[Réglé] Trojan dans la mémoire vive

[Odin]

Salut à tous

Voilà d’après mon nod 32 il y a un virus dans mémoire vive, quand je redémarre la machine, y'a l'air que le virus se charge dedans systématiquement. C'est embêtant, Nod ne peut pas le delete.

:> http://cjoint.com/12dc/BLevopo3ucQ.htm Le ccs.exe de C:\Windows\Microsoft.NET\Framework y est pour quelque chose ?

Merci à tous

Edit : http://cjoint.com/12dc/BLevtqmi7rg.htm ça c'est les trucs qui démarrent au démarrage

[bernard53]

Bonjour

Fait ceci s.t.p
Télécharger sur le bureau<< RogueKiller >> (by tigzy)
Quitter tous les programmes
Lancer RogueKiller.exe.
Attendre que le Prescan ait fini ...
Cliquer sur Scan. Cliquer sur Rapport et copier-coller le contenu du notepad

Cliquer sur Suppression. Cliquer sur Rapport et copier-coller le contenu du notepad

Puis:
Télécharge sur ton bureau
http://support.kaspersky.com/downloads/ ... killer.zip
dezippe le et execute le , un rapport sera crée ici:

C:\TDSSKillerVersion_Date_Time_log.txt.<< copie_colle son contenu

tu as aussi directement l'executable là :
http://support.kaspersky.com/downloads/ ... killer.exe
A cette fenêtre lance le scan.



Tu peux récupérer le rapport en validant Report

Si une détection est faite valide Cure puis



redémarres le pc pour confirmer la suppression de celle-ci.

INFO::
http://support.kaspersky.com/viruses/so ... =208280684

Si TDSS.tdl2 est détecté l'option "delete" sera cochée par défaut.
• Si TDSS.tdl3 est détecté assure toi que "Cure" est bien cochée.
• Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que "Cure" est bien cochée.
• Si Suspicious file est indiqué, laisse l'option cochée sur "Skip"
• Clique sur Continue puis sur Reboot now pour redémarrer le PC.

Puis:
* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal " soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL " Personnalisation"

HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers /s
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 /s
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc /s
%temp%\smtmp\1\*.* /s
%temp%\smtmp\2\*.* /s
%temp%\smtmp\4\*.* /s
nslookup http://www.google.fr /c
SAVEMBR:0
NetSvcs
%systemroot%\system32\drivers\*.sys /lockedfiles
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Mets le rapport ici car il prend bien de la place.
http://cjoint.com/
ou.
http://www.1fichier.com/

[Odin]

Merci de ta réponses Bernard53
voici les rapports :

RogueKiller :

Code: Tout sélectionner

RogueKiller V8.3.1 [Dec  2 2012] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Oplink [Droits d'admin]
Mode : Recherche -- Date : 05/12/2012 18:59:33

¤¤¤ Processus malicieux : 1 ¤¤¤
[SUSP PATH] DAODx.exe -- C:\Windows\DAODx.exe -> TUÉ [TermProc]

¤¤¤ Entrees de registre : 5 ¤¤¤
[RUN][BLACKLIST] HKCU\[...]\Run : Twain Working Group (C:\Users\Oplink\AppData\Roaming\Microsoft\twunk_16.exe) -> TROUVÉ
[RUN][BLACKLIST] HKUS\S-1-5-21-3712147492-333631340-1554980515-1000[...]\Run : Twain Working Group (C:\Users\Oplink\AppData\Roaming\Microsoft\twunk_16.exe) -> TROUVÉ
[TASK][SUSP PATH] RunDAOD : C:\Windows\DAODx.exe  -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE] ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: WDC WD4500HLHX-01JJPV0 ATA Device +++++
--- User ---
[MBR] df0ed26e43a0ff5be40db45ada5a8ee4
[BSP] b2101f78a107e77edefdca111a041d82 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 429145 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SAMSUNG HD103SJ ATA Device +++++
--- User ---
[MBR] 9e83bb84972829eb24764d8dbf126f25
[BSP] bae0ed0020148272579d7de3bcb40aa3 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953866 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: WD My Book 1130 USB Device +++++
--- User ---
[MBR] 05057e01396b4cba6c1a5d56ad4ddfb9
[BSP] 8269ede672a8e14161b3829f58e1fc1d : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1907696 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Termine : << RKreport[1]_S_05122012_185933.txt >>
RKreport[1]_S_05122012_185933.txt

TDSSKiller après l'initialisation : ( n'a rien trouvé au scan )

