cénédra

Bonjour, Moi aussi j'ai été contaminé par ce virus et une précédente tentative de décryptage de mes fichiers a échoué... Je tombe sur ce sujet et je retrouve les paramètres de codage énoncés par Eric. Je me permets de vous envoyer le rapport concernant l'essai de tdssKiller. Merci. Christelle Repport : 17:31:46.0780 3628 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32 17:31:46.0917 3628 ============================================================ 17:31:46.0917 3628 Current date / time: 2012/08/05 17:31:46.0917 17:31:46.0918 3628 SystemInfo: 17:31:46.0918 3628 17:31:46.0918 3628 OS Version: 6.1.7601 ServicePack: 1.0 17:31:46.0918 3628 Product type: Workstation 17:31:46.0918 3628 ComputerName: CHRISTELLE-PC 17:31:46.0919 3628 UserName: Christelle 17:31:46.0919 3628 Windows directory: C:\Windows 17:31:46.0919 3628 System windows directory: C:\Windows 17:31:46.0919 3628 Running under WOW64 17:31:46.0919 3628 Processor architecture: Intel x64 17:31:46.0919 3628 Number of processors: 2 17:31:46.0919 3628 Page size: 0x1000 17:31:46.0919 3628 Boot type: Normal boot 17:31:46.0919 3628 ============================================================ 17:31:47.0581 3628 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:31:47.0610 3628 ============================================================ 17:31:47.0610 3628 \Device\Harddisk0\DR0: 17:31:47.0610 3628 MBR partitions: 17:31:47.0610 3628 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000 17:31:47.0610 3628 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x38BE3030 17:31:47.0610 3628 ============================================================ 17:31:47.0643 3628 C: <-> \Device\Harddisk0\DR0\Partition1 17:31:47.0644 3628 ============================================================ 17:31:47.0644 3628 Initialize success 17:31:47.0644 3628 ============================================================ 17:32:42.0177 5084 ============================================================ 17:32:42.0177 5084 Scan started 17:32:42.0177 5084 Mode: Manual; SigCheck; TDLFS; 17:32:42.0177 5084 ============================================================ 17:32:43.0534 5084 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 17:32:43.0653 5084 1394ohci - ok 17:32:43.0761 5084 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 17:32:43.0792 5084 ACDaemon - ok 17:32:43.0859 5084 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 17:32:43.0890 5084 ACPI - ok 17:32:43.0945 5084 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 17:32:43.0991 5084 AcpiPmi - ok 17:32:44.0064 5084 AdobeActiveFileMonitor7.0 (6d9fc1e7ea3c548f4d3455f0c3feef8c) c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe 17:32:44.0089 5084 AdobeActiveFileMonitor7.0 - ok 17:32:44.0160 5084 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 17:32:44.0186 5084 adp94xx - ok 17:32:44.0237 5084 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 17:32:44.0259 5084 adpahci - ok 17:32:44.0296 5084 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 17:32:44.0316 5084 adpu320 - ok 17:32:44.0343 5084 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 17:32:44.0473 5084 AeLookupSvc - ok 17:32:44.0528 5084 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 17:32:44.0578 5084 AFD - ok 17:32:44.0637 5084 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 17:32:44.0654 5084 agp440 - ok 17:32:44.0681 5084 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 17:32:44.0725 5084 ALG - ok 17:32:44.0791 5084 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 17:32:44.0818 5084 aliide - ok 17:32:44.0824 5084 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 17:32:44.0846 5084 amdide - ok 17:32:44.0874 5084 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 17:32:44.0922 5084 AmdK8 - ok 17:32:44.0942 5084 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 17:32:44.0980 5084 AmdPPM - ok 17:32:45.0023 5084 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 17:32:45.0041 5084 amdsata - ok 17:32:45.0066 5084 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 17:32:45.0086 5084 amdsbs - ok 17:32:45.0104 5084 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 17:32:45.0121 5084 amdxata - ok 17:32:45.0174 5084 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 17:32:45.0334 5084 AppID - ok 17:32:45.0369 5084 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 17:32:45.0434 5084 AppIDSvc - ok 17:32:45.0507 5084 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 17:32:45.0586 5084 Appinfo - ok 17:32:45.0637 5084 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 17:32:45.0659 5084 arc - ok 17:32:45.0675 5084 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 17:32:45.0694 5084 arcsas - ok 17:32:45.0755 5084 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys 17:32:45.0783 5084 aswFsBlk - ok 17:32:45.0827 5084 aswKbd (c42d45089fd2ec63d13571362c258dc6) C:\Windows\system32\drivers\aswKbd.sys 17:32:45.0852 5084 aswKbd - ok 17:32:45.0905 5084 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys 17:32:45.0928 5084 aswMonFlt - ok 17:32:45.0973 5084 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys 17:32:45.0993 5084 aswRdr - ok 17:32:46.0098 5084 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys 17:32:46.0143 5084 aswSnx - ok 17:32:46.0213 5084 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys 17:32:46.0235 5084 aswSP - ok 17:32:46.0304 5084 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys 17:32:46.0325 5084 aswTdi - ok 17:32:46.0352 5084 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 17:32:46.0419 5084 AsyncMac - ok 17:32:46.0452 5084 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 17:32:46.0470 5084 atapi - ok 17:32:46.0570 5084 athr (5d4529ac4156e16bedb01441ae0cf984) C:\Windows\system32\DRIVERS\athrx.sys 17:32:46.0641 5084 athr - ok 17:32:46.0798 5084 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 17:32:46.0878 5084 AudioEndpointBuilder - ok 17:32:46.0887 5084 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 17:32:46.0936 5084 AudioSrv - ok 17:32:47.0028 5084 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe 17:32:47.0046 5084 avast! Antivirus - ok 17:32:47.0083 5084 avast! Firewall - ok 17:32:47.0149 5084 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 17:32:47.0211 5084 AxInstSV - ok 17:32:47.0276 5084 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 17:32:47.0313 5084 b06bdrv - ok 17:32:47.0351 5084 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 17:32:47.0392 5084 b57nd60a - ok 17:32:47.0506 5084 BBSvc (47480f4260dae9aa589bcaf924b3767a) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe 17:32:47.0538 5084 BBSvc - ok 17:32:47.0556 5084 BBUpdate (6bf743cbf3bcd09dab79245e60e1ae62) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe 17:32:47.0576 5084 BBUpdate - ok 17:32:47.0657 5084 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys 17:32:47.0711 5084 BCM43XX - ok 17:32:47.0830 5084 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 17:32:47.0881 5084 BDESVC - ok 17:32:47.0936 5084 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 17:32:48.0028 5084 Beep - ok 17:32:48.0120 5084 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 17:32:48.0195 5084 BFE - ok 17:32:48.0262 5084 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 17:32:48.0337 5084 BITS - ok 17:32:48.0413 5084 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 17:32:48.0457 5084 blbdrive - ok 17:32:48.0518 5084 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 17:32:48.0564 5084 bowser - ok 17:32:48.0592 5084 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 17:32:48.0645 5084 BrFiltLo - ok 17:32:48.0669 5084 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 17:32:48.0704 5084 BrFiltUp - ok 17:32:48.0755 5084 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 17:32:48.0843 5084 Browser - ok 17:32:48.0873 5084 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 17:32:48.0917 5084 Brserid - ok 17:32:48.0941 5084 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 17:32:48.0975 5084 BrSerWdm - ok 17:32:49.0025 5084 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 17:32:49.0082 5084 BrUsbMdm - ok 17:32:49.0122 5084 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 17:32:49.0164 5084 BrUsbSer - ok 17:32:49.0193 5084 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 17:32:49.0235 5084 BTHMODEM - ok 17:32:49.0276 5084 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 17:32:49.0320 5084 bthserv - ok 17:32:49.0359 5084 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 17:32:49.0402 5084 cdfs - ok 17:32:49.0464 5084 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 17:32:49.0495 5084 cdrom - ok 17:32:49.0552 5084 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 17:32:49.0624 5084 CertPropSvc - ok 17:32:49.0667 5084 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 17:32:49.0701 5084 circlass - ok 17:32:49.0752 5084 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 17:32:49.0776 5084 CLFS - ok 17:32:49.0848 5084 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 17:32:49.0864 5084 clr_optimization_v2.0.50727_32 - ok 17:32:49.0904 5084 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 17:32:49.0919 5084 clr_optimization_v2.0.50727_64 - ok 17:32:50.0028 5084 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 17:32:50.0049 5084 clr_optimization_v4.0.30319_32 - ok 17:32:50.0083 5084 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 17:32:50.0103 5084 clr_optimization_v4.0.30319_64 - ok 17:32:50.0138 5084 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 17:32:50.0166 5084 CmBatt - ok 17:32:50.0209 5084 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 17:32:50.0225 5084 cmdide - ok 17:32:50.0278 5084 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys 17:32:50.0310 5084 CNG - ok 17:32:50.0364 5084 CnxtHdAudService (20f3f8674d7dee5d90a352b775d5d5ba) C:\Windows\system32\drivers\CHDRT64.sys 17:32:50.0412 5084 CnxtHdAudService - ok 17:32:50.0452 5084 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 17:32:50.0479 5084 Compbatt - ok 17:32:50.0536 5084 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 17:32:50.0569 5084 CompositeBus - ok 17:32:50.0585 5084 COMSysApp - ok 17:32:50.0602 5084 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 17:32:50.0619 5084 crcdisk - ok 17:32:50.0670 5084 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 17:32:50.0716 5084 CryptSvc - ok 17:32:50.0767 5084 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 17:32:50.0830 5084 DcomLaunch - ok 17:32:50.0872 5084 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 17:32:50.0927 5084 defragsvc - ok 17:32:50.0967 5084 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 17:32:51.0028 5084 DfsC - ok 17:32:51.0094 5084 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 17:32:51.0160 5084 Dhcp - ok 17:32:51.0190 5084 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 17:32:51.0259 5084 discache - ok 17:32:51.0294 5084 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 17:32:51.0312 5084 Disk - ok 17:32:51.0416 5084 DKbFltr (d5bcb77be83cf99f508943945d46343d) C:\Windows\syswow64\Drivers\DKbFltr.sys 17:32:51.0440 5084 DKbFltr - ok 17:32:51.0494 5084 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 17:32:51.0529 5084 Dnscache - ok 17:32:51.0566 5084 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 17:32:51.0632 5084 dot3svc - ok 17:32:51.0653 5084 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 17:32:51.0716 5084 DPS - ok 17:32:51.0778 5084 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 17:32:51.0833 5084 drmkaud - ok 17:32:51.0903 5084 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 17:32:51.0943 5084 DXGKrnl - ok 17:32:51.0979 5084 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 17:32:52.0044 5084 EapHost - ok 17:32:52.0221 5084 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 17:32:52.0302 5084 ebdrv - ok 17:32:52.0430 5084 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 17:32:52.0493 5084 EFS - ok 17:32:52.0574 5084 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 17:32:52.0635 5084 ehRecvr - ok 17:32:52.0666 5084 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 17:32:52.0686 5084 ehSched - ok 17:32:52.0754 5084 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 17:32:52.0781 5084 elxstor - ok 17:32:52.0905 5084 ePowerSvc (7c35c6865957289d9efe6cc73f4ab2e1) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe 17:32:52.0941 5084 ePowerSvc - ok 17:32:53.0056 5084 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 17:32:53.0103 5084 ErrDev - ok 17:32:53.0160 5084 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 17:32:53.0231 5084 EventSystem - ok 17:32:53.0284 5084 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 17:32:53.0329 5084 exfat - ok 17:32:53.0351 5084 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 17:32:53.0410 5084 fastfat - ok 17:32:53.0473 5084 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 17:32:53.0531 5084 Fax - ok 17:32:53.0559 5084 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 17:32:53.0593 5084 fdc - ok 17:32:53.0621 5084 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 17:32:53.0679 5084 fdPHost - ok 17:32:53.0701 5084 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 17:32:53.0759 5084 FDResPub - ok 17:32:53.0783 5084 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 17:32:53.0800 5084 FileInfo - ok 17:32:53.0810 5084 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 17:32:53.0879 5084 Filetrace - ok 17:32:53.0964 5084 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 17:32:54.0017 5084 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning 17:32:54.0017 5084 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1) 17:32:54.0041 5084 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 17:32:54.0080 5084 flpydisk - ok 17:32:54.0134 5084 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 17:32:54.0156 5084 FltMgr - ok 17:32:54.0223 5084 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 17:32:54.0279 5084 FontCache - ok 17:32:54.0379 5084 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 17:32:54.0403 5084 FontCache3.0.0.0 - ok 17:32:54.0467 5084 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 17:32:54.0496 5084 FsDepends - ok 17:32:54.0540 5084 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 17:32:54.0557 5084 Fs_Rec - ok 17:32:54.0614 5084 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 17:32:54.0638 5084 fvevol - ok 17:32:54.0661 5084 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 17:32:54.0679 5084 gagp30kx - ok 17:32:54.0743 5084 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 17:32:54.0816 5084 gpsvc - ok 17:32:54.0953 5084 Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe 17:32:54.0999 5084 Greg_Service - ok 17:32:55.0131 5084 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 17:32:55.0156 5084 gupdate - ok 17:32:55.0202 5084 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 17:32:55.0223 5084 gupdatem - ok 17:32:55.0282 5084 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 17:32:55.0299 5084 gusvc - ok 17:32:55.0419 5084 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 17:32:55.0461 5084 hcw85cir - ok 17:32:55.0541 5084 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 17:32:55.0594 5084 HdAudAddService - ok 17:32:55.0634 5084 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 17:32:55.0671 5084 HDAudBus - ok 17:32:55.0708 5084 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 17:32:55.0746 5084 HidBatt - ok 17:32:55.0772 5084 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 17:32:55.0809 5084 HidBth - ok 17:32:55.0834 5084 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 17:32:55.0857 5084 HidIr - ok 17:32:55.0875 5084 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 17:32:55.0938 5084 hidserv - ok 17:32:56.0005 5084 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 17:32:56.0024 5084 HidUsb - ok 17:32:56.0071 5084 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 17:32:56.0157 5084 hkmsvc - ok 17:32:56.0200 5084 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 17:32:56.0243 5084 HomeGroupListener - ok 17:32:56.0300 5084 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 17:32:56.0363 5084 HomeGroupProvider - ok 17:32:56.0416 5084 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 17:32:56.0434 5084 HpSAMD - ok 17:32:56.0503 5084 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 17:32:56.0595 5084 HTTP - ok 17:32:56.0625 5084 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 17:32:56.0642 5084 hwpolicy - ok 17:32:56.0697 5084 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 17:32:56.0717 5084 i8042prt - ok 17:32:56.0813 5084 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe 17:32:56.0844 5084 IAANTMON - ok 17:32:56.0882 5084 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys 17:32:56.0903 5084 iaStor - ok 17:32:56.0968 5084 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 17:32:57.0000 5084 iaStorV - ok 17:32:57.0116 5084 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 17:32:57.0148 5084 IDriverT ( UnsignedFile.Multi.Generic ) - warning 17:32:57.0148 5084 IDriverT - detected UnsignedFile.Multi.Generic (1) 17:32:57.0288 5084 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 17:32:57.0329 5084 idsvc - ok 17:32:57.0722 5084 igfx (dfeaf0a1d98d397035012c8e28d1520f) C:\Windows\system32\DRIVERS\igdkmd64.sys 17:32:57.0939 5084 igfx - ok 17:32:58.0074 5084 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 17:32:58.0095 5084 iirsp - ok 17:32:58.0180 5084 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 17:32:58.0257 5084 IKEEXT - ok 17:32:58.0331 5084 IntcHdmiAddService (d485d3bd3e2179aa86853a182f70699f) C:\Windows\system32\drivers\IntcHdmi.sys 17:32:58.0369 5084 IntcHdmiAddService - ok 17:32:58.0404 5084 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 17:32:58.0423 5084 intelide - ok 17:32:58.0463 5084 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 17:32:58.0507 5084 intelppm - ok 17:32:58.0546 5084 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 17:32:58.0610 5084 IPBusEnum - ok 17:32:58.0649 5084 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 17:32:58.0717 5084 IpFilterDriver - ok 17:32:58.0760 5084 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 17:32:58.0836 5084 iphlpsvc - ok 17:32:58.0871 5084 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 17:32:58.0913 5084 IPMIDRV - ok 17:32:58.0952 5084 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 17:32:59.0025 5084 IPNAT - ok 17:32:59.0055 5084 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 17:32:59.0102 5084 IRENUM - ok 17:32:59.0133 5084 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 17:32:59.0153 5084 isapnp - ok 17:32:59.0176 5084 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 17:32:59.0204 5084 iScsiPrt - ok 17:32:59.0257 5084 k57nd60a (249ee2d26cb1530f3bede0ac8b9e3099) C:\Windows\system32\DRIVERS\k57nd60a.sys 17:32:59.0283 5084 k57nd60a - ok 17:32:59.0301 5084 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 17:32:59.0321 5084 kbdclass - ok 17:32:59.0374 5084 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 17:32:59.0420 5084 kbdhid - ok 17:32:59.0453 5084 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 17:32:59.0477 5084 KeyIso - ok 17:32:59.0493 5084 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys 17:32:59.0519 5084 KSecDD - ok 17:32:59.0581 5084 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys 17:32:59.0604 5084 KSecPkg - ok 17:32:59.0639 5084 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 17:32:59.0709 5084 ksthunk - ok 17:32:59.0757 5084 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 17:32:59.0821 5084 KtmRm - ok 17:32:59.0853 5084 L1E (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys 17:32:59.0872 5084 L1E - ok 17:32:59.0931 5084 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 17:33:00.0012 5084 LanmanServer - ok 17:33:00.0046 5084 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 17:33:00.0144 5084 LanmanWorkstation - ok 17:33:00.0205 5084 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 17:33:00.0265 5084 lltdio - ok 17:33:00.0313 5084 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 17:33:00.0375 5084 lltdsvc - ok 17:33:00.0396 5084 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 17:33:00.0440 5084 lmhosts - ok 17:33:00.0476 5084 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 17:33:00.0495 5084 LSI_FC - ok 17:33:00.0525 5084 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 17:33:00.0553 5084 LSI_SAS - ok 17:33:00.0574 5084 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 17:33:00.0591 5084 LSI_SAS2 - ok 17:33:00.0609 5084 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 17:33:00.0627 5084 LSI_SCSI - ok 17:33:00.0659 5084 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 17:33:00.0716 5084 luafv - ok 17:33:00.0789 5084 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys 17:33:00.0816 5084 MBAMProtector - ok 17:33:00.0923 5084 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 17:33:00.0955 5084 MBAMService - ok 17:33:01.0018 5084 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 17:33:01.0071 5084 Mcx2Svc - ok 17:33:01.0107 5084 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 17:33:01.0132 5084 megasas - ok 17:33:01.0159 5084 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 17:33:01.0181 5084 MegaSR - ok 17:33:01.0209 5084 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 17:33:01.0267 5084 MMCSS - ok 17:33:01.0288 5084 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 17:33:01.0343 5084 Modem - ok 17:33:01.0364 5084 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 17:33:01.0395 5084 monitor - ok 17:33:01.0452 5084 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 17:33:01.0480 5084 mouclass - ok 17:33:01.0513 5084 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 17:33:01.0559 5084 mouhid - ok 17:33:01.0614 5084 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 17:33:01.0641 5084 mountmgr - ok 17:33:01.0750 5084 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 17:33:01.0776 5084 MozillaMaintenance - ok 17:33:01.0812 5084 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 17:33:01.0842 5084 mpio - ok 17:33:01.0882 5084 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 17:33:01.0934 5084 mpsdrv - ok 17:33:02.0005 5084 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 17:33:02.0093 5084 MpsSvc - ok 17:33:02.0132 5084 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 17:33:02.0174 5084 MRxDAV - ok 17:33:02.0208 5084 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 17:33:02.0254 5084 mrxsmb - ok 17:33:02.0290 5084 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 17:33:02.0332 5084 mrxsmb10 - ok 17:33:02.0351 5084 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 17:33:02.0370 5084 mrxsmb20 - ok 17:33:02.0399 5084 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 17:33:02.0416 5084 msahci - ok 17:33:02.0475 5084 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 17:33:02.0506 5084 msdsm - ok 17:33:02.0540 5084 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 17:33:02.0573 5084 MSDTC - ok 17:33:02.0615 5084 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 17:33:02.0657 5084 Msfs - ok 17:33:02.0670 5084 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 17:33:02.0728 5084 mshidkmdf - ok 17:33:02.0757 5084 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 17:33:02.0773 5084 msisadrv - ok 17:33:02.0804 5084 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 17:33:02.0865 5084 MSiSCSI - ok 17:33:02.0869 5084 msiserver - ok 17:33:02.0900 5084 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 17:33:02.0982 5084 MSKSSRV - ok 17:33:03.0000 5084 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 17:33:03.0080 5084 MSPCLOCK - ok 17:33:03.0103 5084 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 17:33:03.0164 5084 MSPQM - ok 17:33:03.0214 5084 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 17:33:03.0250 5084 MsRPC - ok 17:33:03.0297 5084 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 17:33:03.0321 5084 mssmbios - ok 17:33:03.0335 5084 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 17:33:03.0392 5084 MSTEE - ok 17:33:03.0407 5084 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 17:33:03.0446 5084 MTConfig - ok 17:33:03.0470 5084 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 17:33:03.0489 5084 Mup - ok 17:33:03.0547 5084 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 17:33:03.0620 5084 napagent - ok 17:33:03.0675 5084 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 17:33:03.0716 5084 NativeWifiP - ok 17:33:03.0807 5084 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 17:33:03.0861 5084 NDIS - ok 17:33:03.0892 5084 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 17:33:03.0952 5084 NdisCap - ok 17:33:03.0991 5084 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 17:33:04.0053 5084 NdisTapi - ok 17:33:04.0115 5084 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 17:33:04.0203 5084 Ndisuio - ok 17:33:04.0236 5084 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 17:33:04.0293 5084 NdisWan - ok 17:33:04.0322 5084 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 17:33:04.0364 5084 NDProxy - ok 17:33:04.0484 5084 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 17:33:04.0517 5084 Nero BackItUp Scheduler 4.0 - ok 17:33:04.0562 5084 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 17:33:04.0636 5084 NetBIOS - ok 17:33:04.0675 5084 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 17:33:04.0721 5084 NetBT - ok 17:33:04.0763 5084 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 17:33:04.0794 5084 Netlogon - ok 17:33:04.0842 5084 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 17:33:04.0913 5084 Netman - ok 17:33:04.0951 5084 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 17:33:05.0019 5084 netprofm - ok 17:33:05.0107 5084 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 17:33:05.0131 5084 NetTcpPortSharing - ok 17:33:05.0376 5084 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys 17:33:05.0596 5084 netw5v64 - ok 17:33:05.0730 5084 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 17:33:05.0769 5084 nfrd960 - ok 17:33:05.0825 5084 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 17:33:05.0920 5084 NlaSvc - ok 17:33:05.0982 5084 nmwcd (985a3f046dfcd58e26d3a95283bb8f1d) C:\Windows\system32\drivers\ccdcmbx64.sys 17:33:06.0046 5084 nmwcd - ok 17:33:06.0101 5084 nmwcdc (5eb41a9656388dc21119ccc33f0ee22a) C:\Windows\system32\drivers\ccdcmbox64.sys 17:33:06.0168 5084 nmwcdc - ok 17:33:06.0211 5084 nmwcdnsucx64 (c1bdac035fa94c04664a73b24d8ad251) C:\Windows\system32\drivers\nmwcdnsucx64.sys 17:33:06.0279 5084 nmwcdnsucx64 - ok 17:33:06.0315 5084 nmwcdnsux64 (0001545a029ef57c2b0fd62776afb005) C:\Windows\system32\drivers\nmwcdnsux64.sys 17:33:06.0382 5084 nmwcdnsux64 - ok 17:33:06.0401 5084 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 17:33:06.0444 5084 Npfs - ok 17:33:06.0469 5084 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 17:33:06.0536 5084 nsi - ok 17:33:06.0571 5084 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 17:33:06.0629 5084 nsiproxy - ok 17:33:06.0732 5084 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 17:33:06.0805 5084 Ntfs - ok 17:33:06.0874 5084 NTI IScheduleSvc (70e3eb0cef795d348f05e5a9b115f491) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe 17:33:06.0896 5084 NTI IScheduleSvc - ok 17:33:06.0984 5084 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys 17:33:07.0024 5084 NTIDrvr - ok 17:33:07.0043 5084 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 17:33:07.0111 5084 Null - ok 17:33:07.0161 5084 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 17:33:07.0185 5084 nvraid - ok 17:33:07.0211 5084 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 17:33:07.0233 5084 nvstor - ok 17:33:07.0256 5084 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 17:33:07.0276 5084 nv_agp - ok 17:33:07.0386 5084 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 17:33:07.0412 5084 odserv - ok 17:33:07.0453 5084 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 17:33:07.0497 5084 ohci1394 - ok 17:33:07.0624 5084 OPTENET_FILTER (ad2dea139529bb756737ebffc1f9ff79) C:\Program Files (x86)\Controle Parental\bin\optproxy.exe 17:33:07.0656 5084 OPTENET_FILTER - ok 17:33:07.0790 5084 Orange update Core Service (fd209f8c2562c351f7a25b4ffcd8f856) C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe 17:33:07.0824 5084 Orange update Core Service - ok 17:33:07.0915 5084 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 17:33:07.0941 5084 ose - ok 17:33:08.0055 5084 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 17:33:08.0109 5084 p2pimsvc - ok 17:33:08.0153 5084 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 17:33:08.0189 5084 p2psvc - ok 17:33:08.0234 5084 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 17:33:08.0277 5084 Parport - ok 17:33:08.0320 5084 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 17:33:08.0348 5084 partmgr - ok 17:33:08.0354 5084 PCAMp50a64 - ok 17:33:08.0359 5084 PCASp50a64 - ok 17:33:08.0388 5084 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 17:33:08.0451 5084 PcaSvc - ok 17:33:08.0503 5084 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 17:33:08.0545 5084 pccsmcfd - ok 17:33:08.0591 5084 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 17:33:08.0616 5084 pci - ok 17:33:08.0634 5084 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 17:33:08.0651 5084 pciide - ok 17:33:08.0675 5084 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 17:33:08.0697 5084 pcmcia - ok 17:33:08.0716 5084 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 17:33:08.0739 5084 pcw - ok 17:33:08.0773 5084 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 17:33:08.0841 5084 PEAUTH - ok 17:33:08.0908 5084 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 17:33:08.0957 5084 PerfHost - ok 17:33:09.0111 5084 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 17:33:09.0208 5084 pla - ok 17:33:09.0279 5084 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 17:33:09.0334 5084 PlugPlay - ok 17:33:09.0364 5084 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 17:33:09.0409 5084 PNRPAutoReg - ok 17:33:09.0445 5084 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 17:33:09.0477 5084 PNRPsvc - ok 17:33:09.0525 5084 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 17:33:09.0604 5084 PolicyAgent - ok 17:33:09.0642 5084 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 17:33:09.0721 5084 Power - ok 17:33:09.0798 5084 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 17:33:09.0864 5084 PptpMiniport - ok 17:33:09.0908 5084 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 17:33:09.0955 5084 Processor - ok 17:33:09.0993 5084 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 17:33:10.0045 5084 ProfSvc - ok 17:33:10.0086 5084 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 17:33:10.0114 5084 ProtectedStorage - ok 17:33:10.0158 5084 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 17:33:10.0228 5084 Psched - ok 17:33:10.0259 5084 PxHlpa64 (fbf4db6d53585437e41a113300002a2b) C:\Windows\system32\Drivers\PxHlpa64.sys 17:33:10.0278 5084 PxHlpa64 - ok 17:33:10.0378 5084 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 17:33:10.0432 5084 ql2300 - ok 17:33:10.0556 5084 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 17:33:10.0578 5084 ql40xx - ok 17:33:10.0615 5084 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 17:33:10.0659 5084 QWAVE - ok 17:33:10.0680 5084 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 17:33:10.0729 5084 QWAVEdrv - ok 17:33:10.0751 5084 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 17:33:10.0820 5084 RasAcd - ok 17:33:10.0868 5084 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 17:33:10.0928 5084 RasAgileVpn - ok 17:33:10.0954 5084 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 17:33:11.0020 5084 RasAuto - ok 17:33:11.0059 5084 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 17:33:11.0133 5084 Rasl2tp - ok 17:33:11.0203 5084 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 17:33:11.0286 5084 RasMan - ok 17:33:11.0323 5084 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 17:33:11.0385 5084 RasPppoe - ok 17:33:11.0413 5084 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 17:33:11.0457 5084 RasSstp - ok 17:33:11.0507 5084 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 17:33:11.0571 5084 rdbss - ok 17:33:11.0588 5084 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 17:33:11.0627 5084 rdpbus - ok 17:33:11.0648 5084 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 17:33:11.0723 5084 RDPCDD - ok 17:33:11.0752 5084 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 17:33:11.0813 5084 RDPENCDD - ok 17:33:11.0836 5084 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 17:33:11.0878 5084 RDPREFMP - ok 17:33:11.0923 5084 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 17:33:11.0958 5084 RDPWD - ok 17:33:12.0020 5084 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 17:33:12.0052 5084 rdyboost - ok 17:33:12.0079 5084 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 17:33:12.0143 5084 RemoteAccess - ok 17:33:12.0179 5084 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 17:33:12.0227 5084 RemoteRegistry - ok 17:33:12.0249 5084 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 17:33:12.0307 5084 RpcEptMapper - ok 17:33:12.0348 5084 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 17:33:12.0381 5084 RpcLocator - ok 17:33:12.0437 5084 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 17:33:12.0499 5084 RpcSs - ok 17:33:12.0524 5084 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 17:33:12.0579 5084 rspndr - ok 17:33:12.0641 5084 RSUSBSTOR (2db8116d52b19216812c4e6d5d837810) C:\Windows\system32\Drivers\RtsUStor.sys 17:33:12.0672 5084 RSUSBSTOR - ok 17:33:12.0676 5084 RtsUIR - ok 17:33:12.0709 5084 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 17:33:12.0739 5084 SamSs - ok 17:33:12.0780 5084 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 17:33:12.0798 5084 sbp2port - ok 17:33:12.0831 5084 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 17:33:12.0908 5084 SCardSvr - ok 17:33:12.0942 5084 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 17:33:13.0002 5084 scfilter - ok 17:33:13.0080 5084 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 17:33:13.0174 5084 Schedule - ok 17:33:13.0209 5084 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 17:33:13.0250 5084 SCPolicySvc - ok 17:33:13.0293 5084 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 17:33:13.0328 5084 SDRSVC - ok 17:33:13.0385 5084 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 17:33:13.0466 5084 secdrv - ok 17:33:13.0504 5084 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 17:33:13.0559 5084 seclogon - ok 17:33:13.0589 5084 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 17:33:13.0646 5084 SENS - ok 17:33:13.0670 5084 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 17:33:13.0692 5084 SensrSvc - ok 17:33:13.0712 5084 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 17:33:13.0745 5084 Serenum - ok 17:33:13.0771 5084 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 17:33:13.0811 5084 Serial - ok 17:33:13.0853 5084 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 17:33:13.0900 5084 sermouse - ok 17:33:13.0952 5084 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 17:33:14.0040 5084 SessionEnv - ok 17:33:14.0145 5084 sesvc (4c99e251d89c95dcaaa26f9243747c99) C:\Program Files (x86)\ShadowExplorer\sesvc.exe 17:33:14.0167 5084 sesvc ( UnsignedFile.Multi.Generic ) - warning 17:33:14.0167 5084 sesvc - detected UnsignedFile.Multi.Generic (1) 17:33:14.0198 5084 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 17:33:14.0244 5084 sffdisk - ok 17:33:14.0268 5084 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 17:33:14.0319 5084 sffp_mmc - ok 17:33:14.0340 5084 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 17:33:14.0374 5084 sffp_sd - ok 17:33:14.0409 5084 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 17:33:14.0447 5084 sfloppy - ok 17:33:14.0500 5084 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 17:33:14.0567 5084 SharedAccess - ok 17:33:14.0616 5084 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 17:33:14.0700 5084 ShellHWDetection - ok 17:33:14.0727 5084 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 17:33:14.0745 5084 SiSRaid2 - ok 17:33:14.0775 5084 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 17:33:14.0794 5084 SiSRaid4 - ok 17:33:15.0059 5084 Skype C2C Service (0f97e7a47a52f4a36969f0fc319654c2) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 17:33:15.0132 5084 Skype C2C Service - ok 17:33:15.0211 5084 SkypeUpdate (f07af60b152221472fbdb2fecec4896d) C:\Program Files (x86)\Skype\Updater\Updater.exe 17:33:15.0232 5084 SkypeUpdate - ok 17:33:15.0348 5084 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 17:33:15.0411 5084 Smb - ok 17:33:15.0459 5084 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 17:33:15.0497 5084 SNMPTRAP - ok 17:33:15.0523 5084 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 17:33:15.0540 5084 spldr - ok 17:33:15.0599 5084 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 17:33:15.0653 5084 Spooler - ok 17:33:15.0819 5084 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 17:33:15.0929 5084 sppsvc - ok 17:33:16.0049 5084 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 17:33:16.0133 5084 sppuinotify - ok 17:33:16.0289 5084 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys 17:33:16.0289 5084 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb 17:33:16.0291 5084 sptd ( LockedFile.Multi.Generic ) - warning 17:33:16.0292 5084 sptd - detected LockedFile.Multi.Generic (1) 17:33:16.0353 5084 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 17:33:16.0394 5084 srv - ok 17:33:16.0426 5084 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 17:33:16.0466 5084 srv2 - ok 17:33:16.0528 5084 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS 17:33:16.0565 5084 SrvHsfHDA - ok 17:33:16.0639 5084 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 17:33:16.0705 5084 SrvHsfV92 - ok 17:33:16.0858 5084 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 17:33:16.0890 5084 SrvHsfWinac - ok 17:33:16.0933 5084 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 17:33:16.0969 5084 srvnet - ok 17:33:17.0015 5084 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 17:33:17.0084 5084 SSDPSRV - ok 17:33:17.0106 5084 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 17:33:17.0152 5084 SstpSvc - ok 17:33:17.0180 5084 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 17:33:17.0198 5084 stexstor - ok 17:33:17.0275 5084 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 17:33:17.0319 5084 stisvc - ok 17:33:17.0364 5084 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 17:33:17.0391 5084 swenum - ok 17:33:17.0442 5084 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 17:33:17.0527 5084 swprv - ok 17:33:17.0583 5084 SynTP (bcf305959b53b200ceb2ad25ad22f8a7) C:\Windows\system32\DRIVERS\SynTP.sys 17:33:17.0614 5084 SynTP - ok 17:33:17.0733 5084 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 17:33:17.0812 5084 SysMain - ok 17:33:17.0939 5084 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 17:33:18.0003 5084 TabletInputService - ok 17:33:18.0037 5084 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 17:33:18.0103 5084 TapiSrv - ok 17:33:18.0136 5084 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 17:33:18.0181 5084 TBS - ok 17:33:18.0368 5084 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 17:33:18.0433 5084 Tcpip - ok 17:33:18.0657 5084 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 17:33:18.0709 5084 TCPIP6 - ok 17:33:18.0838 5084 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 17:33:18.0909 5084 tcpipreg - ok 17:33:18.0950 5084 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 17:33:18.0981 5084 TDPIPE - ok 17:33:19.0023 5084 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 17:33:19.0057 5084 TDTCP - ok 17:33:19.0103 5084 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 17:33:19.0154 5084 tdx - ok 17:33:19.0196 5084 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 17:33:19.0222 5084 TermDD - ok 17:33:19.0260 5084 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 17:33:19.0315 5084 TermService - ok 17:33:19.0342 5084 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 17:33:19.0389 5084 Themes - ok 17:33:19.0421 5084 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 17:33:19.0465 5084 THREADORDER - ok 17:33:19.0483 5084 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 17:33:19.0529 5084 TrkWks - ok 17:33:19.0592 5084 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 17:33:19.0669 5084 TrustedInstaller - ok 17:33:19.0701 5084 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 17:33:19.0764 5084 tssecsrv - ok 17:33:19.0827 5084 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 17:33:19.0853 5084 TsUsbFlt - ok 17:33:19.0911 5084 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 17:33:19.0999 5084 tunnel - ok 17:33:20.0033 5084 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 17:33:20.0051 5084 uagp35 - ok 17:33:20.0089 5084 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys 17:33:20.0103 5084 UBHelper - ok 17:33:20.0157 5084 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 17:33:20.0228 5084 udfs - ok 17:33:20.0253 5084 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 17:33:20.0276 5084 UI0Detect - ok 17:33:20.0328 5084 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 17:33:20.0357 5084 uliagpkx - ok 17:33:20.0395 5084 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 17:33:20.0435 5084 umbus - ok 17:33:20.0472 5084 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 17:33:20.0512 5084 UmPass - ok 17:33:20.0613 5084 Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe 17:33:20.0635 5084 Updater Service - ok 17:33:20.0666 5084 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 17:33:20.0718 5084 upnphost - ok 17:33:20.0760 5084 upperdev (afa3a0937b7044a8322d8bc91722c53b) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys 17:33:20.0804 5084 upperdev - ok 17:33:20.0862 5084 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 17:33:20.0885 5084 usbaudio - ok 17:33:20.0926 5084 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 17:33:20.0956 5084 usbccgp - ok 17:33:20.0972 5084 USBCCID - ok 17:33:20.0999 5084 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 17:33:21.0022 5084 usbcir - ok 17:33:21.0043 5084 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 17:33:21.0082 5084 usbehci - ok 17:33:21.0129 5084 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 17:33:21.0167 5084 usbhub - ok 17:33:21.0201 5084 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 17:33:21.0220 5084 usbohci - ok 17:33:21.0255 5084 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 17:33:21.0277 5084 usbprint - ok 17:33:21.0354 5084 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 17:33:21.0409 5084 usbscan - ok 17:33:21.0471 5084 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys 17:33:21.0500 5084 usbser - ok 17:33:21.0535 5084 UsbserFilt (b826f3ff5a1975cc9096b4caadde77b6) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys 17:33:21.0580 5084 UsbserFilt - ok 17:33:21.0610 5084 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 17:33:21.0643 5084 USBSTOR - ok 17:33:21.0659 5084 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys 17:33:21.0677 5084 usbuhci - ok 17:33:21.0727 5084 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 17:33:21.0751 5084 usbvideo - ok 17:33:21.0778 5084 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 17:33:21.0825 5084 UxSms - ok 17:33:21.0865 5084 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 17:33:21.0884 5084 VaultSvc - ok 17:33:21.0905 5084 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 17:33:21.0922 5084 vdrvroot - ok 17:33:21.0980 5084 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 17:33:22.0048 5084 vds - ok 17:33:22.0078 5084 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 17:33:22.0100 5084 vga - ok 17:33:22.0112 5084 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 17:33:22.0155 5084 VgaSave - ok 17:33:22.0197 5084 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 17:33:22.0218 5084 vhdmp - ok 17:33:22.0234 5084 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 17:33:22.0253 5084 viaide - ok 17:33:22.0267 5084 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 17:33:22.0287 5084 volmgr - ok 17:33:22.0348 5084 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 17:33:22.0371 5084 volmgrx - ok 17:33:22.0391 5084 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 17:33:22.0412 5084 volsnap - ok 17:33:22.0440 5084 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 17:33:22.0463 5084 vsmraid - ok 17:33:22.0560 5084 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 17:33:22.0645 5084 VSS - ok 17:33:22.0771 5084 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 17:33:22.0822 5084 vwifibus - ok 17:33:22.0848 5084 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 17:33:22.0893 5084 vwififlt - ok 17:33:22.0923 5084 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 17:33:22.0945 5084 vwifimp - ok 17:33:22.0995 5084 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 17:33:23.0068 5084 W32Time - ok 17:33:23.0102 5084 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 17:33:23.0135 5084 WacomPen - ok 17:33:23.0194 5084 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 17:33:23.0256 5084 WANARP - ok 17:33:23.0261 5084 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 17:33:23.0308 5084 Wanarpv6 - ok 17:33:23.0447 5084 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 17:33:23.0511 5084 WatAdminSvc - ok 17:33:23.0608 5084 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 17:33:23.0682 5084 wbengine - ok 17:33:23.0808 5084 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 17:33:23.0848 5084 WbioSrvc - ok 17:33:23.0896 5084 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 17:33:23.0929 5084 wcncsvc - ok 17:33:23.0953 5084 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 17:33:23.0988 5084 WcsPlugInService - ok 17:33:24.0040 5084 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 17:33:24.0057 5084 Wd - ok 17:33:24.0098 5084 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 17:33:24.0128 5084 Wdf01000 - ok 17:33:24.0150 5084 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 17:33:24.0196 5084 WdiServiceHost - ok 17:33:24.0200 5084 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 17:33:24.0228 5084 WdiSystemHost - ok 17:33:24.0273 5084 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 17:33:24.0315 5084 WebClient - ok 17:33:24.0365 5084 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 17:33:24.0424 5084 Wecsvc - ok 17:33:24.0446 5084 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 17:33:24.0505 5084 wercplsupport - ok 17:33:24.0539 5084 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 17:33:24.0603 5084 WerSvc - ok 17:33:24.0662 5084 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 17:33:24.0705 5084 WfpLwf - ok 17:33:24.0716 5084 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 17:33:24.0733 5084 WIMMount - ok 17:33:24.0766 5084 WinDefend - ok 17:33:24.0781 5084 WinHttpAutoProxySvc - ok 17:33:24.0844 5084 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 17:33:24.0933 5084 Winmgmt - ok 17:33:25.0055 5084 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 17:33:25.0134 5084 WinRM - ok 17:33:25.0316 5084 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 17:33:25.0348 5084 WinUsb - ok 17:33:25.0403 5084 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 17:33:25.0442 5084 Wlansvc - ok 17:33:25.0618 5084 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 17:33:25.0675 5084 wlidsvc - ok 17:33:25.0805 5084 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 17:33:25.0828 5084 WmiAcpi - ok 17:33:25.0881 5084 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 17:33:25.0927 5084 wmiApSrv - ok 17:33:25.0984 5084 WMPNetworkSvc - ok 17:33:26.0020 5084 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 17:33:26.0057 5084 WPCSvc - ok 17:33:26.0101 5084 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 17:33:26.0126 5084 WPDBusEnum - ok 17:33:26.0147 5084 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 17:33:26.0209 5084 ws2ifsl - ok 17:33:26.0229 5084 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 17:33:26.0273 5084 wscsvc - ok 17:33:26.0278 5084 WSearch - ok 17:33:26.0411 5084 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 17:33:26.0477 5084 wuauserv - ok 17:33:26.0619 5084 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 17:33:26.0667 5084 WudfPf - ok 17:33:26.0707 5084 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 17:33:26.0750 5084 WUDFRd - ok 17:33:26.0791 5084 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 17:33:26.0836 5084 wudfsvc - ok 17:33:26.0867 5084 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 17:33:26.0916 5084 WwanSvc - ok 17:33:26.0967 5084 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 17:33:27.0249 5084 \Device\Harddisk0\DR0 - ok 17:33:27.0254 5084 Boot (0x1200) (f6db4357816cb62e20c12650128fa49f) \Device\Harddisk0\DR0\Partition0 17:33:27.0256 5084 \Device\Harddisk0\DR0\Partition0 - ok 17:33:27.0286 5084 Boot (0x1200) (7f526f5646e8a2cda1b3d736f8121df1) \Device\Harddisk0\DR0\Partition1 17:33:27.0288 5084 \Device\Harddisk0\DR0\Partition1 - ok 17:33:27.0289 5084 ============================================================ 17:33:27.0289 5084 Scan finished 17:33:27.0289 5084 ============================================================ 17:33:27.0312 1432 Detected object count: 4 17:33:27.0312 1432 Actual detected object count: 4 17:37:37.0397 1432 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 17:37:37.0397 1432 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:37:37.0398 1432 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 17:37:37.0398 1432 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:37:37.0400 1432 sesvc ( UnsignedFile.Multi.Generic ) - skipped by user 17:37:37.0400 1432 sesvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:37:37.0403 1432 sptd ( LockedFile.Multi.Generic ) - skipped by user 17:37:37.0403 1432 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

Bonjour, Oui, même réponse...

Bonjour, C'est fait, mais quand on compare 2 fichiers identiques, le massage suivant apparait : " Cannot find description key. May be unknown trojan program modification". Existe-t-il un autre moyen de décrypter les fichiers?... Merci!

Bonjour, En fait, je coince à partir de Rectordécryptor ; pourrais-je avoir des indications plus détaillées concernant la fin de la procédure? Merci!

voici le rapport de MBAM Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Version de la base de données: v2012.07.14.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Christelle :: CHRISTELLE-PC [administrateur] 14/07/2012 18:07:47 mbam-log-2012-07-14 (18-07-47).txt Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|) Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 387276 Temps écoulé: 56 minute(s), 45 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 0 (Aucun élément nuisible détecté) (fin)

Bonjour voici le rapport de l'analyse de Eset ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=0abccf2e0ab9cb44bd88461e04642d36 # end=stopped # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-07-14 10:53:49 # local_time=2012-07-14 12:53:49 ) # country="France" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5893 16776573 100 94 9874 93892911 0 0 # compatibility_mode=8192 67108863 100 0 149 149 0 0 # scanned=2466 # found=0 # cleaned=0 # scan_time=169 ESETSmartInstaller@High as downloader log: all ok esets_scanner_update returned -1 esets_gle=53251 ESETSmartInstaller@High as downloader log: all ok esets_scanner_update returned -1 esets_gle=53251 # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=0abccf2e0ab9cb44bd88461e04642d36 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-07-14 01:43:22 # local_time=2012-07-14 03:43:22 ) # country="France" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5893 16776573 100 94 13153 93896190 0 0 # compatibility_mode=8192 67108863 100 0 3428 3428 0 0 # scanned=192735 # found=5 # cleaned=5 # scan_time=7062 C:\Users\Christelle\AppData\Local\Temp\dzyjeplult.pre Win32/Trustezeb.C trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Christelle\AppData\Local\Temp\ltsyopwzna.pre Win32/Trustezeb.C trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Christelle\AppData\Local\Temp\spejxmiqgr.pre Win32/Trustezeb.C trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Christelle\AppData\Roaming\Dxfnic\lrsmnxux.exe a variant of Win32/Kryptik.AIDW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Christelle\AppData\Roaming\Xfpstvh\rfnanxux.exe Win32/Trustezeb.C trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

Bonjour, Mon ordinateur portable est infecté depuis lundi par un malware. La page affichait "virus codeur de Windows... puis me proposait de payer 100€ " la réparation. Je n'avais plus la main pour faire quoi que ce soit. J'ai re-démarré en mode sans echec puis je l'ai rebooté à une date antérieure ; cela m'a permis de retrouver la possibilité de me connecter sur internet mais la plupart de mes fichiers sont illisibles (icones word, power point, excel, adobe... remplacés par un rectangle blanc, noms de fichiers codés (succession de lettres et chiffres). Mes vidéos et fichiers audio ne dont pas touchés ; quasiment toutes les photos sont touchées sauf quelques unes intactes... L'exploration avec malwarebytes et avast ne donne rien. Un seul fichier word est intact mais quand j'essaye de l'ouvrir, une boite de dialogue microsoft me demandant l'activation de l'installation de microsoft professional 2007 se lance ; quand je clique sur suivant, elle se bloque. Auriez vous une piste pour m'aider? Merci !