Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DCOM PLUG AND PLAY ERROR SYSTEM REBOOT


  • This topic is locked This topic is locked
3 replies to this topic

#1 aic007

aic007

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 18 March 2014 - 02:50 PM

Hello,

 

 

First, thanks for the great site, it has helped me in the past with issues.

 

Never posted before and am looking for assistance with an issue I am running into on a PC at work.

 

User reported that her machine rebooted and was getting an error The Plug and Play service terminated unexpectedly.

and The DCOM Server Process Launcher service terminated unexpectedly.

 

I see these errors in the system logs as well.

 

I ran a scan with Malwarebytes and it found the following:

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.03.14.05

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Administrator :: BRTOY_PTSBCKOFF [administrator]

Protection: Enabled

3/14/2014 1:42:22 PM
mbam-log-2014-03-14 (13-42-22).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 659993
Time elapsed: 55 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoToolbarCustomize (PUM.Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 7
C:\Program Files\BHPS\Intg1\bin\bXDyfz.ZNM (Trojan.Inject) -> Quarantined and deleted successfully.
C:\Program Files\BHPS\lic\bin\nUsbGHZl.mVh (Trojan.Inject) -> Quarantined and deleted successfully.
C:\Users\readiek\AppData\Local\Temp\simrnxd\simrnxd.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\pankajd\Documents\My Documents.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Users\pankajd\Documents\My Music\My Music.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Users\pankajd\Documents\My Pictures\My Pictures.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Users\pankajd\Documents\My Videos\My Video.url (Trojan.Zlob) -> Quarantined and deleted successfully.

(end)

 

I rebooted, no errors and thought everything was good. Got a call the next day that the machine was still rebooting, and checking the error logs I see that the PNP and DCOM are still throwing up errors, and now the machine states that it will reboot in one minute after logging in. I disabled the network adapter and the machine has not rebooted.

 

If I enable the adapter in the task manager Malwarebytes alerts me that it successfully blocked access to a potentially malicious website 65.45.56.109

 

Type: outgoing

Por: 59461, Process: svchost.exe.

 

I ran the TDSSkiller from Kaspersky and received the following log

15:38:50.0168 1576  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:38:50.0199 1576  ============================================================
15:38:50.0199 1576  Current date / time: 2014/03/18 15:38:50.0199
15:38:50.0199 1576  SystemInfo:
15:38:50.0199 1576 
15:38:50.0199 1576  OS Version: 6.1.7600 ServicePack: 0.0
15:38:50.0199 1576  Product type: Workstation
15:38:50.0199 1576  ComputerName: BRTOY_PTSBCKOFF
15:38:50.0199 1576  UserName: Administrator
15:38:50.0199 1576  Windows directory: C:\Windows
15:38:50.0199 1576  System windows directory: C:\Windows
15:38:50.0199 1576  Processor architecture: Intel x86
15:38:50.0199 1576  Number of processors: 2
15:38:50.0199 1576  Page size: 0x1000
15:38:50.0199 1576  Boot type: Normal boot
15:38:50.0199 1576  ============================================================
15:38:51.0104 1576  BG loaded
15:38:51.0338 1576  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x28B92, SectorsPerTrack: 0x30, TracksPerCylinder: 0x3D, Type 'K0', Flags 0x00000050
15:38:51.0354 1576  ============================================================
15:38:51.0354 1576  \Device\Harddisk0\DR0:
15:38:51.0354 1576  MBR partitions:
15:38:51.0354 1576  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2F800
15:38:51.0354 1576  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x30000, BlocksNum 0x1D195800
15:38:51.0354 1576  ============================================================
15:38:51.0369 1576  C: <-> \Device\Harddisk0\DR0\Partition2
15:38:51.0369 1576  ============================================================
15:38:51.0369 1576  Initialize success
15:38:51.0369 1576  ============================================================
15:38:55.0503 1972  ============================================================
15:38:55.0503 1972  Scan started
15:38:55.0503 1972  Mode: Manual; SigCheck; TDLFS;
15:38:55.0503 1972  ============================================================
15:38:56.0034 1972  ================ Scan system memory ========================
15:38:56.0034 1972  System memory - ok
15:38:56.0034 1972  ================ Scan services =============================
15:38:56.0143 1972  [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
15:38:56.0205 1972  1394ohci - ok
15:38:56.0221 1972  [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
15:38:56.0237 1972  ACPI - ok
15:38:56.0252 1972  [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
15:38:56.0268 1972  AcpiPmi - ok
15:38:56.0346 1972  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:38:56.0346 1972  AdobeARMservice - ok
15:38:56.0408 1972  [ 9D96B0D5855FD1B98023B3EEC9F06786 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:38:56.0424 1972  AdobeFlashPlayerUpdateSvc - ok
15:38:56.0455 1972  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:38:56.0471 1972  adp94xx - ok
15:38:56.0502 1972  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:38:56.0517 1972  adpahci - ok
15:38:56.0533 1972  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:38:56.0549 1972  adpu320 - ok
15:38:56.0564 1972  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:38:56.0580 1972  AeLookupSvc - ok
15:38:56.0627 1972  [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD             C:\Windows\system32\drivers\afd.sys
15:38:56.0642 1972  AFD - ok
15:38:56.0658 1972  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
15:38:56.0673 1972  agp440 - ok
15:38:56.0705 1972  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
15:38:56.0705 1972  aic78xx - ok
15:38:56.0736 1972  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
15:38:56.0751 1972  ALG - ok
15:38:56.0783 1972  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
15:38:56.0783 1972  aliide - ok
15:38:56.0814 1972  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\DRIVERS\amdagp.sys
15:38:56.0814 1972  amdagp - ok
15:38:56.0845 1972  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
15:38:56.0845 1972  amdide - ok
15:38:56.0861 1972  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:38:56.0876 1972  AmdK8 - ok
15:38:56.0892 1972  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:38:56.0907 1972  AmdPPM - ok
15:38:56.0939 1972  [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:38:56.0939 1972  amdsata - ok
15:38:56.0954 1972  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:38:56.0970 1972  amdsbs - ok
15:38:56.0970 1972  [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:38:56.0985 1972  amdxata - ok
15:38:57.0017 1972  [ FEB834C02CE1E84B6A38F953CA067706 ] AppID           C:\Windows\system32\drivers\appid.sys
15:38:57.0017 1972  AppID - ok
15:38:57.0063 1972  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:38:57.0095 1972  AppIDSvc - ok
15:38:57.0095 1972  [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo         C:\Windows\System32\appinfo.dll
15:38:57.0110 1972  Appinfo - ok
15:38:57.0126 1972  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:38:57.0141 1972  AppMgmt - ok
15:38:57.0173 1972  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:38:57.0188 1972  arc - ok
15:38:57.0188 1972  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:38:57.0204 1972  arcsas - ok
15:38:57.0251 1972  [ 39CDCB109BF200CC8A05B9C7E6272D11 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:38:57.0266 1972  aspnet_state - ok
15:38:57.0282 1972  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:38:57.0297 1972  AsyncMac - ok
15:38:57.0329 1972  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
15:38:57.0329 1972  atapi - ok
15:38:57.0360 1972  [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:38:57.0391 1972  AudioEndpointBuilder - ok
15:38:57.0391 1972  [ 510C873BFA135AA829F4180352772734 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:38:57.0422 1972  Audiosrv - ok
15:38:57.0453 1972  [ 6CF7A77DEA4AF43FD1907E9CDFD65F24 ] awecho          C:\Windows\system32\drivers\awechomd.sys
15:38:57.0469 1972  awecho - ok
15:38:57.0500 1972  [ 64AE9C807B93BA08D63118D01D6FDF2F ] awhost32        C:\Program Files\Symantec\pcAnywhere\awhost32.exe
15:38:57.0516 1972  awhost32 - ok
15:38:57.0531 1972  [ FCD631B75D01FECB673D52BFE87774AC ] awlegacy        C:\Windows\System32\Drivers\awlegacy.sys
15:38:57.0531 1972  awlegacy - ok
15:38:57.0547 1972  [ BE23B51D1AF7AB948F883F864454393D ] AW_HOST         C:\Windows\system32\drivers\aw_host5.sys
15:38:57.0563 1972  AW_HOST - ok
15:38:57.0578 1972  [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:38:57.0594 1972  AxInstSV - ok
15:38:57.0625 1972  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
15:38:57.0656 1972  b06bdrv - ok
15:38:57.0687 1972  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
15:38:57.0687 1972  b57nd60x - ok
15:38:57.0765 1972  [ F2E8CEFC8CF4D6454F4121C5FF93136A ] BBSvc           C:\Program Files\Microsoft\BingBar\7.3.124.0\BBSvc.exe
15:38:57.0781 1972  BBSvc - ok
15:38:57.0797 1972  [ 6E1BCC590C9D30FEE8FC14DBD053CE94 ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.3.124.0\SeaPort.exe
15:38:57.0812 1972  BBUpdate - ok
15:38:57.0828 1972  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:38:57.0843 1972  BDESVC - ok
15:38:57.0875 1972  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:38:57.0906 1972  Beep - ok
15:38:57.0937 1972  [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE             C:\Windows\System32\bfe.dll
15:38:57.0968 1972  BFE - ok
15:38:57.0984 1972  [ 53F476476F55A27F580661BDE09C4EC4 ] BITS            C:\Windows\System32\qmgr.dll
15:38:58.0015 1972  BITS - ok
15:38:58.0031 1972  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:38:58.0046 1972  blbdrive - ok
15:38:58.0062 1972  [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:38:58.0093 1972  bowser - ok
15:38:58.0109 1972  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:38:58.0124 1972  BrFiltLo - ok
15:38:58.0140 1972  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:38:58.0155 1972  BrFiltUp - ok
15:38:58.0171 1972  [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser         C:\Windows\System32\browser.dll
15:38:58.0202 1972  Browser - ok
15:38:58.0218 1972  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:38:58.0233 1972  Brserid - ok
15:38:58.0249 1972  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:38:58.0265 1972  BrSerWdm - ok
15:38:58.0280 1972  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:38:58.0296 1972  BrUsbMdm - ok
15:38:58.0311 1972  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:38:58.0327 1972  BrUsbSer - ok
15:38:58.0343 1972  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:38:58.0358 1972  BTHMODEM - ok
15:38:58.0374 1972  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
15:38:58.0405 1972  bthserv - ok
15:38:58.0436 1972  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:38:58.0452 1972  cdfs - ok
15:38:58.0483 1972  [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:38:58.0499 1972  cdrom - ok
15:38:58.0514 1972  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:38:58.0545 1972  CertPropSvc - ok
15:38:58.0561 1972  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:38:58.0577 1972  circlass - ok
15:38:58.0592 1972  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
15:38:58.0592 1972  CLFS - ok
15:38:58.0639 1972  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:38:58.0639 1972  clr_optimization_v2.0.50727_32 - ok
15:38:58.0686 1972  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:38:58.0701 1972  clr_optimization_v4.0.30319_32 - ok
15:38:58.0717 1972  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:38:58.0717 1972  CmBatt - ok
15:38:58.0733 1972  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
15:38:58.0748 1972  cmdide - ok
15:38:58.0779 1972  [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG             C:\Windows\system32\Drivers\cng.sys
15:38:58.0795 1972  CNG - ok
15:38:58.0811 1972  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:38:58.0811 1972  Compbatt - ok
15:38:58.0842 1972  [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:38:58.0857 1972  CompositeBus - ok
15:38:58.0873 1972  COMSysApp - ok
15:38:58.0873 1972  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:38:58.0889 1972  crcdisk - ok
15:38:58.0935 1972  [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:38:58.0951 1972  CryptSvc - ok
15:38:58.0982 1972  [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC             C:\Windows\system32\drivers\csc.sys
15:38:58.0998 1972  CSC - ok
15:38:59.0013 1972  [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService      C:\Windows\System32\cscsvc.dll
15:38:59.0029 1972  CscService - ok
15:38:59.0076 1972  [ 1D45893ADA35D27323233DB5BEEE2EF8 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:38:59.0091 1972  DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
15:38:59.0091 1972  DcomLaunch - detected UnsignedFile.Multi.Generic (1)
15:38:59.0107 1972  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:38:59.0123 1972  defragsvc - ok
15:38:59.0154 1972  [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:38:59.0169 1972  DfsC - ok
15:38:59.0201 1972  [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:38:59.0216 1972  Dhcp - ok
15:38:59.0232 1972  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
15:38:59.0263 1972  discache - ok
15:38:59.0279 1972  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:38:59.0294 1972  Disk - ok
15:38:59.0310 1972  [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:38:59.0325 1972  Dnscache - ok
15:38:59.0357 1972  [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:38:59.0372 1972  dot3svc - ok
15:38:59.0388 1972  [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS             C:\Windows\system32\dps.dll
15:38:59.0419 1972  DPS - ok
15:38:59.0450 1972  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:38:59.0450 1972  drmkaud - ok
15:38:59.0497 1972  [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:38:59.0528 1972  DXGKrnl - ok
15:38:59.0575 1972  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
15:38:59.0622 1972  EapHost - ok
15:38:59.0700 1972  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
15:38:59.0762 1972  ebdrv - ok
15:38:59.0793 1972  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS             C:\Windows\System32\lsass.exe
15:38:59.0793 1972  EFS - ok
15:38:59.0840 1972  [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:38:59.0856 1972  ehRecvr - ok
15:38:59.0871 1972  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
15:38:59.0887 1972  ehSched - ok
15:38:59.0918 1972  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:38:59.0934 1972  elxstor - ok
15:38:59.0949 1972  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
15:38:59.0965 1972  ErrDev - ok
15:38:59.0996 1972  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
15:39:00.0027 1972  EventSystem - ok
15:39:00.0043 1972  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
15:39:00.0059 1972  exfat - ok
15:39:00.0074 1972  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:39:00.0090 1972  fastfat - ok
15:39:00.0121 1972  [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax             C:\Windows\system32\fxssvc.exe
15:39:00.0137 1972  Fax - ok
15:39:00.0152 1972  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:39:00.0168 1972  fdc - ok
15:39:00.0168 1972  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
15:39:00.0199 1972  fdPHost - ok
15:39:00.0215 1972  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
15:39:00.0230 1972  FDResPub - ok
15:39:00.0246 1972  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:39:00.0261 1972  FileInfo - ok
15:39:00.0277 1972  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:39:00.0293 1972  Filetrace - ok
15:39:00.0308 1972  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:39:00.0324 1972  flpydisk - ok
15:39:00.0339 1972  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:39:00.0355 1972  FltMgr - ok
15:39:00.0386 1972  [ 7FE4995528A7529A761875151EE3D512 ] FontCache       C:\Windows\system32\FntCache.dll
15:39:00.0402 1972  FontCache - ok
15:39:00.0449 1972  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:39:00.0464 1972  FontCache3.0.0.0 - ok
15:39:00.0511 1972  [ C96C52D0D80666AF585516FFA97B7C00 ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
15:39:00.0527 1972  ForceWare Intelligent Application Manager (IAM) - ok
15:39:00.0542 1972  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:39:00.0558 1972  FsDepends - ok
15:39:00.0589 1972  [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:39:00.0589 1972  Fs_Rec - ok
15:39:00.0636 1972  [ 4732E596BB1C50D9F9188C5074EE7782 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:39:00.0651 1972  fvevol - ok
15:39:00.0667 1972  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:39:00.0683 1972  gagp30kx - ok
15:39:00.0714 1972  [ B390BC5AA09F333C5D95BE651C073564 ] Gernuwa         C:\Windows\system32\drivers\Gernuwa.sys
15:39:00.0714 1972  Gernuwa - ok
15:39:00.0745 1972  [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc           C:\Windows\System32\gpsvc.dll
15:39:00.0776 1972  gpsvc - ok
15:39:00.0792 1972  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:39:00.0807 1972  hcw85cir - ok
15:39:00.0839 1972  [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:39:00.0854 1972  HdAudAddService - ok
15:39:00.0870 1972  [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:39:00.0885 1972  HDAudBus - ok
15:39:00.0901 1972  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:39:00.0901 1972  HidBatt - ok
15:39:00.0917 1972  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:39:00.0932 1972  HidBth - ok
15:39:00.0963 1972  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:39:00.0963 1972  HidIr - ok
15:39:00.0995 1972  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
15:39:01.0010 1972  hidserv - ok
15:39:01.0026 1972  [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:39:01.0041 1972  HidUsb - ok
15:39:01.0057 1972  [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:39:01.0088 1972  hkmsvc - ok
15:39:01.0104 1972  [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:39:01.0119 1972  HomeGroupListener - ok
15:39:01.0135 1972  [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:39:01.0151 1972  HomeGroupProvider - ok
15:39:01.0166 1972  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
15:39:01.0182 1972  HpSAMD - ok
15:39:01.0213 1972  [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:39:01.0244 1972  HTTP - ok
15:39:01.0244 1972  [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:39:01.0260 1972  hwpolicy - ok
15:39:01.0275 1972  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:39:01.0291 1972  i8042prt - ok
15:39:01.0322 1972  [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:39:01.0338 1972  iaStorV - ok
15:39:01.0385 1972  [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:39:01.0416 1972  idsvc - ok
15:39:01.0431 1972  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:39:01.0447 1972  iirsp - ok
15:39:01.0478 1972  [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT          C:\Windows\System32\ikeext.dll
15:39:01.0509 1972  IKEEXT - ok
15:39:01.0603 1972  [ B38852F597F0E0D1CFFE11A19A08A9D9 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:39:01.0681 1972  IntcAzAudAddService - ok
15:39:01.0697 1972  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
15:39:01.0712 1972  intelide - ok
15:39:01.0728 1972  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:39:01.0743 1972  intelppm - ok
15:39:01.0759 1972  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:39:01.0790 1972  IPBusEnum - ok
15:39:01.0806 1972  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:39:01.0821 1972  IpFilterDriver - ok
15:39:01.0853 1972  [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:39:01.0884 1972  iphlpsvc - ok
15:39:01.0899 1972  [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:39:01.0899 1972  IPMIDRV - ok
15:39:01.0931 1972  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:39:01.0946 1972  IPNAT - ok
15:39:01.0977 1972  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:39:01.0993 1972  IRENUM - ok
15:39:01.0993 1972  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
15:39:02.0009 1972  isapnp - ok
15:39:02.0024 1972  [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:39:02.0040 1972  iScsiPrt - ok
15:39:02.0071 1972  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:39:02.0087 1972  kbdclass - ok
15:39:02.0102 1972  [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:39:02.0102 1972  kbdhid - ok
15:39:02.0118 1972  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso          C:\Windows\system32\lsass.exe
15:39:02.0133 1972  KeyIso - ok
15:39:02.0165 1972  [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:39:02.0180 1972  KSecDD - ok
15:39:02.0196 1972  [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:39:02.0211 1972  KSecPkg - ok
15:39:02.0243 1972  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:39:02.0258 1972  KtmRm - ok
15:39:02.0289 1972  [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:39:02.0305 1972  LanmanServer - ok
15:39:02.0321 1972  [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:39:02.0352 1972  LanmanWorkstation - ok
15:39:02.0414 1972  [ 6105B28F5D03C4AFFA7197B228768849 ] LiveUpdate      C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
15:39:02.0461 1972  LiveUpdate - ok
15:39:02.0492 1972  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:39:02.0523 1972  lltdio - ok
15:39:02.0539 1972  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:39:02.0570 1972  lltdsvc - ok
15:39:02.0586 1972  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:39:02.0601 1972  lmhosts - ok
15:39:02.0617 1972  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:39:02.0633 1972  LSI_FC - ok
15:39:02.0648 1972  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:39:02.0648 1972  LSI_SAS - ok
15:39:02.0664 1972  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:39:02.0679 1972  LSI_SAS2 - ok
15:39:02.0679 1972  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:39:02.0695 1972  LSI_SCSI - ok
15:39:02.0711 1972  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
15:39:02.0726 1972  luafv - ok
15:39:02.0757 1972  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:39:02.0773 1972  MBAMProtector - ok
15:39:02.0789 1972  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:39:02.0804 1972  MBAMScheduler - ok
15:39:02.0820 1972  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:39:02.0835 1972  MBAMService - ok
15:39:02.0867 1972  [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:39:02.0882 1972  Mcx2Svc - ok
15:39:02.0929 1972  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
15:39:02.0929 1972  MDM - ok
15:39:02.0945 1972  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:39:02.0960 1972  megasas - ok
15:39:02.0976 1972  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:39:02.0991 1972  MegaSR - ok
15:39:03.0023 1972  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
15:39:03.0038 1972  MMCSS - ok
15:39:03.0054 1972  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
15:39:03.0069 1972  Modem - ok
15:39:03.0101 1972  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:39:03.0101 1972  monitor - ok
15:39:03.0132 1972  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:39:03.0132 1972  mouclass - ok
15:39:03.0147 1972  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:39:03.0163 1972  mouhid - ok
15:39:03.0179 1972  [ 921C18727C5920D6C0300736646931C2 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:39:03.0179 1972  mountmgr - ok
15:39:03.0225 1972  [ E77DC03DD3C8E5A388BF9EED2A28F3D1 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:39:03.0225 1972  MpFilter - ok
15:39:03.0241 1972  [ 2AF5997438C55FB79D33D015C30E1974 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
15:39:03.0257 1972  mpio - ok
15:39:03.0366 1972  [ 65C34426C83EFA32D48380A97717997B ] MpKsl329135ed   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4B2A231A-BB58-4D44-820B-987E7608CC6F}\MpKsl329135ed.sys
15:39:03.0366 1972  MpKsl329135ed - ok
15:39:03.0397 1972  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:39:03.0413 1972  mpsdrv - ok
15:39:03.0444 1972  [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:39:03.0475 1972  MpsSvc - ok
15:39:03.0491 1972  [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:39:03.0491 1972  MRxDAV - ok
15:39:03.0522 1972  [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:39:03.0537 1972  mrxsmb - ok
15:39:03.0569 1972  [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:39:03.0584 1972  mrxsmb10 - ok
15:39:03.0600 1972  [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:39:03.0600 1972  mrxsmb20 - ok
15:39:03.0631 1972  [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
15:39:03.0631 1972  msahci - ok
15:39:03.0647 1972  [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
15:39:03.0662 1972  msdsm - ok
15:39:03.0678 1972  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
15:39:03.0678 1972  MSDTC - ok
15:39:03.0709 1972  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:39:03.0725 1972  Msfs - ok
15:39:03.0740 1972  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:39:03.0771 1972  mshidkmdf - ok
15:39:03.0787 1972  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
15:39:03.0787 1972  msisadrv - ok
15:39:03.0818 1972  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:39:03.0849 1972  MSiSCSI - ok
15:39:03.0849 1972  msiserver - ok
15:39:03.0865 1972  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:39:03.0896 1972  MSKSSRV - ok
15:39:03.0943 1972  [ B0F49DA36F30922F5DDC3B623B778FCE ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:39:03.0959 1972  MsMpSvc - ok
15:39:03.0974 1972  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:39:04.0005 1972  MSPCLOCK - ok
15:39:04.0021 1972  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:39:04.0037 1972  MSPQM - ok
15:39:04.0052 1972  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:39:04.0068 1972  MsRPC - ok
15:39:04.0083 1972  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:39:04.0083 1972  mssmbios - ok
15:39:04.0099 1972  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:39:04.0115 1972  MSTEE - ok
15:39:04.0130 1972  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:39:04.0146 1972  MTConfig - ok
15:39:04.0177 1972  [ 0F24624106D8042E7F27882D9D6FF5C0 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
15:39:04.0177 1972  MTsensor - ok
15:39:04.0193 1972  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:39:04.0208 1972  Mup - ok
15:39:04.0224 1972  [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent        C:\Windows\system32\qagentRT.dll
15:39:04.0255 1972  napagent - ok
15:39:04.0271 1972  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:39:04.0286 1972  NativeWifiP - ok
15:39:04.0317 1972  [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:39:04.0333 1972  NDIS - ok
15:39:04.0349 1972  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:39:04.0380 1972  NdisCap - ok
15:39:04.0395 1972  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:39:04.0427 1972  NdisTapi - ok
15:39:04.0427 1972  [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:39:04.0458 1972  Ndisuio - ok
15:39:04.0458 1972  [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:39:04.0489 1972  NdisWan - ok
15:39:04.0489 1972  [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:39:04.0520 1972  NDProxy - ok
15:39:04.0520 1972  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:39:04.0551 1972  NetBIOS - ok
15:39:04.0567 1972  [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:39:04.0583 1972  NetBT - ok
15:39:04.0598 1972  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon        C:\Windows\system32\lsass.exe
15:39:04.0614 1972  Netlogon - ok
15:39:04.0661 1972  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
15:39:04.0692 1972  Netman - ok
15:39:04.0707 1972  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
15:39:04.0739 1972  netprofm - ok
15:39:04.0754 1972  [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:39:04.0770 1972  NetTcpPortSharing - ok
15:39:04.0785 1972  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:39:04.0801 1972  nfrd960 - ok
15:39:04.0832 1972  [ 32FF06EC6D946EF791D98D6C838A3090 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:39:04.0848 1972  NisDrv - ok
15:39:04.0879 1972  [ 42D33042371BFB1A7D40834590CAFD30 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
15:39:04.0895 1972  NisSrv - ok
15:39:04.0910 1972  [ 2226496E34BD40734946A054B1CD657F ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:39:04.0941 1972  NlaSvc - ok
15:39:04.0957 1972  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:39:04.0973 1972  Npfs - ok
15:39:04.0988 1972  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
15:39:05.0019 1972  nsi - ok
15:39:05.0019 1972  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:39:05.0051 1972  nsiproxy - ok
15:39:05.0082 1972  [ B6C48D01147EC020DE7F1856734127F8 ] nSvcIp          C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
15:39:05.0082 1972  nSvcIp - ok
15:39:05.0144 1972  [ A8F59428E9F361C7AC42A94AC1560BC9 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:39:05.0160 1972  Ntfs - ok
15:39:05.0191 1972  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
15:39:05.0207 1972  Null - ok
15:39:05.0238 1972  [ B5E37E31C053BC9950455A257526514B ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x32.sys
15:39:05.0238 1972  NVENETFD - ok
15:39:05.0425 1972  [ 9A77B1C13BCCEDDF78DFD7AFC25B4F5E ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:39:05.0675 1972  nvlddmkm - ok
15:39:05.0706 1972  [ 5BF9C11586F4764446407F509F1BECA8 ] NVNET           C:\Windows\system32\DRIVERS\nvmf6232.sys
15:39:05.0721 1972  NVNET - ok
15:39:05.0737 1972  [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:39:05.0753 1972  nvraid - ok
15:39:05.0784 1972  [ 4520B63899E867F354EE012D34E11536 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:39:05.0784 1972  nvstor - ok
15:39:05.0799 1972  [ 3FF57A9A657C9690ECBC8B1E3B6E3979 ] nvstor32        C:\Windows\system32\DRIVERS\nvstor32.sys
15:39:05.0815 1972  nvstor32 - ok
15:39:05.0862 1972  [ 31B8835B003CAA6D31BEAD83DDBF98E5 ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:39:05.0877 1972  nvsvc - ok
15:39:05.0909 1972  [ F935E817409F78FA50C5921DB39124B3 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:39:05.0940 1972  nvUpdatusService - ok
15:39:05.0955 1972  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
15:39:05.0955 1972  nv_agp - ok
15:39:05.0987 1972  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
15:39:05.0987 1972  ohci1394 - ok
15:39:06.0018 1972  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:39:06.0033 1972  ose - ok
15:39:06.0065 1972  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:39:06.0080 1972  p2pimsvc - ok
15:39:06.0096 1972  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:39:06.0111 1972  p2psvc - ok
15:39:06.0143 1972  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:39:06.0158 1972  Parport - ok
15:39:06.0189 1972  [ 66D3415C159741ADE7038A277EFFF99F ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:39:06.0205 1972  partmgr - ok
15:39:06.0221 1972  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
15:39:06.0221 1972  Parvdm - ok
15:39:06.0252 1972  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:39:06.0267 1972  PcaSvc - ok
15:39:06.0267 1972  [ C858CB77C577780ECC456A892E7E7D0F ] pci             C:\Windows\system32\DRIVERS\pci.sys
15:39:06.0283 1972  pci - ok
15:39:06.0299 1972  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
15:39:06.0314 1972  pciide - ok
15:39:06.0330 1972  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:39:06.0330 1972  pcmcia - ok
15:39:06.0345 1972  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
15:39:06.0361 1972  pcw - ok
15:39:06.0392 1972  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:39:06.0439 1972  PEAUTH - ok
15:39:06.0455 1972  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:39:06.0486 1972  PeerDistSvc - ok
15:39:06.0533 1972  [ 9C1BFF7910C89A1D12E57343475840CB ] pla             C:\Windows\system32\pla.dll
15:39:06.0564 1972  pla - ok
15:39:06.0611 1972  [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:39:06.0642 1972  PlugPlay - ok
15:39:06.0657 1972  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:39:06.0657 1972  PNRPAutoReg - ok
15:39:06.0673 1972  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:39:06.0689 1972  PNRPsvc - ok
15:39:06.0704 1972  [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:39:06.0735 1972  PolicyAgent - ok
15:39:06.0751 1972  [ DBFF83F709A91049621C1D35DD45C92C ] Power           C:\Windows\system32\umpo.dll
15:39:06.0782 1972  Power - ok
15:39:06.0813 1972  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:39:06.0829 1972  PptpMiniport - ok
15:39:06.0845 1972  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:39:06.0860 1972  Processor - ok
15:39:06.0876 1972  [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc         C:\Windows\system32\profsvc.dll
15:39:06.0891 1972  ProfSvc - ok
15:39:06.0907 1972  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:39:06.0907 1972  ProtectedStorage - ok
15:39:06.0938 1972  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:39:06.0954 1972  Psched - ok
15:39:07.0001 1972  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:39:07.0047 1972  ql2300 - ok
15:39:07.0063 1972  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:39:07.0079 1972  ql40xx - ok
15:39:07.0094 1972  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
15:39:07.0110 1972  QWAVE - ok
15:39:07.0125 1972  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:39:07.0141 1972  QWAVEdrv - ok
15:39:07.0141 1972  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:39:07.0172 1972  RasAcd - ok
15:39:07.0203 1972  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:39:07.0219 1972  RasAgileVpn - ok
15:39:07.0235 1972  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
15:39:07.0250 1972  RasAuto - ok
15:39:07.0266 1972  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:39:07.0297 1972  Rasl2tp - ok
15:39:07.0313 1972  [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan          C:\Windows\System32\rasmans.dll
15:39:07.0328 1972  RasMan - ok
15:39:07.0344 1972  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:39:07.0375 1972  RasPppoe - ok
15:39:07.0391 1972  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:39:07.0406 1972  RasSstp - ok
15:39:07.0422 1972  [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:39:07.0453 1972  rdbss - ok
15:39:07.0453 1972  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:39:07.0469 1972  rdpbus - ok
15:39:07.0484 1972  [ 1E016846895B15A99F9A176A05029075 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:39:07.0500 1972  RDPCDD - ok
15:39:07.0515 1972  [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:39:07.0531 1972  RDPDR - ok
15:39:07.0547 1972  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:39:07.0562 1972  RDPENCDD - ok
15:39:07.0578 1972  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:39:07.0593 1972  RDPREFMP - ok
15:39:07.0625 1972  [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:39:07.0640 1972  RDPWD - ok
15:39:07.0671 1972  [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:39:07.0671 1972  rdyboost - ok
15:39:07.0703 1972  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:39:07.0718 1972  RemoteAccess - ok
15:39:07.0734 1972  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:39:07.0749 1972  RemoteRegistry - ok
15:39:07.0765 1972  rhynbofb - ok
15:39:07.0781 1972  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:39:07.0796 1972  RpcEptMapper - ok
15:39:07.0827 1972  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
15:39:07.0843 1972  RpcLocator - ok
15:39:07.0843 1972  [ 1D45893ADA35D27323233DB5BEEE2EF8 ] RpcSs           C:\Windows\system32\rpcss.dll
15:39:07.0859 1972  RpcSs ( UnsignedFile.Multi.Generic ) - warning
15:39:07.0859 1972  RpcSs - detected UnsignedFile.Multi.Generic (1)
15:39:07.0890 1972  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:39:07.0905 1972  rspndr - ok
15:39:07.0921 1972  [ 5423D8437051E89DD34749F242C98648 ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
15:39:07.0937 1972  s3cap - ok
15:39:07.0952 1972  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs           C:\Windows\system32\lsass.exe
15:39:07.0952 1972  SamSs - ok
15:39:07.0968 1972  [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
15:39:07.0983 1972  sbp2port - ok
15:39:08.0015 1972  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:39:08.0030 1972  SCardSvr - ok
15:39:08.0046 1972  [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:39:08.0061 1972  scfilter - ok
15:39:08.0108 1972  [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule        C:\Windows\system32\schedsvc.dll
15:39:08.0124 1972  Schedule - ok
15:39:08.0124 1972  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:39:08.0155 1972  SCPolicySvc - ok
15:39:08.0171 1972  [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:39:08.0171 1972  SDRSVC - ok
15:39:08.0202 1972  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:39:08.0217 1972  secdrv - ok
15:39:08.0233 1972  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
15:39:08.0249 1972  seclogon - ok
15:39:08.0264 1972  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
15:39:08.0280 1972  SENS - ok
15:39:08.0295 1972  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:39:08.0311 1972  SensrSvc - ok
15:39:08.0327 1972  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:39:08.0327 1972  Serenum - ok
15:39:08.0342 1972  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:39:08.0358 1972  Serial - ok
15:39:08.0358 1972  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:39:08.0373 1972  sermouse - ok
15:39:08.0405 1972  [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv      C:\Windows\system32\sessenv.dll
15:39:08.0420 1972  SessionEnv - ok
15:39:08.0436 1972  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
15:39:08.0436 1972  sffdisk - ok
15:39:08.0451 1972  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:39:08.0467 1972  sffp_mmc - ok
15:39:08.0467 1972  [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
15:39:08.0483 1972  sffp_sd - ok
15:39:08.0498 1972  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:39:08.0514 1972  sfloppy - ok
15:39:08.0529 1972  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:39:08.0561 1972  SharedAccess - ok
15:39:08.0592 1972  [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:39:08.0607 1972  ShellHWDetection - ok
15:39:08.0607 1972  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\DRIVERS\sisagp.sys
15:39:08.0623 1972  sisagp - ok
15:39:08.0654 1972  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:39:08.0654 1972  SiSRaid2 - ok
15:39:08.0670 1972  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:39:08.0685 1972  SiSRaid4 - ok
15:39:08.0701 1972  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:39:08.0732 1972  Smb - ok
15:39:08.0763 1972  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:39:08.0779 1972  SNMPTRAP - ok
15:39:08.0779 1972  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:39:08.0795 1972  spldr - ok
15:39:08.0826 1972  [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler         C:\Windows\System32\spoolsv.exe
15:39:08.0841 1972  Spooler - ok
15:39:08.0904 1972  [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc          C:\Windows\system32\sppsvc.exe
15:39:08.0951 1972  sppsvc - ok
15:39:08.0966 1972  [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:39:08.0997 1972  sppuinotify - ok
15:39:09.0029 1972  [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:39:09.0044 1972  srv - ok
15:39:09.0060 1972  [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:39:09.0075 1972  srv2 - ok
15:39:09.0075 1972  [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:39:09.0091 1972  srvnet - ok
15:39:09.0107 1972  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:39:09.0153 1972  SSDPSRV - ok
15:39:09.0169 1972  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:39:09.0185 1972  SstpSvc - ok
15:39:09.0200 1972  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:39:09.0216 1972  stexstor - ok
15:39:09.0231 1972  [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc          C:\Windows\System32\wiaservc.dll
15:39:09.0263 1972  StiSvc - ok
15:39:09.0278 1972  [ 957E346CA948668F2496A6CCF6FF82CC ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
15:39:09.0294 1972  storflt - ok
15:39:09.0309 1972  [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc         C:\Windows\system32\storsvc.dll
15:39:09.0309 1972  StorSvc - ok
15:39:09.0341 1972  [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
15:39:09.0341 1972  storvsc - ok
15:39:09.0372 1972  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:39:09.0372 1972  swenum - ok
15:39:09.0403 1972  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
15:39:09.0419 1972  swprv - ok
15:39:09.0450 1972  [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain         C:\Windows\system32\sysmain.dll
15:39:09.0481 1972  SysMain - ok
15:39:09.0497 1972  [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:39:09.0512 1972  TabletInputService - ok
15:39:09.0528 1972  [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:39:09.0559 1972  TapiSrv - ok
15:39:09.0575 1972  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
15:39:09.0590 1972  TBS - ok
15:39:09.0684 1972  [ BBCEAEFF1FD72A026F827CBB2F4AA8AD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:39:09.0715 1972  Tcpip - ok
15:39:09.0855 1972  [ BBCEAEFF1FD72A026F827CBB2F4AA8AD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:39:09.0871 1972  TCPIP6 - ok
15:39:09.0902 1972  [ E64444523ADD154F86567C469BC0B17F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:39:09.0933 1972  tcpipreg - ok
15:39:09.0949 1972  [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:39:09.0965 1972  TDPIPE - ok
15:39:09.0980 1972  [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:39:09.0996 1972  TDTCP - ok
15:39:10.0011 1972  [ CB39E896A2A83702D1737BFD402B3542 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:39:10.0027 1972  tdx - ok
15:39:10.0043 1972  [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:39:10.0058 1972  TermDD - ok
15:39:10.0089 1972  [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService     C:\Windows\System32\termsrv.dll
15:39:10.0121 1972  TermService - ok
15:39:10.0136 1972  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
15:39:10.0152 1972  Themes - ok
15:39:10.0167 1972  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
15:39:10.0183 1972  THREADORDER - ok
15:39:10.0214 1972  [ 090C1BB04B074E1D0D8BF510E799EEBA ] TIRmtSvc        C:\WINDOWS\TIREMOTE\TIRemoteService.exe
15:39:10.0230 1972  TIRmtSvc ( UnsignedFile.Multi.Generic ) - warning
15:39:10.0230 1972  TIRmtSvc - detected UnsignedFile.Multi.Generic (1)
15:39:10.0230 1972  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
15:39:10.0261 1972  TrkWks - ok
15:39:10.0292 1972  [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:39:10.0308 1972  TrustedInstaller - ok
15:39:10.0323 1972  [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:39:10.0339 1972  tssecsrv - ok
15:39:10.0370 1972  [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:39:10.0401 1972  tunnel - ok
15:39:10.0417 1972  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:39:10.0417 1972  uagp35 - ok
15:39:10.0433 1972  [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:39:10.0464 1972  udfs - ok
15:39:10.0495 1972  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:39:10.0511 1972  UI0Detect - ok
15:39:10.0526 1972  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
15:39:10.0542 1972  uliagpkx - ok
15:39:10.0557 1972  [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:39:10.0573 1972  umbus - ok
15:39:10.0589 1972  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:39:10.0604 1972  UmPass - ok
15:39:10.0620 1972  [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:39:10.0635 1972  UmRdpService - ok
15:39:10.0651 1972  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
15:39:10.0682 1972  upnphost - ok
15:39:10.0698 1972  [ C31AE588E403042632DC796CF09E30B0 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:39:10.0713 1972  usbccgp - ok
15:39:10.0729 1972  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
15:39:10.0745 1972  usbcir - ok
15:39:10.0776 1972  [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:39:10.0776 1972  usbehci - ok
15:39:10.0807 1972  [ BDCD7156EC37448F08633FD899823620 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:39:10.0823 1972  usbhub - ok
15:39:10.0823 1972  [ EB2D819A639015253C871CDA09D91D58 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:39:10.0838 1972  usbohci - ok
15:39:10.0854 1972  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:39:10.0869 1972  usbprint - ok
15:39:10.0916 1972  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:39:10.0916 1972  usbscan - ok
15:39:10.0932 1972  [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:39:10.0947 1972  USBSTOR - ok
15:39:10.0963 1972  [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:39:10.0979 1972  usbuhci - ok
15:39:10.0994 1972  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
15:39:11.0025 1972  UxSms - ok
15:39:11.0025 1972  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc        C:\Windows\system32\lsass.exe
15:39:11.0041 1972  VaultSvc - ok
15:39:11.0057 1972  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
15:39:11.0057 1972  vdrvroot - ok
15:39:11.0088 1972  [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds             C:\Windows\System32\vds.exe
15:39:11.0103 1972  vds - ok
15:39:11.0119 1972  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:39:11.0135 1972  vga - ok
15:39:11.0150 1972  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:39:11.0166 1972  VgaSave - ok
15:39:11.0181 1972  [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
15:39:11.0197 1972  vhdmp - ok
15:39:11.0213 1972  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\DRIVERS\viaagp.sys
15:39:11.0228 1972  viaagp - ok
15:39:11.0244 1972  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
15:39:11.0259 1972  ViaC7 - ok
15:39:11.0275 1972  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
15:39:11.0275 1972  viaide - ok
15:39:11.0306 1972  [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
15:39:11.0322 1972  vmbus - ok
15:39:11.0337 1972  [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
15:39:11.0337 1972  VMBusHID - ok
15:39:11.0353 1972  [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
15:39:11.0369 1972  volmgr - ok
15:39:11.0384 1972  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:39:11.0400 1972  volmgrx - ok
15:39:11.0431 1972  [ 59F06B4968E58BC83DFC56CA4517960E ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:39:11.0431 1972  volsnap - ok
15:39:11.0462 1972  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:39:11.0478 1972  vsmraid - ok
15:39:11.0509 1972  [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS             C:\Windows\system32\vssvc.exe
15:39:11.0525 1972  VSS - ok
15:39:11.0540 1972  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:39:11.0556 1972  vwifibus - ok
15:39:11.0571 1972  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
15:39:11.0603 1972  W32Time - ok
15:39:11.0618 1972  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:39:11.0634 1972  WacomPen - ok
15:39:11.0649 1972  [ 692A712062146E96D28BA0B7D75DE31B ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:39:11.0681 1972  WANARP - ok
15:39:11.0681 1972  [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:39:11.0712 1972  Wanarpv6 - ok
15:39:11.0759 1972  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:39:11.0774 1972  WatAdminSvc - ok
15:39:11.0805 1972  [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine        C:\Windows\system32\wbengine.exe
15:39:11.0821 1972  wbengine - ok
15:39:11.0837 1972  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:39:11.0852 1972  WbioSrvc - ok
15:39:11.0883 1972  [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:39:11.0899 1972  wcncsvc - ok
15:39:11.0915 1972  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:39:11.0946 1972  WcsPlugInService - ok
15:39:11.0961 1972  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:39:11.0977 1972  Wd - ok
15:39:12.0008 1972  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:39:12.0039 1972  Wdf01000 - ok
15:39:12.0055 1972  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:39:12.0071 1972  WdiServiceHost - ok
15:39:12.0071 1972  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:39:12.0086 1972  WdiSystemHost - ok
15:39:12.0117 1972  [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient       C:\Windows\System32\webclnt.dll
15:39:12.0133 1972  WebClient - ok
15:39:12.0149 1972  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:39:12.0164 1972  Wecsvc - ok
15:39:12.0180 1972  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:39:12.0211 1972  wercplsupport - ok
15:39:12.0227 1972  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:39:12.0242 1972  WerSvc - ok
15:39:12.0258 1972  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:39:12.0273 1972  WfpLwf - ok
15:39:12.0289 1972  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:39:12.0305 1972  WIMMount - ok
15:39:12.0336 1972  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
15:39:12.0367 1972  WinDefend - ok
15:39:12.0383 1972  WinHttpAutoProxySvc - ok
15:39:12.0445 1972  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:39:12.0461 1972  Winmgmt - ok
15:39:12.0507 1972  [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:39:12.0539 1972  WinRM - ok
15:39:12.0585 1972  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:39:12.0617 1972  Wlansvc - ok
15:39:12.0632 1972  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:39:12.0648 1972  WmiAcpi - ok
15:39:12.0679 1972  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:39:12.0695 1972  wmiApSrv - ok
15:39:12.0757 1972  [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
15:39:12.0788 1972  WMPNetworkSvc - ok
15:39:12.0804 1972  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:39:12.0819 1972  WPCSvc - ok
15:39:12.0835 1972  [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:39:12.0866 1972  WPDBusEnum - ok
15:39:12.0882 1972  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:39:12.0897 1972  ws2ifsl - ok
15:39:12.0929 1972  [ A661A76333057B383A06E65F0073222F ] wscsvc          C:\Windows\System32\wscsvc.dll
15:39:12.0929 1972  wscsvc - ok
15:39:12.0944 1972  WSearch - ok
15:39:13.0007 1972  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
15:39:13.0038 1972  wuauserv - ok
15:39:13.0069 1972  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:39:13.0085 1972  WudfPf - ok
15:39:13.0116 1972  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:39:13.0131 1972  WUDFRd - ok
15:39:13.0163 1972  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:39:13.0163 1972  wudfsvc - ok
15:39:13.0194 1972  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:39:13.0209 1972  WwanSvc - ok
15:39:13.0272 1972  [ 5867CE254625645345C833510D24F124 ] {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} C:\Program Files\CyberLink\PowerDVD8\000.fcl
15:39:13.0287 1972  {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} - ok
15:39:13.0287 1972  ================ Scan global ===============================
15:39:13.0303 1972  [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
15:39:13.0319 1972  [ 8531AAF69394EFB93BC653916C46D245 ] C:\Windows\system32\winsrv.dll
15:39:13.0334 1972  [ 8531AAF69394EFB93BC653916C46D245 ] C:\Windows\system32\winsrv.dll
15:39:13.0365 1972  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:39:13.0397 1972  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:39:13.0397 1972  [Global] - ok
15:39:13.0397 1972  ================ Scan MBR ==================================
15:39:13.0412 1972  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:39:13.0724 1972  \Device\Harddisk0\DR0 - ok
15:39:13.0724 1972  ================ Scan VBR ==================================
15:39:13.0755 1972  [ 593B442BAFBD5F5EEB9B591B257DA474 ] \Device\Harddisk0\DR0\Partition1
15:39:13.0755 1972  \Device\Harddisk0\DR0\Partition1 - ok
15:39:13.0771 1972  [ 997254451C7C3716E81070C6F8F4F45E ] \Device\Harddisk0\DR0\Partition2
15:39:13.0771 1972  \Device\Harddisk0\DR0\Partition2 - ok
15:39:13.0771 1972  ============================================================
15:39:13.0771 1972  Scan finished
15:39:13.0771 1972  ============================================================
15:39:13.0787 1696  Detected object count: 3
15:39:13.0787 1696  Actual detected object count: 3
15:47:35.0127 1696  DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
15:47:35.0127 1696  DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:47:35.0127 1696  RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
15:47:35.0127 1696  RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:47:35.0142 1696  TIRmtSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:47:35.0142 1696  TIRmtSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
 

 

Can someone please assist with removal of whatever is screwing up my machine. I think another machine is infected with the same thing as another user is reporting that his machine is now rebooting all of the time.

 

Thanks in advance,

 

 



BC AdBot (Login to Remove)

 


#2 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,086 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:01:23 PM

Posted 18 March 2014 - 03:13 PM

Hi,

 

You got hit with the latest version of Zekos. One of your system files (rpcss.dll) has been patched.

You'll need more advanced tools to replace that file.
 
Please follow the instructions in THIS GUIDE starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it HERE. Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#3 aic007

aic007
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 18 March 2014 - 03:25 PM

did step 6 and created a new post where requested,

 

http://www.bleepingcomputer.com/forums/t/527954/logs-from-dds-regarding-dcom-pnp-error-issue/



#4 hamluis

hamluis

    Moderator


  • Moderator
  • 56,296 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:23 AM

Posted 19 March 2014 - 07:57 AM

MRL topic, http://www.bleepingcomputer.com/forums/t/527954/logs-from-dds-regarding-dcom-pnp-error-issue/ .

 

Now that you are being assisted with your malware log topic in the proper forum, this topic is closed to prevent confusion.

 

Thanks and good luck :).

 

Louis






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users