Code: Tout sélectionner

19:03:46.0326 5940  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:03:46.0498 5940  ============================================================
19:03:46.0498 5940  Current date / time: 2012/12/05 19:03:46.0498
19:03:46.0498 5940  SystemInfo:
19:03:46.0498 5940 
19:03:46.0498 5940  OS Version: 6.1.7601 ServicePack: 1.0
19:03:46.0498 5940  Product type: Workstation
19:03:46.0498 5940  ComputerName: OPLINK-PC
19:03:46.0498 5940  UserName: Oplink
19:03:46.0513 5940  Windows directory: C:\Windows
19:03:46.0513 5940  System windows directory: C:\Windows
19:03:46.0513 5940  Running under WOW64
19:03:46.0513 5940  Processor architecture: Intel x64
19:03:46.0513 5940  Number of processors: 4
19:03:46.0513 5940  Page size: 0x1000
19:03:46.0513 5940  Boot type: Normal boot
19:03:46.0513 5940  ============================================================
19:03:47.0075 5940  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:03:47.0075 5940  Drive \Device\Harddisk0\DR0 - Size: 0x68CBF0E000 (419.19 Gb), SectorSize: 0x200, Cylinders: 0xD5C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:03:47.0075 5940  Drive \Device\Harddisk2\DR2 - Size: 0x1D1BF100000 (1862.99 Gb), SectorSize: 0x200, Cylinders: 0x3B5FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:03:47.0075 5940  ============================================================
19:03:47.0075 5940  \Device\Harddisk1\DR1:
19:03:47.0075 5940  MBR partitions:
19:03:47.0075 5940  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
19:03:47.0075 5940  \Device\Harddisk0\DR0:
19:03:47.0075 5940  MBR partitions:
19:03:47.0075 5940  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:03:47.0075 5940  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3462C800
19:03:47.0075 5940  \Device\Harddisk2\DR2:
19:03:47.0075 5940  MBR partitions:
19:03:47.0075 5940  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8DF8000
19:03:47.0075 5940  ============================================================
19:03:47.0091 5940  C: <-> \Device\Harddisk0\DR0\Partition2
19:03:47.0340 5940  D: <-> \Device\Harddisk1\DR1\Partition1
19:03:47.0793 5940  F: <-> \Device\Harddisk2\DR2\Partition1
19:03:47.0793 5940  ============================================================
19:03:47.0793 5940  Initialize success
19:03:47.0793 5940  ============================================================
19:05:55.0604 3368  ============================================================
19:05:55.0604 3368  Scan started
19:05:55.0604 3368  Mode: Manual;
19:05:55.0604 3368  ============================================================
19:05:56.0946 3368  ================ Scan system memory ========================
19:05:56.0946 3368  System memory - ok
19:05:56.0946 3368  ================ Scan services =============================
19:05:57.0024 3368  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:05:57.0040 3368  1394ohci - ok
19:05:57.0040 3368  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:05:57.0055 3368  ACPI - ok
19:05:57.0055 3368  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:05:57.0055 3368  AcpiPmi - ok
19:05:57.0118 3368  [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:05:57.0118 3368  AdobeARMservice - ok
19:05:57.0180 3368  [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:05:57.0180 3368  AdobeFlashPlayerUpdateSvc - ok
19:05:57.0196 3368  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
19:05:57.0227 3368  adp94xx - ok
19:05:57.0227 3368  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
19:05:57.0258 3368  adpahci - ok
19:05:57.0258 3368  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
19:05:57.0258 3368  adpu320 - ok
19:05:57.0274 3368  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:05:57.0274 3368  AeLookupSvc - ok
19:05:57.0305 3368  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
19:05:57.0305 3368  AFD - ok
19:05:57.0320 3368  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:05:57.0320 3368  agp440 - ok
19:05:57.0320 3368  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
19:05:57.0320 3368  ALG - ok
19:05:57.0320 3368  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:05:57.0320 3368  aliide - ok
19:05:57.0336 3368  [ CAB07F00EDF1F930FAC6B33B6A064620 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:05:57.0352 3368  AMD External Events Utility - ok
19:05:57.0367 3368  AMD FUEL Service - ok
19:05:57.0367 3368  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
19:05:57.0367 3368  amdide - ok
19:05:57.0383 3368  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
19:05:57.0398 3368  AmdK8 - ok
19:05:57.0523 3368  [ 87B4FEA0D1E3A64BF5AEA313068288F2 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:05:57.0679 3368  amdkmdag - ok
19:05:57.0695 3368  [ 1C4BA179EDAE573A0001847E915F3AF3 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:05:57.0695 3368  amdkmdap - ok
19:05:57.0710 3368  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:05:57.0710 3368  AmdPPM - ok
19:05:57.0726 3368  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:05:57.0726 3368  amdsata - ok
19:05:57.0726 3368  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
19:05:57.0742 3368  amdsbs - ok
19:05:57.0757 3368  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:05:57.0757 3368  amdxata - ok
19:05:57.0757 3368  [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:05:57.0757 3368  AODDriver4.2 - ok
19:05:57.0773 3368  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
19:05:57.0788 3368  AppID - ok
19:05:57.0788 3368  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:05:57.0788 3368  AppIDSvc - ok
19:05:57.0788 3368  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
19:05:57.0804 3368  Appinfo - ok
19:05:57.0804 3368  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
19:05:57.0804 3368  arc - ok
19:05:57.0820 3368  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
19:05:57.0820 3368  arcsas - ok
19:05:57.0820 3368  [ 6D9C024AA8F24065A6DBEAB1F431D854 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
19:05:57.0835 3368  asmthub3 - ok
19:05:57.0851 3368  [ ECAD22F15D8F17CC04F24E9A6FB00F2F ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
19:05:57.0851 3368  asmtxhci - ok
19:05:57.0913 3368  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:05:57.0913 3368  aspnet_state - ok
19:05:57.0913 3368  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:05:57.0913 3368  AsyncMac - ok
19:05:57.0929 3368  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
19:05:57.0929 3368  atapi - ok
19:05:57.0944 3368  [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:05:57.0960 3368  AtiHDAudioService - ok
19:05:57.0976 3368  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:05:57.0976 3368  AudioEndpointBuilder - ok
19:05:57.0991 3368  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:05:57.0991 3368  AudioSrv - ok
19:05:58.0022 3368  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:05:58.0022 3368  AxInstSV - ok
19:05:58.0038 3368  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
19:05:58.0038 3368  b06bdrv - ok
19:05:58.0054 3368  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:05:58.0069 3368  b57nd60a - ok
19:05:58.0085 3368  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:05:58.0085 3368  BDESVC - ok
19:05:58.0085 3368  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:05:58.0085 3368  Beep - ok
19:05:58.0116 3368  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
19:05:58.0116 3368  BFE - ok
19:05:58.0147 3368  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
19:05:58.0147 3368  BITS - ok
19:05:58.0163 3368  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:05:58.0163 3368  blbdrive - ok
19:05:58.0178 3368  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:05:58.0178 3368  bowser - ok
19:05:58.0194 3368  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:05:58.0194 3368  BrFiltLo - ok
19:05:58.0194 3368  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:05:58.0194 3368  BrFiltUp - ok
19:05:58.0210 3368  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
19:05:58.0210 3368  Browser - ok
19:05:58.0210 3368  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:05:58.0225 3368  Brserid - ok
19:05:58.0225 3368  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:05:58.0241 3368  BrSerWdm - ok
19:05:58.0241 3368  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:05:58.0241 3368  BrUsbMdm - ok
19:05:58.0256 3368  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:05:58.0256 3368  BrUsbSer - ok
19:05:58.0256 3368  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
19:05:58.0272 3368  BTHMODEM - ok
19:05:58.0288 3368  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
19:05:58.0288 3368  bthserv - ok
19:05:58.0288 3368  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:05:58.0288 3368  cdfs - ok
19:05:58.0303 3368  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
19:05:58.0303 3368  cdrom - ok
19:05:58.0319 3368  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
19:05:58.0319 3368  CertPropSvc - ok
19:05:58.0319 3368  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
19:05:58.0319 3368  circlass - ok
19:05:58.0334 3368  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
19:05:58.0334 3368  CLFS - ok
19:05:58.0366 3368  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:05:58.0366 3368  clr_optimization_v2.0.50727_32 - ok
19:05:58.0381 3368  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:05:58.0381 3368  clr_optimization_v2.0.50727_64 - ok
19:05:58.0412 3368  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:05:58.0412 3368  clr_optimization_v4.0.30319_32 - ok
19:05:58.0428 3368  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:05:58.0428 3368  clr_optimization_v4.0.30319_64 - ok
19:05:58.0428 3368  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:05:58.0428 3368  CmBatt - ok
19:05:58.0444 3368  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:05:58.0444 3368  cmdide - ok
19:05:58.0475 3368  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
19:05:58.0475 3368  CNG - ok
19:05:58.0490 3368  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:05:58.0490 3368  Compbatt - ok
19:05:58.0506 3368  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:05:58.0506 3368  CompositeBus - ok
19:05:58.0522 3368  COMSysApp - ok
19:05:58.0522 3368  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
19:05:58.0522 3368  crcdisk - ok
19:05:58.0553 3368  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:05:58.0553 3368  CryptSvc - ok
19:05:58.0568 3368  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:05:58.0584 3368  DcomLaunch - ok
19:05:58.0600 3368  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
19:05:58.0615 3368  defragsvc - ok
19:05:58.0615 3368  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:05:58.0615 3368  DfsC - ok
19:05:58.0646 3368  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:05:58.0646 3368  Dhcp - ok
19:05:58.0646 3368  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
19:05:58.0646 3368  discache - ok
19:05:58.0646 3368  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
19:05:58.0662 3368  Disk - ok
19:05:58.0678 3368  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:05:58.0678 3368  Dnscache - ok
19:05:58.0709 3368  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:05:58.0709 3368  dot3svc - ok
19:05:58.0724 3368  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
19:05:58.0724 3368  DPS - ok
19:05:58.0740 3368  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:05:58.0756 3368  drmkaud - ok
19:05:58.0771 3368  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:05:58.0771 3368  DXGKrnl - ok
19:05:58.0802 3368  [ CCB844D8E540D6BC7A0A98584AEBD479 ] e1qexpress      C:\Windows\system32\DRIVERS\e1q62x64.sys
19:05:58.0802 3368  e1qexpress - ok
19:05:58.0834 3368  [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
19:05:58.0849 3368  eamonm - ok
19:05:58.0865 3368  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
19:05:58.0865 3368  EapHost - ok
19:05:58.0912 3368  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
19:05:58.0958 3368  ebdrv - ok
19:05:58.0990 3368  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
19:05:58.0990 3368  EFS - ok
19:05:59.0005 3368  [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
19:05:59.0021 3368  ehdrv - ok
19:05:59.0052 3368  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:05:59.0052 3368  ehRecvr - ok
19:05:59.0083 3368  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
19:05:59.0083 3368  ehSched - ok
19:05:59.0114 3368  [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn            C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
19:05:59.0130 3368  ekrn - ok
19:05:59.0146 3368  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
19:05:59.0146 3368  elxstor - ok
19:05:59.0161 3368  [ 587F0F4145A1536A6E37EFD769B7665F ] epfw            C:\Windows\system32\DRIVERS\epfw.sys
19:05:59.0177 3368  epfw - ok
19:05:59.0177 3368  [ D2F812358EE8EE23CBB5C4DAFFB5B819 ] EpfwLWF         C:\Windows\system32\DRIVERS\EpfwLWF.sys
19:05:59.0208 3368  EpfwLWF - ok
19:05:59.0208 3368  [ 34BF55D69AB74D14C7E7A17259CB7DF8 ] epfwwfp         C:\Windows\system32\DRIVERS\epfwwfp.sys
19:05:59.0224 3368  epfwwfp - ok
19:05:59.0224 3368  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:05:59.0224 3368  ErrDev - ok
19:05:59.0239 3368  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
19:05:59.0239 3368  EventSystem - ok
19:05:59.0255 3368  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
19:05:59.0255 3368  exfat - ok
19:05:59.0255 3368  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:05:59.0255 3368  fastfat - ok
19:05:59.0286 3368  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
19:05:59.0286 3368  Fax - ok
19:05:59.0286 3368  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:05:59.0302 3368  fdc - ok
19:05:59.0317 3368  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:05:59.0317 3368  fdPHost - ok
19:05:59.0317 3368  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:05:59.0317 3368  FDResPub - ok
19:05:59.0333 3368  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:05:59.0333 3368  FileInfo - ok
19:05:59.0333 3368  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:05:59.0333 3368  Filetrace - ok
19:05:59.0333 3368  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:05:59.0333 3368  flpydisk - ok
19:05:59.0348 3368  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:05:59.0348 3368  FltMgr - ok
19:05:59.0380 3368  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
19:05:59.0395 3368  FontCache - ok
19:05:59.0411 3368  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:05:59.0411 3368  FontCache3.0.0.0 - ok
19:05:59.0426 3368  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:05:59.0426 3368  FsDepends - ok
19:05:59.0426 3368  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:05:59.0426 3368  Fs_Rec - ok
19:05:59.0458 3368  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:05:59.0458 3368  fvevol - ok
19:05:59.0458 3368  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
19:05:59.0489 3368  gagp30kx - ok
19:05:59.0504 3368  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
19:05:59.0520 3368  gpsvc - ok
19:05:59.0520 3368  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:05:59.0520 3368  hcw85cir - ok
19:05:59.0551 3368  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:05:59.0551 3368  HdAudAddService - ok
19:05:59.0551 3368  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
19:05:59.0551 3368  HDAudBus - ok
19:05:59.0567 3368  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
19:05:59.0582 3368  HidBatt - ok
19:05:59.0582 3368  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
19:05:59.0598 3368  HidBth - ok
19:05:59.0598 3368  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
19:05:59.0614 3368  HidIr - ok
19:05:59.0629 3368  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
19:05:59.0629 3368  hidserv - ok
19:05:59.0645 3368  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:05:59.0645 3368  HidUsb - ok
19:05:59.0645 3368  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:05:59.0660 3368  hkmsvc - ok
19:05:59.0660 3368  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:05:59.0676 3368  HomeGroupListener - ok
19:05:59.0692 3368  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:05:59.0692 3368  HomeGroupProvider - ok
19:05:59.0707 3368  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:05:59.0707 3368  HpSAMD - ok
19:05:59.0738 3368  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:05:59.0738 3368  HTTP - ok
19:05:59.0738 3368  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:05:59.0738 3368  hwpolicy - ok
19:05:59.0754 3368  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:05:59.0754 3368  i8042prt - ok
19:05:59.0770 3368  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:05:59.0770 3368  iaStorV - ok
19:05:59.0801 3368  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:05:59.0801 3368  idsvc - ok
19:05:59.0816 3368  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
19:05:59.0816 3368  iirsp - ok
19:05:59.0832 3368  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
19:05:59.0848 3368  IKEEXT - ok
19:05:59.0863 3368  [ FB2DE1F382BA4BF0B4E30A006C8B925E ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
19:05:59.0879 3368  Intel(R) PROSet Monitoring Service - ok
19:05:59.0879 3368  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
19:05:59.0879 3368  intelide - ok
19:05:59.0894 3368  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:05:59.0894 3368  intelppm - ok
19:05:59.0910 3368  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:05:59.0910 3368  IPBusEnum - ok
19:05:59.0926 3368  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:05:59.0926 3368  IpFilterDriver - ok
19:05:59.0941 3368  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:05:59.0957 3368  iphlpsvc - ok
19:05:59.0957 3368  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:05:59.0972 3368  IPMIDRV - ok
19:05:59.0972 3368  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:05:59.0972 3368  IPNAT - ok
19:05:59.0972 3368  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:05:59.0972 3368  IRENUM - ok
19:05:59.0988 3368  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:05:59.0988 3368  isapnp - ok
19:06:00.0004 3368  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:06:00.0004 3368  iScsiPrt - ok
19:06:00.0019 3368  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:06:00.0019 3368  kbdclass - ok
19:06:00.0035 3368  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:06:00.0035 3368  kbdhid - ok
19:06:00.0035 3368  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
19:06:00.0035 3368  KeyIso - ok
19:06:00.0050 3368  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:06:00.0050 3368  KSecDD - ok
19:06:00.0066 3368  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:06:00.0066 3368  KSecPkg - ok
19:06:00.0082 3368  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:06:00.0082 3368  ksthunk - ok
19:06:00.0082 3368  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:06:00.0097 3368  KtmRm - ok
19:06:00.0113 3368  [ CE4347E2D90DB2E5517B6F2BC720A862 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
19:06:00.0113 3368  LADF_CaptureOnly - ok
19:06:00.0128 3368  [ 85A9D21D3AE2EA963E111CB150895877 ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
19:06:00.0128 3368  LADF_RenderOnly - ok
19:06:00.0144 3368  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:06:00.0160 3368  LanmanServer - ok
19:06:00.0175 3368  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:06:00.0175 3368  LanmanWorkstation - ok
19:06:00.0191 3368  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
19:06:00.0191 3368  LGBusEnum - ok
19:06:00.0206 3368  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
19:06:00.0206 3368  LGVirHid - ok
19:06:00.0222 3368  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:06:00.0222 3368  lltdio - ok
19:06:00.0238 3368  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:06:00.0238 3368  lltdsvc - ok
19:06:00.0238 3368  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:06:00.0238 3368  lmhosts - ok
19:06:00.0253 3368  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
19:06:00.0253 3368  LSI_FC - ok
19:06:00.0253 3368  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
19:06:00.0269 3368  LSI_SAS - ok
19:06:00.0269 3368  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:06:00.0284 3368  LSI_SAS2 - ok
19:06:00.0284 3368  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:06:00.0300 3368  LSI_SCSI - ok
19:06:00.0316 3368  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
19:06:00.0316 3368  luafv - ok
19:06:00.0331 3368  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:06:00.0331 3368  Mcx2Svc - ok
19:06:00.0331 3368  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
19:06:00.0596 3368  megasas - ok
19:06:00.0612 3368  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
19:06:00.0628 3368  MegaSR - ok
19:06:00.0659 3368  Microsoft SharePoint Workspace Audit Service - ok
19:06:00.0674 3368  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
19:06:00.0674 3368  MMCSS - ok
19:06:00.0690 3368  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
19:06:00.0690 3368  Modem - ok
19:06:00.0690 3368  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:06:00.0690 3368  monitor - ok
19:06:00.0706 3368  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:06:00.0706 3368  mouclass - ok
19:06:00.0721 3368  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:06:00.0721 3368  mouhid - ok
19:06:00.0737 3368  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:06:00.0737 3368  mountmgr - ok
19:06:00.0768 3368  [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:06:00.0768 3368  MozillaMaintenance - ok
19:06:00.0784 3368  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:06:00.0784 3368  mpio - ok
19:06:00.0784 3368  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:06:00.0784 3368  mpsdrv - ok
19:06:00.0799 3368  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:06:00.0815 3368  MpsSvc - ok
19:06:00.0830 3368  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:06:00.0830 3368  MRxDAV - ok
19:06:00.0846 3368  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:06:00.0846 3368  mrxsmb - ok
19:06:00.0862 3368  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:06:00.0862 3368  mrxsmb10 - ok
19:06:00.0862 3368  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:06:00.0877 3368  mrxsmb20 - ok
19:06:00.0877 3368  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:06:00.0877 3368  msahci - ok
19:06:00.0893 3368  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:06:00.0893 3368  msdsm - ok
19:06:00.0893 3368  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
19:06:00.0908 3368  MSDTC - ok
19:06:00.0908 3368  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:06:00.0908 3368  Msfs - ok
19:06:00.0908 3368  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:06:00.0908 3368  mshidkmdf - ok
19:06:00.0924 3368  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:06:00.0924 3368  msisadrv - ok
19:06:00.0940 3368  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:06:00.0940 3368  MSiSCSI - ok
19:06:00.0940 3368  msiserver - ok
19:06:00.0971 3368  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:06:00.0971 3368  MSKSSRV - ok
19:06:00.0971 3368  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:06:00.0971 3368  MSPCLOCK - ok
19:06:00.0971 3368  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:06:00.0971 3368  MSPQM - ok
19:06:00.0986 3368  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:06:00.0986 3368  MsRPC - ok
19:06:01.0002 3368  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:06:01.0002 3368  mssmbios - ok
19:06:01.0018 3368  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:06:01.0018 3368  MSTEE - ok
19:06:01.0018 3368  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
19:06:01.0018 3368  MTConfig - ok
19:06:01.0033 3368  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:06:01.0033 3368  Mup - ok
19:06:01.0049 3368  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
19:06:01.0049 3368  napagent - ok
19:06:01.0064 3368  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:06:01.0064 3368  NativeWifiP - ok
19:06:01.0096 3368  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:06:01.0111 3368  NDIS - ok
19:06:01.0127 3368  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:06:01.0127 3368  NdisCap - ok
19:06:01.0142 3368  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:06:01.0142 3368  NdisTapi - ok
19:06:01.0142 3368  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:06:01.0142 3368  Ndisuio - ok
19:06:01.0142 3368  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:06:01.0158 3368  NdisWan - ok
19:06:01.0174 3368  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:06:01.0174 3368  NDProxy - ok
19:06:01.0174 3368  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:06:01.0174 3368  NetBIOS - ok
19:06:01.0189 3368  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:06:01.0189 3368  NetBT - ok
19:06:01.0205 3368  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
19:06:01.0205 3368  Netlogon - ok
19:06:01.0220 3368  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
19:06:01.0220 3368  Netman - ok
19:06:01.0236 3368  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:06:01.0236 3368  NetMsmqActivator - ok
19:06:01.0236 3368  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:06:01.0236 3368  NetPipeActivator - ok
19:06:01.0252 3368  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
19:06:01.0252 3368  netprofm - ok
19:06:01.0267 3368  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:06:01.0267 3368  NetTcpActivator - ok
19:06:01.0267 3368  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:06:01.0267 3368  NetTcpPortSharing - ok
19:06:01.0283 3368  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
19:06:01.0298 3368  nfrd960 - ok
19:06:01.0314 3368  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:06:01.0314 3368  NlaSvc - ok
19:06:01.0314 3368  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:06:01.0314 3368  Npfs - ok
19:06:01.0330 3368  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
19:06:01.0330 3368  nsi - ok
19:06:01.0330 3368  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:06:01.0330 3368  nsiproxy - ok
19:06:01.0376 3368  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:06:01.0392 3368  Ntfs - ok
19:06:01.0392 3368  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
19:06:01.0392 3368  Null - ok
19:06:01.0423 3368  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:06:01.0423 3368  nvraid - ok
19:06:01.0439 3368  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:06:01.0439 3368  nvstor - ok
19:06:01.0454 3368  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:06:01.0454 3368  nv_agp - ok
19:06:01.0470 3368  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:06:01.0470 3368  ohci1394 - ok
19:06:01.0486 3368  [ 4965B005492CBA7719E82B71E3245495 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:06:01.0486 3368  ose64 - ok
19:06:01.0564 3368  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:06:01.0579 3368  osppsvc - ok
19:06:01.0595 3368  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:06:01.0610 3368  p2pimsvc - ok
19:06:01.0610 3368  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:06:01.0626 3368  p2psvc - ok
19:06:01.0626 3368  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:06:01.0642 3368  Parport - ok
19:06:01.0642 3368  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:06:01.0657 3368  partmgr - ok
19:06:01.0657 3368  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:06:01.0657 3368  PcaSvc - ok
19:06:01.0673 3368  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
19:06:01.0673 3368  pci - ok
19:06:01.0673 3368  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
19:06:01.0688 3368  pciide - ok
19:06:01.0688 3368  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:06:01.0704 3368  pcmcia - ok
19:06:01.0704 3368  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:06:01.0704 3368  pcw - ok
19:06:01.0704 3368  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:06:01.0720 3368  PEAUTH - ok
19:06:01.0766 3368  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:06:01.0766 3368  PerfHost - ok
19:06:01.0798 3368  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
19:06:01.0798 3368  pla - ok
19:06:01.0829 3368  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:06:01.0829 3368  PlugPlay - ok
19:06:01.0844 3368  PnkBstrA - ok
19:06:01.0844 3368  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:06:01.0844 3368  PNRPAutoReg - ok
19:06:01.0860 3368  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:06:01.0860 3368  PNRPsvc - ok
19:06:01.0876 3368  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:06:01.0876 3368  PolicyAgent - ok
19:06:01.0891 3368  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
19:06:01.0891 3368  Power - ok
19:06:01.0907 3368  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:06:01.0922 3368  PptpMiniport - ok
19:06:01.0922 3368  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
19:06:01.0922 3368  Processor - ok
19:06:01.0954 3368  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:06:01.0954 3368  ProfSvc - ok
19:06:01.0954 3368  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:06:01.0954 3368  ProtectedStorage - ok
19:06:01.0969 3368  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:06:01.0969 3368  Psched - ok
19:06:02.0000 3368  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
19:06:02.0016 3368  ql2300 - ok
19:06:02.0032 3368  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
19:06:02.0032 3368  ql40xx - ok
19:06:02.0047 3368  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
19:06:02.0047 3368  QWAVE - ok
19:06:02.0047 3368  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:06:02.0047 3368  QWAVEdrv - ok
19:06:02.0047 3368  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:06:02.0047 3368  RasAcd - ok
19:06:02.0063 3368  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:06:02.0063 3368  RasAgileVpn - ok
19:06:02.0078 3368  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
19:06:02.0078 3368  RasAuto - ok
19:06:02.0094 3368  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:06:02.0094 3368  Rasl2tp - ok
19:06:02.0094 3368  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
19:06:02.0094 3368  RasMan - ok
19:06:02.0110 3368  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:06:02.0110 3368  RasPppoe - ok
19:06:02.0110 3368  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:06:02.0110 3368  RasSstp - ok
19:06:02.0110 3368  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:06:02.0110 3368  rdbss - ok
19:06:02.0125 3368  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:06:02.0141 3368  rdpbus - ok
19:06:02.0141 3368  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:06:02.0141 3368  RDPCDD - ok
19:06:02.0141 3368  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:06:02.0141 3368  RDPENCDD - ok
19:06:02.0156 3368  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:06:02.0156 3368  RDPREFMP - ok
19:06:02.0172 3368  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:06:02.0172 3368  RdpVideoMiniport - ok
19:06:02.0188 3368  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:06:02.0203 3368  RDPWD - ok
19:06:02.0219 3368  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:06:02.0219 3368  rdyboost - ok
19:06:02.0250 3368  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:06:02.0250 3368  RemoteAccess - ok
19:06:02.0250 3368  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:06:02.0266 3368  RemoteRegistry - ok
19:06:02.0266 3368  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:06:02.0266 3368  RpcEptMapper - ok
19:06:02.0281 3368  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
19:06:02.0281 3368  RpcLocator - ok
19:06:02.0312 3368  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
19:06:02.0312 3368  RpcSs - ok
19:06:02.0328 3368  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:06:02.0328 3368  rspndr - ok
19:06:02.0328 3368  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
19:06:02.0328 3368  SamSs - ok
19:06:02.0344 3368  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:06:02.0344 3368  sbp2port - ok
19:06:02.0359 3368  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:06:02.0359 3368  SCardSvr - ok
19:06:02.0375 3368  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:06:02.0375 3368  scfilter - ok
19:06:02.0390 3368  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
19:06:02.0406 3368  Schedule - ok
19:06:02.0422 3368  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:06:02.0422 3368  SCPolicySvc - ok
19:06:02.0437 3368  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:06:02.0437 3368  SDRSVC - ok
19:06:02.0437 3368  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:06:02.0453 3368  secdrv - ok
19:06:02.0453 3368  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
19:06:02.0453 3368  seclogon - ok
19:06:02.0468 3368  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
19:06:02.0468 3368  SENS - ok
19:06:02.0468 3368  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:06:02.0468 3368  SensrSvc - ok
19:06:02.0468 3368  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:06:02.0484 3368  Serenum - ok
19:06:02.0484 3368  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:06:02.0531 3368  Serial - ok
19:06:02.0531 3368  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
19:06:02.0531 3368  sermouse - ok
19:06:02.0562 3368  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:06:02.0562 3368  SessionEnv - ok
19:06:02.0578 3368  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:06:02.0578 3368  sffdisk - ok
19:06:02.0578 3368  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:06:02.0593 3368  sffp_mmc - ok
19:06:02.0593 3368  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:06:02.0593 3368  sffp_sd - ok
19:06:02.0593 3368  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
19:06:02.0609 3368  sfloppy - ok
19:06:02.0609 3368  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:06:02.0624 3368  SharedAccess - ok
19:06:02.0640 3368  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:06:02.0640 3368  ShellHWDetection - ok
19:06:02.0640 3368  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:06:02.0671 3368  SiSRaid2 - ok
19:06:02.0671 3368  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
19:06:02.0671 3368  SiSRaid4 - ok
19:06:02.0687 3368  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:06:02.0687 3368  Smb - ok
19:06:02.0702 3368  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:06:02.0702 3368  SNMPTRAP - ok
19:06:02.0702 3368  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:06:02.0702 3368  spldr - ok
19:06:02.0734 3368  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
19:06:02.0734 3368  Spooler - ok
19:06:02.0796 3368  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
19:06:02.0827 3368  sppsvc - ok
19:06:02.0843 3368  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:06:02.0843 3368  sppuinotify - ok
19:06:02.0858 3368  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:06:02.0858 3368  srv - ok
19:06:02.0874 3368  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:06:02.0874 3368  srv2 - ok
19:06:02.0890 3368  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:06:02.0905 3368  srvnet - ok
19:06:02.0921 3368  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:06:02.0921 3368  SSDPSRV - ok
19:06:02.0921 3368  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:06:02.0921 3368  SstpSvc - ok
19:06:02.0936 3368  Steam Client Service - ok
19:06:02.0952 3368  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
19:06:02.0952 3368  stexstor - ok
19:06:02.0983 3368  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
19:06:02.0983 3368  stisvc - ok
19:06:02.0999 3368  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:06:02.0999 3368  swenum - ok
19:06:03.0014 3368  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
19:06:03.0014 3368  swprv - ok
19:06:03.0046 3368  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
19:06:03.0077 3368  SysMain - ok
19:06:03.0092 3368  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:06:03.0092 3368  TabletInputService - ok
19:06:03.0124 3368  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:06:03.0124 3368  TapiSrv - ok
19:06:03.0139 3368  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
19:06:03.0155 3368  TBS - ok
19:06:03.0248 3368  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:06:03.0280 3368  Tcpip - ok
19:06:03.0295 3368  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:06:03.0311 3368  TCPIP6 - ok
19:06:03.0326 3368  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:06:03.0326 3368  tcpipreg - ok
19:06:03.0342 3368  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:06:03.0342 3368  TDPIPE - ok
19:06:03.0358 3368  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:06:03.0358 3368  TDTCP - ok
19:06:03.0373 3368  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:06:03.0373 3368  tdx - ok
19:06:03.0389 3368  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:06:03.0389 3368  TermDD - ok
19:06:03.0420 3368  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
19:06:03.0420 3368  TermService - ok
19:06:03.0420 3368  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
19:06:03.0436 3368  Themes - ok
19:06:03.0436 3368  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
19:06:03.0436 3368  THREADORDER - ok
19:06:03.0451 3368  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
19:06:03.0451 3368  TrkWks - ok
19:06:03.0482 3368  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:06:03.0482 3368  TrustedInstaller - ok
19:06:03.0482 3368  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:06:03.0498 3368  tssecsrv - ok
19:06:03.0514 3368  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:06:03.0514 3368  TsUsbFlt - ok
19:06:03.0529 3368  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:06:03.0529 3368  tunnel - ok
19:06:03.0545 3368  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
19:06:03.0545 3368  uagp35 - ok
19:06:03.0560 3368  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:06:03.0560 3368  udfs - ok
19:06:03.0576 3368  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:06:03.0576 3368  UI0Detect - ok
19:06:03.0576 3368  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:06:03.0576 3368  uliagpkx - ok
19:06:03.0592 3368  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
19:06:03.0592 3368  umbus - ok
19:06:03.0607 3368  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:06:03.0607 3368  UmPass - ok
19:06:03.0623 3368  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
19:06:03.0638 3368  upnphost - ok
19:06:03.0654 3368  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:06:03.0654 3368  usbaudio - ok
19:06:03.0670 3368  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:06:03.0670 3368  usbccgp - ok
19:06:03.0685 3368  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:06:03.0685 3368  usbcir - ok
19:06:03.0701 3368  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:06:03.0701 3368  usbehci - ok
19:06:03.0716 3368  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:06:03.0716 3368  usbhub - ok
19:06:03.0732 3368  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
19:06:03.0732 3368  usbohci - ok
19:06:03.0748 3368  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:06:03.0748 3368  usbprint - ok
19:06:03.0763 3368  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
19:06:03.0763 3368  USBSTOR - ok
19:06:03.0763 3368  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
19:06:03.0779 3368  usbuhci - ok
19:06:03.0779 3368  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
19:06:03.0779 3368  UxSms - ok
19:06:03.0794 3368  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
19:06:03.0794 3368  VaultSvc - ok
19:06:03.0794 3368  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:06:03.0794 3368  vdrvroot - ok
19:06:03.0826 3368  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
19:06:03.0826 3368  vds - ok
19:06:03.0826 3368  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:06:03.0826 3368  vga - ok
19:06:03.0826 3368  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:06:03.0826 3368  VgaSave - ok
19:06:03.0841 3368  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:06:03.0841 3368  vhdmp - ok
19:06:03.0841 3368  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:06:03.0857 3368  viaide - ok
19:06:03.0857 3368  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:06:03.0857 3368  volmgr - ok
19:06:03.0872 3368  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:06:03.0872 3368  volmgrx - ok
19:06:03.0888 3368  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:06:03.0888 3368  volsnap - ok
19:06:03.0904 3368  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
19:06:03.0904 3368  vsmraid - ok
19:06:03.0935 3368  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
19:06:03.0950 3368  VSS - ok
19:06:03.0950 3368  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:06:03.0950 3368  vwifibus - ok
19:06:03.0966 3368  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
19:06:03.0966 3368  W32Time - ok
19:06:03.0982 3368  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
19:06:03.0982 3368  WacomPen - ok
19:06:03.0997 3368  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:06:03.0997 3368  WANARP - ok
19:06:03.0997 3368  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:06:03.0997 3368  Wanarpv6 - ok
19:06:04.0028 3368  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:06:04.0044 3368  WatAdminSvc - ok
19:06:04.0075 3368  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
19:06:04.0091 3368  wbengine - ok
19:06:04.0106 3368  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:06:04.0106 3368  WbioSrvc - ok
19:06:04.0122 3368  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:06:04.0122 3368  wcncsvc - ok
19:06:04.0138 3368  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:06:04.0138 3368  WcsPlugInService - ok
19:06:04.0138 3368  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
19:06:04.0138 3368  Wd - ok
19:06:04.0169 3368  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
19:06:04.0169 3368  WDC_SAM - ok
19:06:04.0184 3368  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:06:04.0184 3368  Wdf01000 - ok
19:06:04.0200 3368  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:06:04.0200 3368  WdiServiceHost - ok
19:06:04.0200 3368  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:06:04.0200 3368  WdiSystemHost - ok
19:06:04.0216 3368  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
19:06:04.0216 3368  WebClient - ok
19:06:04.0216 3368  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:06:04.0216 3368  Wecsvc - ok
19:06:04.0231 3368  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:06:04.0231 3368  wercplsupport - ok
19:06:04.0247 3368  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:06:04.0247 3368  WerSvc - ok
19:06:04.0247 3368  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:06:04.0247 3368  WfpLwf - ok
19:06:04.0247 3368  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:06:04.0247 3368  WIMMount - ok
19:06:04.0262 3368  WinDefend - ok
19:06:04.0262 3368  WinHttpAutoProxySvc - ok
19:06:04.0294 3368  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:06:04.0294 3368  Winmgmt - ok
19:06:04.0325 3368  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
19:06:04.0340 3368  WinRM - ok
19:06:04.0372 3368  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:06:04.0372 3368  Wlansvc - ok
19:06:04.0387 3368  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:06:04.0387 3368  WmiAcpi - ok
19:06:04.0418 3368  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:06:04.0418 3368  wmiApSrv - ok
19:06:04.0418 3368  WMPNetworkSvc - ok
19:06:04.0434 3368  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:06:04.0434 3368  WPCSvc - ok
19:06:04.0450 3368  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:06:04.0450 3368  WPDBusEnum - ok
19:06:04.0465 3368  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:06:04.0465 3368  ws2ifsl - ok
19:06:04.0465 3368  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
19:06:04.0481 3368  wscsvc - ok
19:06:04.0481 3368  WSearch - ok
19:06:04.0512 3368  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:06:04.0543 3368  wuauserv - ok
19:06:04.0559 3368  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:06:04.0559 3368  WudfPf - ok
19:06:04.0574 3368  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:06:04.0574 3368  wudfsvc - ok
19:06:04.0590 3368  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:06:04.0590 3368  WwanSvc - ok
19:06:04.0590 3368  ================ Scan global ===============================
19:06:04.0606 3368  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:06:04.0621 3368  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:06:04.0621 3368  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:06:04.0652 3368  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:06:04.0668 3368  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:06:04.0668 3368  [Global] - ok
19:06:04.0668 3368  ================ Scan MBR ==================================
19:06:04.0668 3368  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:06:04.0668 3368  \Device\Harddisk1\DR1 - ok
19:06:04.0684 3368  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:06:04.0793 3368  \Device\Harddisk0\DR0 - ok
19:06:04.0793 3368  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
19:06:04.0793 3368  \Device\Harddisk2\DR2 - ok
19:06:04.0793 3368  ================ Scan VBR ==================================
19:06:04.0793 3368  [ A2F1A9F61AB6E31A7F9FD4EEFDB148D7 ] \Device\Harddisk1\DR1\Partition1
19:06:04.0793 3368  \Device\Harddisk1\DR1\Partition1 - ok
19:06:04.0793 3368  [ 0066942825AEAB2E56968145383BBEB7 ] \Device\Harddisk0\DR0\Partition1
19:06:04.0793 3368  \Device\Harddisk0\DR0\Partition1 - ok
19:06:04.0808 3368  [ CF7B747ABB0883FFAB30016BB464779F ] \Device\Harddisk0\DR0\Partition2
19:06:04.0808 3368  \Device\Harddisk0\DR0\Partition2 - ok
19:06:04.0808 3368  [ 53549B649DE72BDA63F14063984E4B7D ] \Device\Harddisk2\DR2\Partition1
19:06:04.0808 3368  \Device\Harddisk2\DR2\Partition1 - ok
19:06:04.0808 3368  ============================================================
19:06:04.0808 3368  Scan finished
19:06:04.0808 3368  ============================================================
19:06:04.0808 4100  Detected object count: 0
19:06:04.0808 4100  Actual detected object count: 0
19:06:35.0431 3324  Deinitialize success

Et enfin le rapport OTL : http://cjoint.com/12dc/BLftADrl1Te.htm

D'avance merci

Edit : Apparemment le trojan a disparu, j'ai checké la mémoire avec nod, plus rien ! Un grand merci Bernard53, vraiment efficace ces petits logiciels !! Le sujet peut être mis en réglé, sauf si vous voyez une erreur dans les rapport bien sur encore merci

[bernard53]

ok je pense que tu as bien valider la suppression avec RoqueKiller.
Juste ceci pour un petit reste.
* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
[2012/12/04 21:00:18 | 000,000,000 | ---D | C] -- C:\Users\Oplink\AppData\Roaming\dclogs

:Commands
[emptytemp]
[createrestorepoint]

* Cliques sur l'icône Correction (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport s'ouvrir "OTL.log"
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Mets le rapport ici car il prend bien de la place.
http://cjoint.com/
ou.
http://www.1fichier.com/

[Odin]

Voici le rapport :

Code: Tout sélectionner

All processes killed
========== OTL ==========
C:\Users\Oplink\AppData\Roaming\dclogs folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Oplink
->Temp folder emptied: 4158906 bytes
->Temporary Internet Files folder emptied: 147858 bytes
->FireFox cache emptied: 10530546 bytes
->Flash cache emptied: 506 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 14,00 mb
 
Restore point Set: OTL Restore Point
 
OTL by OldTimer - Version 3.2.69.0 log created on 12062012_072600

Files\Folders moved on Reboot...
C:\Users\Oplink\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[bernard53]

impec tout va toujours bien.

[Odin]

Okay merci et peut-être à bientôt !