Infection
Résolu/Fermé
concierge1
-
12 juil. 2011 à 11:43
Destrio Messages postés 311 Date d'inscription dimanche 19 septembre 2010 Statut Contributeur Dernière intervention 26 août 2011 - 13 juil. 2011 à 18:04
Destrio Messages postés 311 Date d'inscription dimanche 19 septembre 2010 Statut Contributeur Dernière intervention 26 août 2011 - 13 juil. 2011 à 18:04
48 réponses
Destrio
Messages postés
311
Date d'inscription
dimanche 19 septembre 2010
Statut
Contributeur
Dernière intervention
26 août 2011
61
12 juil. 2011 à 23:32
12 juil. 2011 à 23:32
Dans le gestionnaire des tâches > Fichier > Nouvelle tâche > Tape explorer et valide.
Destrio
Messages postés
311
Date d'inscription
dimanche 19 septembre 2010
Statut
Contributeur
Dernière intervention
26 août 2011
61
12 juil. 2011 à 23:58
12 juil. 2011 à 23:58
--> Fais un scan avec TDSSKiller et poste le rapport :
https://forum.malekal.com/viewtopic.php?t=28637&start=
https://forum.malekal.com/viewtopic.php?t=28637&start=
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
demain je termine tout ca et je balance le report mille merci pour ton aide tout au long de la journee!!!!
topic a conserver!!
topic a conserver!!
Destrio
Messages postés
311
Date d'inscription
dimanche 19 septembre 2010
Statut
Contributeur
Dernière intervention
26 août 2011
61
13 juil. 2011 à 00:54
13 juil. 2011 à 00:54
C'est grâce au rapport de ComboFix que j'ai vu qu'il fallait utiliser TDSSKiller.
merci destrio,
problemes resolus...apres une journee complete de bagarre...vais pouvoir me remettre au taf!!!
mille mercis pb resolus
problemes resolus...apres une journee complete de bagarre...vais pouvoir me remettre au taf!!!
mille mercis pb resolus
Destrio
Messages postés
311
Date d'inscription
dimanche 19 septembre 2010
Statut
Contributeur
Dernière intervention
26 août 2011
61
13 juil. 2011 à 11:21
13 juil. 2011 à 11:21
Tu devrais faire ceci :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Et la procédure avec OTL que tu n'avais pas pu faire. Juste pour vérifier qu'il ne reste rien d'autre.
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Et la procédure avec OTL que tu n'avais pas pu faire. Juste pour vérifier qu'il ne reste rien d'autre.
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011/07/13 00:20:56 | 001,383,430 | ---- | C] () -- C:\Documents and Settings\yo\Desktop\tdsskiller.zip
[2011/07/12 22:52:51 | 1063,702,528 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/12 17:59:19 | 000,000,315 | ---- | C] () -- C:\Boot.bak
[2011/07/12 17:59:14 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/07/12 17:54:20 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/07/12 17:54:20 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/07/12 17:54:20 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/07/12 17:54:20 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/07/12 17:54:20 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/07/12 11:19:17 | 000,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
[2011/07/11 19:21:01 | 000,000,164 | ---- | C] () -- C:\WINDOWS\install.dat
[2011/07/11 19:02:01 | 000,503,642 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/07/07 21:38:49 | 000,000,691 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CamStudio.lnk
[2011/07/07 15:42:37 | 000,388,596 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\placedesmarches.CSV
[2011/07/07 15:35:49 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\XLSCX.INI
[2011/07/07 15:35:21 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\Convert XLS.lnk
[2011/07/07 15:35:20 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx13_ic.ini
[2011/07/07 15:35:19 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\CSVSpecialProcessing.dll
[2011/07/07 15:35:19 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\SARzilla.dll
[2011/07/07 15:35:19 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\DVM.dll
[2011/07/07 15:35:19 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\RegisterExe.exe
[2011/07/07 15:35:18 | 000,000,298 | ---- | C] () -- C:\WINDOWS\System32\msxml4.inf
[2011/07/07 14:19:20 | 000,714,870 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\mailister.csv
[2011/07/07 14:15:02 | 000,723,374 | ---- | C] () -- C:\Documents and Settings\a\Desktop\email 2011.csv
[2011/07/07 13:54:21 | 000,357,436 | ---- | C] () -- C:\Documents and Settings\la\Desktop\email2011bis.csv
[2011/07/07 13:52:49 | 000,357,436 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\email2011.csv
[2011/07/07 11:35:35 | 000,001,779 | ---- | C] () -- C:\Documents and Settings\y\Desktop\SendBlaster.lnk
[2011/07/04 23:09:02 | 000,004,940 | ---- | C] () -- C:\Documents and Settings\y\My Documents\olga.jpg
[2011/07/02 13:13:41 | 000,271,072 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/06/13 20:28:25 | 002,680,859 | ---- | C] () -- C:\WINDOWS\System32\ms98.cab
[2011/06/13 20:28:25 | 000,030,166 | ---- | C] () -- C:\WINDOWS\System32\phidmou.inf
[2011/06/13 20:28:25 | 000,009,808 | ---- | C] () -- C:\WINDOWS\System32\ms99.cat
[2011/06/13 20:28:25 | 000,008,181 | ---- | C] () -- C:\WINDOWS\System32\Setup2k.ini
[2011/06/13 20:28:25 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\presetup.ini
[2011/06/13 20:28:23 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\XMOUSE.CPL
[2011/06/13 20:28:23 | 000,003,099 | ---- | C] () -- C:\WINDOWS\System32\HPMICE.PCX
[2011/02/14 17:02:05 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/02/14 17:02:05 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/01/26 23:07:45 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat
[2011/01/26 23:07:45 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2010/12/11 00:50:11 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/12/04 08:29:56 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/27 00:27:57 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2010/08/29 15:55:41 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\a\Local Settings\Application Data\housecall.guid.cache
[2010/08/18 19:17:39 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2010/08/18 19:17:39 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2010/08/18 19:17:39 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2010/08/18 19:17:39 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2010/04/27 12:48:05 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/02/16 21:16:13 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\la\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/06 16:03:01 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/02/05 21:09:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/02/01 03:49:18 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/12/12 07:08:49 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2009/12/12 07:08:40 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/12/12 07:03:09 | 000,001,203 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/12/12 06:04:28 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/12/12 05:40:41 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\EMSC.DLL
[2009/12/12 05:39:31 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2009/12/12 05:39:30 | 002,039,808 | ---- | C] () -- C:\WINDOWS\System32\BCMWLTRY.EXE
[2009/12/12 05:39:29 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/05/27 05:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/27 05:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/26 03:47:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/04/26 03:44:05 | 000,023,444 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/26 03:42:57 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/04/25 22:33:23 | 000,034,699 | ---- | C] () -- C:\WINDOWS\System32\hlp.dat
[2008/04/25 22:33:18 | 000,438,458 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/25 22:33:18 | 000,068,898 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/25 22:33:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/04/25 15:39:19 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/04/25 15:38:33 | 000,274,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/04/14 09:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 09:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 09:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 09:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 09:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 09:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 09:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007/09/27 18:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 18:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 18:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005/04/15 13:52:33 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/04/15 13:52:33 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/11/18 09:16:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\nktwab.dll
[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
[color=#E56717]========== LOP Check ==========[/color]
[2011/07/12 19:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/07/11 23:54:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/07/12 01:35:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/07/13 11:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2011/07/05 13:11:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eTarget
[2011/07/12 01:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/05/16 16:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
[2009/12/12 05:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2010/09/28 22:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2011/06/30 23:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rosetta Stone
[2011/07/05 13:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SL2o
[2009/12/12 05:45:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/07/11 23:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/07/02 12:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/12/12 05:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista32
[2009/12/12 05:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista64
[2009/12/12 05:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win732
[2009/12/12 05:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win764
[2010/12/19 22:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/12/12 05:42:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XP32
[2011/07/02 12:22:19 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011/07/04 10:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\BitTorrent
[2011/04/18 23:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\y\Application Data\Eltima Software
[2010/08/15 00:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\y\Application Data\FCD356BBA4E3305E0F44F6BAB40AE595
[2011/06/02 12:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\y\Application Data\FrostWire
[2011/07/13 11:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\go
[2010/05/30 12:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\yo\Application Data\Hide IP NG
[2010/07/24 19:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\yla\Application Data\Ohvei
[2010/07/30 18:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\Oxybe
[2010/09/11 19:46:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\PhotoFiltre
[2011/03/30 11:55:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\Research In Motion
[2011/03/21 23:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\Sarbacane Software
[2011/07/07 14:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\SendBlaster2
[2011/07/02 12:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\TuneUp Software
[2009/12/12 05:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\\Application Data\Windows Desktop Search
[2010/02/05 20:27:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Application Data\Windows Search
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
[2011/07/13 00:20:56 | 001,383,430 | ---- | C] () -- C:\Documents and Settings\yo\Desktop\tdsskiller.zip
[2011/07/12 22:52:51 | 1063,702,528 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/12 17:59:19 | 000,000,315 | ---- | C] () -- C:\Boot.bak
[2011/07/12 17:59:14 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/07/12 17:54:20 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/07/12 17:54:20 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/07/12 17:54:20 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/07/12 17:54:20 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/07/12 17:54:20 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/07/12 11:19:17 | 000,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
[2011/07/11 19:21:01 | 000,000,164 | ---- | C] () -- C:\WINDOWS\install.dat
[2011/07/11 19:02:01 | 000,503,642 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/07/07 21:38:49 | 000,000,691 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CamStudio.lnk
[2011/07/07 15:42:37 | 000,388,596 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\placedesmarches.CSV
[2011/07/07 15:35:49 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\XLSCX.INI
[2011/07/07 15:35:21 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\Convert XLS.lnk
[2011/07/07 15:35:20 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx13_ic.ini
[2011/07/07 15:35:19 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\CSVSpecialProcessing.dll
[2011/07/07 15:35:19 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\SARzilla.dll
[2011/07/07 15:35:19 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\DVM.dll
[2011/07/07 15:35:19 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\RegisterExe.exe
[2011/07/07 15:35:18 | 000,000,298 | ---- | C] () -- C:\WINDOWS\System32\msxml4.inf
[2011/07/07 14:19:20 | 000,714,870 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\mailister.csv
[2011/07/07 14:15:02 | 000,723,374 | ---- | C] () -- C:\Documents and Settings\a\Desktop\email 2011.csv
[2011/07/07 13:54:21 | 000,357,436 | ---- | C] () -- C:\Documents and Settings\la\Desktop\email2011bis.csv
[2011/07/07 13:52:49 | 000,357,436 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\email2011.csv
[2011/07/07 11:35:35 | 000,001,779 | ---- | C] () -- C:\Documents and Settings\y\Desktop\SendBlaster.lnk
[2011/07/04 23:09:02 | 000,004,940 | ---- | C] () -- C:\Documents and Settings\y\My Documents\olga.jpg
[2011/07/02 13:13:41 | 000,271,072 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/06/13 20:28:25 | 002,680,859 | ---- | C] () -- C:\WINDOWS\System32\ms98.cab
[2011/06/13 20:28:25 | 000,030,166 | ---- | C] () -- C:\WINDOWS\System32\phidmou.inf
[2011/06/13 20:28:25 | 000,009,808 | ---- | C] () -- C:\WINDOWS\System32\ms99.cat
[2011/06/13 20:28:25 | 000,008,181 | ---- | C] () -- C:\WINDOWS\System32\Setup2k.ini
[2011/06/13 20:28:25 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\presetup.ini
[2011/06/13 20:28:23 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\XMOUSE.CPL
[2011/06/13 20:28:23 | 000,003,099 | ---- | C] () -- C:\WINDOWS\System32\HPMICE.PCX
[2011/02/14 17:02:05 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/02/14 17:02:05 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/01/26 23:07:45 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat
[2011/01/26 23:07:45 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2010/12/11 00:50:11 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/12/04 08:29:56 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/27 00:27:57 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2010/08/29 15:55:41 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\a\Local Settings\Application Data\housecall.guid.cache
[2010/08/18 19:17:39 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2010/08/18 19:17:39 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2010/08/18 19:17:39 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2010/08/18 19:17:39 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2010/04/27 12:48:05 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/02/16 21:16:13 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\la\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/06 16:03:01 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/02/05 21:09:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/02/01 03:49:18 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/12/12 07:08:49 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2009/12/12 07:08:40 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/12/12 07:03:09 | 000,001,203 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/12/12 06:04:28 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/12/12 05:40:41 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\EMSC.DLL
[2009/12/12 05:39:31 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2009/12/12 05:39:30 | 002,039,808 | ---- | C] () -- C:\WINDOWS\System32\BCMWLTRY.EXE
[2009/12/12 05:39:29 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/05/27 05:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/27 05:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/26 03:47:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/04/26 03:44:05 | 000,023,444 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/26 03:42:57 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/04/25 22:33:23 | 000,034,699 | ---- | C] () -- C:\WINDOWS\System32\hlp.dat
[2008/04/25 22:33:18 | 000,438,458 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/25 22:33:18 | 000,068,898 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/25 22:33:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/04/25 15:39:19 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/04/25 15:38:33 | 000,274,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/04/14 09:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 09:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 09:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 09:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 09:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 09:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 09:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007/09/27 18:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 18:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 18:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005/04/15 13:52:33 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/04/15 13:52:33 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/11/18 09:16:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\nktwab.dll
[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
[color=#E56717]========== LOP Check ==========[/color]
[2011/07/12 19:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/07/11 23:54:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/07/12 01:35:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/07/13 11:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2011/07/05 13:11:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eTarget
[2011/07/12 01:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/05/16 16:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
[2009/12/12 05:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2010/09/28 22:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2011/06/30 23:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rosetta Stone
[2011/07/05 13:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SL2o
[2009/12/12 05:45:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/07/11 23:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/07/02 12:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/12/12 05:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista32
[2009/12/12 05:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista64
[2009/12/12 05:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win732
[2009/12/12 05:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win764
[2010/12/19 22:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/12/12 05:42:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XP32
[2011/07/02 12:22:19 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011/07/04 10:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\BitTorrent
[2011/04/18 23:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\y\Application Data\Eltima Software
[2010/08/15 00:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\y\Application Data\FCD356BBA4E3305E0F44F6BAB40AE595
[2011/06/02 12:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\y\Application Data\FrostWire
[2011/07/13 11:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\go
[2010/05/30 12:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\yo\Application Data\Hide IP NG
[2010/07/24 19:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\yla\Application Data\Ohvei
[2010/07/30 18:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\Oxybe
[2010/09/11 19:46:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\PhotoFiltre
[2011/03/30 11:55:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\Research In Motion
[2011/03/21 23:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\Sarbacane Software
[2011/07/07 14:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\SendBlaster2
[2011/07/02 12:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\TuneUp Software
[2009/12/12 05:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\\Application Data\Windows Desktop Search
[2010/02/05 20:27:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Application Data\Windows Search
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
Destrio
Messages postés
311
Date d'inscription
dimanche 19 septembre 2010
Statut
Contributeur
Dernière intervention
26 août 2011
61
13 juil. 2011 à 12:36
13 juil. 2011 à 12:36
Il manque le début.
Destrio
Messages postés
311
Date d'inscription
dimanche 19 septembre 2010
Statut
Contributeur
Dernière intervention
26 août 2011
61
13 juil. 2011 à 18:04
13 juil. 2011 à 18:04
Tu peux les héberger ici puis me donner le lien :
http://pjjoint.malekal.com/
http://pjjoint.malekal.com/
