Infection
Résolu
concierge1
-
Destrio Messages postés 312 Date d'inscription Statut Contributeur Dernière intervention -
Destrio Messages postés 312 Date d'inscription Statut Contributeur Dernière intervention -
48 réponses
--> Fais un scan avec TDSSKiller et poste le rapport :
https://forum.malekal.com/viewtopic.php?t=28637&start=
https://forum.malekal.com/viewtopic.php?t=28637&start=
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
demain je termine tout ca et je balance le report mille merci pour ton aide tout au long de la journee!!!!
topic a conserver!!
topic a conserver!!
merci destrio,
problemes resolus...apres une journee complete de bagarre...vais pouvoir me remettre au taf!!!
mille mercis pb resolus
problemes resolus...apres une journee complete de bagarre...vais pouvoir me remettre au taf!!!
mille mercis pb resolus
Tu devrais faire ceci :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Et la procédure avec OTL que tu n'avais pas pu faire. Juste pour vérifier qu'il ne reste rien d'autre.
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Et la procédure avec OTL que tu n'avais pas pu faire. Juste pour vérifier qu'il ne reste rien d'autre.
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011/07/13 00:20:56 | 001,383,430 | ---- | C] () -- C:\Documents and Settings\yo\Desktop\tdsskiller.zip
[2011/07/12 22:52:51 | 1063,702,528 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/12 17:59:19 | 000,000,315 | ---- | C] () -- C:\Boot.bak
[2011/07/12 17:59:14 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/07/12 17:54:20 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/07/12 17:54:20 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/07/12 17:54:20 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/07/12 17:54:20 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/07/12 17:54:20 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/07/12 11:19:17 | 000,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
[2011/07/11 19:21:01 | 000,000,164 | ---- | C] () -- C:\WINDOWS\install.dat
[2011/07/11 19:02:01 | 000,503,642 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/07/07 21:38:49 | 000,000,691 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CamStudio.lnk
[2011/07/07 15:42:37 | 000,388,596 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\placedesmarches.CSV
[2011/07/07 15:35:49 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\XLSCX.INI
[2011/07/07 15:35:21 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\Convert XLS.lnk
[2011/07/07 15:35:20 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx13_ic.ini
[2011/07/07 15:35:19 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\CSVSpecialProcessing.dll
[2011/07/07 15:35:19 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\SARzilla.dll
[2011/07/07 15:35:19 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\DVM.dll
[2011/07/07 15:35:19 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\RegisterExe.exe
[2011/07/07 15:35:18 | 000,000,298 | ---- | C] () -- C:\WINDOWS\System32\msxml4.inf
[2011/07/07 14:19:20 | 000,714,870 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\mailister.csv
[2011/07/07 14:15:02 | 000,723,374 | ---- | C] () -- C:\Documents and Settings\a\Desktop\email 2011.csv
[2011/07/07 13:54:21 | 000,357,436 | ---- | C] () -- C:\Documents and Settings\la\Desktop\email2011bis.csv
[2011/07/07 13:52:49 | 000,357,436 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\email2011.csv
[2011/07/07 11:35:35 | 000,001,779 | ---- | C] () -- C:\Documents and Settings\y\Desktop\SendBlaster.lnk
[2011/07/04 23:09:02 | 000,004,940 | ---- | C] () -- C:\Documents and Settings\y\My Documents\olga.jpg
[2011/07/02 13:13:41 | 000,271,072 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/06/13 20:28:25 | 002,680,859 | ---- | C] () -- C:\WINDOWS\System32\ms98.cab
[2011/06/13 20:28:25 | 000,030,166 | ---- | C] () -- C:\WINDOWS\System32\phidmou.inf
[2011/06/13 20:28:25 | 000,009,808 | ---- | C] () -- C:\WINDOWS\System32\ms99.cat
[2011/06/13 20:28:25 | 000,008,181 | ---- | C] () -- C:\WINDOWS\System32\Setup2k.ini
[2011/06/13 20:28:25 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\presetup.ini
[2011/06/13 20:28:23 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\XMOUSE.CPL
[2011/06/13 20:28:23 | 000,003,099 | ---- | C] () -- C:\WINDOWS\System32\HPMICE.PCX
[2011/02/14 17:02:05 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/02/14 17:02:05 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/01/26 23:07:45 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat
[2011/01/26 23:07:45 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2010/12/11 00:50:11 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/12/04 08:29:56 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/27 00:27:57 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2010/08/29 15:55:41 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\a\Local Settings\Application Data\housecall.guid.cache
[2010/08/18 19:17:39 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2010/08/18 19:17:39 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2010/08/18 19:17:39 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2010/08/18 19:17:39 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2010/04/27 12:48:05 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/02/16 21:16:13 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\la\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/06 16:03:01 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/02/05 21:09:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/02/01 03:49:18 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/12/12 07:08:49 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2009/12/12 07:08:40 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/12/12 07:03:09 | 000,001,203 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/12/12 06:04:28 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/12/12 05:40:41 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\EMSC.DLL
[2009/12/12 05:39:31 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2009/12/12 05:39:30 | 002,039,808 | ---- | C] () -- C:\WINDOWS\System32\BCMWLTRY.EXE
[2009/12/12 05:39:29 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/05/27 05:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/27 05:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/26 03:47:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/04/26 03:44:05 | 000,023,444 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/26 03:42:57 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/04/25 22:33:23 | 000,034,699 | ---- | C] () -- C:\WINDOWS\System32\hlp.dat
[2008/04/25 22:33:18 | 000,438,458 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/25 22:33:18 | 000,068,898 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/25 22:33:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/04/25 15:39:19 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/04/25 15:38:33 | 000,274,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/04/14 09:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 09:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 09:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 09:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 09:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 09:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 09:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007/09/27 18:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 18:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 18:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005/04/15 13:52:33 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/04/15 13:52:33 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/11/18 09:16:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\nktwab.dll
[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
[color=#E56717]========== LOP Check ==========[/color]
[2011/07/12 19:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/07/11 23:54:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/07/12 01:35:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/07/13 11:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2011/07/05 13:11:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eTarget
[2011/07/12 01:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/05/16 16:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
[2009/12/12 05:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2010/09/28 22:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2011/06/30 23:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rosetta Stone
[2011/07/05 13:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SL2o
[2009/12/12 05:45:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/07/11 23:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/07/02 12:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/12/12 05:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista32
[2009/12/12 05:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista64
[2009/12/12 05:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win732
[2009/12/12 05:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win764
[2010/12/19 22:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/12/12 05:42:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XP32
[2011/07/02 12:22:19 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011/07/04 10:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\BitTorrent
[2011/04/18 23:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\y\Application Data\Eltima Software
[2010/08/15 00:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\y\Application Data\FCD356BBA4E3305E0F44F6BAB40AE595
[2011/06/02 12:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\y\Application Data\FrostWire
[2011/07/13 11:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\go
[2010/05/30 12:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\yo\Application Data\Hide IP NG
[2010/07/24 19:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\yla\Application Data\Ohvei
[2010/07/30 18:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\Oxybe
[2010/09/11 19:46:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\PhotoFiltre
[2011/03/30 11:55:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\Research In Motion
[2011/03/21 23:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\Sarbacane Software
[2011/07/07 14:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\SendBlaster2
[2011/07/02 12:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\TuneUp Software
[2009/12/12 05:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\\Application Data\Windows Desktop Search
[2010/02/05 20:27:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Application Data\Windows Search
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
[2011/07/13 00:20:56 | 001,383,430 | ---- | C] () -- C:\Documents and Settings\yo\Desktop\tdsskiller.zip
[2011/07/12 22:52:51 | 1063,702,528 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/12 17:59:19 | 000,000,315 | ---- | C] () -- C:\Boot.bak
[2011/07/12 17:59:14 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/07/12 17:54:20 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/07/12 17:54:20 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/07/12 17:54:20 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/07/12 17:54:20 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/07/12 17:54:20 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/07/12 11:19:17 | 000,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
[2011/07/11 19:21:01 | 000,000,164 | ---- | C] () -- C:\WINDOWS\install.dat
[2011/07/11 19:02:01 | 000,503,642 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/07/07 21:38:49 | 000,000,691 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CamStudio.lnk
[2011/07/07 15:42:37 | 000,388,596 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\placedesmarches.CSV
[2011/07/07 15:35:49 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\XLSCX.INI
[2011/07/07 15:35:21 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\Convert XLS.lnk
[2011/07/07 15:35:20 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx13_ic.ini
[2011/07/07 15:35:19 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\CSVSpecialProcessing.dll
[2011/07/07 15:35:19 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\SARzilla.dll
[2011/07/07 15:35:19 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\DVM.dll
[2011/07/07 15:35:19 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\RegisterExe.exe
[2011/07/07 15:35:18 | 000,000,298 | ---- | C] () -- C:\WINDOWS\System32\msxml4.inf
[2011/07/07 14:19:20 | 000,714,870 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\mailister.csv
[2011/07/07 14:15:02 | 000,723,374 | ---- | C] () -- C:\Documents and Settings\a\Desktop\email 2011.csv
[2011/07/07 13:54:21 | 000,357,436 | ---- | C] () -- C:\Documents and Settings\la\Desktop\email2011bis.csv
[2011/07/07 13:52:49 | 000,357,436 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\email2011.csv
[2011/07/07 11:35:35 | 000,001,779 | ---- | C] () -- C:\Documents and Settings\y\Desktop\SendBlaster.lnk
[2011/07/04 23:09:02 | 000,004,940 | ---- | C] () -- C:\Documents and Settings\y\My Documents\olga.jpg
[2011/07/02 13:13:41 | 000,271,072 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/06/13 20:28:25 | 002,680,859 | ---- | C] () -- C:\WINDOWS\System32\ms98.cab
[2011/06/13 20:28:25 | 000,030,166 | ---- | C] () -- C:\WINDOWS\System32\phidmou.inf
[2011/06/13 20:28:25 | 000,009,808 | ---- | C] () -- C:\WINDOWS\System32\ms99.cat
[2011/06/13 20:28:25 | 000,008,181 | ---- | C] () -- C:\WINDOWS\System32\Setup2k.ini
[2011/06/13 20:28:25 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\presetup.ini
[2011/06/13 20:28:23 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\XMOUSE.CPL
[2011/06/13 20:28:23 | 000,003,099 | ---- | C] () -- C:\WINDOWS\System32\HPMICE.PCX
[2011/02/14 17:02:05 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/02/14 17:02:05 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/01/26 23:07:45 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat
[2011/01/26 23:07:45 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2010/12/11 00:50:11 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/12/04 08:29:56 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/27 00:27:57 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2010/08/29 15:55:41 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\a\Local Settings\Application Data\housecall.guid.cache
[2010/08/18 19:17:39 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2010/08/18 19:17:39 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2010/08/18 19:17:39 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2010/08/18 19:17:39 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2010/04/27 12:48:05 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/02/16 21:16:13 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\la\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/06 16:03:01 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/02/05 21:09:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/02/01 03:49:18 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/12/12 07:08:49 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2009/12/12 07:08:40 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/12/12 07:03:09 | 000,001,203 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/12/12 06:04:28 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/12/12 05:40:41 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\EMSC.DLL
[2009/12/12 05:39:31 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2009/12/12 05:39:30 | 002,039,808 | ---- | C] () -- C:\WINDOWS\System32\BCMWLTRY.EXE
[2009/12/12 05:39:29 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/05/27 05:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/27 05:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/26 03:47:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/04/26 03:44:05 | 000,023,444 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/26 03:42:57 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/04/25 22:33:23 | 000,034,699 | ---- | C] () -- C:\WINDOWS\System32\hlp.dat
[2008/04/25 22:33:18 | 000,438,458 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/25 22:33:18 | 000,068,898 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/25 22:33:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/04/25 15:39:19 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/04/25 15:38:33 | 000,274,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/04/14 09:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 09:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 09:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 09:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 09:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 09:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 09:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007/09/27 18:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 18:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 18:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005/04/15 13:52:33 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/04/15 13:52:33 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/11/18 09:16:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\nktwab.dll
[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
[color=#E56717]========== LOP Check ==========[/color]
[2011/07/12 19:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/07/11 23:54:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/07/12 01:35:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/07/13 11:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2011/07/05 13:11:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eTarget
[2011/07/12 01:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/05/16 16:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
[2009/12/12 05:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2010/09/28 22:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2011/06/30 23:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rosetta Stone
[2011/07/05 13:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SL2o
[2009/12/12 05:45:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/07/11 23:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/07/02 12:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/12/12 05:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista32
[2009/12/12 05:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista64
[2009/12/12 05:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win732
[2009/12/12 05:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win764
[2010/12/19 22:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/12/12 05:42:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XP32
[2011/07/02 12:22:19 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011/07/04 10:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\BitTorrent
[2011/04/18 23:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\y\Application Data\Eltima Software
[2010/08/15 00:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\y\Application Data\FCD356BBA4E3305E0F44F6BAB40AE595
[2011/06/02 12:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\y\Application Data\FrostWire
[2011/07/13 11:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\go
[2010/05/30 12:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\yo\Application Data\Hide IP NG
[2010/07/24 19:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\yla\Application Data\Ohvei
[2010/07/30 18:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\Oxybe
[2010/09/11 19:46:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\PhotoFiltre
[2011/03/30 11:55:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\Research In Motion
[2011/03/21 23:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\Sarbacane Software
[2011/07/07 14:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\SendBlaster2
[2011/07/02 12:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\TuneUp Software
[2009/12/12 05:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\\Application Data\Windows Desktop Search
[2010/02/05 20:27:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Application Data\Windows Search
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >