Infection
Résolu
concierge1
-
Destrio Messages postés 432 Statut Contributeur -
Destrio Messages postés 432 Statut Contributeur -
Bonjour,
voici ma config navigation
mon ordi est infecte, et je ne peux plus installer d anti virus ou d anti trojan, une fois l instalation faite, windows ne reconnait plus le programme.
si je lance un scan avec un des antivirus, celui se coupe et disparait du process, j ai vraiment tout essaye : divers anti virus gratuits : avg, avast, trojan killer, spybot etc...j ai desactive par ms config le fichier arking.exe, mais rien a faire je n arrive pas l enlever ni meme installer un anti virus meme pas un scan en ligne.
Pouvez m aider??
merci a vous tous
voici ma config navigation
mon ordi est infecte, et je ne peux plus installer d anti virus ou d anti trojan, une fois l instalation faite, windows ne reconnait plus le programme.
si je lance un scan avec un des antivirus, celui se coupe et disparait du process, j ai vraiment tout essaye : divers anti virus gratuits : avg, avast, trojan killer, spybot etc...j ai desactive par ms config le fichier arking.exe, mais rien a faire je n arrive pas l enlever ni meme installer un anti virus meme pas un scan en ligne.
Pouvez m aider??
merci a vous tous
48 réponses
--> Fais un scan avec TDSSKiller et poste le rapport :
https://forum.malekal.com/viewtopic.php?t=28637&start=
https://forum.malekal.com/viewtopic.php?t=28637&start=
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
demain je termine tout ca et je balance le report mille merci pour ton aide tout au long de la journee!!!!
topic a conserver!!
topic a conserver!!
merci destrio,
problemes resolus...apres une journee complete de bagarre...vais pouvoir me remettre au taf!!!
mille mercis pb resolus
problemes resolus...apres une journee complete de bagarre...vais pouvoir me remettre au taf!!!
mille mercis pb resolus
Tu devrais faire ceci :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Et la procédure avec OTL que tu n'avais pas pu faire. Juste pour vérifier qu'il ne reste rien d'autre.
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Et la procédure avec OTL que tu n'avais pas pu faire. Juste pour vérifier qu'il ne reste rien d'autre.
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011/07/13 00:20:56 | 001,383,430 | ---- | C] () -- C:\Documents and Settings\yo\Desktop\tdsskiller.zip
[2011/07/12 22:52:51 | 1063,702,528 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/12 17:59:19 | 000,000,315 | ---- | C] () -- C:\Boot.bak
[2011/07/12 17:59:14 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/07/12 17:54:20 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/07/12 17:54:20 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/07/12 17:54:20 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/07/12 17:54:20 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/07/12 17:54:20 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/07/12 11:19:17 | 000,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
[2011/07/11 19:21:01 | 000,000,164 | ---- | C] () -- C:\WINDOWS\install.dat
[2011/07/11 19:02:01 | 000,503,642 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/07/07 21:38:49 | 000,000,691 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CamStudio.lnk
[2011/07/07 15:42:37 | 000,388,596 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\placedesmarches.CSV
[2011/07/07 15:35:49 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\XLSCX.INI
[2011/07/07 15:35:21 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\Convert XLS.lnk
[2011/07/07 15:35:20 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx13_ic.ini
[2011/07/07 15:35:19 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\CSVSpecialProcessing.dll
[2011/07/07 15:35:19 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\SARzilla.dll
[2011/07/07 15:35:19 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\DVM.dll
[2011/07/07 15:35:19 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\RegisterExe.exe
[2011/07/07 15:35:18 | 000,000,298 | ---- | C] () -- C:\WINDOWS\System32\msxml4.inf
[2011/07/07 14:19:20 | 000,714,870 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\mailister.csv
[2011/07/07 14:15:02 | 000,723,374 | ---- | C] () -- C:\Documents and Settings\a\Desktop\email 2011.csv
[2011/07/07 13:54:21 | 000,357,436 | ---- | C] () -- C:\Documents and Settings\la\Desktop\email2011bis.csv
[2011/07/07 13:52:49 | 000,357,436 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\email2011.csv
[2011/07/07 11:35:35 | 000,001,779 | ---- | C] () -- C:\Documents and Settings\y\Desktop\SendBlaster.lnk
[2011/07/04 23:09:02 | 000,004,940 | ---- | C] () -- C:\Documents and Settings\y\My Documents\olga.jpg
[2011/07/02 13:13:41 | 000,271,072 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/06/13 20:28:25 | 002,680,859 | ---- | C] () -- C:\WINDOWS\System32\ms98.cab
[2011/06/13 20:28:25 | 000,030,166 | ---- | C] () -- C:\WINDOWS\System32\phidmou.inf
[2011/06/13 20:28:25 | 000,009,808 | ---- | C] () -- C:\WINDOWS\System32\ms99.cat
[2011/06/13 20:28:25 | 000,008,181 | ---- | C] () -- C:\WINDOWS\System32\Setup2k.ini
[2011/06/13 20:28:25 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\presetup.ini
[2011/06/13 20:28:23 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\XMOUSE.CPL
[2011/06/13 20:28:23 | 000,003,099 | ---- | C] () -- C:\WINDOWS\System32\HPMICE.PCX
[2011/02/14 17:02:05 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/02/14 17:02:05 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/01/26 23:07:45 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat
[2011/01/26 23:07:45 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2010/12/11 00:50:11 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/12/04 08:29:56 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/27 00:27:57 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2010/08/29 15:55:41 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\a\Local Settings\Application Data\housecall.guid.cache
[2010/08/18 19:17:39 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2010/08/18 19:17:39 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2010/08/18 19:17:39 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2010/08/18 19:17:39 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2010/04/27 12:48:05 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/02/16 21:16:13 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\la\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/06 16:03:01 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/02/05 21:09:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/02/01 03:49:18 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/12/12 07:08:49 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2009/12/12 07:08:40 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/12/12 07:03:09 | 000,001,203 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/12/12 06:04:28 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/12/12 05:40:41 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\EMSC.DLL
[2009/12/12 05:39:31 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2009/12/12 05:39:30 | 002,039,808 | ---- | C] () -- C:\WINDOWS\System32\BCMWLTRY.EXE
[2009/12/12 05:39:29 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/05/27 05:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/27 05:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/26 03:47:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/04/26 03:44:05 | 000,023,444 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/26 03:42:57 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/04/25 22:33:23 | 000,034,699 | ---- | C] () -- C:\WINDOWS\System32\hlp.dat
[2008/04/25 22:33:18 | 000,438,458 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/25 22:33:18 | 000,068,898 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/25 22:33:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/04/25 15:39:19 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/04/25 15:38:33 | 000,274,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/04/14 09:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 09:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 09:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 09:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 09:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 09:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 09:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007/09/27 18:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 18:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 18:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005/04/15 13:52:33 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/04/15 13:52:33 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/11/18 09:16:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\nktwab.dll
[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
[color=#E56717]========== LOP Check ==========[/color]
[2011/07/12 19:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/07/11 23:54:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/07/12 01:35:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/07/13 11:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2011/07/05 13:11:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eTarget
[2011/07/12 01:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/05/16 16:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
[2009/12/12 05:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2010/09/28 22:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2011/06/30 23:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rosetta Stone
[2011/07/05 13:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SL2o
[2009/12/12 05:45:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/07/11 23:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/07/02 12:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/12/12 05:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista32
[2009/12/12 05:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista64
[2009/12/12 05:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win732
[2009/12/12 05:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win764
[2010/12/19 22:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/12/12 05:42:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XP32
[2011/07/02 12:22:19 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011/07/04 10:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\BitTorrent
[2011/04/18 23:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\y\Application Data\Eltima Software
[2010/08/15 00:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\y\Application Data\FCD356BBA4E3305E0F44F6BAB40AE595
[2011/06/02 12:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\y\Application Data\FrostWire
[2011/07/13 11:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\go
[2010/05/30 12:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\yo\Application Data\Hide IP NG
[2010/07/24 19:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\yla\Application Data\Ohvei
[2010/07/30 18:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\Oxybe
[2010/09/11 19:46:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\PhotoFiltre
[2011/03/30 11:55:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\Research In Motion
[2011/03/21 23:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\Sarbacane Software
[2011/07/07 14:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\SendBlaster2
[2011/07/02 12:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\TuneUp Software
[2009/12/12 05:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\\Application Data\Windows Desktop Search
[2010/02/05 20:27:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Application Data\Windows Search
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
[2011/07/13 00:20:56 | 001,383,430 | ---- | C] () -- C:\Documents and Settings\yo\Desktop\tdsskiller.zip
[2011/07/12 22:52:51 | 1063,702,528 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/12 17:59:19 | 000,000,315 | ---- | C] () -- C:\Boot.bak
[2011/07/12 17:59:14 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/07/12 17:54:20 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/07/12 17:54:20 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/07/12 17:54:20 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/07/12 17:54:20 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/07/12 17:54:20 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/07/12 11:19:17 | 000,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
[2011/07/11 19:21:01 | 000,000,164 | ---- | C] () -- C:\WINDOWS\install.dat
[2011/07/11 19:02:01 | 000,503,642 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/07/07 21:38:49 | 000,000,691 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CamStudio.lnk
[2011/07/07 15:42:37 | 000,388,596 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\placedesmarches.CSV
[2011/07/07 15:35:49 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\XLSCX.INI
[2011/07/07 15:35:21 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\Convert XLS.lnk
[2011/07/07 15:35:20 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx13_ic.ini
[2011/07/07 15:35:19 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\CSVSpecialProcessing.dll
[2011/07/07 15:35:19 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\SARzilla.dll
[2011/07/07 15:35:19 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\DVM.dll
[2011/07/07 15:35:19 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\RegisterExe.exe
[2011/07/07 15:35:18 | 000,000,298 | ---- | C] () -- C:\WINDOWS\System32\msxml4.inf
[2011/07/07 14:19:20 | 000,714,870 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\mailister.csv
[2011/07/07 14:15:02 | 000,723,374 | ---- | C] () -- C:\Documents and Settings\a\Desktop\email 2011.csv
[2011/07/07 13:54:21 | 000,357,436 | ---- | C] () -- C:\Documents and Settings\la\Desktop\email2011bis.csv
[2011/07/07 13:52:49 | 000,357,436 | ---- | C] () -- C:\Documents and Settings\ya\Desktop\email2011.csv
[2011/07/07 11:35:35 | 000,001,779 | ---- | C] () -- C:\Documents and Settings\y\Desktop\SendBlaster.lnk
[2011/07/04 23:09:02 | 000,004,940 | ---- | C] () -- C:\Documents and Settings\y\My Documents\olga.jpg
[2011/07/02 13:13:41 | 000,271,072 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/06/13 20:28:25 | 002,680,859 | ---- | C] () -- C:\WINDOWS\System32\ms98.cab
[2011/06/13 20:28:25 | 000,030,166 | ---- | C] () -- C:\WINDOWS\System32\phidmou.inf
[2011/06/13 20:28:25 | 000,009,808 | ---- | C] () -- C:\WINDOWS\System32\ms99.cat
[2011/06/13 20:28:25 | 000,008,181 | ---- | C] () -- C:\WINDOWS\System32\Setup2k.ini
[2011/06/13 20:28:25 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\presetup.ini
[2011/06/13 20:28:23 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\XMOUSE.CPL
[2011/06/13 20:28:23 | 000,003,099 | ---- | C] () -- C:\WINDOWS\System32\HPMICE.PCX
[2011/02/14 17:02:05 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/02/14 17:02:05 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/01/26 23:07:45 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat
[2011/01/26 23:07:45 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2010/12/11 00:50:11 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/12/04 08:29:56 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/27 00:27:57 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2010/08/29 15:55:41 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\a\Local Settings\Application Data\housecall.guid.cache
[2010/08/18 19:17:39 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2010/08/18 19:17:39 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2010/08/18 19:17:39 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2010/08/18 19:17:39 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2010/04/27 12:48:05 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/02/16 21:16:13 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\la\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/06 16:03:01 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/02/05 21:09:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/02/01 03:49:18 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/12/12 07:08:49 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2009/12/12 07:08:40 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/12/12 07:03:09 | 000,001,203 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/12/12 06:04:28 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/12/12 05:40:41 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\EMSC.DLL
[2009/12/12 05:39:31 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2009/12/12 05:39:30 | 002,039,808 | ---- | C] () -- C:\WINDOWS\System32\BCMWLTRY.EXE
[2009/12/12 05:39:29 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/05/27 05:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/27 05:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/26 03:47:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/04/26 03:44:05 | 000,023,444 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/26 03:42:57 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/04/25 22:33:23 | 000,034,699 | ---- | C] () -- C:\WINDOWS\System32\hlp.dat
[2008/04/25 22:33:18 | 000,438,458 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/25 22:33:18 | 000,068,898 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/25 22:33:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/04/25 15:39:19 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/04/25 15:38:33 | 000,274,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/04/14 09:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 09:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 09:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 09:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 09:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 09:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 09:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007/09/27 18:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 18:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 18:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005/04/15 13:52:33 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/04/15 13:52:33 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/11/18 09:16:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\nktwab.dll
[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
[color=#E56717]========== LOP Check ==========[/color]
[2011/07/12 19:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/07/11 23:54:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/07/12 01:35:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/07/13 11:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2011/07/05 13:11:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eTarget
[2011/07/12 01:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/05/16 16:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
[2009/12/12 05:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2010/09/28 22:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2011/06/30 23:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rosetta Stone
[2011/07/05 13:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SL2o
[2009/12/12 05:45:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/07/11 23:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/07/02 12:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/12/12 05:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista32
[2009/12/12 05:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista64
[2009/12/12 05:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win732
[2009/12/12 05:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win764
[2010/12/19 22:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/12/12 05:42:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XP32
[2011/07/02 12:22:19 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011/07/04 10:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\BitTorrent
[2011/04/18 23:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\y\Application Data\Eltima Software
[2010/08/15 00:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\y\Application Data\FCD356BBA4E3305E0F44F6BAB40AE595
[2011/06/02 12:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\y\Application Data\FrostWire
[2011/07/13 11:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\go
[2010/05/30 12:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\yo\Application Data\Hide IP NG
[2010/07/24 19:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\yla\Application Data\Ohvei
[2010/07/30 18:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\Oxybe
[2010/09/11 19:46:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\PhotoFiltre
[2011/03/30 11:55:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\Research In Motion
[2011/03/21 23:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\Sarbacane Software
[2011/07/07 14:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\SendBlaster2
[2011/07/02 12:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ya\Application Data\TuneUp Software
[2009/12/12 05:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\\Application Data\Windows Desktop Search
[2010/02/05 20:27:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Application Data\Windows Search
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
