfmon32.exe] C:\ProgramData\6ztodo8.dat (Microsoft Corporation) 
    O4 - Startup: C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation) 
    O20 - AppInit_DLLs: (c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll) - C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
    O20 - HKLM Winlogon: Shell - (C:\PROGRA~3\8odotz6.bat) - C:\ProgramData\8odotz6.bat () 
    [2013/06/10 12:20:01 | 000,002,694 | ---- | C] () -- C:\ProgramData\8odotz6.js
    [2013/06/10 12:09:39 | 000,000,868 | ---- | C] () -- C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
    [2013/06/10 12:09:26 | 000,000,153 | ---- | C] () -- C:\ProgramData\8odotz6.reg
    [2013/06/10 12:09:26 | 000,000,058 | ---- | C] () -- C:\ProgramData\8odotz6.bat
    [2013/06/10 12:09:22 | 095,023,320 | ---- | C] () -- C:\ProgramData\8odotz6.pad 

    ● Clique sur le bouton Run Fix, patiente pendant le travail de l'outil.
    ● Un rapport va s'ouvrir au format bloc-note.
    ● Héberge le rapport et donne le lien.

    Redémarre sous Windows

    Il faut être vigilant plus vigilant quand on installe un programme, faire attention aux conditions d'utilisation et aux cases pré-cochées.
    Refuser les diverses barres d'outils ou moteurs de recherches proposés : https://forum.malekal.com/viewtopic.php?t=33776&start=

    Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
    ▸ Sous XP double-clic sur l'icône pour lancer l'outil.
    ▸ Sous Vista/Seven/8 clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel.
    Ferme impérativement le navigateur ainsi que les applications en cours.
    ● Clique sur Suppression
    ● Patiente le temps du scan, accepte de redémarrer si l'outil le demande
    ● Le rapport doit s'ouvrir spontanément.

    Le rapport est sauvegardé à la racine du disque C:\AdwCleaner[S1].txt

    Poste le rapport, A +
    0
    1. Chacal_Endimanché
       
      Voila j'ai suivi vos instructions et je vous envoi le rapport,
      http://pjjoint.malekal.com/files.php?id=20130615_l14w6j14m5m11

      merci d'avance
      0
  3. kalimusic Messages postés 14619 Statut Contributeur sécurité 3 027
     
    Bonjour,

    Faisons un diagnostic pour voir les actions restants à faire.

    Télécharge la version FRST de Farbar, compatible avec ton système et enregistre le fichier sur ton Bureau.

    Comment savoir quelle version 32 bits ou 64 bits est exécutée sur mon système ?

    Ferme toutes tes applications en cours
    ● Lance FRST.exe, clique sur Oui pour accepter le Disclaimer
    ● Clique sur Scan et patiente le temps de l'analyse.
    ● A la fin, un rapport FRST.txt va s'ouvrir.
    ● A son premier lancement, l'outil va aussi créer un fichier nommé Addition.txt
    Ne les poste pas sur le forum, ils seraient trop long
    ● Héberge les sur un des sites suivants :
    https://security-x.fr/up/
    https://www.cjoint.com/
    http://pjjoint.malekal.com/
    https://textup.fr/
    ● Tu obtiendras 2 liens que tu me donneras dans ton prochain message.

    Note : Les rapports sont enregistrés au même emplacement que l'outil et sous C:\FRST\Logs

    A +
    0