Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Browser rnning slow and redirecting

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Browser rnning slow and redirecting

Unread postby torreattack » June 20th, 2012, 5:58 pm

Do you have access to Windows installation disc? no, sorry again,

You don't need to say sorry. ;)

Can you first try to attach the MBR file that you backup by Upload attachment which only show when you click on FULL EDITOR or post reply within this page.

Type you message like usual, then click at the browse button at the Upload attachment section,
after you choose you file, don't forget to click the add the file button, wait until the file finish upload.
Submit you message like usual.

Thanks,
torreattack
torreattack
Retired Graduate
 
Posts: 940
Joined: July 27th, 2008, 1:36 am
Advertisement
Register to Remove

Re: Browser rnning slow and redirecting

Unread postby Chrisg2441 » June 20th, 2012, 7:14 pm

Here is the file, oh no it isnt, getting a pop up which says "no bin files"
Chrisg2441
Regular Member
 
Posts: 59
Joined: June 7th, 2012, 6:02 am

Re: Browser rnning slow and redirecting

Unread postby Chrisg2441 » June 20th, 2012, 7:30 pm

i have windows 7 on my external hard drive, any ideas on my last post?
Chrisg2441
Regular Member
 
Posts: 59
Joined: June 7th, 2012, 6:02 am

Re: Browser rnning slow and redirecting

Unread postby torreattack » June 21st, 2012, 5:08 am

Your may try to rename the MBR_YYYY-MM-DD.bin to MBR_YYYY-MM-DD.txt and attach again.

You may do this by right click on that file and choose rename. Ignore the warning about this will make the file unusable and click yes.

I will be back as soon as possible with extra instructions.

thanks,
torreattack
torreattack
Retired Graduate
 
Posts: 940
Joined: July 27th, 2008, 1:36 am

Re: Browser rnning slow and redirecting

Unread postby Chrisg2441 » June 21st, 2012, 4:15 pm

The file you requested as txt, thanks
You do not have the required permissions to view the files attached to this post.
Chrisg2441
Regular Member
 
Posts: 59
Joined: June 7th, 2012, 6:02 am

Re: Browser rnning slow and redirecting

Unread postby torreattack » June 22nd, 2012, 7:41 am

Hi Chrisg2441 :

Let's try the simple method again before we choose the "very complicated" method.

1. RogueKiller
  • Please make sure RogueKiller is located on your desktop.
  • Right click on RogueKiller.exe and select " Run as administrator " to run it.
  • If it does not run, please try a few times.
  • Wait for PreScan to finish and quit RogueKiller.


Please delete any "old" TDSSKiller, and re-download again.

2. TDSSKiller
Please download TDSSKiller.exe and save it to your Desktop.
  • Right click on TDSSKiller.exe and select "Run As Administrator" to run it. If prompted by UAC, please allow it.
  • When the TDSSKiller finish loading, click on Change parameters.
  • Tick the Detect TDLFS file system and click ok.
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • To find the log go to Start > Computer > C:
  • Post the contents of that log in your next reply please.
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT
note:If TDSSKiller still fail to run, try to rename it to other name like agdwm.exe and see whether it can run.


If TDSSKiller still fail to run even after rename, we will try another tools (combofix) before we choose the Very complicated method.

Warning! You should only carry out step 3 only if step 2 fail to run.

Please delete any "old" combofix from your computer, and re-download again.
3. Download and Run ComboFix

  • Please download ComboFix from one of the following links.

    Link 1.

    Link 2.

    **IMPORTANT !!! Save ComboFix.exe to your Desktop**
  • Please disable any Antivirus or Firewall you have active, as shown in this topic. Please close all open application windows.
  • Double click on ComboFix.exe & follow the prompts
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console
Image
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Image

  • Click on Yes, to continue scanning for malware.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply
A word of warning: Neither I nor sUBs are responsible for any damage you may cause to your machine by running ComboFix on your own. This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper



4. Checklist
Please post:
  • TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt
  • Combofix log (only if step 2 fail to start)

Thanks,
torreattack
torreattack
Retired Graduate
 
Posts: 940
Joined: July 27th, 2008, 1:36 am

Re: Browser rnning slow and redirecting

Unread postby Chrisg2441 » June 22nd, 2012, 8:56 am

I have run rogue killer but not fixed anything.

RogueKiller V7.5.4 [06/07/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: cgrabarz [Admin rights]
Mode: Scan -- Date: 06/22/2012 13:53:09

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 8 ¤¤¤
[SUSP PATH] {070A91E5-2E6B-4D05-BDBB-69508D41D1B3}.job @ : C:\Users\cgrabarz\Desktop\aswMBR.exe -> FOUND
[SUSP PATH] {18A9AAF6-29B2-4BD4-AB6D-AD4012E0E946}.job @ : C:\Users\cgrabarz\Desktop\aswMBR.exe -> FOUND
[SUSP PATH] {8E5292F2-8625-4F22-8BE2-86491582A12F}.job @ : C:\Users\cgrabarz\Desktop\aswMBR.exe -> FOUND
[SUSP PATH] {EC3B8D48-E373-4500-AF11-8B63B34C8081}.job @ : C:\Users\cgrabarz\Desktop\aswMBR.exe -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547550A9E384 ATA Device +++++
--- User ---
[MBR] 08069609ae2035ff172a3619e51d429c
[BSP] 25aa688f1fa44ddf8277e6c522f05859 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 399 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 819200 | Size: 237917 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 488073216 | Size: 238613 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 4b13c0c863bf3477e566c040915977fa
[BSP] 25aa688f1fa44ddf8277e6c522f05859 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 399 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 819200 | Size: 237917 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 488073216 | Size: 238613 Mo
3 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 976773120 | Size: 0 Mo

+++++ PhysicalDrive1: Sharkoon Flexi Driver USB Device +++++
--- User ---
[MBR] 16c4f091953b31687c35aef9817e8804
[BSP] 9aff4b05cb1b39a083a574b736aa81ff : Standard MBR Code
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 32 | Size: 124 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
Chrisg2441
Regular Member
 
Posts: 59
Joined: June 7th, 2012, 6:02 am

Re: Browser rnning slow and redirecting

Unread postby Chrisg2441 » June 22nd, 2012, 9:04 am

13:57:30.0258 5432 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
13:57:30.0383 5432 ============================================================
13:57:30.0383 5432 Current date / time: 2012/06/22 13:57:30.0383
13:57:30.0383 5432 SystemInfo:
13:57:30.0383 5432
13:57:30.0383 5432 OS Version: 6.1.7601 ServicePack: 1.0
13:57:30.0383 5432 Product type: Workstation
13:57:30.0383 5432 ComputerName: CGRABARZ-TOSH
13:57:30.0383 5432 UserName: cgrabarz
13:57:30.0383 5432 Windows directory: C:\Windows
13:57:30.0383 5432 System windows directory: C:\Windows
13:57:30.0383 5432 Running under WOW64
13:57:30.0383 5432 Processor architecture: Intel x64
13:57:30.0383 5432 Number of processors: 2
13:57:30.0383 5432 Page size: 0x1000
13:57:30.0383 5432 Boot type: Normal boot
13:57:30.0383 5432 ============================================================
13:57:32.0630 5432 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:57:32.0645 5432 Drive \Device\Harddisk1\DR1 - Size: 0x7D00000 (0.12 Gb), SectorSize: 0x200, Cylinders: 0xF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:57:32.0645 5432 ============================================================
13:57:32.0645 5432 \Device\Harddisk0\DR0:
13:57:32.0661 5432 MBR partitions:
13:57:32.0661 5432 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xC8000, BlocksNum 0x1D0AE800
13:57:32.0661 5432 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D176800, BlocksNum 0x1D20A830
13:57:32.0661 5432 \Device\Harddisk1\DR1:
13:57:32.0661 5432 MBR partitions:
13:57:32.0661 5432 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x3E7DF
13:57:32.0661 5432 ============================================================
13:57:32.0676 5432 C: <-> \Device\Harddisk0\DR0\Partition0
13:57:32.0723 5432 D: <-> \Device\Harddisk0\DR0\Partition1
13:57:32.0723 5432 ============================================================
13:57:32.0723 5432 Initialize success
13:57:32.0723 5432 ============================================================
13:58:33.0080 6868 ============================================================
13:58:33.0080 6868 Scan started
13:58:33.0080 6868 Mode: Manual; TDLFS;
13:58:33.0080 6868 ============================================================
13:58:35.0186 6868 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:58:35.0248 6868 1394ohci - ok
13:58:35.0310 6868 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:58:35.0310 6868 ACPI - ok
13:58:35.0342 6868 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:58:35.0388 6868 AcpiPmi - ok
13:58:35.0466 6868 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:58:35.0560 6868 AdobeARMservice - ok
13:58:35.0747 6868 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:58:35.0747 6868 AdobeFlashPlayerUpdateSvc - ok
13:58:35.0966 6868 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
13:58:36.0044 6868 adp94xx - ok
13:58:36.0137 6868 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
13:58:36.0200 6868 adpahci - ok
13:58:36.0246 6868 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
13:58:36.0293 6868 adpu320 - ok
13:58:36.0340 6868 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:58:36.0340 6868 AeLookupSvc - ok
13:58:36.0496 6868 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:58:36.0558 6868 AFD - ok
13:58:36.0683 6868 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:58:36.0730 6868 agp440 - ok
13:58:36.0855 6868 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:58:36.0933 6868 ALG - ok
13:58:36.0964 6868 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:58:36.0995 6868 aliide - ok
13:58:37.0058 6868 AMD External Events Utility (310f88a93c3b02e3d1f906fb57b9e01e) C:\Windows\system32\atiesrxx.exe
13:58:37.0120 6868 AMD External Events Utility - ok
13:58:37.0136 6868 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:58:37.0167 6868 amdide - ok
13:58:37.0214 6868 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
13:58:37.0245 6868 AmdK8 - ok
13:58:37.0947 6868 amdkmdag (62ddf55680f8c53e4b8dde4189ada0b8) C:\Windows\system32\DRIVERS\atikmdag.sys
13:58:38.0337 6868 amdkmdag - ok
13:58:38.0742 6868 amdkmdap (51f027dffedfb8d763fabffa06b56e6d) C:\Windows\system32\DRIVERS\atikmpag.sys
13:58:38.0789 6868 amdkmdap - ok
13:58:38.0820 6868 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:58:38.0820 6868 AmdPPM - ok
13:58:38.0867 6868 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:58:38.0883 6868 amdsata - ok
13:58:38.0930 6868 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
13:58:38.0961 6868 amdsbs - ok
13:58:38.0992 6868 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:58:39.0008 6868 amdxata - ok
13:58:39.0054 6868 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:58:39.0101 6868 AppID - ok
13:58:39.0148 6868 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:58:39.0148 6868 AppIDSvc - ok
13:58:39.0179 6868 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
13:58:39.0226 6868 Appinfo - ok
13:58:39.0304 6868 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
13:58:39.0335 6868 arc - ok
13:58:39.0366 6868 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
13:58:39.0398 6868 arcsas - ok
13:58:39.0429 6868 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:58:39.0460 6868 AsyncMac - ok
13:58:39.0491 6868 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:58:39.0491 6868 atapi - ok
13:58:39.0725 6868 athr (b2931c83cfb12a3223a47b180473ae1a) C:\Windows\system32\DRIVERS\athrx.sys
13:58:39.0803 6868 athr - ok
13:58:40.0053 6868 AtiHDAudioService (e02b26650acc2f4901342d4a66774ad7) C:\Windows\system32\drivers\AtihdW76.sys
13:58:40.0115 6868 AtiHDAudioService - ok
13:58:40.0209 6868 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:58:40.0302 6868 AudioEndpointBuilder - ok
13:58:40.0334 6868 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:58:40.0349 6868 AudioSrv - ok
13:58:40.0396 6868 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
13:58:40.0443 6868 AxInstSV - ok
13:58:40.0568 6868 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
13:58:40.0630 6868 b06bdrv - ok
13:58:40.0708 6868 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:58:40.0739 6868 b57nd60a - ok
13:58:40.0848 6868 BBSvc (0d1ea7509f394d8b705b239ee71f5118) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
13:58:40.0926 6868 BBSvc - ok
13:58:40.0973 6868 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:58:41.0004 6868 BDESVC - ok
13:58:41.0082 6868 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:58:41.0114 6868 Beep - ok
13:58:41.0223 6868 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
13:58:41.0270 6868 BFE - ok
13:58:41.0379 6868 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
13:58:41.0472 6868 BITS - ok
13:58:41.0691 6868 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
13:58:41.0738 6868 blbdrive - ok
13:58:41.0862 6868 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
13:58:42.0018 6868 Bonjour Service - ok
13:58:42.0050 6868 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:58:42.0050 6868 bowser - ok
13:58:42.0081 6868 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
13:58:42.0096 6868 BrFiltLo - ok
13:58:42.0128 6868 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
13:58:42.0159 6868 BrFiltUp - ok
13:58:42.0221 6868 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
13:58:42.0268 6868 BridgeMP - ok
13:58:42.0330 6868 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
13:58:42.0346 6868 Browser - ok
13:58:42.0393 6868 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:58:42.0424 6868 Brserid - ok
13:58:42.0471 6868 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:58:42.0486 6868 BrSerWdm - ok
13:58:42.0518 6868 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:58:42.0533 6868 BrUsbMdm - ok
13:58:42.0564 6868 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:58:42.0596 6868 BrUsbSer - ok
13:58:42.0611 6868 BtFilter (2347abbd13bada65826fdab4caafe357) C:\Windows\system32\DRIVERS\btfilter.sys
13:58:42.0642 6868 BtFilter - ok
13:58:42.0674 6868 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
13:58:42.0705 6868 BTHMODEM - ok
13:58:42.0767 6868 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:58:42.0830 6868 bthserv - ok
13:58:42.0892 6868 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:58:42.0923 6868 cdfs - ok
13:58:42.0970 6868 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:58:43.0017 6868 cdrom - ok
13:58:43.0079 6868 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:58:43.0095 6868 CertPropSvc - ok
13:58:43.0235 6868 cfWiMAXService (41e7c4fa6491747402cfca77cc1c7aab) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
13:58:43.0313 6868 cfWiMAXService - ok
13:58:43.0360 6868 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
13:58:43.0376 6868 circlass - ok
13:58:43.0438 6868 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:58:43.0454 6868 CLFS - ok
13:58:43.0563 6868 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:58:43.0672 6868 clr_optimization_v2.0.50727_32 - ok
13:58:43.0734 6868 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:58:43.0797 6868 clr_optimization_v2.0.50727_64 - ok
13:58:43.0875 6868 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:58:44.0078 6868 clr_optimization_v4.0.30319_32 - ok
13:58:44.0140 6868 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:58:44.0187 6868 clr_optimization_v4.0.30319_64 - ok
13:58:44.0374 6868 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
13:58:44.0405 6868 CmBatt - ok
13:58:44.0436 6868 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:58:44.0483 6868 cmdide - ok
13:58:44.0577 6868 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
13:58:44.0577 6868 CNG - ok
13:58:44.0842 6868 CnxtHdAudService (66847c979893a11cfcc2280e772d7ea1) C:\Windows\system32\drivers\CHDRT64.sys
13:58:44.0951 6868 CnxtHdAudService - ok
13:58:45.0170 6868 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
13:58:45.0170 6868 Compbatt - ok
13:58:45.0216 6868 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:58:45.0263 6868 CompositeBus - ok
13:58:45.0279 6868 COMSysApp - ok
13:58:45.0372 6868 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
13:58:45.0419 6868 ConfigFree Service - ok
13:58:45.0450 6868 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
13:58:45.0482 6868 crcdisk - ok
13:58:45.0544 6868 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
13:58:45.0575 6868 CryptSvc - ok
13:58:45.0762 6868 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:58:45.0840 6868 cvhsvc - ok
13:58:46.0059 6868 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:58:46.0059 6868 DcomLaunch - ok
13:58:46.0152 6868 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:58:46.0152 6868 defragsvc - ok
13:58:46.0246 6868 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:58:46.0246 6868 DfsC - ok
13:58:46.0324 6868 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
13:58:46.0386 6868 Dhcp - ok
13:58:46.0418 6868 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:58:46.0433 6868 discache - ok
13:58:46.0480 6868 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
13:58:46.0480 6868 Disk - ok
13:58:46.0527 6868 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
13:58:46.0558 6868 Dnscache - ok
13:58:46.0605 6868 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
13:58:46.0636 6868 dot3svc - ok
13:58:46.0683 6868 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
13:58:46.0698 6868 DPS - ok
13:58:46.0776 6868 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:58:46.0808 6868 drmkaud - ok
13:58:46.0901 6868 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:58:46.0979 6868 DXGKrnl - ok
13:58:47.0151 6868 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:58:47.0198 6868 EapHost - ok
13:58:47.0510 6868 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
13:58:47.0619 6868 ebdrv - ok
13:58:47.0806 6868 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
13:58:47.0853 6868 EFS - ok
13:58:47.0978 6868 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
13:58:47.0978 6868 ehRecvr - ok
13:58:48.0009 6868 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:58:48.0087 6868 ehSched - ok
13:58:48.0321 6868 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
13:58:48.0383 6868 elxstor - ok
13:58:48.0414 6868 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:58:48.0430 6868 ErrDev - ok
13:58:48.0539 6868 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:58:48.0555 6868 EventSystem - ok
13:58:48.0851 6868 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:58:48.0898 6868 exfat - ok
13:58:48.0945 6868 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:58:48.0945 6868 fastfat - ok
13:58:49.0038 6868 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
13:58:49.0101 6868 Fax - ok
13:58:49.0163 6868 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
13:58:49.0210 6868 fdc - ok
13:58:49.0241 6868 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:58:49.0288 6868 fdPHost - ok
13:58:49.0304 6868 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:58:49.0350 6868 FDResPub - ok
13:58:49.0382 6868 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:58:49.0382 6868 FileInfo - ok
13:58:49.0413 6868 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:58:49.0444 6868 Filetrace - ok
13:58:49.0475 6868 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
13:58:49.0491 6868 flpydisk - ok
13:58:49.0569 6868 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:58:49.0569 6868 FltMgr - ok
13:58:49.0694 6868 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
13:58:49.0741 6868 FontCache - ok
13:58:49.0850 6868 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:58:49.0943 6868 FontCache3.0.0.0 - ok
13:58:50.0131 6868 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:58:50.0177 6868 FsDepends - ok
13:58:50.0209 6868 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys
13:58:50.0255 6868 fssfltr - ok
13:58:50.0458 6868 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:58:50.0552 6868 fsssvc - ok
13:58:50.0770 6868 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
13:58:50.0801 6868 Fs_Rec - ok
13:58:50.0864 6868 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:58:50.0864 6868 fvevol - ok
13:58:50.0895 6868 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
13:58:50.0926 6868 gagp30kx - ok
13:58:51.0020 6868 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
13:58:51.0082 6868 gpsvc - ok
13:58:51.0191 6868 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:58:51.0191 6868 gupdate - ok
13:58:51.0223 6868 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:58:51.0223 6868 gupdatem - ok
13:58:51.0269 6868 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:58:51.0363 6868 gusvc - ok
13:58:51.0566 6868 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:58:51.0597 6868 hcw85cir - ok
13:58:51.0675 6868 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:58:51.0737 6868 HdAudAddService - ok
13:58:51.0800 6868 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:58:51.0800 6868 HDAudBus - ok
13:58:51.0831 6868 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
13:58:51.0862 6868 HidBatt - ok
13:58:51.0878 6868 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
13:58:51.0909 6868 HidBth - ok
13:58:51.0956 6868 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
13:58:51.0971 6868 HidIr - ok
13:58:52.0018 6868 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
13:58:52.0034 6868 hidserv - ok
13:58:52.0081 6868 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
13:58:52.0112 6868 HidUsb - ok
13:58:52.0174 6868 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
13:58:52.0252 6868 hkmsvc - ok
13:58:52.0315 6868 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
13:58:52.0393 6868 HomeGroupListener - ok
13:58:52.0439 6868 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
13:58:52.0471 6868 HomeGroupProvider - ok
13:58:52.0517 6868 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:58:52.0549 6868 HpSAMD - ok
13:58:52.0642 6868 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:58:52.0720 6868 HTTP - ok
13:58:52.0939 6868 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:58:52.0939 6868 hwpolicy - ok
13:58:53.0001 6868 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
13:58:53.0048 6868 i8042prt - ok
13:58:53.0126 6868 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:58:53.0173 6868 iaStorV - ok
13:58:53.0297 6868 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
13:58:53.0344 6868 IDriverT - ok
13:58:53.0500 6868 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:58:53.0750 6868 idsvc - ok
13:58:53.0953 6868 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
13:58:53.0999 6868 iirsp - ok
13:58:54.0093 6868 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
13:58:54.0140 6868 IKEEXT - ok
13:58:54.0358 6868 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:58:54.0421 6868 intelide - ok
13:58:54.0452 6868 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
13:58:54.0483 6868 intelppm - ok
13:58:54.0530 6868 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:58:54.0561 6868 IPBusEnum - ok
13:58:54.0608 6868 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:58:54.0623 6868 IpFilterDriver - ok
13:58:54.0701 6868 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
13:58:54.0748 6868 iphlpsvc - ok
13:58:54.0811 6868 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:58:54.0842 6868 IPMIDRV - ok
13:58:54.0873 6868 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:58:54.0904 6868 IPNAT - ok
13:58:54.0951 6868 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:58:54.0998 6868 IRENUM - ok
13:58:55.0029 6868 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:58:55.0060 6868 isapnp - ok
13:58:55.0123 6868 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:58:55.0169 6868 iScsiPrt - ok
13:58:55.0201 6868 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:58:55.0247 6868 kbdclass - ok
13:58:55.0263 6868 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
13:58:55.0294 6868 kbdhid - ok
13:58:55.0341 6868 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:58:55.0341 6868 KeyIso - ok
13:58:55.0372 6868 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
13:58:55.0372 6868 KSecDD - ok
13:58:55.0403 6868 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
13:58:55.0419 6868 KSecPkg - ok
13:58:55.0435 6868 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:58:55.0466 6868 ksthunk - ok
13:58:55.0528 6868 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:58:55.0591 6868 KtmRm - ok
13:58:55.0653 6868 L1C (045fb70bc993b691517ce309045ff02d) C:\Windows\system32\DRIVERS\L1C62x64.sys
13:58:55.0684 6868 L1C - ok
13:58:55.0747 6868 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
13:58:55.0793 6868 LanmanServer - ok
13:58:55.0840 6868 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
13:58:55.0887 6868 LanmanWorkstation - ok
13:58:55.0934 6868 LgBttPort (174803f2eea3b22165dfe0e5a1f20685) C:\Windows\system32\DRIVERS\lgbtpt64.sys
13:58:55.0965 6868 LgBttPort - ok
13:58:55.0981 6868 lgbusenum (565f93bb7c0361e61b3daea670c354d6) C:\Windows\system32\DRIVERS\lgbtbs64.sys
13:58:55.0981 6868 lgbusenum - ok
13:58:56.0012 6868 LGVMODEM (abf477857b7ced873362ec92c6ce10a7) C:\Windows\system32\DRIVERS\lgvmdm64.sys
13:58:56.0027 6868 LGVMODEM - ok
13:58:56.0090 6868 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:58:56.0121 6868 lltdio - ok
13:58:56.0183 6868 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:58:56.0277 6868 lltdsvc - ok
13:58:56.0308 6868 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:58:56.0339 6868 lmhosts - ok
13:58:56.0402 6868 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
13:58:56.0449 6868 LSI_FC - ok
13:58:56.0495 6868 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
13:58:56.0527 6868 LSI_SAS - ok
13:58:56.0573 6868 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
13:58:56.0605 6868 LSI_SAS2 - ok
13:58:56.0636 6868 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
13:58:56.0667 6868 LSI_SCSI - ok
13:58:56.0714 6868 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:58:56.0714 6868 luafv - ok
13:58:56.0761 6868 MBAMProtector - ok
13:58:56.0917 6868 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:58:56.0995 6868 MBAMService - ok
13:58:57.0166 6868 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
13:58:57.0260 6868 Mcx2Svc - ok
13:58:57.0338 6868 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
13:58:57.0385 6868 megasas - ok
13:58:57.0431 6868 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
13:58:57.0478 6868 MegaSR - ok
13:58:57.0525 6868 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:58:57.0525 6868 MMCSS - ok
13:58:57.0572 6868 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:58:57.0603 6868 Modem - ok
13:58:57.0619 6868 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:58:57.0619 6868 monitor - ok
13:58:57.0665 6868 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:58:57.0697 6868 mouclass - ok
13:58:57.0759 6868 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:58:57.0790 6868 mouhid - ok
13:58:57.0821 6868 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:58:57.0821 6868 mountmgr - ok
13:58:57.0853 6868 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:58:57.0899 6868 mpio - ok
13:58:57.0915 6868 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:58:57.0946 6868 mpsdrv - ok
13:58:58.0055 6868 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
13:58:58.0071 6868 MpsSvc - ok
13:58:58.0274 6868 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:58:58.0336 6868 MRxDAV - ok
13:58:58.0367 6868 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:58:58.0367 6868 mrxsmb - ok
13:58:58.0414 6868 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:58:58.0414 6868 mrxsmb10 - ok
13:58:58.0461 6868 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:58:58.0461 6868 mrxsmb20 - ok
13:58:58.0477 6868 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\DRIVERS\msahci.sys
13:58:58.0492 6868 msahci - ok
13:58:58.0523 6868 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:58:58.0555 6868 msdsm - ok
13:58:58.0601 6868 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:58:58.0695 6868 MSDTC - ok
13:58:58.0742 6868 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:58:58.0742 6868 Msfs - ok
13:58:58.0773 6868 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:58:58.0804 6868 mshidkmdf - ok
13:58:58.0835 6868 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:58:58.0835 6868 msisadrv - ok
13:58:58.0882 6868 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:58:58.0991 6868 MSiSCSI - ok
13:58:58.0991 6868 msiserver - ok
13:58:59.0054 6868 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:58:59.0069 6868 MSKSSRV - ok
13:58:59.0085 6868 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:58:59.0116 6868 MSPCLOCK - ok
13:58:59.0147 6868 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:58:59.0163 6868 MSPQM - ok
13:58:59.0210 6868 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:58:59.0225 6868 MsRPC - ok
13:58:59.0272 6868 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:58:59.0272 6868 mssmbios - ok
13:58:59.0303 6868 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:58:59.0319 6868 MSTEE - ok
13:58:59.0335 6868 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
13:58:59.0366 6868 MTConfig - ok
13:58:59.0381 6868 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:58:59.0381 6868 Mup - ok
13:58:59.0475 6868 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
13:58:59.0537 6868 napagent - ok
13:58:59.0615 6868 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:58:59.0662 6868 NativeWifiP - ok
13:58:59.0803 6868 NAUpdate (13aa2130f2a104dd775ead0f0ee5417b) c:\Program Files (x86)\Nero\Update\NASvc.exe
13:58:59.0927 6868 NAUpdate - ok
13:59:00.0208 6868 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:59:00.0224 6868 NDIS - ok
13:59:00.0427 6868 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:59:00.0473 6868 NdisCap - ok
13:59:00.0505 6868 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:59:00.0536 6868 NdisTapi - ok
13:59:00.0551 6868 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:59:00.0583 6868 Ndisuio - ok
13:59:00.0629 6868 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:59:00.0645 6868 NdisWan - ok
13:59:00.0676 6868 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:59:00.0707 6868 NDProxy - ok
13:59:00.0739 6868 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:59:00.0739 6868 NetBIOS - ok
13:59:00.0770 6868 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:59:00.0801 6868 NetBT - ok
13:59:00.0848 6868 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:59:00.0848 6868 Netlogon - ok
13:59:00.0926 6868 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:59:00.0988 6868 Netman - ok
13:59:01.0051 6868 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:59:01.0066 6868 netprofm - ok
13:59:01.0175 6868 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:59:01.0347 6868 NetTcpPortSharing - ok
13:59:01.0441 6868 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
13:59:01.0487 6868 nfrd960 - ok
13:59:01.0565 6868 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
13:59:01.0581 6868 NlaSvc - ok
13:59:01.0612 6868 NMgamingmsFltr (fbca3fd51604147770eb4fb53d6144a8) C:\Windows\system32\drivers\NMgamingms.sys
13:59:01.0659 6868 NMgamingmsFltr - ok
13:59:01.0675 6868 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:59:01.0675 6868 Npfs - ok
13:59:01.0721 6868 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:59:01.0753 6868 nsi - ok
13:59:01.0799 6868 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:59:01.0815 6868 nsiproxy - ok
13:59:01.0971 6868 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:59:02.0002 6868 Ntfs - ok
13:59:02.0205 6868 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:59:02.0267 6868 Null - ok
13:59:02.0299 6868 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:59:02.0345 6868 nvraid - ok
13:59:02.0377 6868 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:59:02.0408 6868 nvstor - ok
13:59:02.0455 6868 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:59:02.0470 6868 nv_agp - ok
13:59:02.0501 6868 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:59:02.0533 6868 ohci1394 - ok
13:59:02.0689 6868 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:59:02.0767 6868 ose - ok
13:59:03.0172 6868 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:59:03.0765 6868 osppsvc - ok
13:59:03.0983 6868 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:59:04.0015 6868 p2pimsvc - ok
13:59:04.0061 6868 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:59:04.0108 6868 p2psvc - ok
13:59:04.0186 6868 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
13:59:04.0217 6868 Parport - ok
13:59:04.0249 6868 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
13:59:04.0249 6868 partmgr - ok
13:59:04.0311 6868 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:59:04.0373 6868 PcaSvc - ok
13:59:04.0420 6868 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:59:04.0436 6868 pci - ok
13:59:04.0451 6868 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
13:59:04.0451 6868 pciide - ok
13:59:04.0483 6868 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
13:59:04.0529 6868 pcmcia - ok
13:59:04.0592 6868 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:59:04.0592 6868 pcw - ok
13:59:04.0670 6868 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:59:04.0732 6868 PEAUTH - ok
13:59:04.0919 6868 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:59:04.0966 6868 PerfHost - ok
13:59:05.0153 6868 PGEffect (91111cebbde8015e822c46120ed9537c) C:\Windows\system32\DRIVERS\pgeffect.sys
13:59:05.0200 6868 PGEffect - ok
13:59:05.0356 6868 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
13:59:05.0434 6868 pla - ok
13:59:05.0653 6868 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
13:59:05.0699 6868 PlugPlay - ok
13:59:05.0746 6868 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:59:05.0777 6868 PNRPAutoReg - ok
13:59:05.0824 6868 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:59:05.0824 6868 PNRPsvc - ok
13:59:05.0902 6868 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
13:59:05.0996 6868 PolicyAgent - ok
13:59:06.0043 6868 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:59:06.0074 6868 Power - ok
13:59:06.0183 6868 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:59:06.0230 6868 PptpMiniport - ok
13:59:06.0261 6868 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
13:59:06.0277 6868 Processor - ok
13:59:06.0339 6868 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
13:59:06.0386 6868 ProfSvc - ok
13:59:06.0417 6868 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:59:06.0433 6868 ProtectedStorage - ok
13:59:06.0479 6868 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:59:06.0511 6868 Psched - ok
13:59:06.0542 6868 QIOMem (c8fcb4899f8b70cc34e0d9876a80963c) C:\Windows\system32\drivers\QIOMem.sys
13:59:06.0573 6868 QIOMem - ok
13:59:06.0713 6868 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
13:59:06.0807 6868 ql2300 - ok
13:59:07.0010 6868 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
13:59:07.0041 6868 ql40xx - ok
13:59:07.0103 6868 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:59:07.0150 6868 QWAVE - ok
13:59:07.0181 6868 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:59:07.0213 6868 QWAVEdrv - ok
13:59:07.0228 6868 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:59:07.0259 6868 RasAcd - ok
13:59:07.0306 6868 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:59:07.0337 6868 RasAgileVpn - ok
13:59:07.0384 6868 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:59:07.0509 6868 RasAuto - ok
13:59:07.0540 6868 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:59:07.0571 6868 Rasl2tp - ok
13:59:07.0634 6868 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
13:59:07.0681 6868 RasMan - ok
13:59:07.0727 6868 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:59:07.0759 6868 RasPppoe - ok
13:59:07.0790 6868 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:59:07.0821 6868 RasSstp - ok
13:59:07.0868 6868 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:59:07.0883 6868 rdbss - ok
13:59:07.0899 6868 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
13:59:07.0930 6868 rdpbus - ok
13:59:07.0977 6868 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:59:07.0993 6868 RDPCDD - ok
13:59:08.0024 6868 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:59:08.0055 6868 RDPENCDD - ok
13:59:08.0071 6868 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:59:08.0102 6868 RDPREFMP - ok
13:59:08.0149 6868 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
13:59:08.0180 6868 RDPWD - ok
13:59:08.0242 6868 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:59:08.0242 6868 rdyboost - ok
13:59:08.0289 6868 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:59:08.0320 6868 RemoteAccess - ok
13:59:08.0383 6868 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:59:08.0414 6868 RemoteRegistry - ok
13:59:08.0445 6868 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:59:08.0476 6868 RpcEptMapper - ok
13:59:08.0523 6868 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:59:08.0554 6868 RpcLocator - ok
13:59:08.0617 6868 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:59:08.0617 6868 RpcSs - ok
13:59:08.0710 6868 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:59:08.0726 6868 rspndr - ok
13:59:08.0788 6868 RSUSBSTOR (135a64530d7699ad48f29d73a658dd11) C:\Windows\system32\Drivers\RtsUStor.sys
13:59:08.0819 6868 RSUSBSTOR - ok
13:59:08.0866 6868 RSUSBVSTOR (e54a5586a28d0630a79a68bbab84bfcf) C:\Windows\system32\Drivers\RTSUVSTOR.sys
13:59:08.0913 6868 RSUSBVSTOR - ok
13:59:08.0944 6868 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:59:08.0944 6868 SamSs - ok
13:59:09.0100 6868 SAVAdminService (bd57b12fa4c21b1ce7da3570410bf12d) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
13:59:09.0100 6868 SAVAdminService - ok
13:59:09.0209 6868 SAVOnAccess (d9057e8ca97628e275979a09ea66b34b) C:\Windows\system32\DRIVERS\savonaccess.sys
13:59:09.0225 6868 SAVOnAccess - ok
13:59:09.0287 6868 SAVService (836aec603665f6db83965ee57b3dcf57) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
13:59:09.0350 6868 SAVService - ok
13:59:09.0381 6868 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:59:09.0412 6868 sbp2port - ok
13:59:09.0459 6868 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:59:09.0490 6868 SCardSvr - ok
13:59:09.0521 6868 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:59:09.0553 6868 scfilter - ok
13:59:09.0646 6868 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
13:59:09.0693 6868 Schedule - ok
13:59:09.0880 6868 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:59:09.0880 6868 SCPolicySvc - ok
13:59:09.0927 6868 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
13:59:09.0989 6868 SDRSVC - ok
13:59:10.0067 6868 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
13:59:10.0145 6868 SeaPort - ok
13:59:10.0223 6868 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:59:10.0255 6868 secdrv - ok
13:59:10.0301 6868 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
13:59:10.0333 6868 seclogon - ok
13:59:10.0364 6868 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
13:59:10.0364 6868 SENS - ok
13:59:10.0411 6868 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:59:10.0442 6868 SensrSvc - ok
13:59:10.0457 6868 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
13:59:10.0489 6868 Serenum - ok
13:59:10.0520 6868 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
13:59:10.0551 6868 Serial - ok
13:59:10.0582 6868 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
13:59:10.0613 6868 sermouse - ok
13:59:10.0676 6868 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
13:59:10.0691 6868 SessionEnv - ok
13:59:10.0738 6868 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:59:10.0769 6868 sffdisk - ok
13:59:10.0785 6868 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:59:10.0801 6868 sffp_mmc - ok
13:59:10.0832 6868 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:59:10.0847 6868 sffp_sd - ok
13:59:10.0879 6868 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
13:59:10.0894 6868 sfloppy - ok
13:59:11.0019 6868 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
13:59:11.0097 6868 Sftfs - ok
13:59:11.0222 6868 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:59:11.0284 6868 sftlist - ok
13:59:11.0534 6868 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:59:11.0581 6868 Sftplay - ok
13:59:11.0612 6868 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:59:11.0612 6868 Sftredir - ok
13:59:11.0643 6868 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
13:59:11.0674 6868 Sftvol - ok
13:59:11.0783 6868 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:59:11.0846 6868 sftvsa - ok
13:59:11.0908 6868 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:59:12.0610 6868 SharedAccess - ok
13:59:12.0673 6868 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
13:59:12.0735 6868 ShellHWDetection - ok
13:59:12.0813 6868 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
13:59:12.0860 6868 SiSRaid2 - ok
13:59:12.0891 6868 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
13:59:12.0922 6868 SiSRaid4 - ok
13:59:12.0953 6868 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:59:12.0985 6868 Smb - ok
13:59:13.0047 6868 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:59:13.0078 6868 SNMPTRAP - ok
13:59:13.0219 6868 Sophos AutoUpdate Service (b5774835a13b5ed31378aabd07746262) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
13:59:13.0219 6868 Sophos AutoUpdate Service - ok
13:59:13.0297 6868 SophosBootDriver (69fbe35a8165adbc313aa7f64b868ca1) C:\Windows\system32\DRIVERS\SophosBootDriver.sys
13:59:13.0343 6868 SophosBootDriver - ok
13:59:13.0375 6868 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:59:13.0375 6868 spldr - ok
13:59:13.0453 6868 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
13:59:13.0609 6868 Spooler - ok
13:59:13.0889 6868 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
13:59:14.0326 6868 sppsvc - ok
13:59:14.0513 6868 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:59:14.0560 6868 sppuinotify - ok
13:59:14.0685 6868 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:59:14.0685 6868 srv - ok
13:59:14.0732 6868 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:59:14.0732 6868 srv2 - ok
13:59:14.0794 6868 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:59:14.0825 6868 SrvHsfHDA - ok
13:59:14.0966 6868 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:59:15.0013 6868 SrvHsfV92 - ok
13:59:15.0293 6868 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:59:15.0371 6868 SrvHsfWinac - ok
13:59:15.0590 6868 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:59:15.0590 6868 srvnet - ok
13:59:15.0637 6868 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
13:59:15.0699 6868 ssadbus - ok
13:59:15.0746 6868 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
13:59:15.0808 6868 ssadmdfl - ok
13:59:15.0871 6868 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
13:59:15.0917 6868 ssadmdm - ok
13:59:15.0995 6868 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:59:16.0027 6868 SSDPSRV - ok
13:59:16.0058 6868 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:59:16.0105 6868 SstpSvc - ok
13:59:16.0136 6868 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
13:59:16.0183 6868 stexstor - ok
13:59:16.0292 6868 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
13:59:16.0354 6868 stisvc - ok
13:59:16.0432 6868 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:59:16.0479 6868 swenum - ok
13:59:16.0760 6868 swi_service (aa5ca4a5f87c1576ff550a0372b3ed84) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
13:59:17.0181 6868 swi_service - ok
13:59:17.0384 6868 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:59:17.0431 6868 swprv - ok
13:59:17.0618 6868 SynTP (f5b46df59feaa48a442aed7eeb754d4b) C:\Windows\system32\DRIVERS\SynTP.sys
13:59:17.0727 6868 SynTP - ok
13:59:18.0055 6868 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
13:59:18.0133 6868 SysMain - ok
13:59:18.0304 6868 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
13:59:18.0367 6868 TabletInputService - ok
13:59:18.0413 6868 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
13:59:18.0476 6868 TapiSrv - ok
13:59:18.0507 6868 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:59:18.0523 6868 TBS - ok
13:59:18.0772 6868 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
13:59:18.0803 6868 Tcpip - ok
13:59:19.0178 6868 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
13:59:19.0193 6868 TCPIP6 - ok
13:59:19.0412 6868 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:59:19.0443 6868 tcpipreg - ok
13:59:19.0474 6868 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\Windows\system32\DRIVERS\tdcmdpst.sys
13:59:19.0505 6868 tdcmdpst - ok
13:59:19.0552 6868 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:59:19.0583 6868 TDPIPE - ok
13:59:19.0599 6868 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
13:59:19.0630 6868 TDTCP - ok
13:59:19.0661 6868 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:59:19.0693 6868 tdx - ok
13:59:19.0786 6868 TemproMonitoringService (1b709733a04dcc41a63f9cd1f76a4ebe) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
13:59:19.0942 6868 TemproMonitoringService - ok
13:59:19.0973 6868 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:59:20.0005 6868 TermDD - ok
13:59:20.0098 6868 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
13:59:20.0145 6868 TermService - ok
13:59:20.0161 6868 Themes (9201be2bab8a9ff8e20d8439ae3bb04d) C:\Windows\system32\themeservice.dll
13:59:20.0192 6868 Themes - ok
13:59:20.0239 6868 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:59:20.0239 6868 THREADORDER - ok
13:59:20.0332 6868 TMachInfo (f120967184a27e927052e8ddbb727851) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
13:59:20.0441 6868 TMachInfo - ok
13:59:20.0504 6868 TODDSrv (8e2c799d3476eac32c3ba0df7ce6af19) C:\Windows\system32\TODDSrv.exe
13:59:20.0597 6868 TODDSrv - ok
13:59:20.0707 6868 ToolkitDisk (5c248e03921137e131ac5f1459fd42c9) C:\Windows\system32\Drivers\toolkitdisk.sys
13:59:20.0753 6868 ToolkitDisk - ok
13:59:20.0863 6868 ToolkitSvc (656db27c5b900edba35dedec38bf7d03) C:\Program Files (x86)\ToolKitService\ToolkitService.exe
13:59:21.0362 6868 ToolkitSvc - ok
13:59:21.0533 6868 TosCoSrv (cdc97fa5c42b07fb0d4600e17c32f582) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
13:59:21.0627 6868 TosCoSrv - ok
13:59:21.0736 6868 TOSHIBA Bluetooth Service (a22deb5ec05febfdca1d3ff70fa1ff46) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
13:59:21.0799 6868 TOSHIBA Bluetooth Service - ok
13:59:21.0892 6868 TOSHIBA eco Utility Service (d33d5588576b04fc489dccc66e98f546) C:\Program Files\TOSHIBA\TECO\TecoService.exe
13:59:21.0970 6868 TOSHIBA eco Utility Service - ok
13:59:22.0048 6868 TOSHIBA HDD SSD Alert Service (edb4b432db13ea3d1eb2356310d33263) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
13:59:22.0079 6868 TOSHIBA HDD SSD Alert Service - ok
13:59:22.0298 6868 tosporte (8021f63311797085949fa387f7c83583) C:\Windows\system32\DRIVERS\tosporte.sys
13:59:22.0345 6868 tosporte - ok
13:59:22.0407 6868 tosrfbd (42fe79002c97c850f3928735050827bb) C:\Windows\system32\DRIVERS\tosrfbd.sys
13:59:22.0438 6868 tosrfbd - ok
13:59:22.0485 6868 tosrfbnp (90f0b1745abf13f44c2a6ed79f7ce9fb) C:\Windows\system32\Drivers\tosrfbnp.sys
13:59:22.0516 6868 tosrfbnp - ok
13:59:22.0547 6868 Tosrfcom (9e4e65ea51e34647340bd6007467ac54) C:\Windows\system32\Drivers\tosrfcom.sys
13:59:22.0579 6868 Tosrfcom - ok
13:59:22.0625 6868 tosrfec (f5e3ac4cbcd154ee80849b21887fd0b0) C:\Windows\system32\DRIVERS\tosrfec.sys
13:59:22.0641 6868 tosrfec - ok
13:59:22.0672 6868 Tosrfhid (7d2467d3eb9baa4b69ae4a28c83de57a) C:\Windows\system32\DRIVERS\Tosrfhid.sys
13:59:22.0703 6868 Tosrfhid - ok
13:59:22.0735 6868 tosrfnds (b6fdc3c76ffe9c5171eea9c37ea367c2) C:\Windows\system32\DRIVERS\tosrfnds.sys
13:59:22.0766 6868 tosrfnds - ok
13:59:22.0813 6868 TosRfSnd (7052b10e54b48af12bd5606596a8e039) C:\Windows\system32\drivers\tosrfsnd.sys
13:59:22.0828 6868 TosRfSnd - ok
13:59:22.0859 6868 Tosrfusb (7a0048693f98460ff537be31c741b927) C:\Windows\system32\DRIVERS\tosrfusb.sys
13:59:22.0891 6868 Tosrfusb - ok
13:59:23.0047 6868 TPCHSrv (098b8a408c17e125a3d9a8e1166780c8) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
13:59:23.0187 6868 TPCHSrv - ok
13:59:23.0374 6868 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:59:23.0421 6868 TrkWks - ok
13:59:23.0515 6868 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
13:59:23.0546 6868 TrustedInstaller - ok
13:59:23.0624 6868 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:59:23.0655 6868 tssecsrv - ok
13:59:23.0686 6868 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:59:23.0717 6868 TsUsbFlt - ok
13:59:23.0733 6868 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
13:59:23.0764 6868 TsUsbGD - ok
13:59:23.0827 6868 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:59:23.0873 6868 tunnel - ok
13:59:23.0905 6868 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
13:59:23.0905 6868 TVALZ - ok
13:59:23.0936 6868 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\Windows\system32\DRIVERS\TVALZFL.sys
13:59:23.0967 6868 TVALZFL - ok
13:59:23.0983 6868 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
13:59:24.0014 6868 uagp35 - ok
13:59:24.0061 6868 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:59:24.0107 6868 udfs - ok
13:59:24.0154 6868 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:59:24.0185 6868 UI0Detect - ok
13:59:24.0217 6868 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:59:24.0248 6868 uliagpkx - ok
13:59:24.0310 6868 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
13:59:24.0341 6868 umbus - ok
13:59:24.0388 6868 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:59:24.0419 6868 UmPass - ok
13:59:24.0482 6868 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:59:24.0497 6868 upnphost - ok
13:59:24.0544 6868 usbbus (5fcc71487888589a9244af54cfefab29) C:\Windows\system32\DRIVERS\lgx64bus.sys
13:59:24.0575 6868 usbbus - ok
13:59:24.0607 6868 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:59:24.0638 6868 usbccgp - ok
13:59:24.0685 6868 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:59:24.0716 6868 usbcir - ok
13:59:24.0747 6868 UsbDiag (3fb6e423f7567c92c32ea786f5fd0c69) C:\Windows\system32\DRIVERS\lgx64diag.sys
13:59:24.0778 6868 UsbDiag - ok
13:59:24.0809 6868 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
13:59:24.0825 6868 usbehci - ok
13:59:24.0887 6868 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:59:24.0934 6868 usbhub - ok
13:59:24.0965 6868 USBModem (78d551f5b93488b4666f5fc8dd4815f3) C:\Windows\system32\DRIVERS\lgx64modem.sys
13:59:24.0997 6868 USBModem - ok
13:59:25.0028 6868 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
13:59:25.0059 6868 usbohci - ok
13:59:25.0090 6868 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:59:25.0121 6868 usbprint - ok
13:59:25.0153 6868 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:59:25.0184 6868 USBSTOR - ok
13:59:25.0199 6868 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:59:25.0231 6868 usbuhci - ok
13:59:25.0293 6868 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
13:59:25.0324 6868 usbvideo - ok
13:59:25.0355 6868 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:59:25.0387 6868 UxSms - ok
13:59:25.0433 6868 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:59:25.0433 6868 VaultSvc - ok
13:59:25.0465 6868 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:59:25.0465 6868 vdrvroot - ok
13:59:25.0558 6868 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
13:59:25.0621 6868 vds - ok
13:59:25.0652 6868 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:59:25.0683 6868 vga - ok
13:59:25.0699 6868 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:59:25.0730 6868 VgaSave - ok
13:59:25.0777 6868 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:59:25.0823 6868 vhdmp - ok
13:59:25.0839 6868 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:59:25.0886 6868 viaide - ok
13:59:25.0917 6868 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:59:25.0917 6868 volmgr - ok
13:59:25.0995 6868 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:59:25.0995 6868 volmgrx - ok
13:59:26.0057 6868 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:59:26.0057 6868 volsnap - ok
13:59:26.0104 6868 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
13:59:26.0151 6868 vsmraid - ok
13:59:26.0323 6868 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
13:59:26.0385 6868 VSS - ok
13:59:26.0619 6868 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:59:26.0666 6868 vwifibus - ok
13:59:26.0697 6868 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:59:26.0728 6868 vwififlt - ok
13:59:26.0759 6868 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
13:59:26.0791 6868 vwifimp - ok
13:59:26.0837 6868 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:59:26.0853 6868 W32Time - ok
13:59:26.0884 6868 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
13:59:26.0915 6868 WacomPen - ok
13:59:26.0962 6868 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:59:26.0978 6868 WANARP - ok
13:59:26.0993 6868 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:59:26.0993 6868 Wanarpv6 - ok
13:59:27.0149 6868 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:59:27.0586 6868 WatAdminSvc - ok
13:59:27.0929 6868 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
13:59:27.0992 6868 wbengine - ok
13:59:28.0179 6868 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:59:28.0226 6868 WbioSrvc - ok
13:59:28.0288 6868 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
13:59:28.0288 6868 wcncsvc - ok
13:59:28.0335 6868 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:59:28.0366 6868 WcsPlugInService - ok
13:59:28.0429 6868 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
13:59:28.0491 6868 Wd - ok
13:59:28.0553 6868 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:59:28.0569 6868 Wdf01000 - ok
13:59:28.0756 6868 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:59:28.0803 6868 WdiServiceHost - ok
13:59:28.0819 6868 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:59:28.0819 6868 WdiSystemHost - ok
13:59:28.0865 6868 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
13:59:28.0912 6868 WebClient - ok
13:59:28.0959 6868 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:59:29.0006 6868 Wecsvc - ok
13:59:29.0037 6868 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:59:29.0099 6868 wercplsupport - ok
13:59:29.0131 6868 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:59:29.0162 6868 WerSvc - ok
13:59:29.0224 6868 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:59:29.0255 6868 WfpLwf - ok
13:59:29.0302 6868 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:59:29.0333 6868 WIMMount - ok
13:59:29.0396 6868 WinDefend - ok
13:59:29.0427 6868 WinHttpAutoProxySvc - ok
13:59:29.0521 6868 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:59:29.0567 6868 Winmgmt - ok
13:59:29.0770 6868 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
13:59:29.0848 6868 WinRM - ok
13:59:30.0082 6868 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
13:59:30.0129 6868 WinUsb - ok
13:59:30.0238 6868 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:59:30.0269 6868 Wlansvc - ok
13:59:30.0347 6868 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:59:30.0410 6868 wlcrasvc - ok
13:59:30.0675 6868 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:59:30.0769 6868 wlidsvc - ok
13:59:30.0971 6868 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:59:30.0971 6868 WmiAcpi - ok
13:59:31.0065 6868 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:59:31.0127 6868 wmiApSrv - ok
13:59:31.0174 6868 WMPNetworkSvc - ok
13:59:31.0237 6868 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:59:31.0283 6868 WPCSvc - ok
13:59:31.0315 6868 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
13:59:31.0330 6868 WPDBusEnum - ok
13:59:31.0377 6868 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:59:31.0393 6868 ws2ifsl - ok
13:59:31.0439 6868 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
13:59:31.0486 6868 wscsvc - ok
13:59:31.0502 6868 WSearch - ok
13:59:31.0720 6868 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
13:59:31.0751 6868 wuauserv - ok
13:59:31.0985 6868 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:59:32.0032 6868 WudfPf - ok
13:59:32.0079 6868 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:59:32.0110 6868 WUDFRd - ok
13:59:32.0141 6868 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
13:59:32.0204 6868 wudfsvc - ok
13:59:32.0235 6868 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:59:32.0282 6868 WwanSvc - ok
13:59:32.0329 6868 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:59:32.0391 6868 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
13:59:32.0391 6868 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
13:59:32.0422 6868 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:59:32.0422 6868 \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:59:32.0438 6868 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR1
13:59:37.0539 6868 \Device\Harddisk1\DR1 - ok
13:59:37.0570 6868 Boot (0x1200) (c0d9b8e9d1bdb699c8b26a555d457cf7) \Device\Harddisk0\DR0\Partition0
13:59:37.0570 6868 \Device\Harddisk0\DR0\Partition0 - ok
13:59:37.0601 6868 Boot (0x1200) (469645b9bfe6e47b9ae7ecb63aa976a9) \Device\Harddisk0\DR0\Partition1
13:59:37.0617 6868 \Device\Harddisk0\DR0\Partition1 - ok
13:59:37.0617 6868 Boot (0x1200) (bdfc47a4f3212205b918d04ee59a1030) \Device\Harddisk1\DR1\Partition0
13:59:37.0617 6868 \Device\Harddisk1\DR1\Partition0 - ok
13:59:37.0617 6868 ============================================================
13:59:37.0617 6868 Scan finished
13:59:37.0617 6868 ============================================================
13:59:37.0648 6488 Detected object count: 2
13:59:37.0648 6488 Actual detected object count: 2
14:01:27.0244 6488 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - skipped by user
14:01:27.0244 6488 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Skip
14:01:27.0244 6488 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
14:01:27.0244 6488 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
Chrisg2441
Regular Member
 
Posts: 59
Joined: June 7th, 2012, 6:02 am

Re: Browser rnning slow and redirecting

Unread postby torreattack » June 23rd, 2012, 8:58 am

Hi Chrisg2441 :

Well done, we manage to confirm what we suspected so far. We will fix it with the EASY method soon. However, I want you to pay attention to my message below and tell me what is your decision.

Rootkit Warning

Your computer has multiple infections, including a rootkit.
A rootkit is a set of software tools intended for concealing running processes, files or system data from the operating system.

You are strongly advised to do the following:
  1. Disconnect the computer from the Internet and from any networked computers until it is cleaned.
  2. Call all your banks, financial institutions, credit card companies and inform them that you may be a victim of identity theft and put a watch on your accounts.
    If you don't mind the hassle, change all your account numbers.
  3. From a clean computer, change all your passwords
    (Internet login, your email address(es), financial accounts, PayPal, eBay, Amazon...any online activities you carry out which require a username and password).
    Do NOT change your passwords from this computer, the attacker can still get all the new passwords and transaction records.
  4. Back up all your important data except programs. The programs can be reinstalled back from the original disc or from the Net.

Due to its rootkit functionality, your computer is very likely to have been compromised and there is no way that it can be trusted again.
Many experts in the security community believe that once infected with this type of Trojan,
the best course of action would be to do a reformat and re-installation of the operating system (OS).
This decision will have to be made by you...

To help you understand more, please take some time to read the following articles:
When should I re-format and reinstall my OS
What are Remote Access Trojans and why are they dangerous
How do I respond to a possible identity theft and how do I prevent it
Restoring your backups

We can attempt to clean this machine but we will not guarantee that it won't still be compromised, afterwards.
Please let me know how you wish to proceed.

torreattack
torreattack
Retired Graduate
 
Posts: 940
Joined: July 27th, 2008, 1:36 am

Re: Browser rnning slow and redirecting

Unread postby Chrisg2441 » June 23rd, 2012, 10:34 am

i think i would rather reformat and reinstall, can you help with that ?
Chrisg2441
Regular Member
 
Posts: 59
Joined: June 7th, 2012, 6:02 am

Re: Browser rnning slow and redirecting

Unread postby torreattack » June 23rd, 2012, 11:00 am

Hi Chrisg2441:

I am very sorry we have to come to this.

Sure, I would try my best to help.

Before we start, can you give me the model of this toshiba computer?

thanks,
torreattack
torreattack
Retired Graduate
 
Posts: 940
Joined: July 27th, 2008, 1:36 am

Re: Browser rnning slow and redirecting

Unread postby Chrisg2441 » June 23rd, 2012, 12:04 pm

Sure Satellite L750D-14, will the windows 7 file ownloaded from microsoft be ok?
Chrisg2441
Regular Member
 
Posts: 59
Joined: June 7th, 2012, 6:02 am

Re: Browser rnning slow and redirecting

Unread postby torreattack » June 24th, 2012, 11:25 am

Hi Chrisg2441 :

will the windows 7 file ownloaded from microsoft be ok?

After, recover to out of box state, you will lost everything include the microsoft files. You will need to re-install all software and re-apply your all the setting that you had change to your computer.

Your machine will recover to the Win 7 Starter version. You need to re-apply the instant upgrade again, using the download and the upgrade key code.
If you have trouble with access or permissions, you will need to contact Microsoft.


If you are ready, we might continue.
If the instruction provided by me is different from your, please choose those options that almost have the same meaning.

Recovering to out-of-box state

Warning:
Recovering an internal storage drive to its out-of-box state deletes all partitions on the drive and all information stored in those partitions.
Be sure to save your work to external media before executing the recovery.

To recover the original factory image using the utilities on your computer’s internal storage drive:
  1. Make sure the computer is turned off.
  2. While powering on your computer, press the F12 key when the initial TOSHIBA screen displays.
    The boot menu appears.
  3. Using the arrow keys to scroll down, select the HDD Recovery option, and then press the ENTER key.
  4. If your system offers a choice of Windows 7 32-bit or 64-bit operating system, select one at this time. If not, skip to step 5.
  5. A warning screen appears, stating that when the recovery is executed, all data will be deleted and rewritten unless the "Recovery of Factory Default Software with user’s data" option is selected in the next step. Click Yes to continue.
  6. When the Toshiba Recovery Wizard opens and the "Selecting a process" screen displays, select Recovery of Factory Default Software, and then click Next.
  7. When the Recovery of Factory Default Software screen appears, Select Recover to out-of-box state.
  8. Click Next.
    A confirmation message displays reminding you that all data will be lost during the recovery process. Be sure to save your work to external media before proceeding
  9. Click Next to begin the recovery.
    When the recovery process is complete, a message displays indicating that the internal storage drive has been recovered.
  10. Click Finish to restart the computer.

Note:
During the recovery process it is strongly recommended that your computer be connected to an external power source via the AC adaptor.


After reformat and reinstall, please come back read some of my recommendation.

Good luck,
torreattack
torreattack
Retired Graduate
 
Posts: 940
Joined: July 27th, 2008, 1:36 am

Re: Browser rnning slow and redirecting

Unread postby Chrisg2441 » June 24th, 2012, 11:52 am

Hi, when i press F12 at the tosh screen there is no hdd recovery option?
Chrisg2441
Regular Member
 
Posts: 59
Joined: June 7th, 2012, 6:02 am

Re: Browser rnning slow and redirecting

Unread postby torreattack » June 24th, 2012, 1:00 pm

Hi Chrisg2441:

Do you mean when you press F12, nothing happen or the was a screen which without HDD Recovery Option?

If case 1, you may try F8.

If case 2, what are the options that showed?

thanks,
torreattack
torreattack
Retired Graduate
 
Posts: 940
Joined: July 27th, 2008, 1:36 am
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 43 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware