Se connecter / S'enregistrer
Votre question

PC infesté de virus : besoin d'aide.

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
13 Octobre 2011 19:07:57

Bonjour, bonsoir.

Depuis plusieurs jours mon antivirus s'affole par moment en me spammant que je suis infecté par des virus, cheval de troie, etc.. D'habitude j'arrive a régler ce genre de problème tout seul, mais cette fois je n'y arrive pas, malgrès de nombreux scanns, etc.. Les alertes de virus continues. Tout a commencé par un reboot intempestif de mon pc il me semble, même plusieurs a la suite.

Pouvez-vous m'aider ?

Autres pages sur : infeste virus besoin aide

13 Octobre 2011 21:00:22

Bonsoir


Télécharge DDS et sauvegarde-le sur ton bureau.
  • Désactive tout script bloquant, tels qu'un antivirus, un logiciel comme ad-block, noscript etc.
  • Double-clique sur dds.scr pour lancer l'outil.
  • Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
  • Clique Oui à la prochaine invite Optional Scan.
  • Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.

    <@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**
    13 Octobre 2011 21:24:44

    Merci de votre réponse. Voici de DDS.txt :


    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 7.0.6000.16386 BrowserJavaVersion: 1.6.0_23
    Run by dadou at 21:19:03 on 2011-10-13
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.33.1036.18.2046.899 [GMT 2:00]
    .
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\Protector Suite QL\upeksvr.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\agrsmsvc.exe
    C:\Windows\System32\svchost.exe -k Akamai
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\svdhalp.exe
    C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    C:\Windows\system32\javaupl.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Protector Suite QL\psqltray.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    svchost.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
    C:\Windows\system32\TODDSrv.exe
    C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\LOLReplay\LOLRecorder.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Synaptics\SynTP\SynToshiba.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://fr.ask.com?o=101920&l=dis
    uSearch Bar = hxxp://g.msn.fr/0SEFRFR/SAOS02
    uURLSearchHooks: Yahoo! Toolbar avec bloqueur de fenêtres pop-up: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    mURLSearchHooks: toox.com Toolbar: {81b9f7e7-c6bc-40e9-9f40-2e373ec14e94} - c:\program files\toox.com\tbtoo1.dll
    mWinlogon: Shell=explorer.exe, svdhalp.exe
    mWinlogon: Userinit=c:\windows\system32\userinit.exe,,c:\windows\system32\config\systemprofile\appdata\local\krtspjne\sxlfajwu.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File
    TB: toox.com Toolbar: {81b9f7e7-c6bc-40e9-9f40-2e373ec14e94} - c:\program files\toox.com\tbtoo1.dll
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
    uRun: [Sidebar]
    uRun: [WindowsWelcomeCenter]
    uRun: [Steam]
    uRun: [SpybotSD TeaTimer]
    uRun: [fsm]
    uRun: [swg]
    uRun: [Microsoft IntellPoint] c:\users\dadou\appdata\local\microsoft intellpoint\mspoint.exe
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
    uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe
    mRun: [SVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL
    mRun: [topi] c:\program files\toshiba\toshiba online product information\topi.exe -startup
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
    mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    mRun: [HWSetup] \HWSetup.exe hwSetUP
    mRun: [NDSTray.exe] NDSTray.exe
    mRun: [PSQLLauncher] "c:\program files\protector suite ql\launcher.exe" /startup
    mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe"
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
    mRun: [IaNvSrv] c:\program files\intel\intel matrix storage manager\orom\ianvsrv\IaNvSrv.exe
    mRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exe
    mRun: [avgnt] "c:\program files\avira\antivir personaledition classic\avgnt.exe" /min
    mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
    dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    dRun: [SxlFajwu] c:\windows\system32\config\systemprofile\appdata\local\krtspjne\sxlfajwu.exe
    dRun: [WinNT.exe] c:\windows\system32\config\systemprofile\appdata\roaming\windows loader\WinNT.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\lolrec~1.lnk - c:\program files\lolreplay\LOLRecorder.exe
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: DisableCAD = 1 (0x1)
    IE: &Recherche AOL Toolbar - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML
    IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{BE17EAF0-02E3-4E41-AF84-9B46FE375B36} : DhcpNameServer = 192.168.1.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Notify: psfus - c:\windows\system32\psqlpwd.dll
    LSA: Notification Packages = scecli psqlpwd
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\dadou\appdata\roaming\mozilla\firefox\profiles\0uvm169f.default\
    FF - prefs.js: browser.search.selectedEngine - Ask.com
    FF - prefs.js: browser.startup.homepage - hxxp://google.com
    FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
    FF - component: c:\users\dadou\appdata\roaming\mozilla\firefox\profiles\0uvm169f.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
    FF - component: c:\users\dadou\appdata\roaming\mozilla\firefox\profiles\0uvm169f.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
    FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
    FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
    FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
    FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
    FF - plugin: c:\programdata\id software\quakelive\npquakezero.dll
    FF - plugin: c:\users\dadou\appdata\roaming\facebook\npfbplugin_1_0_3.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.homepage.dontask - true
    ============= SERVICES / DRIVERS ===============
    .
    R0 CplIR;Embedded IR Driver;c:\windows\system32\drivers\CplIR.sys [2007-3-6 14848]
    R0 iaNvStor;Intel(R) Turbo Memory Technology NAND Controller;c:\windows\system32\drivers\iaNvStor.sys [2007-4-18 210432]
    R1 avgio;avgio;c:\program files\avira\antivir personaledition classic\avgio.sys [2009-1-10 11608]
    R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2006-11-2 22016]
    R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus;c:\program files\avira\antivir personaledition classic\sched.exe [2009-1-10 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard;c:\program files\avira\antivir personaledition classic\avguard.exe [2009-1-10 151297]
    R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2011-8-4 1361288]
    R3 avgntflt;avgntflt;c:\program files\avira\antivir personaledition classic\avgntflt.sys [2009-1-10 52056]
    S2 gupdate;Service Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-3-9 135664]
    S2 JavaQuickUpload;Java Quick Upload Service;c:\windows\system32\javaupl.exe [2011-10-13 68476]
    S3 gupdatem;Service Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-3-9 135664]
    S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
    .
    =============== File Associations ===============
    .
    regfile="regedit.exe" "%1"
    .
    =============== Created Last 30 ================
    .
    2011-10-13 16:13:05 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{9bd80533-de2e-4e12-b7a4-3fb884ef6afc}\offreg.dll
    2011-10-08 12:25:15 2565432 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
    2011-10-08 12:25:08 7269712 ------w- c:\programdata\microsoft\windows defender\definition updates\{9bd80533-de2e-4e12-b7a4-3fb884ef6afc}\mpengine.dll
    2011-10-08 12:25:08 222080 ------w- c:\windows\system32\MpSigStub.exe
    2011-10-06 14:08:13 -------- d-----w- c:\programdata\kP21703BiLlB21703
    2011-09-27 05:51:44 -------- d-sh--w- C:\found.000
    2011-09-22 09:15:49 -------- d-----w- C:\gPotato.eu
    2011-09-21 15:36:10 -------- d-----w- c:\program files\LOLReplay
    .
    ==================== Find3M ====================
    .
    2011-10-13 16:42:08 192512 ----a-w- c:\windows\system32\svdhalp.exe.ini
    2011-10-13 16:42:08 192512 ----a-w- c:\windows\system32\svdhalp.exe
    2011-10-13 16:41:46 192512 ----a-w- c:\windows\system32\svdhalp.exe352
    2011-10-13 16:41:46 192512 ----a-w- c:\windows\system32\svdhalp.exe.ini922
    2011-10-13 16:40:55 192512 ----a-w- c:\windows\system32\svdhalp.exe653
    2011-10-13 16:40:55 192512 ----a-w- c:\windows\system32\svdhalp.exe.ini810
    2011-10-13 16:40:10 192512 ----a-w- c:\windows\system32\svdhalp.exe622
    2011-10-13 16:40:10 192512 ----a-w- c:\windows\system32\svdhalp.exe.ini886
    2011-10-13 16:39:36 192512 ----a-w- c:\windows\system32\svdhalp.exe.ini471
    2011-10-13 16:39:30 192512 ----a-w- c:\windows\system32\svdhalp.exe35
    2011-10-13 16:39:06 192512 ----a-w- c:\windows\system32\svdhalp.exe603
    2011-10-13 16:39:06 192512 ----a-w- c:\windows\system32\svdhalp.exe.ini374
    2011-10-13 16:39:06 17 ----a-w- c:\windows\syskey2i.drv
    2011-09-10 16:49:18 1409 ----a-w- c:\windows\QTFont.for
    .
    ============= FINISH: 21:20:33,34 ===============
    Contenus similaires
    14 Octobre 2011 20:15:45

    Bonsoir :) 

    Désactive ton antivirus et tout autre type de protection.
    Télécharge ComboFix de sUBs : Combofix
    Sauvegarde-le sur ton bureau et pas ailleurs!

    Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
    clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

    viens sur le forum et édition "coller"

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer

    <@_@>

    +++++++++++++++++++++
    15 Octobre 2011 01:18:58

    Bonsoir et merci de prendre le temps de m'aider.
    J'ai lancé Combofix et pendant l'application j'ai eu un redémarrage qui ressemblait plus a un plantage ( écran bleue, erreur, etc ) puis j'ai relancé, j'ai eu un redémarrage normal suite a la suppression de nombreux fichiers d'après ce que j'ai compris, et un second redémarrage/plantage dans la dernière phase, au final je ne sais pas si l'application s'est terminé correctement mais j'obtiens ce rapport :

    ------------------------------------------------------------------------------------------------------------------------------

    ComboFix 11-10-14.04 - dadou 15/10/2011 0:26:53.2.2 - x86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.33.1036.18.2046.1101 [GMT 2:00]
    Lancé depuis: C:\Users\dadou\Desktop\ComboFix.exe
    * Un nouveau point de restauration a été créé


    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))


    C:\data
    C:\ProgramData\xp
    C:\ProgramData\xp\TPwSav.sys
    C:\Users\dadou\AppData\Roaming\app
    C:\Users\dadou\AppData\Roaming\app\Jerakine_lang.dat
    C:\Users\dadou\AppData\Roaming\app\Jerakine_lang_vesrion.dat
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 1 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 10 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 100 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 101 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 102 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 103 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 104 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 105 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 106 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 107 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 108 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 109 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 11 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 110 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 111 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 112 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 113 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 114 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 115 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 116 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 117 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 118 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 119 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 12 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 120 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 121 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 122 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 123 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 124 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 125 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 126 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 127 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 128 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 129 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 13 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 130 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 131 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 132 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 133 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 134 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 135 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 136 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 137 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 138 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 139 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt

    !!!!!!!!!!!!!!!!!!! J'ai coupé car le message était trop long mais en gros la meme chose de log1 a log600+.
    Si c'est important je le reposterais en plusieurs fois. !!!!!!!!!!!!!!!!!!!!!!!


    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 551 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 552 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 553 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 554 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 555 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 556 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 557 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 558 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 559 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 56 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 560 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 561 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 562 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 563 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 564 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 565 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 566 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 567 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 568 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 569 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 57 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 570 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 571 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 572 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 573 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 574 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 575 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 576 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 577 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 578 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 579 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 58 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 580 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 581 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 582 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 583 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 584 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 585 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 586 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 587 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 588 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 589 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 59 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 590 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 591 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 592 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 593 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 594 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 595 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 596 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 597 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 598 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 599 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 6 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 60 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 600 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 601 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 602 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 603 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 604 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 605 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 606 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 607 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 608 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 609 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 61 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 610 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 62 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 63 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 64 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 65 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 66 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 67 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 68 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 69 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 7 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 70 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 71 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 72 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 73 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 74 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 75 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 76 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 77 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 78 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 79 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 8 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 80 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 81 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 82 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 83 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 84 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 85 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 86 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 87 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 88 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 89 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 9 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 90 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 91 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 92 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 93 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 94 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 95 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 96 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 97 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 98 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Users\dadou\AppData\Roaming\Microsoft\Windows\Templates\Pain_Logger_PrivateEdition_Ftp_Log 99 On PC-DE-DADOU 's ComputerAt30-10-2010---15-59-38.txt
    C:\Windows\syskey2i.drv
    C:\Windows\system32\inst.dat
    C:\Windows\system32\jgaw400.dll
    C:\Windows\system32\kw.dat
    C:\Windows\system32\svdhalp.exe.ini
    C:\Windows\system32\svdhalp.exe.ini374
    C:\Windows\system32\svdhalp.exe.ini471
    C:\Windows\system32\svdhalp.exe.ini810
    C:\Windows\system32\svdhalp.exe.ini886
    C:\Windows\system32\svdhalp.exe.ini922
    C:\Windows\system32\svdhalp.exe35
    C:\Windows\system32\svdhalp.exe352
    C:\Windows\system32\svdhalp.exe603
    C:\Windows\system32\svdhalp.exe622
    C:\Windows\system32\svdhalp.exe653
    C:\Windows\system32\web.dat
    C:\Windows\wpe pro.INI

    C:\Windows\system32\Drivers\atapi.sys . . . est infecté!!


    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_MICORSOFT_WINDOWS_SERVICE


    ((((((((((((((((((((((((((((( Fichiers créés du 2011-09-14 au 2011-10-14 ))))))))))))))))))))))))))))))))))))


    15 Octobre 2011 09:12:47

    Bonjour
    je ne peux rien faire avec des moitiés de rapport...
    Poste le rapport:C:\Combofix.txt
    utilise ceci pour me le poster en entier:
    http://www.sendspace.com/

    15 Octobre 2011 16:35:56

    re
    tu n'es pas allé au bout du scan combofix....
    il ne faut pas tout couper en cours de scan.... cet outil est puissant et tu pourrais bien endommager ton pc en jouant à ça...
    On va passer un autre outil puis après, tu refais un passage avec Combofix.

    1

    telecharge sur ton bureau http://support.kaspersky.com/downloads/utils/tdsskiller... , dezippe le et execute le , un rapport sera crée ici:

    C:\TDSSKillerVersion_Date_Time_log.txt.<< copie_colle son contenu

    tu as aussi directement l'executable là : http://support.kaspersky.com/downloads/utils/tdsskiller...

    o execute le , La fenêtre suivante va s'ouvrir::



    o Clique sur Start scan et laisse l'outil scanner ton disque dur sans l'interrompre et sans utiliser le PC.
    o Si des fichiers infectés sont trouvées, une nouvelle fenêtre va s'ouvrir:



    o Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.

    o Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.

    o Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.

    o Si Suspicious file est indiqué, laisse l'option cochée sur Skip

    o Clique sur Continue puis sur Reboot now pour redémarrer le PC.

    o Copie-colle le rapport généré dans ta prochaine réponse (Il est aussi sauvegardé à la racine de ta partition système sous le nom C:\TDSSKiller_Quarantine\JJ.MM.AA_HH.MM.SS. (JJ.MM.AA date du passage de l'outil, HH.MM.SS heure de passage).

    tutoriel--> http://support.kaspersky.com/viruses/solutions?qid=2082...

    +++++++++++++++++++

    Puis:

    2
    Tu recommences la procédure avec combofix mais cette fois tu laisses l'outil aller au bout .



    ++++++++++++++++++
    15 Octobre 2011 21:44:10

    Bonsoir. Comme je l'ai expliqué, mon pc a planté ou l'outil a fait planter mon pc a 2 reprises et comme c'est la 1ère fois que j'utilise combofix je ne savais pas s'il avait fini de s'executer ou pas:

    Citation :
    Bonsoir et merci de prendre le temps de m'aider.
    J'ai lancé Combofix et pendant l'application j'ai eu un redémarrage qui ressemblait plus a un plantage ( écran bleue, erreur, etc ) puis j'ai relancé, j'ai eu un redémarrage normal suite a la suppression de nombreux fichiers d'après ce que j'ai compris, et un second redémarrage/plantage dans la dernière phase, au final je ne sais pas si l'application s'est terminé correctement mais j'obtiens ce rapport :



    Je m'occupe de tout ça et je vous envoie les rapports. Merci.

    15 Octobre 2011 21:55:19

    Voici le TDSSKiller, puis je réessaye ComboFix en espérant que mon pc ne plante pas.

    -------------------------------------------------------------------------------------------------------------------------

    21:46:03.0420 4740 TDSS rootkit removing tool 2.6.9.0 Oct 14 2011 11:33:24
    21:46:04.0323 4740 ============================================================
    21:46:04.0323 4740 Current date / time: 2011/10/15 21:46:04.0323
    21:46:04.0323 4740 SystemInfo:
    21:46:04.0323 4740
    21:46:04.0323 4740 OS Version: 6.0.6000 ServicePack: 0.0
    21:46:04.0323 4740 Product type: Workstation
    21:46:04.0323 4740 ComputerName: PC-DE-DADOU
    21:46:04.0323 4740 UserName: dadou
    21:46:04.0323 4740 Windows directory: C:\Windows
    21:46:04.0323 4740 System windows directory: C:\Windows
    21:46:04.0323 4740 Processor architecture: Intel x86
    21:46:04.0323 4740 Number of processors: 2
    21:46:04.0323 4740 Page size: 0x1000
    21:46:04.0323 4740 Boot type: Normal boot
    21:46:04.0323 4740 ============================================================
    21:46:05.0469 4740 Initialize success
    21:46:07.0772 2124 ============================================================
    21:46:07.0772 2124 Scan started
    21:46:07.0772 2124 Mode: Manual;
    21:46:07.0772 2124 ============================================================
    21:46:09.0433 2124 ACPI (192bdbd1540645c4a2aa69f24cce197f) C:\Windows\system32\drivers\acpi.sys
    21:46:09.0439 2124 ACPI - ok
    21:46:09.0691 2124 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
    21:46:09.0709 2124 adp94xx - ok
    21:46:09.0986 2124 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
    21:46:09.0990 2124 adpahci - ok
    21:46:10.0203 2124 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
    21:46:10.0210 2124 adpu160m - ok
    21:46:10.0316 2124 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
    21:46:10.0347 2124 adpu320 - ok
    21:46:10.0619 2124 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
    21:46:10.0664 2124 AFD - ok
    21:46:10.0929 2124 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
    21:46:11.0070 2124 AgereSoftModem - ok
    21:46:11.0394 2124 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
    21:46:11.0436 2124 agp440 - ok
    21:46:11.0813 2124 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    21:46:11.0850 2124 aic78xx - ok
    21:46:11.0957 2124 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
    21:46:11.0985 2124 aliide - ok
    21:46:12.0110 2124 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
    21:46:12.0143 2124 amdagp - ok
    21:46:12.0324 2124 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
    21:46:12.0352 2124 amdide - ok
    21:46:12.0399 2124 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
    21:46:12.0436 2124 AmdK7 - ok
    21:46:12.0839 2124 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
    21:46:12.0923 2124 AmdK8 - ok
    21:46:13.0182 2124 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
    21:46:13.0214 2124 arc - ok
    21:46:13.0447 2124 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
    21:46:13.0470 2124 arcsas - ok
    21:46:13.0803 2124 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\Windows\system32\drivers\ASCTRM.sys
    21:46:13.0835 2124 ASCTRM - ok
    21:46:13.0960 2124 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
    21:46:13.0983 2124 AsyncMac - ok
    21:46:14.0101 2124 atapi (4f4fcb8b6ea06784fb6d475b7ec7300f) C:\Windows\system32\drivers\atapi.sys
    21:46:14.0126 2124 atapi - ok
    21:46:14.0285 2124 athr (6046a55f79de9c581b8d5e9c1366cc81) C:\Windows\system32\DRIVERS\athr.sys
    21:46:14.0318 2124 athr - ok
    21:46:14.0446 2124 avgio (11169e93ffa195a5063750c55530da55) C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
    21:46:14.0463 2124 avgio - ok
    21:46:14.0529 2124 avgntflt (591068bd9d1d36b5b569eb7ce831e71b) C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
    21:46:14.0561 2124 avgntflt - ok
    21:46:14.0750 2124 avipbb (7334e72f94c59f7699936e182b278dc3) C:\Windows\system32\DRIVERS\avipbb.sys
    21:46:14.0759 2124 avipbb - ok
    21:46:14.0845 2124 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
    21:46:14.0849 2124 Beep - ok
    21:46:14.0984 2124 blbdrive - ok
    21:46:15.0080 2124 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
    21:46:15.0108 2124 bowser - ok
    21:46:15.0257 2124 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    21:46:15.0290 2124 BrFiltLo - ok
    21:46:15.0347 2124 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    21:46:15.0380 2124 BrFiltUp - ok
    21:46:15.0576 2124 Bridge (2ac8f5b88771c31c4211a11be6bffe14) C:\Windows\system32\DRIVERS\bridge.sys
    21:46:15.0604 2124 Bridge - ok
    21:46:15.0650 2124 BridgeMP (2ac8f5b88771c31c4211a11be6bffe14) C:\Windows\system32\DRIVERS\bridge.sys
    21:46:15.0651 2124 BridgeMP - ok
    21:46:15.0703 2124 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    21:46:15.0733 2124 Brserid - ok
    21:46:15.0874 2124 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    21:46:15.0901 2124 BrSerWdm - ok
    21:46:15.0967 2124 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    21:46:15.0983 2124 BrUsbMdm - ok
    21:46:16.0040 2124 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    21:46:16.0059 2124 BrUsbSer - ok
    21:46:16.0182 2124 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    21:46:16.0216 2124 BTHMODEM - ok
    21:46:16.0335 2124 catchme - ok
    21:46:16.0526 2124 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
    21:46:16.0553 2124 cdfs - ok
    21:46:16.0618 2124 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
    21:46:16.0649 2124 cdrom - ok
    21:46:16.0799 2124 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\DRIVERS\circlass.sys
    21:46:16.0826 2124 circlass - ok
    21:46:16.0916 2124 CLFS (51b4b82560e49c415ae5b1337d635c3f) C:\Windows\system32\CLFS.sys
    21:46:16.0948 2124 CLFS - ok
    21:46:17.0145 2124 CmBatt (0fed59edb4a83ff17f1778827b88ab1a) C:\Windows\system32\DRIVERS\CmBatt.sys
    21:46:17.0163 2124 CmBatt - ok
    21:46:17.0206 2124 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
    21:46:17.0212 2124 cmdide - ok
    21:46:17.0253 2124 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\DRIVERS\compbatt.sys
    21:46:17.0280 2124 Compbatt - ok
    21:46:17.0424 2124 CplIR (c3156b712e3873aad354f1696b2b2925) C:\Windows\system32\DRIVERS\CplIR.SYS
    21:46:17.0428 2124 CplIR - ok
    21:46:17.0485 2124 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
    21:46:17.0517 2124 crcdisk - ok
    21:46:17.0661 2124 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
    21:46:17.0694 2124 Crusoe - ok
    21:46:17.0802 2124 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
    21:46:17.0830 2124 DfsC - ok
    21:46:18.0003 2124 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
    21:46:18.0069 2124 disk - ok
    21:46:18.0164 2124 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
    21:46:18.0168 2124 drmkaud - ok
    21:46:18.0394 2124 DXGKrnl (f032a2f91287a0b800891c7bef9ca7a8) C:\Windows\System32\drivers\dxgkrnl.sys
    21:46:18.0408 2124 DXGKrnl - ok
    21:46:18.0473 2124 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
    21:46:18.0502 2124 E1G60 - ok
    21:46:18.0641 2124 EagleNT - ok
    21:46:18.0727 2124 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
    21:46:18.0762 2124 Ecache - ok
    21:46:18.0959 2124 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
    21:46:18.0992 2124 elxstor - ok
    21:46:19.0203 2124 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
    21:46:19.0248 2124 fastfat - ok
    21:46:19.0290 2124 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
    21:46:19.0319 2124 fdc - ok
    21:46:19.0518 2124 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
    21:46:19.0554 2124 FileInfo - ok
    21:46:19.0590 2124 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
    21:46:19.0608 2124 Filetrace - ok
    21:46:19.0644 2124 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
    21:46:19.0663 2124 flpydisk - ok
    21:46:19.0851 2124 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
    21:46:19.0853 2124 FltMgr - ok
    21:46:19.0883 2124 Fs_Rec (1ed8599e1e08ba40f2b7301f0b83583a) C:\Windows\system32\drivers\Fs_Rec.sys
    21:46:19.0888 2124 Fs_Rec - ok
    21:46:19.0923 2124 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
    21:46:19.0949 2124 gagp30kx - ok
    21:46:20.0186 2124 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
    21:46:20.0191 2124 hamachi - ok
    21:46:20.0275 2124 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
    21:46:20.0318 2124 HdAudAddService - ok
    21:46:20.0483 2124 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
    21:46:20.0484 2124 HDAudBus - ok
    21:46:20.0545 2124 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    21:46:20.0578 2124 HidBth - ok
    21:46:20.0947 2124 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\DRIVERS\hidir.sys
    21:46:20.0975 2124 HidIr - ok
    21:46:21.0137 2124 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
    21:46:21.0165 2124 HidUsb - ok
    21:46:21.0208 2124 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
    21:46:21.0228 2124 HpCISSs - ok
    21:46:21.0290 2124 HTTP (f31d27ccf514549a17e79bebe01b40b6) C:\Windows\system32\drivers\HTTP.sys
    21:46:21.0330 2124 HTTP - ok
    21:46:21.0509 2124 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
    21:46:21.0534 2124 i2omp - ok
    21:46:21.0568 2124 i8042prt (1060f1377f395a242e27719440ece602) C:\Windows\system32\DRIVERS\i8042prt.sys
    21:46:21.0592 2124 i8042prt - ok
    21:46:21.0759 2124 iaNvStor (a24e4563c2c5f3b21189a1fdcdb16b06) C:\Windows\system32\DRIVERS\iaNvStor.sys
    21:46:21.0760 2124 iaNvStor - ok
    21:46:21.0784 2124 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\DRIVERS\iaStor.sys
    21:46:21.0785 2124 iaStor - ok
    21:46:21.0854 2124 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
    21:46:21.0889 2124 iaStorV - ok
    21:46:22.0059 2124 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    21:46:22.0084 2124 iirsp - ok
    21:46:22.0314 2124 IntcAzAudAddService (7bd4e0428776d11c8e8e26f9f5508690) C:\Windows\system32\drivers\RTKVHDA.sys
    21:46:22.0370 2124 IntcAzAudAddService - ok
    21:46:22.0497 2124 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
    21:46:22.0519 2124 intelide - ok
    21:46:22.0589 2124 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
    21:46:22.0590 2124 intelppm - ok
    21:46:22.0628 2124 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    21:46:22.0658 2124 IpFilterDriver - ok
    21:46:22.0755 2124 IpInIp - ok
    21:46:22.0841 2124 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
    21:46:22.0879 2124 IPMIDRV - ok
    21:46:22.0979 2124 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
    21:46:23.0006 2124 IPNAT - ok
    21:46:23.0116 2124 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
    21:46:23.0150 2124 IRENUM - ok
    21:46:23.0249 2124 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
    21:46:23.0293 2124 isapnp - ok
    21:46:23.0425 2124 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
    21:46:23.0429 2124 iScsiPrt - ok
    21:46:23.0501 2124 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    21:46:23.0533 2124 iteatapi - ok
    21:46:23.0649 2124 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    21:46:23.0673 2124 iteraid - ok
    21:46:23.0757 2124 kbdclass (1a48765f92ba1a88445fc25c9c9d94fc) C:\Windows\system32\DRIVERS\kbdclass.sys
    21:46:23.0764 2124 kbdclass - ok
    21:46:23.0793 2124 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\DRIVERS\kbdhid.sys
    21:46:23.0797 2124 kbdhid - ok
    21:46:23.0911 2124 KR10I (a383f2cea0a8f4e76e71abc869bd5748) C:\Windows\system32\drivers\kr10i.sys
    21:46:23.0947 2124 KR10I - ok
    21:46:24.0032 2124 KR10N (6e9922332386c2a49936b30b2b6fd298) C:\Windows\system32\drivers\kr10n.sys
    21:46:24.0072 2124 KR10N - ok
    21:46:24.0209 2124 KSecDD (11d0bc1f2afd8abbb5a3dc47a042de54) C:\Windows\system32\Drivers\ksecdd.sys
    21:46:24.0229 2124 KSecDD - ok
    21:46:24.0307 2124 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
    21:46:24.0335 2124 lltdio - ok
    21:46:24.0446 2124 LPCFilter (515fc18cabee0158a324b08b1c2667cf) C:\Windows\system32\DRIVERS\LPCFilter.sys
    21:46:24.0462 2124 LPCFilter - ok
    21:46:24.0505 2124 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
    21:46:24.0512 2124 LSI_FC - ok
    21:46:24.0574 2124 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
    21:46:24.0580 2124 LSI_SAS - ok
    21:46:24.0620 2124 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
    21:46:24.0628 2124 LSI_SCSI - ok
    21:46:24.0738 2124 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
    21:46:24.0767 2124 luafv - ok
    21:46:24.0860 2124 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
    21:46:24.0884 2124 megasas - ok
    21:46:25.0011 2124 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
    21:46:25.0012 2124 Modem - ok
    21:46:25.0105 2124 monitor (ec839ba91e45cce6eadafc418fff8206) C:\Windows\system32\DRIVERS\monitor.sys
    21:46:25.0106 2124 monitor - ok
    21:46:25.0134 2124 mouclass (3c9469dfb3440555dab070716d768b1e) C:\Windows\system32\DRIVERS\mouclass.sys
    21:46:25.0140 2124 mouclass - ok
    21:46:25.0270 2124 mouhid (a3a6dff7e9e757db3df51a833bc28885) C:\Windows\system32\DRIVERS\mouhid.sys
    21:46:25.0307 2124 mouhid - ok
    21:46:25.0381 2124 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
    21:46:25.0405 2124 MountMgr - ok
    21:46:25.0543 2124 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
    21:46:25.0573 2124 mpio - ok
    21:46:25.0651 2124 mpsdrv (8d326e8b321685d4784afa1c55169d73) C:\Windows\system32\drivers\mpsdrv.sys
    21:46:25.0684 2124 mpsdrv - ok
    21:46:25.0818 2124 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    21:46:25.0823 2124 Mraid35x - ok
    21:46:25.0857 2124 MRxDAV (93224014a418b72356462b8f7de6e8c9) C:\Windows\system32\drivers\mrxdav.sys
    21:46:25.0895 2124 MRxDAV - ok
    21:46:25.0960 2124 mrxsmb (fca7563d87f71c6db0182ca67cc19aa7) C:\Windows\system32\DRIVERS\mrxsmb.sys
    21:46:25.0991 2124 mrxsmb - ok
    21:46:26.0114 2124 mrxsmb10 (58a9ab5754fa4cabede7401283b5a771) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    21:46:26.0156 2124 mrxsmb10 - ok
    21:46:26.0269 2124 mrxsmb20 (79b09504e4a790104683722cd04f76b4) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    21:46:26.0276 2124 mrxsmb20 - ok
    21:46:26.0409 2124 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
    21:46:26.0453 2124 msahci - ok
    21:46:26.0526 2124 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
    21:46:26.0561 2124 msdsm - ok
    21:46:26.0684 2124 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
    21:46:26.0712 2124 Msfs - ok
    21:46:26.0784 2124 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
    21:46:26.0806 2124 msisadrv - ok
    21:46:26.0934 2124 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
    21:46:26.0957 2124 MSKSSRV - ok
    21:46:27.0031 2124 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
    21:46:27.0049 2124 MSPCLOCK - ok
    21:46:27.0081 2124 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
    21:46:27.0082 2124 MSPQM - ok
    21:46:27.0201 2124 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
    21:46:27.0212 2124 MsRPC - ok
    21:46:27.0286 2124 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
    21:46:27.0286 2124 mssmbios - ok
    21:46:27.0318 2124 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
    21:46:27.0352 2124 MSTEE - ok
    21:46:27.0474 2124 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
    21:46:27.0506 2124 Mup - ok
    21:46:27.0588 2124 NativeWifiP (497de786240303ee67ab01f5690c24c2) C:\Windows\system32\DRIVERS\nwifi.sys
    21:46:27.0598 2124 NativeWifiP - ok
    21:46:27.0734 2124 NDIS (fffe00134c554e113ee186eeddb0ff30) C:\Windows\system32\drivers\ndis.sys
    21:46:27.0746 2124 NDIS - ok
    21:46:27.0799 2124 NdisTapi (7584f1794b23b83d63cc124a8c56d103) C:\Windows\system32\DRIVERS\ndistapi.sys
    21:46:27.0804 2124 NdisTapi - ok
    21:46:27.0890 2124 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
    21:46:27.0919 2124 Ndisuio - ok
    21:46:28.0007 2124 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
    21:46:28.0045 2124 NdisWan - ok
    21:46:28.0131 2124 NDProxy (874c12e3ad1431cabc854697d302c563) C:\Windows\system32\drivers\NDProxy.sys
    21:46:28.0136 2124 NDProxy - ok
    21:46:28.0298 2124 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
    21:46:28.0304 2124 NetBIOS - ok
    21:46:28.0371 2124 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
    21:46:28.0394 2124 netbt - ok
    21:46:28.0629 2124 NETw4v32 (c4f27ba95327b6441ca44ddcfb47562a) C:\Windows\system32\DRIVERS\NETw4v32.sys
    21:46:28.0712 2124 NETw4v32 - ok
    21:46:28.0896 2124 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    21:46:28.0932 2124 nfrd960 - ok
    21:46:28.0972 2124 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
    21:46:28.0999 2124 Npfs - ok
    21:46:29.0170 2124 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
    21:46:29.0200 2124 nsiproxy - ok
    21:46:29.0277 2124 Ntfs (3f379380a4a2637f559444e338cf1b51) C:\Windows\system32\drivers\Ntfs.sys
    21:46:29.0297 2124 Ntfs - ok
    21:46:29.0508 2124 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    21:46:29.0552 2124 ntrigdigi - ok
    21:46:29.0589 2124 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
    21:46:29.0592 2124 Null - ok
    21:46:29.0899 2124 nvlddmkm (18634f41aa3a3ac5bb25714ca3cd1100) C:\Windows\system32\DRIVERS\nvlddmkm.sys
    21:46:30.0141 2124 nvlddmkm - ok
    21:46:30.0318 2124 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
    21:46:30.0347 2124 nvraid - ok
    21:46:30.0382 2124 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
    21:46:30.0388 2124 nvstor - ok
    21:46:30.0470 2124 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
    21:46:30.0478 2124 nv_agp - ok
    21:46:30.0570 2124 NwlnkFlt - ok
    21:46:30.0587 2124 NwlnkFwd - ok
    21:46:30.0646 2124 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
    21:46:30.0647 2124 ohci1394 - ok
    21:46:30.0687 2124 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    21:46:30.0724 2124 Parport - ok
    21:46:30.0887 2124 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
    21:46:30.0915 2124 partmgr - ok
    21:46:30.0951 2124 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    21:46:30.0983 2124 Parvdm - ok
    21:46:31.0164 2124 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
    21:46:31.0165 2124 pci - ok
    21:46:31.0198 2124 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
    21:46:31.0203 2124 pciide - ok
    21:46:31.0224 2124 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\DRIVERS\pcmcia.sys
    21:46:31.0254 2124 pcmcia - ok
    21:46:31.0466 2124 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    21:46:31.0538 2124 PEAUTH - ok
    21:46:31.0733 2124 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
    21:46:31.0739 2124 PptpMiniport - ok
    21:46:31.0780 2124 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
    21:46:31.0805 2124 Processor - ok
    21:46:31.0964 2124 PSched (b74edf14453c9987e99e66535047ebee) C:\Windows\system32\DRIVERS\pacer.sys
    21:46:31.0965 2124 PSched - ok
    21:46:32.0040 2124 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
    21:46:32.0084 2124 ql2300 - ok
    21:46:32.0259 2124 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    21:46:32.0289 2124 ql40xx - ok
    21:46:32.0333 2124 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
    21:46:32.0334 2124 QWAVEdrv - ok
    21:46:32.0531 2124 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
    21:46:32.0554 2124 RasAcd - ok
    21:46:32.0594 2124 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
    21:46:32.0600 2124 Rasl2tp - ok
    21:46:32.0761 2124 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
    21:46:32.0784 2124 RasPppoe - ok
    21:46:32.0836 2124 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
    21:46:32.0848 2124 rdbss - ok
    21:46:33.0014 2124 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
    21:46:33.0018 2124 RDPCDD - ok
    21:46:33.0081 2124 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
    21:46:33.0095 2124 rdpdr - ok
    21:46:33.0285 2124 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
    21:46:33.0316 2124 RDPENCDD - ok
    21:46:33.0361 2124 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
    21:46:33.0388 2124 RDPWD - ok
    21:46:33.0582 2124 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
    21:46:33.0608 2124 rspndr - ok
    21:46:33.0661 2124 RTL8169 (b8b159fa669c6386a458fcd468ebb1e6) C:\Windows\system32\DRIVERS\Rtlh86.sys
    21:46:33.0696 2124 RTL8169 - ok
    21:46:33.0872 2124 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    21:46:33.0880 2124 sbp2port - ok
    21:46:33.0925 2124 sdbus (5bafd52831ea802f8d3940f5c92fdeec) C:\Windows\system32\DRIVERS\sdbus.sys
    21:46:33.0947 2124 sdbus - ok
    21:46:34.0117 2124 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    21:46:34.0142 2124 secdrv - ok
    21:46:34.0178 2124 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
    21:46:34.0182 2124 Serenum - ok
    21:46:34.0275 2124 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
    21:46:34.0301 2124 Serial - ok
    21:46:34.0397 2124 sermouse (fd06895f55c0bec3cbd84bda14e1c6b7) C:\Windows\system32\drivers\sermouse.sys
    21:46:34.0428 2124 sermouse - ok
    21:46:34.0575 2124 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
    21:46:34.0591 2124 sffdisk - ok
    21:46:34.0684 2124 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
    21:46:34.0689 2124 sffp_mmc - ok
    21:46:34.0791 2124 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
    21:46:34.0811 2124 sffp_sd - ok
    21:46:34.0855 2124 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    21:46:34.0859 2124 sfloppy - ok
    21:46:34.0981 2124 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
    21:46:35.0012 2124 sisagp - ok
    21:46:35.0118 2124 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
    21:46:35.0149 2124 SiSRaid2 - ok
    21:46:35.0265 2124 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
    21:46:35.0272 2124 SiSRaid4 - ok
    21:46:35.0406 2124 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
    21:46:35.0413 2124 Smb - ok
    21:46:35.0508 2124 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
    21:46:35.0513 2124 spldr - ok
    21:46:35.0575 2124 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
    21:46:35.0575 2124 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
    21:46:35.0577 2124 sptd ( LockedFile.Multi.Generic ) - warning
    21:46:35.0577 2124 sptd - detected LockedFile.Multi.Generic (1)
    21:46:35.0763 2124 srv (2c677528b24d64d22886ecbe5cd97f20) C:\Windows\system32\DRIVERS\srv.sys
    21:46:35.0778 2124 srv - ok
    21:46:35.0799 2124 srv2 (382baf4dcbd7648ced6c64a8a1e335b2) C:\Windows\system32\DRIVERS\srv2.sys
    21:46:35.0807 2124 srv2 - ok
    21:46:35.0828 2124 srvnet (f8e47a77e1690d8574962b69cb22beb3) C:\Windows\system32\DRIVERS\srvnet.sys
    21:46:35.0857 2124 srvnet - ok
    21:46:36.0035 2124 ssmdrv (71d609c5dff067906d930bde031c4cfe) C:\Windows\system32\DRIVERS\ssmdrv.sys
    21:46:36.0066 2124 ssmdrv - ok
    21:46:36.0137 2124 ssm_bus (df5c19f053eff7f8ba25d73aea899656) C:\Windows\system32\DRIVERS\ssm_bus.sys
    21:46:36.0164 2124 ssm_bus - ok
    21:46:36.0298 2124 ssm_mdfl (5347169fa449eabc4d0728ae39fab926) C:\Windows\system32\DRIVERS\ssm_mdfl.sys
    21:46:36.0330 2124 ssm_mdfl - ok
    21:46:36.0394 2124 ssm_mdm (7aae23dd105eed15c4f45fc269fa42a9) C:\Windows\system32\DRIVERS\ssm_mdm.sys
    21:46:36.0402 2124 ssm_mdm - ok
    21:46:36.0570 2124 StarOpen - ok
    21:46:36.0616 2124 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
    21:46:36.0620 2124 swenum - ok
    21:46:36.0664 2124 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    21:46:36.0684 2124 Symc8xx - ok
    21:46:36.0740 2124 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    21:46:36.0745 2124 Sym_hi - ok
    21:46:36.0887 2124 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    21:46:36.0893 2124 Sym_u3 - ok
    21:46:36.0962 2124 SynTP (d2aa5d5fdb821eb5f9366c5e3bc2d9ea) C:\Windows\system32\DRIVERS\SynTP.sys
    21:46:36.0995 2124 SynTP - ok
    21:46:37.0204 2124 Tcpip (d944522b048a5feb7700b5170d3d9423) C:\Windows\system32\drivers\tcpip.sys
    21:46:37.0249 2124 Tcpip - ok
    21:46:37.0490 2124 Tcpip6 (d944522b048a5feb7700b5170d3d9423) C:\Windows\system32\DRIVERS\tcpip.sys
    21:46:37.0495 2124 Tcpip6 - ok
    21:46:37.0703 2124 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
    21:46:37.0708 2124 tcpipreg - ok
    21:46:37.0769 2124 TcUsb (64abea4001f8eb869385e65d85bc302b) C:\Windows\system32\Drivers\tcusb.sys
    21:46:37.0801 2124 TcUsb - ok
    21:46:37.0978 2124 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
    21:46:38.0005 2124 tdcmdpst - ok
    21:46:38.0180 2124 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
    21:46:38.0184 2124 TDPIPE - ok
    21:46:38.0219 2124 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
    21:46:38.0223 2124 TDTCP - ok
    21:46:38.0264 2124 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
    21:46:38.0297 2124 tdx - ok
    21:46:38.0495 2124 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
    21:46:38.0526 2124 TermDD - ok
    21:46:38.0731 2124 tifm21 (e4c85c291ddb3dc5e4a2f227ca465ba6) C:\Windows\system32\drivers\tifm21.sys
    21:46:38.0772 2124 tifm21 - ok
    21:46:38.0912 2124 Tosrfcom - ok
    21:46:38.0956 2124 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys
    21:46:38.0959 2124 tosrfec - ok
    21:46:39.0020 2124 tos_sps32 (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys
    21:46:39.0060 2124 tos_sps32 - ok
    21:46:39.0198 2124 TpChoice - ok
    21:46:39.0245 2124 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
    21:46:39.0290 2124 tssecsrv - ok
    21:46:39.0319 2124 tunmp (80fc4ac81602c88e7d23618e6efba2c6) C:\Windows\system32\DRIVERS\tunmp.sys
    21:46:39.0331 2124 tunmp - ok
    21:46:39.0515 2124 tunnel (52daa1fa3b5a40d6a6627b44c60a9b78) C:\Windows\system32\DRIVERS\tunnel.sys
    21:46:39.0559 2124 tunnel - ok
    21:46:39.0734 2124 TVALZ (521c5f39829875adf5466dd94c6282c7) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
    21:46:39.0765 2124 TVALZ - ok
    21:46:39.0852 2124 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
    21:46:39.0876 2124 uagp35 - ok
    21:46:39.0999 2124 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
    21:46:40.0039 2124 udfs - ok
    21:46:40.0135 2124 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
    21:46:40.0161 2124 uliagpkx - ok
    21:46:40.0307 2124 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
    21:46:40.0319 2124 uliahci - ok
    21:46:40.0407 2124 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    21:46:40.0446 2124 UlSata - ok
    21:46:40.0493 2124 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    21:46:40.0519 2124 ulsata2 - ok
    21:46:40.0627 2124 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
    21:46:40.0648 2124 umbus - ok
    21:46:40.0765 2124 usbccgp (0adb101083dfa5039b1e65fb36551ab1) C:\Windows\system32\DRIVERS\usbccgp.sys
    21:46:40.0773 2124 usbccgp - ok
    21:46:40.0902 2124 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    21:46:40.0929 2124 usbcir - ok
    21:46:40.0997 2124 usbehci (0e3c51bafaa9e00a870ed20adfdc28e7) C:\Windows\system32\DRIVERS\usbehci.sys
    21:46:41.0003 2124 usbehci - ok
    21:46:41.0070 2124 usbhub (ec74d1322d1fbff709bdcbe20c703e1b) C:\Windows\system32\DRIVERS\usbhub.sys
    21:46:41.0081 2124 usbhub - ok
    21:46:41.0196 2124 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
    21:46:41.0220 2124 usbohci - ok
    21:46:41.0304 2124 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
    21:46:41.0329 2124 usbprint - ok
    21:46:41.0477 2124 USBSTOR (fdbaabf07244c60b0f4e0a6e71a107c6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    21:46:41.0483 2124 USBSTOR - ok
    21:46:41.0519 2124 usbuhci (c6b35b6c43751867d95752f1c5c8a3f2) C:\Windows\system32\DRIVERS\usbuhci.sys
    21:46:41.0524 2124 usbuhci - ok
    21:46:41.0628 2124 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
    21:46:41.0637 2124 usbvideo - ok
    21:46:41.0752 2124 UVCFTR (3b929a72aaea96dc0150d3a6da268c89) C:\Windows\system32\Drivers\UVCFTR_S.SYS
    21:46:41.0778 2124 UVCFTR - ok
    21:46:41.0872 2124 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
    21:46:41.0906 2124 vga - ok
    21:46:42.0026 2124 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
    21:46:42.0056 2124 VgaSave - ok
    21:46:42.0162 2124 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
    21:46:42.0187 2124 viaagp - ok
    21:46:42.0308 2124 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
    21:46:42.0341 2124 ViaC7 - ok
    21:46:42.0460 2124 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
    21:46:42.0487 2124 viaide - ok
    21:46:42.0605 2124 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
    21:46:42.0643 2124 volmgr - ok
    21:46:42.0764 2124 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
    21:46:42.0811 2124 volmgrx - ok
    21:46:42.0922 2124 volsnap (11ef6c1caef76b685233450a126125d6) C:\Windows\system32\drivers\volsnap.sys
    21:46:42.0962 2124 volsnap - ok
    21:46:43.0064 2124 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
    21:46:43.0098 2124 vsmraid - ok
    21:46:43.0243 2124 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    21:46:43.0284 2124 WacomPen - ok
    21:46:43.0393 2124 Wanarp (6e1a5be9a0605f3d932ff35fba2b22b3) C:\Windows\system32\DRIVERS\wanarp.sys
    21:46:43.0417 2124 Wanarp - ok
    21:46:43.0422 2124 Wanarpv6 (6e1a5be9a0605f3d932ff35fba2b22b3) C:\Windows\system32\DRIVERS\wanarp.sys
    21:46:43.0423 2124 Wanarpv6 - ok
    21:46:43.0549 2124 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\Windows\system32\DRIVERS\wanatw4.sys
    21:46:43.0555 2124 wanatw - ok
    21:46:43.0696 2124 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
    21:46:43.0722 2124 Wd - ok
    21:46:43.0854 2124 Wdf01000 (5dfdbd5ef13e4d95be6fc108e2ed4a67) C:\Windows\system32\drivers\Wdf01000.sys
    21:46:43.0893 2124 Wdf01000 - ok
    21:46:44.0173 2124 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
    21:46:44.0176 2124 WmiAcpi - ok
    21:46:44.0247 2124 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
    21:46:44.0267 2124 WpdUsb - ok
    21:46:44.0453 2124 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
    21:46:44.0474 2124 ws2ifsl - ok
    21:46:44.0524 2124 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
    21:46:44.0556 2124 WUDFRd - ok
    21:46:44.0756 2124 xnacc (69d5c58a3a03f86196db66ee95435652) C:\Windows\system32\DRIVERS\xnacc.sys
    21:46:44.0779 2124 xnacc - ok
    21:46:44.0910 2124 zntport - ok
    21:46:44.0933 2124 MBR (0x1B8) (04d4350ae5fb6fc2ad3e7c26b1323c68) \Device\Harddisk0\DR0
    21:46:44.0934 2124 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - infected
    21:46:44.0934 2124 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
    21:46:44.0944 2124 Boot (0x1200) (eb27b3ee729cd4e1570746166a985c56) \Device\Harddisk0\DR0\Partition0
    21:46:44.0945 2124 \Device\Harddisk0\DR0\Partition0 - ok
    21:46:44.0968 2124 Boot (0x1200) (c40df8a9780fe21b35bc00b75d20f863) \Device\Harddisk0\DR0\Partition1
    21:46:44.0970 2124 \Device\Harddisk0\DR0\Partition1 - ok
    21:46:44.0970 2124 ============================================================
    21:46:44.0970 2124 Scan finished
    21:46:44.0970 2124 ============================================================
    21:46:44.0979 5148 Detected object count: 2
    21:46:44.0979 5148 Actual detected object count: 2
    21:48:23.0997 5148 sptd ( LockedFile.Multi.Generic ) - skipped by user
    21:48:23.0997 5148 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
    21:48:24.0115 5148 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - will be cured on reboot
    21:48:24.0116 5148 \Device\Harddisk0\DR0 - ok
    21:48:24.0167 5148 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Cure
    21:48:45.0088 4028 Deinitialize success
    16 Octobre 2011 18:55:08

    Bonjour
    je crois qu'il va falloir trouver une copie de atapi.sys... merci les dl de torrents hein....

    Télécharge SystemLook à partir d'un des liens ci dessous sur ton Bureau.
    http://jpshortstuff.247fixes.com/SystemLook.exe

    * Double-click SystemLook.exe pour le lancer.
    * Clic droit/copier le contenu du cadre ci dessous ,et clic droit/coller dans le cadre blanc de SystemLook:

    :filefind
    atapi.sys


    * Click le bouton Look pour commencer le scan.
    * Laisse l'outil travailler, cela peut prendre quelques minutes.
    * Copie-colle dans ta prochaine réponse le rapport\contenu du fichier texte qui s'affiche

    Note: Le rapport peut aussi être trouvé sur ton Bureau nommé SystemLook.txt

    +++++++++++++++
    16 Octobre 2011 20:52:55

    bonjour/bonsoir ! Le voila:

    SystemLook 30.07.11 by jpshortstuff
    Log created at 20:46 on 16/10/2011 by dadou
    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "atapi.sys"
    C:\Windows\ERDNT\cache\atapi.sys --a---- 19048 bytes [20:08 15/10/2011] [09:49 02/11/2006] 4F4FCB8B6EA06784FB6D475B7EC7300F
    C:\Windows\System32\drivers\atapi.sys --a---- 19048 bytes [08:51 02/11/2006] [09:49 02/11/2006] 4F4FCB8B6EA06784FB6D475B7EC7300F
    C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys --a---- 19048 bytes [10:25 02/11/2006] [09:49 02/11/2006] 4F4FCB8B6EA06784FB6D475B7EC7300F

    -= EOF =-
    16 Octobre 2011 21:16:03

    re
    il faut que je cherche un peu plus...

    1
    Télécharge GMER à partir de ce lien : http://www.gmer.net/files.php – clic sur « Download EXE » et télécharge le fichier sur ton bureau.
    Voir le tutorial GMER, ça peut peut-être t’aider : http://www.malekal.com/tutorial_GMER.php

    Désactive tes logiciels de protection (antivirus, antispyware etc) et ferme tous les programmes ouverts.
    Double-clic sur le fichier GMER téléchargé.
    Une fois lancé, fais un clic droit sur le fond blanc (comme ci-dessus) et clic sur « Only Non MS files »
    Clic en bas à droite sur le bouton « Scan » pour lancer le scan.



    Lorsque le scan est terminé, clic sur « Copy »

    Ouvre le bloc-note et clic sur le Menu Edition / Coller
    Le rapport doit alors apparaître.
    Enregistre le fichier sur ton bureau et copie/colle le contenu ici.


    +++++++++++++++++++++++++++++++++++++

    2

    Télécharge RootRepeal
    http://rootrepeal.googlepages.com/RootRepeal.zip

    Déconnecte la machine d'Internet.
    Dézippe sur le bureau (Unzip ou extraire tout...).
    Désactive tes programmes de sécurité ( Pare-Feu, anti-spyware, anti-virus).
    Double clic sur RootRepeal.exe
    Une fenêtre s'ouvre,choisis dans les onglets en bas Report.
    Clic Scan ,Coche les 7 cases, clic Ok
    Coche C:\ puis Ok
    Le scan se lance, une fois fini clic sur Save Report.
    Sauve le rapport sur le bureau.
    Réactive tes logiciels de protections et relance Internet.
    Copie/Colle le rapport dans ta prochaine réponse.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS