Discussie gesloten
Pagina 1 van 2 12 LaatsteLaatste
Resultaten: 1 t/m 10 van 12

PC gehacked? Trojan horse? Rootkit?

Dit is een discussie over PC gehacked? Trojan horse? Rootkit? in het forum Archief Bestrijding malware & virussen , en maakt deel van de Bestrijding malware & virussen categorie; Bij het surfen op het internet verschijnen reclames zelfs al staat mijn pop-up blocker aan. Zowel google chrome en explorer ...

  1. #1
    Nieuweling
    Geregistreerd
    23 mei 2013
    Berichten
    6

    Standaard PC gehacked? Trojan horse? Rootkit?

    Bij het surfen op het internet verschijnen reclames zelfs al staat mijn pop-up blocker aan. Zowel google chrome en explorer blokkeren na een tijdje en vallen weg. Outlook opent wel maar mails openen lukt ook niet.

    Heb als gescand met Malware en deze heeft het volgende gevonden: Trojan.FakeAlert. Hiervoor ook gescand met Avast maar deze kreeg de Trojan niet weg, detecteerde hem wel met de volgende naam: MBR: Rovnix-A (rtk).

    Bij verwijderen en terugopstarten met Malware komt hij telkens terug.

    Iemand een idee?

    - - - Updated - - -

    Hieronder mijn Hijack log. Hiervoor naar een andere computer moeten gaan want kon niets kopieren met chrome of explorer.

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 17:31:53, on 23/05/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v10.0 (10.00.9200.16576)




    Boot mode: Normal


    Running processes:
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Program Files\AVAST Software\Avast\afwServ.exe
    C:\Program Files (x86)\Common Files\PCTV Systems\StreamingServer\StrmServer.exe
    C:\Users\jensballiere\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Users\jensballiere\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
    C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
    C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
    C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
    C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
    C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files\Sony\VAIO Care\listener.exe
    C:\Program Files\Sony\VAIO Care\VCService.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Users\jensballiere\Downloads\HijackThis.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    C:\Windows\SysWOW64\DllHost.exe


    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=IL&userid=74&affid=110774&searchtype=ds&babsrc=lnkry&q={ searchTerms}
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=IL&userid=74&affid=110774&searchtype=ds&babsrc=lnkry&q={ searchTerms}
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://stubru.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=IL&userid=74&affid=110774&searchtype=ds&babsrc=lnkry&q={ searchTerms}
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=IL&userid=74&affid=110774&searchtype=ds&babsrc=lnkry&q={ searchTerms}
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=083939230000000000000024bebcebc7&tlver=1.4.19.19&affID=17160
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ahs-isa3.katwifi.arteveldehs.be:8080
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~2\mcafee\msk\mskapbho.dll (file missing)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll (file missing)
    O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
    O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
    O4 - HKLM\..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
    O4 - HKLM\..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
    O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [StrmServer.exe] C:\Program Files (x86)\Common Files\PCTV Systems\StreamingServer\StrmServer.exe
    O4 - HKCU\..\Run: [EPSON SX235 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\JENSBA~1\AppData\Local\Temp\E_S8666.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\jensballiere\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    O4 - HKCU\..\Run: [Spotify] "C:\Users\jensballiere\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: Dropbox.lnk = jensballiere\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: Naar updates zoeken.lnk = C:\Program Files (x86)\Common Files\PCTV Systems\WebUpdater\WebUpdater.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://c:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
    O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: http://www.samsungsetup.com
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: SAS Core Service (!SASCORE) - Unknown owner - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (file missing)
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: PMBDeviceInfoProvider - Sony Corporation - c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
    O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
    O23 - Service: VAIO Media plus Database Manager (SOHDBSvr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
    O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
    O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
    O23 - Service: VAIO Media plus Playlist Manager (SOHPlMgr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
    O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
    O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
    O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
    O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe
    O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    --
    End of file - 19285 bytes

  2. #2
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.501

    Standaard

    Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Babylon Search 74&affid=110774&searchtype=ds&babsrc=lnkry&q={ searchTerms}
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Babylon Search 74&affid=110774&searchtype=ds&babsrc=lnkry&q={ searchTerms}
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Babylon Search 74&affid=110774&searchtype=ds&babsrc=lnkry&q={ searchTerms}
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Babylon Search 74&affid=110774&searchtype=ds&babsrc=lnkry&q={ searchTerms}
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=08393923000000000 0000024bebcebc7&tlver=1.4.19.19&affID=17160
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~2\mcafee\msk\mskapbho.dll (file missing)
    O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll (file missing)
    O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll (file missing)
    O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)

    Klik op 'Fix checked' om de items te verwijderen.

    Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis.

    Download MBAM (Malwarebytes Anti-Malware)

    Dubbelklik op mbam-setup.exe om het programma te installeren.

    Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".
    Indien een update gevonden werd, zal die gedownload en geÔnstalleerd worden.
    Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.
    Het scannen kan een tijdje duren, dus wees geduldig.
    Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
    Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.
    Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

    Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.
    MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.


    Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

    Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

    Plak de inhoud van het logje in je volgende bericht, samen met een nieuw logje van HijackThis.



  3. #3
    Nieuweling
    Geregistreerd
    23 mei 2013
    Berichten
    6

    Standaard

    Gescand met Malware en niets gevonden, ondertussen wel een melding gekregen van Avast dat ie hem gevonden had, dezelfde trojan.

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 18:55:02, on 23/05/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v10.0 (10.00.9200.16576)

    Boot mode: Normal
    Running processes:
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Program Files\AVAST Software\Avast\afwServ.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
    C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
    C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
    C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    C:\Program Files (x86)\Common Files\PCTV Systems\StreamingServer\StrmServer.exe
    C:\Users\jensballiere\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
    C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
    C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
    C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Users\jensballiere\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files\Sony\VAIO Care\listener.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files\Sony\VAIO Care\VCService.exe
    C:\Users\jensballiere\Downloads\HijackThis.exe
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://stubru.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ahs-isa3.katwifi.arteveldehs.be:8080
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
    O4 - HKLM\..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
    O4 - HKLM\..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
    O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKCU\..\Run: [StrmServer.exe] C:\Program Files (x86)\Common Files\PCTV Systems\StreamingServer\StrmServer.exe
    O4 - HKCU\..\Run: [EPSON SX235 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\JENSBA~1\AppData\Local\Temp\E_S8666.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\jensballiere\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    O4 - HKCU\..\Run: [Spotify] "C:\Users\jensballiere\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: Dropbox.lnk = jensballiere\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: Naar updates zoeken.lnk = C:\Program Files (x86)\Common Files\PCTV Systems\WebUpdater\WebUpdater.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://c:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
    O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: http://www.samsungsetup.com
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/...soft/wrc32.ocx
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: SAS Core Service (!SASCORE) - Unknown owner - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (file missing)
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: PMBDeviceInfoProvider - Sony Corporation - c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
    O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
    O23 - Service: VAIO Media plus Database Manager (SOHDBSvr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
    O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
    O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
    O23 - Service: VAIO Media plus Playlist Manager (SOHPlMgr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
    O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
    O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
    O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
    O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe
    O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    --
    End of file - 17113 bytes


    alwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300
    www.malwarebytes.org
    Databaseversie: v2013.05.23.08
    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16576
    jensballiere :: POEF [administrator]
    Bescherming: Ingeschakeld
    23/05/2013 18:32:54
    mbam-log-2013-05-23 (18-32-54).txt
    Scan type: Snelle scan
    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scan opties: P2P
    Objecten gescand: 230565
    Verstreken tijd: 10 minuut/minuten, 58 seconde(n)
    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)
    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)
    Registersleutels gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)
    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)
    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)
    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)
    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)
    (einde)

  4. #4
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.501

    Standaard

    Download TDSSKiller en plaats het op je bureaublad.
    Pak de bestanden in tdsskiller.zip uit.
    Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

    Windows 7 en Windows Vista gebruikers:
    Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.

    Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.

    Klik op de knop "Start Scan" en volg de instructies.
    Wanneer de scan klaar is klik je op de knop "Report".
    Er opent een kladblokbestand. Post de inhoud van dit bestand.

    Herstart de pc als TDSSKiller die optie geeft. (Reboot now)

    Wanneer er een herstart nodig was, vind je de logfile in C:\\TDSSKiller.[Version]_[Date]_[Time]_log.txt



  5. #5
    Nieuweling
    Geregistreerd
    23 mei 2013
    Berichten
    6

    Standaard

    08:59:54.0686 5708 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
    08:59:56.0691 5708 ============================================================
    08:59:56.0691 5708 Current date / time: 2013/05/24 08:59:56.0691
    08:59:56.0691 5708 SystemInfo:
    08:59:56.0691 5708
    08:59:56.0691 5708 OS Version: 6.1.7601 ServicePack: 1.0
    08:59:56.0691 5708 Product type: Workstation
    08:59:56.0692 5708 ComputerName: POEF
    08:59:56.0692 5708 UserName: jensballiere
    08:59:56.0692 5708 Windows directory: C:\Windows
    08:59:56.0692 5708 System windows directory: C:\Windows
    08:59:56.0692 5708 Running under WOW64
    08:59:56.0692 5708 Processor architecture: Intel x64
    08:59:56.0692 5708 Number of processors: 4
    08:59:56.0692 5708 Page size: 0x1000
    08:59:56.0692 5708 Boot type: Normal boot
    08:59:56.0692 5708 ============================================================
    08:59:57.0934 5708 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    08:59:57.0947 5708 ============================================================
    08:59:57.0947 5708 \Device\Harddisk0\DR0:
    08:59:57.0948 5708 MBR partitions:
    08:59:57.0948 5708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14B1800, BlocksNum 0x32000
    08:59:57.0948 5708 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x14E3800, BlocksNum 0x23F4AAB0
    08:59:57.0948 5708 ============================================================
    08:59:57.0979 5708 C: <-> \Device\Harddisk0\DR0\Partition2
    08:59:57.0979 5708 ============================================================
    08:59:57.0979 5708 Initialize success
    08:59:57.0979 5708 ============================================================
    09:00:00.0673 6136 ============================================================
    09:00:00.0673 6136 Scan started
    09:00:00.0673 6136 Mode: Manual;
    09:00:00.0673 6136 ============================================================
    09:00:01.0118 6136 ================ Scan system memory ========================
    09:00:01.0119 6136 System memory - ok
    09:00:01.0120 6136 ================ Scan services =============================
    09:00:01.0159 6136 !SASCORE - ok
    09:00:01.0366 6136 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    09:00:01.0372 6136 1394ohci - ok
    09:00:01.0419 6136 [ C31715C4BCB01B73F6B9F4F445C6BD25 ] AbilisT C:\Windows\system32\Drivers\AbilisBdaTuner.sys
    09:00:01.0426 6136 AbilisT - ok
    09:00:01.0580 6136 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    09:00:01.0594 6136 ACDaemon - ok
    09:00:01.0646 6136 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    09:00:01.0653 6136 ACPI - ok
    09:00:01.0702 6136 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    09:00:01.0720 6136 AcpiPmi - ok
    09:00:02.0026 6136 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    09:00:02.0032 6136 AdobeFlashPlayerUpdateSvc - ok
    09:00:02.0088 6136 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
    09:00:02.0099 6136 adp94xx - ok
    09:00:02.0128 6136 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
    09:00:02.0140 6136 adpahci - ok
    09:00:02.0173 6136 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
    09:00:02.0178 6136 adpu320 - ok
    09:00:02.0203 6136 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    09:00:02.0215 6136 AeLookupSvc - ok
    09:00:02.0294 6136 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
    09:00:02.0307 6136 AFD - ok
    09:00:02.0380 6136 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
    09:00:02.0382 6136 agp440 - ok
    09:00:02.0422 6136 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
    09:00:02.0425 6136 ALG - ok
    09:00:02.0471 6136 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
    09:00:02.0483 6136 aliide - ok
    09:00:02.0527 6136 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
    09:00:02.0529 6136 amdide - ok
    09:00:02.0584 6136 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
    09:00:02.0591 6136 AmdK8 - ok
    09:00:02.0627 6136 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
    09:00:02.0629 6136 AmdPPM - ok
    09:00:02.0675 6136 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    09:00:02.0678 6136 amdsata - ok
    09:00:02.0718 6136 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
    09:00:02.0723 6136 amdsbs - ok
    09:00:02.0777 6136 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
    09:00:02.0779 6136 amdxata - ok
    09:00:02.0818 6136 [ 1661F9C9E4B0049FA0A5E30264375A87 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
    09:00:02.0825 6136 ApfiltrService - ok
    09:00:02.0871 6136 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
    09:00:02.0874 6136 AppID - ok
    09:00:02.0903 6136 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    09:00:02.0905 6136 AppIDSvc - ok
    09:00:02.0945 6136 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
    09:00:02.0948 6136 Appinfo - ok
    09:00:02.0986 6136 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
    09:00:02.0989 6136 arc - ok
    09:00:03.0008 6136 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
    09:00:03.0011 6136 arcsas - ok
    09:00:03.0049 6136 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
    09:00:03.0051 6136 ArcSoftKsUFilter - ok
    09:00:03.0139 6136 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
    09:00:03.0162 6136 aswFsBlk - ok
    09:00:03.0223 6136 [ 7A62C389380F6FF3FA952D511D8790B8 ] aswFW C:\Windows\system32\drivers\aswFW.sys
    09:00:03.0228 6136 aswFW - ok
    09:00:03.0285 6136 [ 890918D53B80B474CFAFB48995B85AF3 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
    09:00:03.0287 6136 aswKbd - ok
    09:00:03.0342 6136 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
    09:00:03.0345 6136 aswMonFlt - ok
    09:00:03.0387 6136 [ 518B8D447A1975AB46DA093A2E743256 ] aswNdis C:\Windows\system32\DRIVERS\aswNdis.sys
    09:00:03.0389 6136 aswNdis - ok
    09:00:03.0432 6136 [ 94CCA87794454E1824D59B092B9F70C4 ] aswNdis2 C:\Windows\system32\drivers\aswNdis2.sys
    09:00:03.0438 6136 aswNdis2 - ok
    09:00:03.0463 6136 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
    09:00:03.0466 6136 aswRdr - ok
    09:00:03.0550 6136 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
    09:00:03.0554 6136 aswRvrt - ok
    09:00:03.0611 6136 [ 10ED1CAB84AA65983C41A11F60294C9B ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
    09:00:03.0678 6136 aswSnx - ok
    09:00:03.0726 6136 [ 00E5253353717D3CA12A0F5A6F9991EC ] aswSP C:\Windows\system32\drivers\aswSP.sys
    09:00:03.0738 6136 aswSP - ok
    09:00:03.0848 6136 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
    09:00:03.0851 6136 aswTdi - ok
    09:00:03.0891 6136 [ 6359B99C955DB9F40B653159A0EED261 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
    09:00:03.0896 6136 aswVmm - ok
    09:00:03.0931 6136 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    09:00:03.0934 6136 AsyncMac - ok
    09:00:03.0994 6136 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
    09:00:04.0020 6136 atapi - ok
    09:00:04.0079 6136 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
    09:00:04.0124 6136 athr - ok
    09:00:04.0538 6136 [ 89A3D56CE4044F35B9D08DD37193BBFC ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
    09:00:04.0722 6136 atikmdag - ok
    09:00:04.0801 6136 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    09:00:04.0822 6136 AudioEndpointBuilder - ok
    09:00:04.0845 6136 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
    09:00:04.0853 6136 AudioSrv - ok
    09:00:05.0022 6136 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    09:00:05.0023 6136 avast! Antivirus - ok
    09:00:05.0083 6136 [ C2009C6A452BD07B30D773349589B762 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
    09:00:05.0086 6136 avast! Firewall - ok
    09:00:05.0182 6136 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
    09:00:05.0186 6136 AVGIDSDriver - ok
    09:00:05.0198 6136 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
    09:00:05.0201 6136 AVGIDSHA - ok
    09:00:05.0232 6136 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
    09:00:05.0236 6136 Avgldx64 - ok
    09:00:05.0324 6136 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
    09:00:05.0354 6136 Avgloga - ok
    09:00:05.0367 6136 [ 841C40C193889730848849AC220D9242 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
    09:00:05.0371 6136 Avgmfx64 - ok
    09:00:05.0424 6136 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
    09:00:05.0446 6136 Avgrkx64 - ok
    09:00:05.0552 6136 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
    09:00:05.0556 6136 Avgtdia - ok
    09:00:05.0633 6136 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
    09:00:05.0651 6136 AxInstSV - ok
    09:00:05.0775 6136 [ 9F4320BA8E7CE2342517B182A2F2C0E6 ] azvusb C:\Windows\system32\DRIVERS\azvusb.sys
    09:00:05.0790 6136 azvusb - ok
    09:00:05.0871 6136 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
    09:00:05.0881 6136 b06bdrv - ok
    09:00:05.0943 6136 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    09:00:05.0949 6136 b57nd60a - ok
    09:00:06.0012 6136 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
    09:00:06.0016 6136 BDESVC - ok
    09:00:06.0061 6136 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
    09:00:06.0069 6136 Beep - ok
    09:00:06.0167 6136 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
    09:00:06.0182 6136 BFE - ok
    09:00:06.0265 6136 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
    09:00:06.0267 6136 blbdrive - ok
    09:00:06.0332 6136 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    09:00:06.0335 6136 bowser - ok
    09:00:06.0375 6136 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
    09:00:06.0377 6136 BrFiltLo - ok
    09:00:06.0406 6136 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
    09:00:06.0408 6136 BrFiltUp - ok
    09:00:06.0452 6136 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
    09:00:06.0457 6136 Browser - ok
    09:00:06.0492 6136 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    09:00:06.0523 6136 Brserid - ok
    09:00:06.0588 6136 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    09:00:06.0590 6136 BrSerWdm - ok
    09:00:06.0628 6136 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    09:00:06.0630 6136 BrUsbMdm - ok
    09:00:06.0672 6136 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    09:00:06.0674 6136 BrUsbSer - ok
    09:00:06.0746 6136 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
    09:00:06.0749 6136 BthEnum - ok
    09:00:06.0783 6136 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
    09:00:06.0786 6136 BTHMODEM - ok
    09:00:06.0801 6136 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
    09:00:06.0806 6136 BthPan - ok
    09:00:06.0840 6136 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
    09:00:06.0852 6136 BTHPORT - ok
    09:00:06.0911 6136 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
    09:00:06.0922 6136 bthserv - ok
    09:00:06.0985 6136 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
    09:00:06.0988 6136 BTHUSB - ok
    09:00:07.0014 6136 [ 6E04458E98DAF28826482E41A7A62DF5 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
    09:00:07.0016 6136 btusbflt - ok
    09:00:07.0048 6136 [ 4BDBDB86ABBA924E029FB2683BE7C505 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
    09:00:07.0052 6136 btwaudio - ok
    09:00:07.0071 6136 [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
    09:00:07.0075 6136 btwavdt - ok
    09:00:07.0161 6136 [ 31DA517946FFE416442E864592548F8A ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    09:00:07.0171 6136 btwdins - ok
    09:00:07.0209 6136 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
    09:00:07.0221 6136 btwl2cap - ok
    09:00:07.0237 6136 [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid C:\Windows\system32\drivers\btwrchid.sys
    09:00:07.0239 6136 btwrchid - ok
    09:00:07.0263 6136 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    09:00:07.0266 6136 cdfs - ok
    09:00:07.0305 6136 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
    09:00:07.0309 6136 cdrom - ok
    09:00:07.0359 6136 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
    09:00:07.0362 6136 CertPropSvc - ok
    09:00:07.0386 6136 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
    09:00:07.0389 6136 circlass - ok
    09:00:07.0434 6136 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
    09:00:07.0453 6136 CLFS - ok
    09:00:07.0603 6136 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    09:00:07.0608 6136 clr_optimization_v2.0.50727_32 - ok
    09:00:07.0662 6136 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    09:00:07.0667 6136 clr_optimization_v2.0.50727_64 - ok
    09:00:07.0837 6136 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    09:00:07.0840 6136 clr_optimization_v4.0.30319_32 - ok
    09:00:07.0874 6136 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    09:00:07.0894 6136 clr_optimization_v4.0.30319_64 - ok
    09:00:07.0926 6136 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
    09:00:07.0928 6136 CmBatt - ok
    09:00:07.0973 6136 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
    09:00:07.0974 6136 cmdide - ok
    09:00:08.0029 6136 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
    09:00:08.0042 6136 CNG - ok
    09:00:08.0095 6136 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
    09:00:08.0097 6136 Compbatt - ok
    09:00:08.0131 6136 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
    09:00:08.0133 6136 CompositeBus - ok
    09:00:08.0141 6136 COMSysApp - ok
    09:00:08.0166 6136 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
    09:00:08.0168 6136 crcdisk - ok
    09:00:08.0237 6136 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
    09:00:08.0244 6136 CryptSvc - ok
    09:00:08.0300 6136 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
    09:00:08.0311 6136 DcomLaunch - ok
    09:00:08.0371 6136 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
    09:00:08.0381 6136 defragsvc - ok
    09:00:08.0444 6136 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    09:00:08.0455 6136 DfsC - ok
    09:00:08.0496 6136 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
    09:00:08.0505 6136 Dhcp - ok
    09:00:08.0545 6136 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
    09:00:08.0547 6136 discache - ok
    09:00:08.0560 6136 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
    09:00:08.0563 6136 Disk - ok
    09:00:08.0677 6136 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    09:00:08.0681 6136 Dnscache - ok
    09:00:08.0787 6136 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
    09:00:08.0807 6136 dot3svc - ok
    09:00:08.0871 6136 [ B42ED0320C6E41102FDE0005154849BB ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
    09:00:08.0875 6136 dot4 - ok
    09:00:08.0945 6136 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
    09:00:08.0951 6136 Dot4Print - ok
    09:00:08.0969 6136 [ 488669CD1CD3BDCFDD9A5FDA72209069 ] Dot4Scan C:\Windows\system32\DRIVERS\Dot4Scan.sys
    09:00:08.0971 6136 Dot4Scan - ok
    09:00:08.0984 6136 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
    09:00:08.0987 6136 dot4usb - ok
    09:00:09.0052 6136 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
    09:00:09.0057 6136 DPS - ok
    09:00:09.0090 6136 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    09:00:09.0092 6136 drmkaud - ok
    09:00:09.0150 6136 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    09:00:09.0171 6136 DXGKrnl - ok
    09:00:09.0215 6136 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
    09:00:09.0230 6136 EapHost - ok
    09:00:09.0504 6136 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
    09:00:09.0761 6136 ebdrv - ok
    09:00:09.0811 6136 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
    09:00:09.0815 6136 EFS - ok
    09:00:09.0980 6136 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    09:00:10.0079 6136 ehRecvr - ok
    09:00:10.0133 6136 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
    09:00:10.0218 6136 ehSched - ok
    09:00:10.0260 6136 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
    09:00:10.0272 6136 elxstor - ok
    09:00:10.0293 6136 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
    09:00:10.0303 6136 ErrDev - ok
    09:00:10.0347 6136 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
    09:00:10.0358 6136 EventSystem - ok
    09:00:10.0411 6136 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
    09:00:10.0417 6136 exfat - ok
    09:00:10.0476 6136 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
    09:00:10.0482 6136 fastfat - ok
    09:00:10.0632 6136 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
    09:00:10.0650 6136 Fax - ok
    09:00:10.0709 6136 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
    09:00:10.0711 6136 fdc - ok
    09:00:10.0751 6136 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
    09:00:10.0754 6136 fdPHost - ok
    09:00:10.0797 6136 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
    09:00:10.0816 6136 FDResPub - ok
    09:00:10.0859 6136 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    09:00:10.0862 6136 FileInfo - ok
    09:00:10.0907 6136 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    09:00:10.0918 6136 Filetrace - ok
    09:00:10.0973 6136 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
    09:00:10.0976 6136 flpydisk - ok
    09:00:11.0036 6136 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    09:00:11.0056 6136 FltMgr - ok
    09:00:11.0200 6136 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
    09:00:11.0269 6136 FontCache - ok
    09:00:11.0338 6136 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    09:00:11.0357 6136 FontCache3.0.0.0 - ok
    09:00:11.0419 6136 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    09:00:11.0422 6136 FsDepends - ok
    09:00:11.0523 6136 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
    09:00:11.0705 6136 fssfltr - ok
    09:00:11.0963 6136 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
    09:00:12.0020 6136 fsssvc - ok
    09:00:12.0081 6136 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    09:00:12.0086 6136 Fs_Rec - ok
    09:00:12.0134 6136 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    09:00:12.0140 6136 fvevol - ok
    09:00:12.0188 6136 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
    09:00:12.0199 6136 gagp30kx - ok
    09:00:12.0303 6136 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
    09:00:12.0371 6136 gpsvc - ok
    09:00:12.0457 6136 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    09:00:12.0476 6136 gupdate - ok
    09:00:12.0547 6136 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    09:00:12.0549 6136 gupdatem - ok
    09:00:12.0599 6136 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    09:00:12.0609 6136 gusvc - ok
    09:00:12.0660 6136 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    09:00:12.0670 6136 hcw85cir - ok
    09:00:12.0715 6136 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    09:00:12.0724 6136 HdAudAddService - ok
    09:00:12.0761 6136 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
    09:00:12.0763 6136 HDAudBus - ok
    09:00:12.0824 6136 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys
    09:00:12.0831 6136 HECIx64 - ok
    09:00:12.0897 6136 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
    09:00:12.0910 6136 HidBatt - ok
    09:00:12.0926 6136 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
    09:00:12.0930 6136 HidBth - ok
    09:00:12.0964 6136 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
    09:00:12.0974 6136 HidIr - ok
    09:00:13.0016 6136 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
    09:00:13.0032 6136 hidserv - ok
    09:00:13.0070 6136 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    09:00:13.0072 6136 HidUsb - ok
    09:00:13.0119 6136 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
    09:00:13.0133 6136 hkmsvc - ok
    09:00:13.0225 6136 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    09:00:13.0239 6136 HomeGroupListener - ok
    09:00:13.0317 6136 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    09:00:13.0327 6136 HomeGroupProvider - ok
    09:00:13.0348 6136 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    09:00:13.0351 6136 HpSAMD - ok
    09:00:13.0411 6136 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    09:00:13.0430 6136 HTTP - ok
    09:00:13.0469 6136 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    09:00:13.0481 6136 hwpolicy - ok
    09:00:13.0534 6136 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
    09:00:13.0544 6136 i8042prt - ok
    09:00:13.0682 6136 [ 073A606333B6F7BBF20AA856DF7F0997 ] iaStor C:\Windows\system32\drivers\iaStor.sys
    09:00:13.0689 6136 iaStor - ok
    09:00:13.0819 6136 [ CC800D2D9FD467542BAC7C186C4774AD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    09:00:13.0820 6136 IAStorDataMgrSvc - ok
    09:00:13.0899 6136 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    09:00:13.0909 6136 iaStorV - ok
    09:00:13.0987 6136 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    09:00:14.0005 6136 idsvc - ok
    09:00:14.0404 6136 [ 4EAA4261E1AD4B860657CADA790B9B38 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
    09:00:14.0819 6136 igfx - ok
    09:00:14.0860 6136 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
    09:00:14.0863 6136 iirsp - ok
    09:00:15.0011 6136 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
    09:00:15.0036 6136 IKEEXT - ok
    09:00:15.0097 6136 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
    09:00:15.0113 6136 Impcd - ok
    09:00:15.0215 6136 [ 0F144E5F46CB9043004B5E84AA4BCA6A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
    09:00:15.0261 6136 IntcAzAudAddService - ok
    09:00:15.0310 6136 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
    09:00:15.0318 6136 IntcDAud - ok
    09:00:15.0336 6136 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
    09:00:15.0338 6136 intelide - ok
    09:00:15.0373 6136 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    09:00:15.0392 6136 intelppm - ok
    09:00:15.0471 6136 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    09:00:15.0483 6136 IPBusEnum - ok
    09:00:15.0530 6136 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    09:00:15.0547 6136 IpFilterDriver - ok
    09:00:15.0632 6136 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    09:00:15.0635 6136 IPMIDRV - ok
    09:00:15.0677 6136 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    09:00:15.0681 6136 IPNAT - ok
    09:00:15.0730 6136 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
    09:00:15.0738 6136 IRENUM - ok
    09:00:15.0767 6136 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    09:00:15.0782 6136 isapnp - ok
    09:00:15.0811 6136 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    09:00:15.0819 6136 iScsiPrt - ok
    09:00:15.0842 6136 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
    09:00:15.0845 6136 kbdclass - ok
    09:00:15.0867 6136 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
    09:00:15.0870 6136 kbdhid - ok
    09:00:15.0890 6136 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
    09:00:15.0895 6136 KeyIso - ok
    09:00:15.0946 6136 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    09:00:15.0956 6136 KSecDD - ok
    09:00:16.0015 6136 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    09:00:16.0024 6136 KSecPkg - ok
    09:00:16.0059 6136 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    09:00:16.0060 6136 ksthunk - ok
    09:00:16.0110 6136 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
    09:00:16.0124 6136 KtmRm - ok
    09:00:16.0213 6136 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
    09:00:16.0226 6136 LanmanServer - ok
    09:00:16.0281 6136 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    09:00:16.0292 6136 LanmanWorkstation - ok
    09:00:16.0340 6136 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    09:00:16.0350 6136 lltdio - ok
    09:00:16.0391 6136 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
    09:00:16.0403 6136 lltdsvc - ok
    09:00:16.0432 6136 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
    09:00:16.0436 6136 lmhosts - ok
    09:00:16.0539 6136 [ 5460828F8951D310B42B442877603B8D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    09:00:16.0544 6136 LMS - ok
    09:00:16.0621 6136 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
    09:00:16.0631 6136 LSI_FC - ok
    09:00:16.0672 6136 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
    09:00:16.0675 6136 LSI_SAS - ok
    09:00:16.0692 6136 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
    09:00:16.0696 6136 LSI_SAS2 - ok
    09:00:16.0720 6136 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
    09:00:16.0725 6136 LSI_SCSI - ok
    09:00:16.0745 6136 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
    09:00:16.0749 6136 luafv - ok
    09:00:16.0825 6136 McMPFSvc - ok
    09:00:16.0874 6136 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    09:00:16.0888 6136 Mcx2Svc - ok
    09:00:16.0920 6136 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
    09:00:16.0922 6136 megasas - ok
    09:00:16.0953 6136 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
    09:00:16.0961 6136 MegaSR - ok
    09:00:17.0000 6136 [ 624D717B11E5004F68442B5740F17F21 ] mferkdk C:\Windows\system32\drivers\mferkdk.sys
    09:00:17.0011 6136 mferkdk - ok
    09:00:17.0052 6136 [ 0CD9DE7B96735F33F078C4EA044E8B34 ] mfesmfk C:\Windows\system32\drivers\mfesmfk.sys
    09:00:17.0055 6136 mfesmfk - ok
    09:00:17.0084 6136 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
    09:00:17.0097 6136 MMCSS - ok
    09:00:17.0131 6136 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
    09:00:17.0133 6136 Modem - ok
    09:00:17.0160 6136 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    09:00:17.0162 6136 monitor - ok
    09:00:17.0210 6136 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    09:00:17.0213 6136 mouclass - ok
    09:00:17.0248 6136 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    09:00:17.0250 6136 mouhid - ok
    09:00:17.0309 6136 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    09:00:17.0312 6136 mountmgr - ok
    09:00:17.0388 6136 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
    09:00:17.0394 6136 MpFilter - ok
    09:00:17.0441 6136 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
    09:00:17.0446 6136 mpio - ok
    09:00:17.0492 6136 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    09:00:17.0495 6136 mpsdrv - ok
    09:00:17.0630 6136 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
    09:00:17.0650 6136 MpsSvc - ok
    09:00:17.0702 6136 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRAV C:\Windows\system32\drivers\mrxdav.sys
    09:00:17.0730 6136 MRAV - ok
    09:00:17.0797 6136 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    09:00:17.0802 6136 mrxsmb - ok
    09:00:17.0847 6136 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    09:00:17.0854 6136 mrxsmb10 - ok
    09:00:17.0893 6136 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    09:00:17.0897 6136 mrxsmb20 - ok
    09:00:17.0959 6136 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
    09:00:17.0974 6136 msahci - ok
    09:00:18.0020 6136 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    09:00:18.0025 6136 msdsm - ok
    09:00:18.0115 6136 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
    09:00:18.0124 6136 MSDTC - ok
    09:00:18.0179 6136 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    09:00:18.0181 6136 Msfs - ok
    09:00:18.0208 6136 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    09:00:18.0209 6136 mshidkmdf - ok
    09:00:18.0230 6136 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    09:00:18.0232 6136 msisadrv - ok
    09:00:18.0288 6136 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    09:00:18.0303 6136 MSiSCSI - ok
    09:00:18.0317 6136 msiserver - ok
    09:00:18.0343 6136 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    09:00:18.0345 6136 MSKSSRV - ok
    09:00:18.0458 6136 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
    09:00:18.0459 6136 MsMpSvc - ok
    09:00:18.0510 6136 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    09:00:18.0512 6136 MSPCLOCK - ok
    09:00:18.0569 6136 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    09:00:18.0571 6136 MSPQM - ok
    09:00:18.0652 6136 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    09:00:18.0662 6136 MsRPC - ok
    09:00:18.0757 6136 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
    09:00:18.0759 6136 mssmbios - ok
    09:00:18.0789 6136 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    09:00:18.0803 6136 MSTEE - ok
    09:00:18.0826 6136 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
    09:00:18.0828 6136 MTConfig - ok
    09:00:18.0889 6136 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
    09:00:18.0892 6136 Mup - ok
    09:00:18.0948 6136 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
    09:00:18.0963 6136 napagent - ok
    09:00:18.0987 6136 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    09:00:18.0995 6136 NativeWifiP - ok
    09:00:19.0120 6136 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
    09:00:19.0150 6136 NDIS - ok
    09:00:19.0186 6136 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    09:00:19.0197 6136 NdisCap - ok
    09:00:19.0220 6136 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    09:00:19.0222 6136 NdisTapi - ok
    09:00:19.0266 6136 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    09:00:19.0268 6136 Ndisuio - ok
    09:00:19.0312 6136 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    09:00:19.0316 6136 NdisWan - ok
    09:00:19.0374 6136 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    09:00:19.0376 6136 NDProxy - ok
    09:00:19.0416 6136 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    09:00:19.0424 6136 NetBIOS - ok
    09:00:19.0477 6136 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    09:00:19.0484 6136 NetBT - ok
    09:00:19.0536 6136 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
    09:00:19.0541 6136 Netlogon - ok
    09:00:19.0636 6136 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
    09:00:19.0649 6136 Netman - ok
    09:00:19.0674 6136 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
    09:00:19.0689 6136 netprofm - ok
    09:00:19.0755 6136 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    09:00:19.0764 6136 NetTcpPortSharing - ok
    09:00:19.0800 6136 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
    09:00:19.0803 6136 nfrd960 - ok
    09:00:19.0910 6136 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    09:00:19.0928 6136 NisDrv - ok
    09:00:20.0002 6136 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
    09:00:20.0010 6136 NisSrv - ok
    09:00:20.0091 6136 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
    09:00:20.0103 6136 NlaSvc - ok
    09:00:20.0139 6136 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
    09:00:20.0142 6136 Npfs - ok
    09:00:20.0192 6136 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
    09:00:20.0199 6136 nsi - ok
    09:00:20.0235 6136 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    09:00:20.0237 6136 nsiproxy - ok
    09:00:20.0375 6136 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    09:00:20.0431 6136 Ntfs - ok
    09:00:20.0461 6136 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
    09:00:20.0470 6136 Null - ok
    09:00:20.0516 6136 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
    09:00:20.0524 6136 nvraid - ok
    09:00:20.0590 6136 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
    09:00:20.0618 6136 nvstor - ok
    09:00:20.0663 6136 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    09:00:20.0667 6136 nv_agp - ok
    09:00:20.0786 6136 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    09:00:20.0806 6136 odserv - ok
    09:00:20.0854 6136 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    09:00:20.0867 6136 ohci1394 - ok
    09:00:20.0904 6136 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    09:00:20.0909 6136 ose - ok
    09:00:20.0956 6136 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    09:00:20.0968 6136 p2pimsvc - ok
    09:00:21.0012 6136 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
    09:00:21.0027 6136 p2psvc - ok
    09:00:21.0067 6136 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
    09:00:21.0078 6136 Parport - ok
    09:00:21.0117 6136 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
    09:00:21.0120 6136 partmgr - ok
    09:00:21.0151 6136 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
    09:00:21.0162 6136 PcaSvc - ok
    09:00:21.0184 6136 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
    09:00:21.0189 6136 pci - ok
    09:00:21.0240 6136 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
    09:00:21.0250 6136 pciide - ok
    09:00:21.0277 6136 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
    09:00:21.0284 6136 pcmcia - ok
    09:00:21.0309 6136 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
    09:00:21.0312 6136 pcw - ok
    09:00:21.0354 6136 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    09:00:21.0368 6136 PEAUTH - ok
    09:00:21.0624 6136 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
    09:00:21.0640 6136 PerfHost - ok
    09:00:21.0888 6136 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
    09:00:21.0921 6136 pla - ok
    09:00:22.0015 6136 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    09:00:22.0038 6136 PlugPlay - ok
    09:00:22.0291 6136 [ 627FA58ADC043704F9D14CA44340956F ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
    09:00:22.0318 6136 PMBDeviceInfoProvider - ok
    09:00:22.0372 6136 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    09:00:22.0379 6136 PNRPAutoReg - ok
    09:00:22.0415 6136 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    09:00:22.0424 6136 PNRPsvc - ok
    09:00:22.0514 6136 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    09:00:22.0541 6136 PolicyAgent - ok
    09:00:22.0640 6136 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
    09:00:22.0652 6136 Power - ok
    09:00:22.0705 6136 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    09:00:22.0719 6136 PptpMiniport - ok
    09:00:22.0751 6136 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
    09:00:22.0755 6136 Processor - ok
    09:00:22.0830 6136 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
    09:00:22.0846 6136 ProfSvc - ok
    09:00:22.0868 6136 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
    09:00:22.0872 6136 ProtectedStorage - ok
    09:00:22.0938 6136 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    09:00:22.0954 6136 Psched - ok
    09:00:23.0034 6136 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
    09:00:23.0067 6136 ql2300 - ok
    09:00:23.0114 6136 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
    09:00:23.0129 6136 ql40xx - ok
    09:00:23.0170 6136 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
    09:00:23.0183 6136 QWAVE - ok
    09:00:23.0233 6136 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    09:00:23.0241 6136 QWAVEdrv - ok
    09:00:23.0287 6136 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    09:00:23.0289 6136 RasAcd - ok
    09:00:23.0329 6136 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    09:00:23.0337 6136 RasAgileVpn - ok
    09:00:23.0371 6136 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
    09:00:23.0380 6136 RasAuto - ok
    09:00:23.0437 6136 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    09:00:23.0441 6136 Rasl2tp - ok
    09:00:23.0513 6136 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
    09:00:23.0533 6136 RasMan - ok
    09:00:23.0619 6136 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    09:00:23.0631 6136 RasPppoe - ok
    09:00:23.0658 6136 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    09:00:23.0662 6136 RasSstp - ok
    09:00:23.0734 6136 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    09:00:23.0743 6136 rdbss - ok
    09:00:23.0770 6136 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
    09:00:23.0773 6136 rdpbus - ok
    09:00:23.0797 6136 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    09:00:23.0799 6136 RDPCDD - ok
    09:00:23.0833 6136 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    09:00:23.0850 6136 RDPENCDD - ok
    09:00:23.0915 6136 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    09:00:23.0917 6136 RDPREFMP - ok
    09:00:23.0975 6136 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    09:00:23.0985 6136 RDPWD - ok
    09:00:24.0053 6136 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    09:00:24.0060 6136 rdyboost - ok
    09:00:24.0094 6136 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
    09:00:24.0102 6136 RemoteAccess - ok
    09:00:24.0152 6136 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    09:00:24.0163 6136 RemoteRegistry - ok
    09:00:24.0209 6136 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
    09:00:24.0214 6136 RFCOMM - ok
    09:00:24.0254 6136 [ 5CA4ABD888B602551B59BAA26941C167 ] rimspci C:\Windows\system32\drivers\rimssne64.sys
    09:00:24.0267 6136 rimspci - ok
    09:00:24.0296 6136 [ BB6E138AEB351728959DA5E2731D8140 ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys
    09:00:24.0299 6136 risdsnpe - ok
    09:00:24.0338 6136 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    09:00:24.0353 6136 RpcEptMapper - ok
    09:00:24.0392 6136 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
    09:00:24.0397 6136 RpcLocator - ok
    09:00:24.0457 6136 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
    09:00:24.0470 6136 RpcSs - ok
    09:00:24.0510 6136 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    09:00:24.0532 6136 rspndr - ok
    09:00:24.0601 6136 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
    09:00:24.0605 6136 SamSs - ok
    09:00:24.0650 6136 SASDIFSV - ok
    09:00:24.0676 6136 SAS***IL - ok
    09:00:24.0762 6136 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    09:00:24.0766 6136 sbp2port - ok
    09:00:24.0860 6136 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
    09:00:24.0881 6136 SCardSvr - ok
    09:00:24.0931 6136 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    09:00:24.0941 6136 scfilter - ok
    09:00:25.0012 6136 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
    09:00:25.0042 6136 Schedule - ok
    09:00:25.0093 6136 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
    09:00:25.0103 6136 SCPolicySvc - ok
    09:00:25.0164 6136 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
    09:00:25.0174 6136 sdbus - ok
    09:00:25.0207 6136 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    09:00:25.0218 6136 SDRSVC - ok
    09:00:25.0268 6136 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
    09:00:25.0270 6136 secdrv - ok
    09:00:25.0321 6136 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
    09:00:25.0330 6136 seclogon - ok
    09:00:25.0362 6136 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
    09:00:25.0370 6136 SENS - ok
    09:00:25.0402 6136 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
    09:00:25.0410 6136 SensrSvc - ok
    09:00:25.0441 6136 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
    09:00:25.0443 6136 Serenum - ok
    09:00:25.0478 6136 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
    09:00:25.0482 6136 Serial - ok
    09:00:25.0511 6136 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
    09:00:25.0513 6136 sermouse - ok
    09:00:25.0617 6136 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
    09:00:25.0630 6136 SessionEnv - ok
    09:00:25.0679 6136 [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP C:\Windows\system32\drivers\SFEP.sys
    09:00:25.0681 6136 SFEP - ok
    09:00:25.0738 6136 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    09:00:25.0743 6136 sffdisk - ok
    09:00:25.0773 6136 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    09:00:25.0776 6136 sffp_mmc - ok
    09:00:25.0801 6136 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    09:00:25.0804 6136 sffp_sd - ok
    09:00:25.0839 6136 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
    09:00:25.0842 6136 sfloppy - ok
    09:00:25.0937 6136 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    09:00:25.0962 6136 ShellHWDetection - ok
    09:00:25.0990 6136 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
    09:00:25.0993 6136 SiSRaid2 - ok
    09:00:26.0024 6136 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
    09:00:26.0027 6136 SiSRaid4 - ok
    09:00:26.0131 6136 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
    09:00:26.0144 6136 SkypeUpdate - ok
    09:00:26.0178 6136 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    09:00:26.0181 6136 Smb - ok
    09:00:26.0257 6136 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    09:00:26.0288 6136 SNMPTRAP - ok
    09:00:26.0353 6136 [ 98886C88A1CB13D61672AE2C638B7E1C ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
    09:00:26.0364 6136 SOHCImp - ok
    09:00:26.0391 6136 [ 442A13F395546F4564C377296D43B564 ] SOHDBSvr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
    09:00:26.0394 6136 SOHDBSvr - ok
    09:00:26.0435 6136 [ 556681BE668D71DC162391A45422B52C ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
    09:00:26.0445 6136 SOHDms - ok
    09:00:26.0476 6136 [ 72B46103E4111439109ACF5882627C24 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
    09:00:26.0479 6136 SOHDs - ok
    09:00:26.0534 6136 [ 725B6E9CD1959271AC993DC035E1606D ] SOHPlMgr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
    09:00:26.0545 6136 SOHPlMgr - ok
    09:00:26.0585 6136 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
    09:00:26.0589 6136 spldr - ok
    09:00:26.0674 6136 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
    09:00:26.0687 6136 Spooler - ok
    09:00:27.0011 6136 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
    09:00:27.0061 6136 sppsvc - ok
    09:00:27.0175 6136 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    09:00:27.0205 6136 sppuinotify - ok
    09:00:27.0316 6136 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
    09:00:27.0328 6136 srv - ok
    09:00:27.0409 6136 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    09:00:27.0418 6136 srv2 - ok
    09:00:27.0479 6136 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    09:00:27.0488 6136 srvnet - ok
    09:00:27.0575 6136 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    09:00:27.0585 6136 SSDPSRV - ok
    09:00:27.0624 6136 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
    09:00:27.0632 6136 SstpSvc - ok
    09:00:27.0696 6136 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
    09:00:27.0698 6136 stexstor - ok
    09:00:27.0771 6136 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
    09:00:27.0791 6136 stisvc - ok
    09:00:27.0869 6136 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
    09:00:27.0877 6136 swenum - ok
    09:00:27.0931 6136 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
    09:00:27.0950 6136 swprv - ok
    09:00:28.0171 6136 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
    09:00:28.0238 6136 SysMain - ok
    09:00:28.0317 6136 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
    09:00:28.0335 6136 TabletInputService - ok
    09:00:28.0407 6136 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
    09:00:28.0421 6136 TapiSrv - ok
    09:00:28.0466 6136 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
    09:00:28.0474 6136 TBS - ok
    09:00:28.0602 6136 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    09:00:28.0660 6136 Tcpip - ok
    09:00:28.0914 6136 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    09:00:28.0939 6136 TCPIP6 - ok
    09:00:29.0022 6136 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    09:00:29.0030 6136 tcpipreg - ok
    09:00:29.0095 6136 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    09:00:29.0102 6136 TDPIPE - ok
    09:00:29.0146 6136 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    09:00:29.0148 6136 TDTCP - ok
    09:00:29.0210 6136 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    09:00:29.0214 6136 tdx - ok
    09:00:29.0276 6136 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
    09:00:29.0279 6136 TermDD - ok
    09:00:29.0464 6136 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
    09:00:29.0494 6136 TermService - ok
    09:00:29.0529 6136 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
    09:00:29.0538 6136 Themes - ok
    09:00:29.0595 6136 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
    09:00:29.0600 6136 THREADORDER - ok
    09:00:29.0653 6136 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
    09:00:29.0667 6136 TrkWks - ok
    09:00:29.0773 6136 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    09:00:29.0833 6136 TrustedInstaller - ok
    09:00:29.0939 6136 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    09:00:29.0942 6136 tssecsrv - ok
    09:00:30.0051 6136 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    09:00:30.0054 6136 TsUsbFlt - ok
    09:00:30.0119 6136 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    09:00:30.0123 6136 tunnel - ok
    09:00:30.0238 6136 [ 1A006963644C7FDE5BE60036F3A43E68 ] TVICHW64 C:\Windows\system32\DRIVERS\TVICHW64.SYS
    09:00:30.0272 6136 TVICHW64 - ok
    09:00:30.0317 6136 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
    09:00:30.0321 6136 uagp35 - ok
    09:00:30.0390 6136 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    09:00:30.0393 6136 uCamMonitor - ok
    09:00:30.0467 6136 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    09:00:30.0475 6136 udfs - ok
    09:00:30.0553 6136 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
    09:00:30.0577 6136 UI0Detect - ok
    09:00:30.0614 6136 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    09:00:30.0621 6136 uliagpkx - ok
    09:00:30.0667 6136 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
    09:00:30.0677 6136 umbus - ok
    09:00:30.0721 6136 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
    09:00:30.0738 6136 UmPass - ok
    09:00:31.0021 6136 [ 9E89C2D6945389270DE067CE51FF7425 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    09:00:31.0090 6136 UNS - ok
    09:00:31.0143 6136 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
    09:00:31.0157 6136 upnphost - ok
    09:00:31.0214 6136 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    09:00:31.0231 6136 usbccgp - ok
    09:00:31.0297 6136 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
    09:00:31.0301 6136 usbcir - ok
    09:00:31.0358 6136 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
    09:00:31.0365 6136 usbehci - ok
    09:00:31.0401 6136 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    09:00:31.0417 6136 usbhub - ok
    09:00:31.0451 6136 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
    09:00:31.0463 6136 usbohci - ok
    09:00:31.0508 6136 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    09:00:31.0510 6136 usbprint - ok
    09:00:31.0592 6136 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
    09:00:31.0622 6136 usbscan - ok
    09:00:31.0669 6136 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    09:00:31.0681 6136 USBSTOR - ok
    09:00:31.0732 6136 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    09:00:31.0742 6136 usbuhci - ok
    09:00:31.0787 6136 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
    09:00:31.0793 6136 usbvideo - ok
    09:00:31.0839 6136 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
    09:00:31.0851 6136 UxSms - ok
    09:00:31.0920 6136 [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
    09:00:32.0002 6136 VAIO Entertainment TV Device Arbitration Service - ok
    09:00:32.0150 6136 [ 6B31C9CB94927DBEEB62E15275F4CC54 ] VAIO Event Service C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
    09:00:32.0153 6136 VAIO Event Service - ok
    09:00:32.0266 6136 [ B8C9A7010AFD5CBBE194CB9EF7C4FD14 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    09:00:32.0273 6136 VAIO Power Management - ok
    09:00:32.0302 6136 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
    09:00:32.0306 6136 VaultSvc - ok
    09:00:32.0472 6136 [ 6A740F5FF3246C3BE3DD317299EFC88E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    09:00:32.0481 6136 VCFw - ok
    09:00:32.0706 6136 [ 10E212BFB7EAB152A64C1AAEC2F7F4E0 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    09:00:32.0714 6136 VcmIAlzMgr - ok
    09:00:32.0859 6136 [ 7A88CFD3FE99F2C9B95A6E2A08B96E14 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
    09:00:32.0865 6136 VcmINSMgr - ok
    09:00:32.0975 6136 [ 8EFAACCC7BFA1E9031EFDFB01A1B0D69 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
    09:00:32.0989 6136 VcmXmlIfHelper - ok
    09:00:33.0130 6136 [ D347D3ABE070AA09C22FC37121555D52 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
    09:00:33.0132 6136 VCService - ok
    09:00:33.0175 6136 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    09:00:33.0178 6136 vdrvroot - ok
    09:00:33.0344 6136 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
    09:00:33.0364 6136 vds - ok
    09:00:33.0450 6136 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    09:00:33.0466 6136 vga - ok
    09:00:33.0504 6136 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
    09:00:33.0507 6136 VgaSave - ok
    09:00:33.0592 6136 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    09:00:33.0613 6136 vhdmp - ok
    09:00:33.0694 6136 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
    09:00:33.0720 6136 viaide - ok
    09:00:33.0771 6136 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    09:00:33.0774 6136 volmgr - ok
    09:00:33.0829 6136 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    09:00:33.0848 6136 volmgrx - ok
    09:00:33.0919 6136 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
    09:00:33.0939 6136 volsnap - ok
    09:00:33.0998 6136 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
    09:00:34.0005 6136 vsmraid - ok
    09:00:34.0080 6136 [ 047F22BDFDAE6DF6F1E47E747A1237A2 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
    09:00:34.0091 6136 VSNService - ok
    09:00:34.0192 6136 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
    09:00:34.0233 6136 VSS - ok
    09:00:34.0577 6136 [ D2D646D4D686C6996BA1FF96E11BE570 ] VUAgent C:\Program Files\Sony\VAIO Update\VUAgent.exe
    09:00:34.0593 6136 VUAgent - ok
    09:00:34.0630 6136 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
    09:00:34.0632 6136 vwifibus - ok
    09:00:34.0676 6136 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
    09:00:34.0683 6136 vwififlt - ok
    09:00:34.0704 6136 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
    09:00:34.0707 6136 vwifimp - ok
    09:00:34.0761 6136 [ D8BEF4AC1EAC809DBDBD441D6CFF6C4C ] VzCdbSvc C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    09:00:34.0764 6136 VzCdbSvc - ok
    09:00:34.0851 6136 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
    09:00:34.0889 6136 W32Time - ok
    09:00:34.0969 6136 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
    09:00:34.0992 6136 WacomPen - ok
    09:00:35.0041 6136 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    09:00:35.0044 6136 WANARP - ok
    09:00:35.0066 6136 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    09:00:35.0068 6136 Wanarpv6 - ok
    09:00:35.0252 6136 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    09:00:35.0279 6136 WatAdminSvc - ok
    09:00:35.0393 6136 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
    09:00:35.0432 6136 wbengine - ok
    09:00:35.0489 6136 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    09:00:35.0503 6136 WbioSrvc - ok
    09:00:35.0611 6136 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
    09:00:35.0627 6136 wcncsvc - ok
    09:00:35.0669 6136 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    09:00:35.0683 6136 WcsPlugInService - ok
    09:00:35.0730 6136 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
    09:00:35.0733 6136 Wd - ok
    09:00:35.0841 6136 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    09:00:35.0862 6136 Wdf01000 - ok
    09:00:35.0895 6136 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
    09:00:35.0904 6136 WdiServiceHost - ok
    09:00:35.0926 6136 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
    09:00:35.0935 6136 WdiSystemHost - ok
    09:00:36.0003 6136 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
    09:00:36.0024 6136 WebClient - ok
    09:00:36.0084 6136 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
    09:00:36.0105 6136 Wecsvc - ok
    09:00:36.0134 6136 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    09:00:36.0142 6136 wercplsupport - ok
    09:00:36.0179 6136 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
    09:00:36.0188 6136 WerSvc - ok
    09:00:36.0230 6136 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    09:00:36.0232 6136 WfpLwf - ok
    09:00:36.0259 6136 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    09:00:36.0262 6136 WIMMount - ok
    09:00:36.0320 6136 WinHttpAutoProxySvc - ok
    09:00:36.0459 6136 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    09:00:36.0519 6136 Winmgmt - ok
    09:00:36.0627 6136 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
    09:00:36.0691 6136 WinRM - ok
    09:00:36.0799 6136 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
    09:00:36.0802 6136 WinUsb - ok
    09:00:36.0869 6136 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
    09:00:36.0897 6136 Wlansvc - ok
    09:00:37.0083 6136 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    09:00:37.0133 6136 wlidsvc - ok
    09:00:37.0191 6136 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    09:00:37.0193 6136 WmiAcpi - ok
    09:00:37.0263 6136 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    09:00:37.0311 6136 wmiApSrv - ok
    09:00:37.0360 6136 WMPNetworkSvc - ok
    09:00:37.0402 6136 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
    09:00:37.0410 6136 WPCSvc - ok
    09:00:37.0490 6136 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    09:00:37.0509 6136 WPDBusEnum - ok
    09:00:37.0582 6136 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    09:00:37.0588 6136 ws2ifsl - ok
    09:00:37.0610 6136 WSearch - ok
    09:00:37.0686 6136 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    09:00:37.0692 6136 WudfPf - ok
    09:00:37.0722 6136 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    09:00:37.0728 6136 WUDFRd - ok
    09:00:37.0790 6136 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    09:00:37.0803 6136 wudfsvc - ok
    09:00:37.0888 6136 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
    09:00:37.0901 6136 WwanSvc - ok
    09:00:38.0004 6136 [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
    09:00:38.0016 6136 yukonw7 - ok
    09:00:38.0083 6136 ================ Scan global ===============================
    09:00:38.0159 6136 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
    09:00:38.0221 6136 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
    09:00:38.0242 6136 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
    09:00:38.0282 6136 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
    09:00:38.0329 6136 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
    09:00:38.0340 6136 [Global] - ok
    09:00:38.0341 6136 ================ Scan MBR ==================================
    09:00:38.0358 6136 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    09:00:39.0602 6136 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning
    09:00:39.0602 6136 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)
    09:00:39.0606 6136 ================ Scan VBR ==================================
    09:00:39.0621 6136 [ 07B472CCA94139A384A7C9EF097D5E0D ] \Device\Harddisk0\DR0\Partition1
    09:00:39.0640 6136 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
    09:00:39.0641 6136 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b (0)
    09:00:39.0659 6136 [ 71C8A51C03FB40FF96FEB2F0D75C3C84 ] \Device\Harddisk0\DR0\Partition2
    09:00:39.0686 6136 \Device\Harddisk0\DR0\Partition2 - ok
    09:00:39.0687 6136 ============================================================
    09:00:39.0687 6136 Scan finished
    09:00:39.0687 6136 ============================================================
    09:00:39.0708 2080 Detected object count: 2
    09:00:39.0709 2080 Actual detected object count: 2
    09:01:17.0213 2080 \Device\Harddisk0\DR0\# - copied to quarantine
    09:01:18.0374 2080 \Device\Harddisk0\DR0 - copied to quarantine
    09:01:21.0529 2080 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Quarantine
    09:01:21.0547 2080 \Device\Harddisk0\DR0\Partition1 - copied to quarantine
    09:01:21.0650 2080 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
    09:01:21.0653 2080 \Device\Harddisk0\DR0\Partition1 - ok
    09:01:21.0653 2080 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
    09:01:46.0798 0428 Deinitialize success


    Scan is gelukt en heeft de rootkit gevonden.

  6. #6
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.501

    Standaard

    En wat heeft Avast nu nog te vertellen ?



  7. #7
    Nieuweling
    Geregistreerd
    23 mei 2013
    Berichten
    6

    Standaard

    Avast zelf vindt niets, Microsoft Essential Security Center heeft wel terug iets gevonden: Trojan: DOS: Rovnix D en in quarantaine geplaatst?

  8. #8
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.501

    Standaard

    Download de Emsisoft Emergency Kit naar het bureaublad en pak het ZIP bestand uit.

    • Open de map "EmsisoftEmergencyKit" en dubbelklik op "Start.exe"
    • Klik nu op "Emergency Kit Scanner" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "Ja"

    • Als de update gereed is en de melding "Update process is succesvol afgerond" verschijnt klikt u op "menu" en dan op "Scan PC"
    • Selecteer de optie "Diep" als deze niet standaard al zo is ingesteld.
    • Klik Nu op de knop "Scan" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
    • Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.
    • Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "verwijder geselecteerde" u zal nu de volgende melding krijgen maar klik hier op "Ja"

    • Als het verwijderen gereed is klikt u op de knop "View report" en selecteert u het tekstbestand van deze scan met de naam zoals: a2scan_110730-111615.txt
    • Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
    • Herstart nu de computer.



  9. #9
    Nieuweling
    Geregistreerd
    23 mei 2013
    Berichten
    6

    Standaard

    Emsisoft Emergency Kit - Versie 3.0
    Laatste Update: 24-5-2013 10:41:59
    Scaninstellingen:
    Scantype: Diepe scan
    Objecten: Rootkits, Geheugen, Sporen, C:\
    Detecteer riskware: Uit
    Scan archieven: Aan
    ADS Scan: Aan
    Bestandsextensiefilter: Uit
    Geavanceerde cache: Aan
    Directe schijftoegang: Uit
    Scan gestart: 24-5-2013 10:42:46
    Value: HKEY_CLASSES_ROOT\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} -> HelpText Ontdekt: Trace.Registry.SEO Toolbar (A)
    Value: HKEY_CLASSES_ROOT\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} -> MenuText Ontdekt: Trace.Registry.SEO Toolbar (A)
    C:\$Recycle.Bin\S-1-5-21-3170102703-465930569-663542316-1000\$745b8bdb73393a7b14decd6735c716d0\L\00000004.@ Ontdekt: Trojan.Win32.ZAccess (A)
    C:\Windows\assembly\GAC_64\Desktop.ini Ontdekt: Trojan.Generic.7700709 (B)
    Gescand 531883
    Gevonden 4
    Scan geŽindigd: 24-5-2013 12:27:08
    Scantijd: 1:44:22
    C:\Windows\assembly\GAC_64\Desktop.ini Verwijderd Trojan.Generic.7700709 (B)
    C:\$Recycle.Bin\S-1-5-21-3170102703-465930569-663542316-1000\$745b8bdb73393a7b14decd6735c716d0\L\00000004.@ Verwijderd Trojan.Win32.ZAccess (A)
    Value: HKEY_CLASSES_ROOT\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} -> HelpText Verwijderd Trace.Registry.SEO Toolbar (A)
    Value: HKEY_CLASSES_ROOT\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} -> MenuText Verwijderd Trace.Registry.SEO Toolbar (A)
    Verwijderd 4

  10. #10
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.501

    Standaard

    En u is de vraag: wat heeft MSE nog te melden ?



Discussie gesloten
Pagina 1 van 2 12 LaatsteLaatste

Soortgelijke discussies

  1. [OPGELOST] PC gehacked? Spyware? Trjohan horse? Worm?
    door Grasparkiet11 in forum Archief Bestrijding malware & virussen
    Reacties: 18
    Laatste bericht: 23 mei 2013, 18:04
  2. Trojan horse PSW.Agent.ASJX en Trojan horse PSW.Agent.AUET verwijderen
    door kjv in forum Archief Bestrijding malware & virussen
    Reacties: 16
    Laatste bericht: 16 augustus 2012, 23:30
  3. trojan horse
    door mike744 in forum Archief Bestrijding malware & virussen
    Reacties: 1
    Laatste bericht: 10 juli 2011, 19:58
  4. Trojan Horse
    door Cryptix in forum Archief Bestrijding malware & virussen
    Reacties: 7
    Laatste bericht: 26 maart 2011, 10:11
  5. trojan horse
    door froemie in forum Archief Bestrijding malware & virussen
    Reacties: 1
    Laatste bericht: 16 oktober 2009, 05:16

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •