Neuer Postbank Trojaner. Wie muss ich vorgehen?

deeprybka · 13.11.2014, 23:34

Sorry, ohne Logs kann ich schlecht helfen. Entweder posten oder anhängen.

Zitat:

Ich ging zur Systemsteuerung und dann zu Anmeldeinformationen und fand fremde Eingänge,

?

Einhorn66 · 14.11.2014, 00:00

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014 01
Ran by Visuellspektrum B.E (administrator) on VISUELLSPEKTRUM on 09-11-2014 22:36:55
Running from C:\Users\Visuellspektrum B.E\Desktop
Loaded Profile: Visuellspektrum B.E (Available profiles: Visuellspektrum B.E & Andere User & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(AOL LLC) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe
(Dell) C:\Users\Visuellspektrum B.E\AppData\Local\Apps\2.0\4Y2M6VA0.Z2E\0X0RCQQN.7AZ\dell..tion_0f612f649c4a10af_0005.0004_3ddfe37344028d2c\DellSystemDetect.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Windows Net) C:\Users\Visuellspektrum B.E\AppData\Roaming\Windows Net Data\net.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(America Online, Inc.) C:\Program Files (x86)\Common Files\AOL\1376658552\ee\aolsoftware.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Apple Inc.) C:\iTunesHelper.exe
(APN LLC.) C:\Users\Visuellspektrum B.E\AppData\Local\VNT\vntldr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2247976 2010-07-15] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6486120 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [NVHotkey] => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3206816 2010-08-04] (Dell Inc.)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [727664 2010-09-24] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [friends] => C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\root_ca.exe [289792 2014-10-28] (Firetrust)
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1376658552\ee\AOLSoftware.exe [50736 2006-09-26] (America Online, Inc.)
HKLM-x32\...\Run: [ApnTBMon] => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [VNT] => C:\Program Files (x86)\VNT\vntldr.exe [202192 2013-11-08] (APN LLC.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)

HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-12] (Softthinks)
HKLM-x32\...\RunOnce: [DSUpdateLauncher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe [161088 2010-07-21] ()
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [ooVoo.exe] => C:\Program Files (x86)\ooVoo\oovoo.exe [36125760 2013-12-18] (ooVoo LLC)
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [DellSystemDetect] => C:\Users\Visuellspektrum B.E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [uqdfumrw] => C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Vcducbofyj\awjkumrw.exe [103424 2014-10-14] () <===== ATTENTION
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [tionkcrz] => C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Oitg\rwsjjjgkcrz.exe [103424 2014-10-15] (CJSC "Computing Forces") <===== ATTENTION
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [ifoxxwzr] => C:\Users\Visuellspektrum B.E\AppData\Local\Jnrik\thhsexwzr.exe
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [tfwywndb] => C:\Users\Visuellspektrum B.E\AppData\Roaming\Rmcevfwq\ierwweewndb.exe
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [liyezfcu] => C:\Users\Visuellspektrum B.E\AppData\Local\Hxnfs\ebxecdxzfcu.exe
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [hffgquir] => C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Gamxoeew\uqrfiquir.exe <===== ATTENTION
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [xlazimaw] => C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Woiadfgj\pwarfaimaw.exe [92160 2014-11-07] () <===== ATTENTION
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [explorer64login] => C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Explorer64\explorer64login.exe [100352 2014-11-08] () <===== ATTENTION
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [win] => C:\Users\Visuellspektrum B.E\AppData\Local\Win\win.exe [100352 2014-11-08] ()
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [chrome64wave] => C:\Users\Visuellspektrum B.E\AppData\Roaming\Chrome64\chrome64wave.exe [72704 2014-11-08] ()
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [system64-print32] => C:\Users\Visuellspektrum B.E\AppData\Local\System64\system64-print32.exe [100352 2014-11-08] ()
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\Run: [perl32runner32] => C:\Users\Visuellspektrum B.E\AppData\Local\Perl32\perl32runner32.exe
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\RunOnce: [Uninstall C:\Users\Visuellspektrum B.E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Visuellspektrum B.E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-4203832084-4009304635-2263003785-1000\...\RunOnce: [Uninstall C:\Users\Visuellspektrum B.E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Visuellspektrum B.E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Andere User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start

Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Visuellspektrum B.E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Visuellspektrum B.E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\Visuellspektrum B.E\AppData\Roaming\Windows Net Data\net.exe (Windows Net)
Startup: C:\Users\Visuellspektrum B.E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=90897426-6fb0-c93d-05d0-a97508e41d6e&searchtype=ds&q={searchTerms}&installDate=17/11/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=90897426-6fb0-c93d-05d0-a97508e41d6e&searchtype=ds&q={searchTerms}&installDate=17/11/2013
URLSearchHook: HKCU - (No Name) - {1CFFA392-0898-4b1c-89D1-6E98F9D8EF78} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope {3AF3AFA2-BC78-4539-B980-D9B9BC0E3244} URL = 
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=90897426-6fb0-c93d-05d0-a97508e41d6e&searchtype=ds&q={searchTerms}&installDate=17/11/2013
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {3AF3AFA2-BC78-4539-B980-D9B9BC0E3244} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3311336&CUI=UN18303927224961151&UM=2
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - {13674696-600A-44DD-A8F8-E801732B1483} URL = 
SearchScopes: HKCU - {3AF3AFA2-BC78-4539-B980-D9B9BC0E3244} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3311336&CUI=UN18303927224961151&UM=2
SearchScopes: HKCU - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = hxxp://suche.aol.de/suche/web/search.jsp?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: AOL Toolbar Launcher -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files (x86)\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Web Check -> {E155F23C-9931-47c6-A619-20E6FCA86D75} -> C:\Program Files (x86)\Web Check\WebCheck.dll (Web Check)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
Toolbar: HKCU - No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Visuellspektrum B.E\AppData\Roaming\Mozilla\Firefox\Profiles\yjafk0m5.default
FF NewTab: about:blank
FF DefaultSearchEngine: Conduit Search
FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3311336&CUI=UN97404443626523320&UM=2&SearchSource=3&q={searchTerms}
FF SelectedSearchEngine: Conduit Search

FF Homepage: about:home
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3311336&SearchSource=2&CUI=UN97404443626523320&UM=2&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.669 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.669 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.669 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.669 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4203832084-4009304635-2263003785-1000: @microsoft.com/Office on Demand;version=1 -> C:\Users\Visuellspektrum B.E\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\Microsoft Office 15\npofficeondemand.dll (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4203832084-4009304635-2263003785-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Visuellspektrum B.E\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Visuellspektrum B.E\AppData\Roaming\Mozilla\Firefox\Profiles\yjafk0m5.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Visuellspektrum B.E\AppData\Roaming\Mozilla\Firefox\Profiles\yjafk0m5.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Visuellspektrum B.E\AppData\Roaming\Mozilla\Firefox\Profiles\yjafk0m5.default\searchplugins\Web Search.xml
FF Extension: Freemium DE  - C:\Users\Visuellspektrum B.E\AppData\Roaming\Mozilla\Firefox\Profiles\yjafk0m5.default\Extensions\{e66f4171-0f28-4599-a595-58b840522f7e} [2014-02-06]
FF Extension: Test Pilot - C:\Users\Visuellspektrum B.E\AppData\Roaming\Mozilla\Firefox\Profiles\yjafk0m5.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-06-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-04-24]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-10-01]
FF HKLM-x32\...\Firefox\Extensions: [{52b0f3db-f988-4788-b9dc-861d016f4487}] - C:\Program Files (x86)\Web Check\WebCheck.xpi
FF Extension: Web Check - C:\Program Files (x86)\Web Check\WebCheck.xpi [2013-08-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3311336&SearchSource=48&CUI=UN37841013473063414&UM=2&sspv=&UP=SP8F63F67C-7FA9-4AE1-A908-C911C255F7B6
CHR StartupUrls: Default -> "chrome-search://local-ntp/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Visuellspektrum B.E\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Visuellspektrum B.E\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-28]
CHR Extension: (McAfee Security Scan+) - C:\Users\Visuellspektrum B.E\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-22]
CHR Extension: (Google Wallet) - C:\Users\Visuellspektrum B.E\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM-x32\...\Chrome\Extension: [aaaainelhcgoinheohbeolppeofibjlh] - C:\ProgramData\AskPartnerNetwork\Toolbar\OVO2V7\CRX\ToolbarCR.crx []
CHR HKLM-x32\...\Chrome\Extension: [dacechnliklhcacondhhkkfobapdopee] - C:\Program Files (x86)\Web Check\WebCheck.crx [2013-08-12]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-10-01]
CHR HKLM-x32\...\Chrome\Extension: [jopemfhojpebdeollanchfjhpbkcijoi] - C:\Users\Visuellspektrum B.E\AppData\Local\CRE\jopemfhojpebdeollanchfjhpbkcijoi.crx [2013-12-24]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-11-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S2 sign_in_information; C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\nph_insulin\wobble_correction.exe [162304 2014-10-13] (Company 'gora-sah') [File not signed]
S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [297984 2014-04-09] () [File not signed]
S2 APNMCP; "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S1 bjdkpcji; \??\C:\Windows\system32\drivers\bjdkpcji.sys [X]
S1 bpjnxbfz; \??\C:\Windows\system32\drivers\bpjnxbfz.sys [X]
S1 cypvewap; \??\C:\Windows\system32\drivers\cypvewap.sys [X]
S1 ireyrvls; \??\C:\Windows\system32\drivers\ireyrvls.sys [X]
S1 jdghtads; \??\C:\Windows\system32\drivers\jdghtads.sys [X]
S1 kwyjdkfc; \??\C:\Windows\system32\drivers\kwyjdkfc.sys [X]
S1 logxmmoa; \??\C:\Windows\system32\drivers\logxmmoa.sys [X]
S1 mbcrpyut; \??\C:\Windows\system32\drivers\mbcrpyut.sys [X]
S1 mznekkmt; \??\C:\Windows\system32\drivers\mznekkmt.sys [X]
S1 rvqhafqh; \??\C:\Windows\system32\drivers\rvqhafqh.sys [X]
S1 uzdhxgpw; \??\C:\Windows\system32\drivers\uzdhxgpw.sys [X]
S1 vparxfrs; \??\C:\Windows\system32\drivers\vparxfrs.sys [X]
S1 wrccyqbi; \??\C:\Windows\system32\drivers\wrccyqbi.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 22:36 - 2014-11-09 22:38 - 00031542 _____ () C:\Users\Visuellspektrum B.E\Desktop\FRST.txt
2014-11-09 22:36 - 2014-11-09 22:37 - 00000000 ____D () C:\FRST
2014-11-09 22:36 - 2014-11-09 22:35 - 02116096 _____ (Farbar) C:\Users\Visuellspektrum B.E\Desktop\FRST64.exe
2014-11-09 22:35 - 2014-11-09 22:35 - 02116096 _____ (Farbar) C:\Users\Visuellspektrum B.E\Downloads\FRST64.exe
2014-11-09 19:24 - 2014-11-09 21:59 - 00000000 ____D () C:\Users\Visuellspektrum B.E\AppData\Roaming\Nico Mak Computing
2014-11-09 18:37 - 2014-11-09 18:45 - 00000000 ____D () C:\Program Files (x86)\AOL 9.0 VRb
2014-11-09 16:27 - 2014-11-09 16:27 - 00000000 _____ () C:\autoexec.bat
2014-11-09 01:16 - 2014-11-09 01:20 - 00000000 ____D () C:\Program Files (x86)\AOL 9.0 VRa
2014-11-08 18:41 - 2014-11-08 18:41 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Update-driver64
2014-11-07 21:02 - 2014-11-07 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-11-07 20:49 - 2014-11-07 20:49 - 01055936 _____ (Adobe) C:\Users\Gast\Downloads\install_flashplayer15x32axau_mssa_aaa_aih.exe
2014-11-07 09:09 - 2014-11-07 09:09 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Win-client
2014-11-07 08:46 - 2014-11-07 09:19 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Pbnwnsklmo
2014-11-07 00:59 - 2014-11-07 00:59 - 00000000 _____ () C:\Windows\SysWOW64\sho8838.tmp
2014-11-05 23:05 - 2014-11-05 23:05 - 00895352 _____ () C:\Users\Visuellspektrum B.E\Downloads\Download.exe
2014-11-04 12:29 - 2014-11-07 08:46 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Iiuuemu
2014-10-30 16:47 - 2014-10-30 16:47 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Perl32-frame
2014-10-30 16:18 - 2014-11-03 15:54 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Updatetree
2014-10-29 23:36 - 2014-11-09 17:32 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Explorer32
2014-10-29 17:36 - 2014-11-02 23:05 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Pdypbbnl
2014-10-29 11:11 - 2014-10-29 11:11 - 01055936 _____ (Adobe) C:\Users\Visuellspektrum B.E\Downloads\install_flashplayer15x32axau_ltr5x64d_awc_aih.exe
2014-10-28 23:54 - 2014-10-28 23:54 - 00093162 _____ () C:\Users\Visuellspektrum B.E\Documents\Seminar 08.11.14.zip
2014-10-28 23:54 - 2014-10-28 23:54 - 00000000 ____D () C:\Users\Visuellspektrum B.E\Documents\Seminar 08.11.14
2014-10-25 20:14 - 2014-11-09 17:55 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Office2014
2014-10-24 12:54 - 2014-11-09 17:56 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Winupdate-dll
2014-10-24 11:43 - 2014-10-28 14:46 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Chrome64
2014-10-24 07:13 - 2014-10-24 15:08 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Chromeframe32
2014-10-23 20:43 - 2014-10-23 20:43 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Script32print32
2014-10-22 18:38 - 2014-11-08 20:24 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Explorer64
2014-10-22 08:10 - 2014-10-23 20:43 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Flash64-help64
2014-10-21 21:35 - 2014-10-30 20:32 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\System64
2014-10-21 19:39 - 2014-10-29 14:49 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Vtshrfohn
2014-10-21 18:58 - 2014-11-09 17:51 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Antivir32-reg
2014-10-21 13:02 - 2014-10-21 13:02 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Windlls32
2014-10-21 08:08 - 2014-10-21 08:08 - 00093190 _____ () C:\Users\Visuellspektrum B.E\Documents\Seminar08.11.14.zip
2014-10-21 08:08 - 2014-10-21 08:08 - 00000000 ____D () C:\Users\Visuellspektrum B.E\Documents\Seminar08.11.14
2014-10-20 00:53 - 2014-11-09 10:52 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Perl32
2014-10-20 00:32 - 2014-11-08 23:15 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\System64
2014-10-20 00:32 - 2014-11-04 23:34 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Chrome64
2014-10-19 22:55 - 2014-11-06 19:54 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Win
2014-10-19 01:50 - 2014-10-19 01:50 - 00880272 _____ (Google Inc.) C:\Users\Visuellspektrum B.E\Downloads\ChromeSetup (1).exe
2014-10-18 00:03 - 2014-11-09 17:51 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Update-print64
2014-10-17 21:41 - 2014-10-29 18:33 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Win
2014-10-17 20:00 - 2014-10-20 00:34 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Xkwc
2014-10-17 19:49 - 2014-10-17 20:00 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Fuqfir
2014-10-16 21:07 - 2014-10-22 18:38 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Explorer64
2014-10-16 17:51 - 2014-10-30 00:28 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Perl32
2014-10-16 14:04 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 14:04 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 14:04 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 14:04 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 14:04 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 14:04 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 14:04 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 14:04 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 14:04 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 14:04 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 14:04 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 14:04 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 14:04 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 14:04 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 14:04 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 14:04 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 14:04 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 14:04 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 14:04 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 14:04 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 14:04 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 14:04 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 14:04 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 14:04 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 14:04 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 14:04 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 14:04 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 14:04 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 14:03 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 14:03 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 14:03 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 14:03 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 14:03 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 14:03 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 14:03 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 14:03 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 14:03 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 14:03 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 14:03 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 14:03 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 14:03 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 14:03 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 14:03 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 14:03 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 14:03 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 14:03 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 14:03 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 14:03 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 14:03 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 14:03 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 14:03 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 14:03 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 14:03 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 14:03 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 14:03 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 14:03 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 14:03 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 14:03 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 14:03 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 14:03 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 14:03 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 14:03 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 14:03 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 14:03 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 14:03 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 14:03 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 14:03 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 14:03 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 14:03 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 14:03 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 14:03 - 2014-08-29 03:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 14:03 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 14:03 - 2014-08-29 03:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-16 14:03 - 2014-08-29 03:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-16 14:03 - 2014-08-29 03:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 14:03 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 14:03 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 14:03 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 14:03 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-16 14:02 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 14:02 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 14:02 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 14:02 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 14:02 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 14:02 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 14:02 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 14:02 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 14:02 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 14:02 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 14:02 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 14:02 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 14:02 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 12:53 - 2014-10-15 12:53 - 00632646 _____ () C:\Users\Visuellspektrum B.E\Documents\BrittaEngischbb.zip
2014-10-15 12:53 - 2014-10-15 12:53 - 00000000 ____D () C:\Users\Visuellspektrum B.E\Documents\BrittaEngischbb
2014-10-15 08:03 - 2014-11-04 23:57 - 00000000 ____D () C:\ProgramData\ula
2014-10-15 07:00 - 2014-10-17 11:40 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Roaming\Rmcevfwq
2014-10-14 22:15 - 2014-10-17 11:40 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Hxnfs
2014-10-14 22:03 - 2014-10-17 11:40 - 00000000 ___HD () C:\Users\Visuellspektrum B.E\AppData\Local\Jnrik
2014-10-14 22:02 - 2014-10-14 22:02 - 00144785 _____ () C:\Users\Visuellspektrum B.E\Documents\Ausgleich14.10.2014-RechnungsstelleGiroPayGmbH.zip
2014-10-14 22:02 - 2014-10-14 22:02 - 00000000 ____D () C:\Users\Visuellspektrum B.E\Documents\Ausgleich14.10.2014-RechnungsstelleGiroPayGmbH

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 22:13 - 2012-04-04 14:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-09 21:55 - 2013-08-23 11:09 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-09 21:41 - 2013-10-06 13:39 - 00004208 _____ () C:\Windows\System32\Tasks\Software Updater
2014-11-09 21:37 - 2013-10-07 13:15 - 00000000 ____D () C:\Users\Visuellspektrum B.E\AppData\Local\Deployment
2014-11-09 21:37 - 2013-08-23 11:09 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-09 21:27 - 2009-07-14 05:45 - 00022240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-09 21:27 - 2009-07-14 05:45 - 00022240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-09 21:24 - 2009-07-14 18:58 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-11-09 21:24 - 2009-07-14 18:58 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-11-09 21:24 - 2009-07-14 06:13 - 01622300 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-09 21:23 - 2009-07-14 06:10 - 01356381 _____ () C:\Windows\WindowsUpdate.log
2014-11-09 21:19 - 2011-01-03 18:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-09 21:19 - 2011-01-03 18:34 - 00305456 _____ () C:\Windows\PFRO.log
2014-11-09 21:19 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-09 21:19 - 2009-07-14 05:51 - 00147229 _____ () C:\Windows\setupact.log
2014-11-09 21:09 - 2012-05-24 13:59 - 00001194 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4203832084-4009304635-2263003785-1000UA.job
2014-11-09 19:01 - 2014-07-11 09:41 - 00002253 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-09 18:59 - 2013-08-23 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-09 18:51 - 2013-08-16 14:14 - 00000000 ____D () C:\Users\Visuellspektrum B.E\AppData\Roaming\AOL
2014-11-09 18:51 - 2013-08-16 14:13 - 00000000 ____D () C:\Users\Visuellspektrum B.E\AppData\Local\AOL
2014-11-09 18:44 - 2013-08-16 14:14 - 00000959 _____ () C:\Users\Public\Desktop\AOL 9.0 VR.lnk
2014-11-09 18:44 - 2013-08-16 14:14 - 00000957 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\AOL 9.0.lnk
2014-11-09 18:43 - 2013-08-16 14:11 - 00000000 ____D () C:\Program Files (x86)\AOL
2014-11-09 18:43 - 2009-07-14 03:34 - 00000524 _____ () C:\Windows\win.ini
2014-11-09 18:37 - 2011-11-26 10:20 - 00000000 ____D () C:\ProgramData\AOL
2014-11-09 16:27 - 2011-01-07 12:15 - 00000000 ____D () C:\Users\Visuellspektrum B.E
2014-11-09 15:14 - 2011-04-16 09:00 - 00072192 ___SH () C:\Users\Visuellspektrum B.E\Thumbs.db
2014-11-09 11:07 - 2013-10-07 13:28 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-11-09 01:26 - 2011-10-01 11:35 - 00003382 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4203832084-4009304635-2263003785-1000
2014-11-09 01:26 - 2011-10-01 11:35 - 00003276 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4203832084-4009304635-2263003785-1000
2014-11-09 00:09 - 2012-05-24 13:59 - 00001172 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4203832084-4009304635-2263003785-1000Core.job
2014-11-07 21:00 - 2012-06-21 01:07 - 00000000 ____D () C:\Users\Andere User\Desktop\jenni fük
2014-11-07 20:47 - 2013-04-24 10:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-06 00:09 - 2011-04-14 21:00 - 00000000 ____D () C:\Users\Visuellspektrum B.E\AppData\Roaming\Skype
2014-11-05 23:34 - 2011-01-04 02:00 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-05 23:34 - 2011-01-04 01:59 - 00000000 ____D () C:\ProgramData\Skype
2014-10-30 12:25 - 2011-10-01 11:34 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-28 19:40 - 2011-10-30 11:58 - 00134384 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-25 19:55 - 2013-10-15 19:42 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-10-21 19:38 - 2011-01-07 13:44 - 00000000 ____D () C:\Users\Visuellspektrum B.E\AppData\Local\VirtualStore
2014-10-19 01:50 - 2013-08-23 11:09 - 00004132 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-19 01:50 - 2013-08-23 11:09 - 00003880 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-18 00:52 - 2014-05-06 22:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-17 13:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-17 11:44 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-17 11:43 - 2009-07-14 05:45 - 00518840 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-17 11:37 - 2014-09-12 13:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 17:57 - 2013-11-14 11:11 - 00000000 ____D () C:\Users\Visuellspektrum B.E\Documents\nikken
2014-10-16 14:11 - 2013-08-16 13:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 14:00 - 2011-04-12 17:52 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Files to move or delete:
====================
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Vcducbofyj\awjkumrw.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Oitg\rwsjjjgkcrz.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Woiadfgj\pwarfaimaw.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Explorer64\explorer64login.exe
C:\Users\Public\AlexaNSISPlugin.6584.dll


Some content of TEMP:
====================
C:\Users\Andere User\AppData\Local\Temp\AskSLib.dll
C:\Users\Gast\AppData\Local\Temp\AskSLib.dll
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\4B52.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\4C73.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\4CAD.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\683A.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\872D.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\AcsInstall.dll
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\BackupSetup.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\BC11.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\DAE6.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\DealsPluginROW.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\FDAF.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\i0wan1na.dll
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\install_flashplayer11x32au_mssa_aih.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\install_flashplayer11x32_mssa_au_aih.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\install_flashplayer12x32ax_gtba_chra_dy_aaa_aih[1].exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\IWantThis.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\MSNCEB7.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\nscC7A8.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\nscCFD2.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\nsm634A.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\nsmA1CD.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\nsp73A7.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\nsx588E.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\nsxC3CE.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\offercast.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\rcpsetup_26034.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\RoxioBurn_0180_MPI_180B57E_RXD.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Setup.X86.de-DE_O365HomePremRetail_a56d13ec-1762-4ddf-93b0-3e279b285290_TX_DB_ (1).exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Setup.X86.de-DE_O365HomePremRetail_a56d13ec-1762-4ddf-93b0-3e279b285290_TX_DB_ (2).exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Setup.X86.de-DE_O365HomePremRetail_a56d13ec-1762-4ddf-93b0-3e279b285290_TX_DB_.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\SHFOLDER.DLL
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\SHSetup.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\SPSetup.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\SPStub.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\tbFree.dll
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\tiptoi-install.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\uninst1.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Visuellspektrum B.E\AppData\Local\Temp\_isDE91.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 21:39

==================== End Of Log ============================

--- --- ---

--- --- ---

es gab zuviele seite, daher wurde es nicht übertragen. hab dann hier per # eingefügt, kopiert..dann stück für stück nachgeschickt. hoffe es klappt nun..:-)

deeprybka · 14.11.2014, 00:06

Naja, wenn Du wirklich bereinigen willst...dann machen wir so weiter:

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Einhorn66 · 14.11.2014, 00:36

Ich soll Skpi wählen...hier gibt's 3 zum Anklicken Skip / Copy to quarantine / Delete

also klicke ich Skip

deeprybka · 14.11.2014, 00:38

So ist es...

Einhorn66 · 14.11.2014, 00:38

Nach dem Skip kam dann There are unproccessed malware object

dann start scan....

ich guck mal auf C/...

deeprybka · 14.11.2014, 00:42

Ok...

Einhorn66 · 14.11.2014, 00:51

Die Datei, die Sie anhängen möchten, ist zu groß. Die maximale Dateigröße für diesen Dateityp beträgt 97,7 KB. Ihre Datei ist 234,9 KB groß. was nun....

deeprybka · 14.11.2014, 00:52

Copy & paste

Einhorn66 · 14.11.2014, 00:57

00:27:02.0493 0x14a8 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
00:27:06.0108 0x14a8 ============================================================
00:27:06.0108 0x14a8 Current date / time: 2014/11/14 00:27:06.0108
00:27:06.0108 0x14a8 SystemInfo:
00:27:06.0108 0x14a8
00:27:06.0108 0x14a8 OS Version: 6.1.7601 ServicePack: 1.0
00:27:06.0108 0x14a8 Product type: Workstation
00:27:06.0108 0x14a8 ComputerName: VISUELLSPEKTRUM
00:27:06.0108 0x14a8 UserName: Visuellspektrum B.E
00:27:06.0108 0x14a8 Windows directory: C:\Windows
00:27:06.0108 0x14a8 System windows directory: C:\Windows
00:27:06.0108 0x14a8 Running under WOW64
00:27:06.0108 0x14a8 Processor architecture: Intel x64
00:27:06.0108 0x14a8 Number of processors: 8
00:27:06.0108 0x14a8 Page size: 0x1000
00:27:06.0108 0x14a8 Boot type: Normal boot
00:27:06.0108 0x14a8 ============================================================
00:27:06.0365 0x14a8 KLMD registered as C:\Windows\system32\drivers\45306180.sys
00:27:06.0880 0x14a8 System UUID: {1392FE88-96D1-62D4-112D-3696EAE75F54}
00:27:07.0919 0x14a8 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:27:07.0934 0x14a8 ============================================================
00:27:07.0934 0x14a8 \Device\Harddisk0\DR0:
00:27:07.0934 0x14a8 MBR partitions:
00:27:07.0934 0x14a8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
00:27:07.0934 0x14a8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x48AF80EB
00:27:07.0934 0x14a8 ============================================================
00:27:07.0934 0x14a8 C: <-> \Device\Harddisk0\DR0\Partition2
00:27:07.0934 0x14a8 ============================================================
00:27:07.0934 0x14a8 Initialize success
00:27:07.0934 0x14a8 ============================================================
00:27:10.0918 0x2c6c ============================================================
00:27:10.0918 0x2c6c Scan started
00:27:10.0918 0x2c6c Mode: Manual;
00:27:10.0918 0x2c6c ============================================================
00:27:10.0918 0x2c6c KSN ping started
00:27:13.0368 0x2c6c KSN ping finished: true
00:27:14.0067 0x2c6c ================ Scan system memory ========================
00:27:14.0067 0x2c6c System memory - ok
00:27:14.0067 0x2c6c ================ Scan services =============================
00:27:14.0308 0x2c6c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:27:14.0324 0x2c6c 1394ohci - ok
00:27:14.0360 0x2c6c [ 7A505465BBB1EB8B5AD4D76E8749383B, 999FBBFAF8CCF68D8B7EB5C4F23A5FC00F911FDD0ED192BE9C51F1BC4BE0EA51 ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
00:27:14.0360 0x2c6c Acceler - ok
00:27:14.0453 0x2c6c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:27:14.0456 0x2c6c ACPI - ok
00:27:14.0487 0x2c6c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:27:14.0487 0x2c6c AcpiPmi - ok
00:27:14.0630 0x2c6c [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:27:14.0630 0x2c6c AdobeARMservice - ok
00:27:14.0838 0x2c6c [ D51145F6B0CE987850F13A61DAD5E531, 67CB6AB8C42781FA717CBEF81F3C658747E3B7814383056A56EDA99583FDBFD5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:27:14.0856 0x2c6c AdobeFlashPlayerUpdateSvc - ok
00:27:14.0903 0x2c6c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:27:14.0903 0x2c6c adp94xx - ok
00:27:14.0968 0x2c6c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:27:14.0968 0x2c6c adpahci - ok
00:27:14.0999 0x2c6c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:27:14.0999 0x2c6c adpu320 - ok
00:27:15.0030 0x2c6c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:27:15.0030 0x2c6c AeLookupSvc - ok
00:27:15.0126 0x2c6c [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
00:27:15.0126 0x2c6c AERTFilters - ok
00:27:15.0225 0x2c6c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
00:27:15.0240 0x2c6c AFD - ok
00:27:15.0258 0x2c6c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
00:27:15.0258 0x2c6c agp440 - ok
00:27:15.0321 0x2c6c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
00:27:15.0321 0x2c6c ALG - ok
00:27:15.0370 0x2c6c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
00:27:15.0370 0x2c6c aliide - ok
00:27:15.0433 0x2c6c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
00:27:15.0433 0x2c6c amdide - ok
00:27:15.0451 0x2c6c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:27:15.0451 0x2c6c AmdK8 - ok
00:27:15.0466 0x2c6c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:27:15.0466 0x2c6c AmdPPM - ok
00:27:15.0513 0x2c6c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:27:15.0513 0x2c6c amdsata - ok
00:27:15.0547 0x2c6c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:27:15.0547 0x2c6c amdsbs - ok
00:27:15.0578 0x2c6c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:27:15.0578 0x2c6c amdxata - ok
00:27:15.0677 0x2c6c [ 85180CF88C5EBAD73B452A43A004CA51, 24D25495DC21293FC1F37EE7E7C2A4725E66D3D25BE05D7EDF4BB4F444C65526 ] AOL ACS C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
00:27:15.0677 0x2c6c AOL ACS - ok
00:27:15.0723 0x2c6c APNMCP - ok
00:27:15.0835 0x2c6c [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
00:27:15.0835 0x2c6c AppID - ok
00:27:15.0884 0x2c6c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:27:15.0884 0x2c6c AppIDSvc - ok
00:27:15.0949 0x2c6c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
00:27:15.0949 0x2c6c Appinfo - ok
00:27:16.0061 0x2c6c [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:27:16.0061 0x2c6c Apple Mobile Device - ok
00:27:16.0077 0x2c6c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
00:27:16.0077 0x2c6c arc - ok
00:27:16.0092 0x2c6c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:27:16.0092 0x2c6c arcsas - ok
00:27:16.0256 0x2c6c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:27:16.0318 0x2c6c aspnet_state - ok
00:27:16.0334 0x2c6c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:27:16.0334 0x2c6c AsyncMac - ok
00:27:16.0383 0x2c6c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
00:27:16.0383 0x2c6c atapi - ok
00:27:16.0479 0x2c6c [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:27:16.0495 0x2c6c AudioEndpointBuilder - ok
00:27:16.0510 0x2c6c [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:27:16.0526 0x2c6c AudioSrv - ok
00:27:16.0622 0x2c6c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:27:16.0622 0x2c6c AxInstSV - ok
00:27:16.0687 0x2c6c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
00:27:16.0687 0x2c6c b06bdrv - ok
00:27:16.0718 0x2c6c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:27:16.0718 0x2c6c b57nd60a - ok
00:27:16.0749 0x2c6c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
00:27:16.0765 0x2c6c BDESVC - ok
00:27:16.0783 0x2c6c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
00:27:16.0783 0x2c6c Beep - ok
00:27:16.0861 0x2c6c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
00:27:16.0879 0x2c6c BFE - ok
00:27:16.0926 0x2c6c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
00:27:16.0957 0x2c6c BITS - ok
00:27:16.0991 0x2c6c bjdkpcji - ok
00:27:17.0006 0x2c6c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:27:17.0006 0x2c6c blbdrive - ok
00:27:17.0134 0x2c6c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:27:17.0134 0x2c6c Bonjour Service - ok
00:27:17.0183 0x2c6c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:27:17.0183 0x2c6c bowser - ok
00:27:17.0230 0x2c6c bpjnxbfz - ok
00:27:17.0261 0x2c6c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:27:17.0261 0x2c6c BrFiltLo - ok
00:27:17.0279 0x2c6c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:27:17.0279 0x2c6c BrFiltUp - ok
00:27:17.0310 0x2c6c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
00:27:17.0310 0x2c6c Browser - ok
00:27:17.0357 0x2c6c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:27:17.0357 0x2c6c Brserid - ok
00:27:17.0391 0x2c6c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:27:17.0391 0x2c6c BrSerWdm - ok
00:27:17.0406 0x2c6c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:27:17.0438 0x2c6c BrUsbSer - ok
00:27:17.0487 0x2c6c [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
00:27:17.0502 0x2c6c BrYNSvc - ok
00:27:17.0518 0x2c6c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:27:17.0518 0x2c6c BTHMODEM - ok
00:27:17.0599 0x2c6c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
00:27:17.0614 0x2c6c bthserv - ok
00:27:17.0630 0x2c6c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:27:17.0630 0x2c6c cdfs - ok
00:27:17.0679 0x2c6c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:27:17.0679 0x2c6c cdrom - ok
00:27:17.0741 0x2c6c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
00:27:17.0757 0x2c6c CertPropSvc - ok
00:27:17.0773 0x2c6c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:27:17.0773 0x2c6c circlass - ok
00:27:17.0806 0x2c6c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
00:27:17.0822 0x2c6c CLFS - ok
00:27:17.0999 0x2c6c [ 871EEE78F98D6E31C80FD39433A8FE2F, 67602F597FADA1E7102BC373287A4A78339E057D37FCEAD0B2502F70450EC7CE ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
00:27:18.0045 0x2c6c ClickToRunSvc - ok
00:27:18.0141 0x2c6c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:27:18.0141 0x2c6c clr_optimization_v2.0.50727_32 - ok
00:27:18.0191 0x2c6c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:27:18.0206 0x2c6c clr_optimization_v2.0.50727_64 - ok
00:27:18.0318 0x2c6c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:27:18.0365 0x2c6c clr_optimization_v4.0.30319_32 - ok
00:27:18.0383 0x2c6c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:27:18.0399 0x2c6c clr_optimization_v4.0.30319_64 - ok
00:27:18.0445 0x2c6c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:27:18.0445 0x2c6c CmBatt - ok
00:27:18.0510 0x26a8 Object required for P2P: [ D51145F6B0CE987850F13A61DAD5E531 ] AdobeFlashPlayerUpdateSvc
00:27:18.0510 0x2c6c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:27:18.0526 0x2c6c cmdide - ok
00:27:18.0573 0x2c6c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
00:27:18.0588 0x2c6c CNG - ok
00:27:18.0619 0x2c6c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:27:18.0619 0x2c6c Compbatt - ok
00:27:18.0666 0x2c6c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
00:27:18.0666 0x2c6c CompositeBus - ok
00:27:18.0682 0x2c6c COMSysApp - ok
00:27:18.0700 0x2c6c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:27:18.0700 0x2c6c crcdisk - ok
00:27:18.0747 0x2c6c [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:27:18.0762 0x2c6c CryptSvc - ok
00:27:18.0794 0x2c6c [ FBE228ABEAB2BE13B9C3A3A112D4D8DC, A9FF2DC38CBE00AAD904BB7EC74480953D513E46FDE607A7773FF5A2A25B8C15 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
00:27:18.0794 0x2c6c CtClsFlt - ok
00:27:18.0939 0x2c6c [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
00:27:18.0955 0x2c6c cvhsvc - ok
00:27:18.0986 0x2c6c cypvewap - ok
00:27:19.0019 0x2c6c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:27:19.0035 0x2c6c DcomLaunch - ok
00:27:19.0066 0x2c6c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
00:27:19.0082 0x2c6c defragsvc - ok
00:27:19.0116 0x2c6c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:27:19.0116 0x2c6c DfsC - ok
00:27:19.0131 0x2c6c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
00:27:19.0147 0x2c6c Dhcp - ok
00:27:19.0162 0x2c6c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
00:27:19.0162 0x2c6c discache - ok
00:27:19.0209 0x2c6c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:27:19.0212 0x2c6c Disk - ok
00:27:19.0274 0x2c6c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:27:19.0290 0x2c6c Dnscache - ok
00:27:19.0401 0x2c6c [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
00:27:19.0401 0x2c6c DockLoginService - ok
00:27:19.0451 0x2c6c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
00:27:19.0466 0x2c6c dot3svc - ok
00:27:19.0482 0x2c6c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
00:27:19.0497 0x2c6c DPS - ok
00:27:19.0562 0x2c6c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:27:19.0562 0x2c6c drmkaud - ok
00:27:19.0630 0x2c6c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:27:19.0645 0x2c6c DXGKrnl - ok
00:27:19.0692 0x2c6c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
00:27:19.0692 0x2c6c EapHost - ok
00:27:19.0822 0x2c6c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
00:27:19.0884 0x2c6c ebdrv - ok
00:27:19.0918 0x2c6c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
00:27:19.0996 0x2c6c EFS - ok
00:27:20.0061 0x2c6c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:27:20.0077 0x2c6c ehRecvr - ok
00:27:20.0092 0x2c6c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
00:27:20.0108 0x2c6c ehSched - ok
00:27:20.0141 0x2c6c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:27:20.0157 0x2c6c elxstor - ok
00:27:20.0204 0x2c6c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:27:20.0219 0x2c6c ErrDev - ok
00:27:20.0256 0x2c6c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
00:27:20.0271 0x2c6c EventSystem - ok
00:27:20.0463 0x2c6c [ B56D9602DB5FE1C116B1CA5EFD8E2E50, 34F52939089A98860E659BEF6AB8275BC50C33CC282DD3D34E13909BB7E3E575 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:27:20.0495 0x2c6c EvtEng - ok
00:27:20.0544 0x2c6c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
00:27:20.0544 0x2c6c exfat - ok
00:27:20.0575 0x2c6c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:27:20.0575 0x2c6c fastfat - ok
00:27:20.0640 0x2c6c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
00:27:20.0656 0x2c6c Fax - ok
00:27:20.0702 0x2c6c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:27:20.0702 0x2c6c fdc - ok
00:27:20.0721 0x2c6c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
00:27:20.0736 0x2c6c fdPHost - ok
00:27:20.0752 0x2c6c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
00:27:20.0752 0x2c6c FDResPub - ok
00:27:20.0767 0x2c6c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:27:20.0767 0x2c6c FileInfo - ok
00:27:20.0783 0x2c6c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:27:20.0783 0x2c6c Filetrace - ok
00:27:20.0799 0x2c6c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:27:20.0799 0x2c6c flpydisk - ok
00:27:20.0832 0x2c6c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:27:20.0848 0x2c6c FltMgr - ok
00:27:20.0895 0x2c6c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
00:27:20.0928 0x2c6c FontCache - ok
00:27:21.0006 0x2c6c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:27:21.0006 0x2c6c FontCache3.0.0.0 - ok
00:27:21.0087 0x2c6c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:27:21.0087 0x2c6c FsDepends - ok
00:27:21.0102 0x26a8 Object send P2P result: true
00:27:21.0121 0x2c6c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:27:21.0121 0x2c6c Fs_Rec - ok
00:27:21.0152 0x2c6c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:27:21.0152 0x2c6c fvevol - ok
00:27:21.0199 0x2c6c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:27:21.0199 0x2c6c gagp30kx - ok
00:27:21.0235 0x2c6c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:27:21.0235 0x2c6c GEARAspiWDM - ok
00:27:21.0297 0x2c6c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
00:27:21.0313 0x2c6c gpsvc - ok
00:27:21.0393 0x2c6c [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:27:21.0409 0x2c6c gupdate - ok
00:27:21.0458 0x2c6c [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:27:21.0458 0x2c6c gupdatem - ok
00:27:21.0489 0x2c6c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:27:21.0489 0x2c6c hcw85cir - ok
00:27:21.0570 0x2c6c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
00:27:21.0570 0x2c6c HDAudBus - ok
00:27:21.0601 0x2c6c [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
00:27:21.0601 0x2c6c HECIx64 - ok
00:27:21.0619 0x2c6c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:27:21.0619 0x2c6c HidBatt - ok
00:27:21.0635 0x2c6c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:27:21.0650 0x2c6c HidBth - ok
00:27:21.0682 0x2c6c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:27:21.0682 0x2c6c HidIr - ok
00:27:21.0713 0x2c6c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
00:27:21.0715 0x2c6c hidserv - ok
00:27:21.0762 0x2c6c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
00:27:21.0762 0x2c6c HidUsb - ok
00:27:21.0809 0x2c6c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:27:21.0809 0x2c6c hkmsvc - ok
00:27:21.0843 0x2c6c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:27:21.0858 0x2c6c HomeGroupListener - ok
00:27:21.0889 0x2c6c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:27:21.0905 0x2c6c HomeGroupProvider - ok
00:27:21.0970 0x2c6c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:27:21.0970 0x2c6c HpSAMD - ok
00:27:22.0035 0x2c6c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:27:22.0050 0x2c6c HTTP - ok
00:27:22.0097 0x2c6c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:27:22.0097 0x2c6c hwpolicy - ok
00:27:22.0146 0x2c6c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
00:27:22.0146 0x2c6c i8042prt - ok
00:27:22.0243 0x2c6c [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
00:27:22.0243 0x2c6c iaStor - ok
00:27:22.0385 0x2c6c [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
00:27:22.0385 0x2c6c IAStorDataMgrSvc - ok
00:27:22.0401 0x2c6c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:27:22.0419 0x2c6c iaStorV - ok
00:27:22.0482 0x2c6c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:27:22.0513 0x2c6c idsvc - ok
00:27:22.0578 0x2c6c IEEtwCollectorService - ok
00:27:22.0609 0x2c6c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:27:22.0609 0x2c6c iirsp - ok
00:27:22.0656 0x2c6c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
00:27:22.0671 0x2c6c IKEEXT - ok
00:27:22.0796 0x2c6c [ 491DADCC74327FABC85E0AB80AF8F204, 6E2CCC161EBDE932F800C90DACD59568E10851FC74236D33ECBC654B1FBA71EA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:27:22.0845 0x2c6c IntcAzAudAddService - ok
00:27:22.0877 0x2c6c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
00:27:22.0892 0x2c6c intelide - ok
00:27:22.0926 0x2c6c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:27:22.0926 0x2c6c intelppm - ok
00:27:22.0957 0x2c6c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:27:22.0957 0x2c6c IPBusEnum - ok
00:27:23.0004 0x2c6c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:27:23.0019 0x2c6c IpFilterDriver - ok
00:27:23.0069 0x2c6c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:27:23.0084 0x2c6c iphlpsvc - ok
00:27:23.0118 0x2c6c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:27:23.0134 0x2c6c IPMIDRV - ok
00:27:23.0149 0x2c6c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:27:23.0165 0x2c6c IPNAT - ok
00:27:23.0243 0x2c6c [ 0FA89CB1B99AD494CE36DD2DE717D696, 5B35B26C625306A7AD5A00FCAC46FD6D60061F1C8171352B5EF1C916A667AC92 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:27:23.0258 0x2c6c iPod Service - ok
00:27:23.0290 0x2c6c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:27:23.0290 0x2c6c IRENUM - ok
00:27:23.0305 0x2c6c ireyrvls - ok
00:27:23.0336 0x2c6c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:27:23.0336 0x2c6c isapnp - ok
00:27:23.0399 0x2c6c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

E779, 440ECE9999FF17A70792E530A03A9D38F44C6245F06C47C988474E110C42168C ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
00:27:23.0464 0x2c6c JMCR - ok
00:27:23.0479 0x2c6c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
00:27:23.0479 0x2c6c kbdclass - ok
00:27:23.0511 0x2c6c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
00:27:23.0511 0x2c6c kbdhid - ok
00:27:23.0529 0x2c6c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
00:27:23.0529 0x2c6c KeyIso - ok
00:27:23.0560 0x2c6c [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:27:23.0560 0x2c6c KSecDD - ok
00:27:23.0591 0x2c6c [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:27:23.0591 0x2c6c KSecPkg - ok
00:27:23.0622 0x2c6c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:27:23.0622 0x2c6c ksthunk - ok
00:27:23.0669 0x2c6c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
00:27:23.0685 0x2c6c KtmRm - ok
00:27:23.0700 0x2c6c kwyjdkfc - ok
00:27:23.0750 0x2c6c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
00:27:23.0765 0x2c6c LanmanServer - ok
00:27:23.0812 0x2c6c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:27:23.0828 0x2c6c LanmanWorkstation - ok
00:27:23.0861 0x2c6c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:27:23.0861 0x2c6c lltdio - ok
00:27:23.0908 0x2c6c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:27:23.0908 0x2c6c lltdsvc - ok
00:27:23.0939 0x2c6c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:27:23.0939 0x2c6c lmhosts - ok
00:27:24.0002 0x2c6c [ 23D990150D56B670A62B21B9ABDD45EE, BB9DBC0D02474976420321162C3AB1FDF975FA0494B1030488B03BC98A65F888 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
00:27:24.0017 0x2c6c LMS - ok
00:27:24.0048 0x2c6c logxmmoa - ok
00:27:24.0095 0x2c6c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:27:24.0095 0x2c6c LSI_FC - ok
00:27:24.0160 0x2c6c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:27:24.0176 0x2c6c LSI_SAS - ok
00:27:24.0225 0x2c6c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:27:24.0225 0x2c6c LSI_SAS2 - ok
00:27:24.0241 0x2c6c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:27:24.0256 0x2c6c LSI_SCSI - ok
00:27:24.0272 0x2c6c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
00:27:24.0272 0x2c6c luafv - ok
00:27:24.0303 0x2c6c mbcrpyut - ok
00:27:24.0433 0x2c6c [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
00:27:24.0448 0x2c6c McComponentHostService - ok
00:27:24.0495 0x2c6c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:27:24.0495 0x2c6c Mcx2Svc - ok
00:27:24.0511 0x2c6c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:27:24.0511 0x2c6c megasas - ok
00:27:24.0529 0x2c6c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:27:24.0529 0x2c6c MegaSR - ok
00:27:24.0719 0x2c6c [ 42D6DB8B6B340EBDA04C910D0C5CE51C, 00E6F36C3E4B5128A93932621DD935DEE4878C998E62CCB868A2E12701C119A2 ] microsoft_skydrive C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\nph_insulin\capi2.exe
00:27:24.0862 0x2c6c microsoft_skydrive - ok
00:27:24.0893 0x2c6c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
00:27:24.0893 0x2c6c MMCSS - ok
00:27:24.0926 0x2c6c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
00:27:24.0926 0x2c6c Modem - ok
00:27:24.0973 0x2c6c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:27:24.0973 0x2c6c monitor - ok
00:27:25.0004 0x2c6c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:27:25.0004 0x2c6c mouclass - ok
00:27:25.0054 0x2c6c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:27:25.0054 0x2c6c mouhid - ok
00:27:25.0119 0x2c6c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:27:25.0121 0x2c6c mountmgr - ok
00:27:25.0248 0x2c6c [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
00:27:25.0264 0x2c6c MpFilter - ok
00:27:25.0311 0x2c6c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
00:27:25.0311 0x2c6c mpio - ok
00:27:25.0521 0x2c6c [ 6DDB2BEFF00EA756FF0F65132330D4F4, A50749C3FDB57B686F91109CC55DF05300A6DF224B58649CE514506D074EADC9 ] MpKslcafc224f c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7587C0C0-6B36-4747-8F64-DBB36113111E}\MpKslcafc224f.sys
00:27:25.0521 0x2c6c MpKslcafc224f - ok
00:27:25.0552 0x2c6c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:27:25.0552 0x2c6c mpsdrv - ok
00:27:25.0617 0x2c6c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:27:25.0648 0x2c6c MpsSvc - ok
00:27:25.0695 0x2c6c [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:27:25.0695 0x2c6c MRxDAV - ok
00:27:25.0729 0x2c6c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:27:25.0729 0x2c6c mrxsmb - ok
00:27:25.0776 0x2c6c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:27:25.0776 0x2c6c mrxsmb10 - ok
00:27:25.0791 0x2c6c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:27:25.0791 0x2c6c mrxsmb20 - ok
00:27:25.0825 0x2c6c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
00:27:25.0825 0x2c6c msahci - ok
00:27:25.0841 0x2c6c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:27:25.0841 0x2c6c msdsm - ok
00:27:25.0872 0x2c6c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
00:27:25.0887 0x2c6c MSDTC - ok
00:27:25.0921 0x2c6c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:27:25.0921 0x2c6c Msfs - ok
00:27:25.0952 0x2c6c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:27:25.0952 0x2c6c mshidkmdf - ok
00:27:25.0968 0x2c6c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:27:25.0968 0x2c6c msisadrv - ok
00:27:26.0017 0x2c6c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:27:26.0017 0x2c6c MSiSCSI - ok
00:27:26.0017 0x2c6c msiserver - ok
00:27:26.0048 0x2c6c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:27:26.0048 0x2c6c MSKSSRV - ok
00:27:26.0160 0x2c6c [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
00:27:26.0160 0x2c6c MsMpSvc - ok
00:27:26.0191 0x2c6c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:27:26.0191 0x2c6c MSPCLOCK - ok
00:27:26.0191 0x2c6c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:27:26.0191 0x2c6c MSPQM - ok
00:27:26.0225 0x2c6c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:27:26.0241 0x2c6c MsRPC - ok
00:27:26.0287 0x2c6c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
00:27:26.0303 0x2c6c mssmbios - ok
00:27:26.0337 0x2c6c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:27:26.0337 0x2c6c MSTEE - ok
00:27:26.0384 0x2c6c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:27:26.0384 0x2c6c MTConfig - ok
00:27:26.0417 0x2c6c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
00:27:26.0417 0x2c6c Mup - ok
00:27:26.0511 0x2c6c [ A9BC2302FBDF52C8AF4E2FC966288D21, 4CBDCDCC2BA8133BDC0BA1A1EB47FB9241CAACF93544BAD37175417DA9E616D6 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
00:27:26.0511 0x2c6c MyWiFiDHCPDNS - ok
00:27:26.0545 0x2c6c mznekkmt - ok
00:27:26.0641 0x2c6c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
00:27:26.0656 0x2c6c napagent - ok
00:27:26.0719 0x2c6c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:27:26.0721 0x2c6c NativeWifiP - ok
00:27:26.0960 0x2c6c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
00:27:26.0991 0x2c6c NDIS - ok
00:27:27.0007 0x2c6c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:27:27.0007 0x2c6c NdisCap - ok
00:27:27.0072 0x2c6c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:27:27.0072 0x2c6c NdisTapi - ok
00:27:27.0103 0x2c6c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:27:27.0103 0x2c6c Ndisuio - ok
00:27:27.0155 0x2c6c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:27:27.0155 0x2c6c NdisWan - ok
00:27:27.0282 0x2c6c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:27:27.0298 0x2c6c NDProxy - ok
00:27:27.0298 0x2c6c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:27:27.0298 0x2c6c NetBIOS - ok
00:27:27.0363 0x2c6c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:27:27.0378 0x2c6c NetBT - ok
00:27:27.0394 0x2c6c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
00:27:27.0394 0x2c6c Netlogon - ok
00:27:27.0428 0x2c6c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
00:27:27.0443 0x2c6c Netman - ok
00:27:27.0524 0x2c6c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:27:27.0555 0x2c6c NetMsmqActivator - ok
00:27:27.0570 0x2c6c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:27:27.0586 0x2c6c NetPipeActivator - ok
00:27:27.0602 0x2c6c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
00:27:27.0620 0x2c6c netprofm - ok
00:27:27.0620 0x2c6c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:27:27.0620 0x2c6c NetTcpActivator - ok
00:27:27.0635 0x2c6c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

3AE5, 35F8C0DFCF14780F86AD9A476A7AE22A98589B27ED9C7E109945CBBD227E6E2B ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
00:27:28.0067 0x2c6c NETw5s64 - ok
00:27:28.0116 0x2c6c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:27:28.0116 0x2c6c nfrd960 - ok
00:27:28.0178 0x2c6c [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
00:27:28.0178 0x2c6c NisDrv - ok
00:27:28.0243 0x2c6c [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
00:27:28.0243 0x2c6c NisSrv - ok
00:27:28.0337 0x2c6c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:27:28.0339 0x2c6c NlaSvc - ok
00:27:28.0355 0x2c6c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:27:28.0370 0x2c6c Npfs - ok
00:27:28.0451 0x2c6c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
00:27:28.0451 0x2c6c nsi - ok
00:27:28.0482 0x2c6c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:27:28.0482 0x2c6c nsiproxy - ok
00:27:28.0563 0x2c6c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:27:28.0609 0x2c6c Ntfs - ok
00:27:28.0625 0x2c6c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
00:27:28.0628 0x2c6c Null - ok
00:27:28.0692 0x2c6c [ 285ACEC1B13A15BA520AAE06BACB9CFF, A6F576763818D4EAB2CDA3857F2963F61FDA67D7B581C52E1EB1DDB32FD642C3 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
00:27:28.0692 0x2c6c nusb3hub - ok
00:27:28.0726 0x2c6c [ F6D625FF7B56BB6EA063F0D3A5BBC996, 830196E96C120367BDA8C0EC9D7B85A642D41E8108189B1A72193299A6C005B1 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
00:27:28.0726 0x2c6c nusb3xhc - ok
00:27:28.0757 0x2c6c [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
00:27:28.0773 0x2c6c NVHDA - ok
00:27:29.0178 0x2c6c [ 011F0596D167D073E6813AE88E7947A9, 2EF87754BE6477DAEF0B1C60C5BA5B6E038D2687EDCBE0A15B1A0862FF8D81BE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:27:29.0560 0x2c6c nvlddmkm - ok
00:27:29.0638 0x2c6c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:27:29.0638 0x2c6c nvraid - ok
00:27:29.0669 0x2c6c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:27:29.0669 0x2c6c nvstor - ok
00:27:29.0700 0x2c6c [ E72422F9C55078DFA298AC7AA0A87970, F6CB073B5BCD66E77BAF45E1FA3F8A6AE337728F7AE21FF53319669FA82A0C82 ] nvsvc C:\Windows\system32\nvvsvc.exe
00:27:29.0700 0x2c6c nvsvc - ok
00:27:29.0778 0x2c6c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:27:29.0778 0x2c6c nv_agp - ok
00:27:29.0872 0x2c6c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:27:29.0872 0x2c6c odserv - ok
00:27:29.0903 0x2c6c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:27:29.0903 0x2c6c ohci1394 - ok
00:27:29.0965 0x2c6c [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:27:29.0965 0x2c6c ose - ok
00:27:30.0199 0x2c6c [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:27:30.0309 0x2c6c osppsvc - ok
00:27:30.0355 0x2c6c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:27:30.0371 0x2c6c p2pimsvc - ok
00:27:30.0387 0x2c6c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
00:27:30.0402 0x2c6c p2psvc - ok
00:27:30.0433 0x2c6c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:27:30.0449 0x2c6c Parport - ok
00:27:30.0465 0x2c6c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:27:30.0465 0x2c6c partmgr - ok
00:27:30.0480 0x2c6c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
00:27:30.0480 0x2c6c PcaSvc - ok
00:27:30.0543 0x2c6c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
00:27:30.0543 0x2c6c pci - ok
00:27:30.0574 0x2c6c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
00:27:30.0574 0x2c6c pciide - ok
00:27:30.0605 0x2c6c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:27:30.0605 0x2c6c pcmcia - ok
00:27:30.0636 0x2c6c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
00:27:30.0636 0x2c6c pcw - ok
00:27:30.0652 0x2c6c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:27:30.0667 0x2c6c PEAUTH - ok
00:27:30.0761 0x2c6c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:27:30.0761 0x2c6c PerfHost - ok
00:27:30.0839 0x2c6c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
00:27:30.0870 0x2c6c pla - ok
00:27:30.0917 0x2c6c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:27:30.0917 0x2c6c PlugPlay - ok
00:27:30.0948 0x2c6c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:27:30.0948 0x2c6c PNRPAutoReg - ok
00:27:30.0979 0x2c6c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:27:30.0979 0x2c6c PNRPsvc - ok
00:27:31.0011 0x2c6c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:27:31.0026 0x2c6c PolicyAgent - ok
00:27:31.0057 0x2c6c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
00:27:31.0057 0x2c6c Power - ok
00:27:31.0089 0x2c6c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:27:31.0104 0x2c6c PptpMiniport - ok
00:27:31.0135 0x2c6c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:27:31.0135 0x2c6c Processor - ok
00:27:31.0198 0x2c6c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
00:27:31.0198 0x2c6c ProfSvc - ok
00:27:31.0213 0x2c6c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:27:31.0213 0x2c6c ProtectedStorage - ok
00:27:31.0276 0x2c6c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:27:31.0291 0x2c6c Psched - ok
00:27:31.0323 0x2c6c [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
00:27:31.0323 0x2c6c PxHlpa64 - ok
00:27:31.0354 0x2c6c [ 0928BD20273625622722FE1DE5BBDE57, 5313C222F8810D3A62CCE64482B5E50E58BBE2A2C298A23C84A454C34324AC52 ] qicflt C:\Windows\system32\DRIVERS\qicflt.sys
00:27:31.0354 0x2c6c qicflt - ok
00:27:31.0463 0x2c6c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:27:31.0494 0x2c6c ql2300 - ok
00:27:31.0510 0x2c6c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:27:31.0510 0x2c6c ql40xx - ok
00:27:31.0557 0x2c6c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
00:27:31.0572 0x2c6c QWAVE - ok
00:27:31.0572 0x2c6c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:27:31.0572 0x2c6c QWAVEdrv - ok
00:27:31.0588 0x2c6c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:27:31.0603 0x2c6c RasAcd - ok
00:27:31.0650 0x2c6c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:27:31.0650 0x2c6c RasAgileVpn - ok
00:27:31.0666 0x2c6c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
00:27:31.0666 0x2c6c RasAuto - ok
00:27:31.0697 0x2c6c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:27:31.0713 0x2c6c Rasl2tp - ok
00:27:31.0775 0x2c6c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
00:27:31.0791 0x2c6c RasMan - ok
00:27:31.0806 0x2c6c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:27:31.0806 0x2c6c RasPppoe - ok
00:27:31.0837 0x2c6c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:27:31.0837 0x2c6c RasSstp - ok
00:27:31.0900 0x2c6c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:27:31.0915 0x2c6c rdbss - ok
00:27:31.0931 0x2c6c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:27:31.0931 0x2c6c rdpbus - ok
00:27:31.0962 0x2c6c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:27:31.0962 0x2c6c RDPCDD - ok
00:27:32.0009 0x2c6c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:27:32.0009 0x2c6c RDPENCDD - ok
00:27:32.0025 0x2c6c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:27:32.0025 0x2c6c RDPREFMP - ok
00:27:32.0071 0x2c6c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:27:32.0087 0x2c6c RdpVideoMiniport - ok
00:27:32.0118 0x2c6c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:27:32.0134 0x2c6c RDPWD - ok
00:27:32.0181 0x2c6c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:27:32.0196 0x2c6c rdyboost - ok
00:27:32.0274 0x2c6c [ 0AA473966357C4A41B5EB19649EB6E5E, D4F1EADDECE41481332CBF03B8CAB4AC6AB048834DF013DB30757E7941F306FE ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
00:27:32.0290 0x2c6c RegSrvc - ok
00:27:32.0321 0x2c6c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:27:32.0321 0x2c6c RemoteAccess - ok
00:27:32.0352 0x2c6c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:27:32.0368 0x2c6c RemoteRegistry - ok
00:27:32.0430 0x2c6c [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
00:27:32.0430 0x2c6c RimUsb - ok
00:27:32.0617 0x2c6c [ BDDC447AB46625A54619808575D5CB46, 5321343BFB972A111D27DED7A3F3A3520E0C77104E6139ADC7765C76A459ED9C ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
00:27:32.0649 0x2c6c RoxMediaDB12OEM - ok
00:27:32.0695 0x2c6c [ CE203243ADF512540249DF9C264F12DD, 7BC0A6E9A422D832DDF046F28EA0F80A879A007B7116C4B830D6A39DCDD09EF5 ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
00:27:32.0695 0x2c6c RoxWatch12 - ok
00:27:32.0711 0x2c6c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:27:32.0727 0x2c6c RpcEptMapper - ok
00:27:32.0742 0x2c6c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
00:27:32.0742 0x2c6c RpcLocator - ok
00:27:32.0789 0x2c6c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
00:27:32.0805 0x2c6c RpcSs - ok
00:27:32.0836 0x2c6c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:27:32.0836 0x2c6c rspndr - ok
00:27:32.0929 0x2c6c [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
00:27:32.0945 0x2c6c RTL8167 - ok
00:27:32.0945 0x2c6c rvqhafqh - ok
00:27:32.0961 0x2c6c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
00:27:32.0961 0x2c6c SamSs - ok
00:27:32.0992 0x2c6c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:27:32.0992 0x2c6c sbp2port - ok
00:27:33.0054 0x2c6c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:27:33.0070 0x2c6c SCardSvr - ok
00:27:33.0085 0x2c6c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:27:33.0085 0x2c6c scfilter - ok
00:27:33.0148 0x2c6c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
00:27:33.0163 0x2c6c Schedule - ok
00:27:33.0195 0x2c6c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
00:27:33.0210 0x2c6c SCPolicySvc - ok
00:27:33.0226 0x2c6c [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
00:27:33.0241 0x2c6c sdbus - ok
00:27:33.0288 0x2c6c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:27:33.0304 0x2c6c SDRSVC - ok
00:27:33.0319 0x2c6c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:27:33.0319 0x2c6c secdrv - ok
00:27:33.0351 0x2c6c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
00:27:33.0351 0x2c6c seclogon - ok
00:27:33.0366 0x2c6c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
00:27:33.0366 0x2c6c SENS - ok
00:27:33.0397 0x2c6c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:27:33.0397 0x2c6c SensrSvc - ok
00:27:33.0429 0x2c6c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:27:33.0429 0x2c6c Serenum - ok
00:27:33.0444 0x2c6c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:27:33.0444 0x2c6c Serial - ok
00:27:33.0522 0x2c6c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:27:33.0522 0x2c6c sermouse - ok
00:27:33.0569 0x2c6c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
00:27:33.0585 0x2c6c SessionEnv - ok
00:27:33.0600 0x2c6c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
00:27:33.0600 0x2c6c sffdisk - ok
00:27:33.0647 0x2c6c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:27:33.0647 0x2c6c sffp_mmc - ok
00:27:33.0663 0x2c6c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
00:27:33.0663 0x2c6c sffp_sd - ok
00:27:33.0694 0x2c6c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:27:33.0694 0x2c6c sfloppy - ok
00:27:33.0756 0x2c6c [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
00:27:33.0772 0x2c6c Sftfs - ok
00:27:33.0850 0x2c6c [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
00:27:33.0850 0x2c6c sftlist - ok
00:27:33.0881 0x2c6c [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
00:27:33.0897 0x2c6c Sftplay - ok
00:27:33.0912 0x2c6c [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
00:27:33.0912 0x2c6c Sftredir - ok
00:27:34.0021 0x2c6c [ E1974A92AC0914A3859359A0A8C82C68, 4908917F72D6E531B44488F06A05915F0DA9767758E44C886F5F93F46BA79654 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
00:27:34.0037 0x2c6c SftService - ok
00:27:34.0053 0x2c6c [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
00:27:34.0068 0x2c6c Sftvol - ok
00:27:34.0099 0x2c6c [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
00:27:34.0115 0x2c6c sftvsa - ok
00:27:34.0287 0x2c6c [ E2266AFC49C3F48C02FE5B3FBA1E872D, FABC970301901B72BD8AE9EF88A058899CBFB16083F6FDDC8D24F53E8E6A4747 ] share C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\nph_insulin\destination.exe
00:27:34.0287 0x2c6c share - ok
00:27:34.0365 0x2c6c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:27:34.0380 0x2c6c SharedAccess - ok
00:27:34.0427 0x2c6c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:27:34.0427 0x2c6c ShellHWDetection - ok
00:27:34.0474 0x2c6c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:27:34.0474 0x2c6c SiSRaid2 - ok
00:27:34.0489 0x2c6c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:27:34.0489 0x2c6c SiSRaid4 - ok
00:27:34.0599 0x2c6c [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:27:34.0599 0x2c6c SkypeUpdate - ok
00:27:34.0661 0x2c6c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:27:34.0661 0x2c6c Smb - ok
00:27:34.0708 0x2c6c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:27:34.0708 0x2c6c SNMPTRAP - ok
00:27:34.0739 0x2c6c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
00:27:34.0739 0x2c6c spldr - ok
00:27:34.0817 0x2c6c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
00:27:34.0817 0x2c6c Spooler - ok
00:27:34.0957 0x2c6c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
00:27:35.0051 0x2c6c sppsvc - ok
00:27:35.0067 0x2c6c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:27:35.0067 0x2c6c sppuinotify - ok
00:27:35.0098 0x2c6c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:27:35.0113 0x2c6c srv - ok
00:27:35.0129 0x2c6c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:27:35.0145 0x2c6c srv2 - ok
00:27:35.0160 0x2c6c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:27:35.0160 0x2c6c srvnet - ok
00:27:35.0207 0x2c6c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:27:35.0223 0x2c6c SSDPSRV - ok
00:27:35.0254 0x2c6c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:27:35.0254 0x2c6c SstpSvc - ok
00:27:35.0285 0x2c6c [ 92E7F6666633D2DD91D527503DAA7BE0, E97C7FFCAF2C7A83B270B6C797A91C2731FEA26874FE1E59B4CB55D5D98744BB ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
00:27:35.0285 0x2c6c stdcfltn - ok
00:27:35.0394 0x2c6c [ C6539A0CB1EBFF488D3D4B070C4F17F8, F889F58BF2ABDAD91E814D7F72879EFA735F672E6B8BAC22D8B3E390D3D93926 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

00:27:35.0441 0x2c6c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:27:35.0441 0x2c6c stexstor - ok
00:27:35.0488 0x2c6c [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
00:27:35.0488 0x2c6c StillCam - ok
00:27:35.0566 0x2c6c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
00:27:35.0581 0x2c6c stisvc - ok
00:27:35.0628 0x2c6c [ 9E182DD94496550A22A392CC1A8E0F52, 6F630982F7AFDF409F24BB0D9815592000FC8A47200F4FEC4A5C5ED241810244 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
00:27:35.0628 0x2c6c stllssvr - ok
00:27:35.0659 0x2c6c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
00:27:35.0659 0x2c6c swenum - ok
00:27:35.0691 0x2c6c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
00:27:35.0706 0x2c6c swprv - ok
00:27:35.0784 0x2c6c [ 36F506C894E1EA59C65FAF6398BDF49A, 70B7CA69958796C3AFA1ACA4C3BF054CBFEE84DC73A55D395EFED4A80B5399A2 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
00:27:35.0815 0x2c6c SynTP - ok
00:27:35.0893 0x2c6c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
00:27:35.0940 0x2c6c SysMain - ok
00:27:36.0018 0x2c6c [ C7A3D0DA9A546B9127A88CDFC514A531, 7234E42EC90A393626B5F528151952F248F790AD40BB6B966EC4FB5D9BB6059C ] SystemStoreService C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe
00:27:36.0034 0x2c6c SystemStoreService - ok
00:27:36.0096 0x2c6c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:27:36.0096 0x2c6c TabletInputService - ok
00:27:36.0127 0x2c6c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
00:27:36.0127 0x2c6c TapiSrv - ok
00:27:36.0159 0x2c6c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
00:27:36.0159 0x2c6c TBS - ok
00:27:36.0283 0x2c6c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:27:36.0330 0x2c6c Tcpip - ok
00:27:36.0393 0x2c6c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:27:36.0424 0x2c6c TCPIP6 - ok
00:27:36.0471 0x2c6c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:27:36.0471 0x2c6c tcpipreg - ok
00:27:36.0502 0x2c6c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:27:36.0502 0x2c6c TDPIPE - ok
00:27:36.0564 0x2c6c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:27:36.0564 0x2c6c TDTCP - ok
00:27:36.0595 0x2c6c [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:27:36.0595 0x2c6c tdx - ok
00:27:36.0829 0x2c6c [ 9CC341BE32EEC138702795768DE9DE99, 61F580B40075680C72E40286BC6D69E94653A0F5574FFE08B46A9011AC88C58B ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
00:27:36.0954 0x2c6c TeamViewer9 - ok
00:27:36.0985 0x2c6c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
00:27:36.0985 0x2c6c TermDD - ok
00:27:37.0032 0x2c6c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
00:27:37.0048 0x2c6c TermService - ok
00:27:37.0079 0x2c6c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
00:27:37.0079 0x2c6c Themes - ok
00:27:37.0110 0x2c6c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
00:27:37.0110 0x2c6c THREADORDER - ok
00:27:37.0110 0x2c6c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
00:27:37.0126 0x2c6c TrkWks - ok
00:27:37.0219 0x2c6c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:27:37.0219 0x2c6c TrustedInstaller - ok
00:27:37.0251 0x2c6c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:27:37.0251 0x2c6c tssecsrv - ok
00:27:37.0360 0x2c6c [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:27:37.0360 0x2c6c TsUsbFlt - ok
00:27:37.0407 0x2c6c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:27:37.0407 0x2c6c tunnel - ok
00:27:37.0453 0x2c6c [ 825E7A1F48FB8BCFBA27C178AAB4E275, 94F039917B52BEFFFE383E14A6169AE81B6E79C30BA7DD017A9CFE15708A1605 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
00:27:37.0453 0x2c6c TurboB - ok
00:27:37.0500 0x2c6c [ B206BE1174D5964D49A56BB6C4E0524A, 9D7DA11220B69E2EDEA9E55EC0E4CB554DD7F638ABF49B76353CE5A5C75965B8 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
00:27:37.0500 0x2c6c TurboBoost - ok
00:27:37.0563 0x2c6c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:27:37.0563 0x2c6c uagp35 - ok
00:27:37.0594 0x2c6c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:27:37.0609 0x2c6c udfs - ok
00:27:37.0625 0x2c6c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:27:37.0625 0x2c6c UI0Detect - ok
00:27:37.0687 0x2c6c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:27:37.0703 0x2c6c uliagpkx - ok
00:27:37.0734 0x2c6c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
00:27:37.0734 0x2c6c umbus - ok
00:27:37.0765 0x2c6c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:27:37.0765 0x2c6c UmPass - ok
00:27:37.0937 0x2c6c [ CBDEE152D73200EE49031A26310B9D3E, 92E22235446F8DB3BFE97EDE7DE7D33F43EAC5957C5B41ACCEC4EBFD19BFF819 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
00:27:37.0984 0x2c6c UNS - ok
00:27:38.0015 0x2c6c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
00:27:38.0031 0x2c6c upnphost - ok
00:27:38.0077 0x2c6c [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
00:27:38.0077 0x2c6c USBAAPL64 - ok
00:27:38.0155 0x2c6c [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
00:27:38.0155 0x2c6c usbaudio - ok
00:27:38.0202 0x2c6c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:27:38.0202 0x2c6c usbccgp - ok
00:27:38.0233 0x2c6c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:27:38.0233 0x2c6c usbcir - ok
00:27:38.0265 0x2c6c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
00:27:38.0265 0x2c6c usbehci - ok
00:27:38.0311 0x2c6c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:27:38.0327 0x2c6c usbhub - ok
00:27:38.0358 0x2c6c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:27:38.0358 0x2c6c usbohci - ok
00:27:38.0405 0x2c6c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:27:38.0405 0x2c6c usbprint - ok
00:27:38.0452 0x2c6c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:27:38.0467 0x2c6c USBSTOR - ok
00:27:38.0499 0x2c6c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:27:38.0499 0x2c6c usbuhci - ok
00:27:38.0530 0x2c6c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
00:27:38.0530 0x2c6c usbvideo - ok
00:27:38.0545 0x2c6c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
00:27:38.0545 0x2c6c UxSms - ok
00:27:38.0561 0x2c6c uzdhxgpw - ok
00:27:38.0577 0x2c6c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
00:27:38.0592 0x2c6c VaultSvc - ok
00:27:38.0639 0x2c6c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:27:38.0639 0x2c6c vdrvroot - ok
00:27:38.0686 0x2c6c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
00:27:38.0701 0x2c6c vds - ok
00:27:38.0717 0x2c6c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:27:38.0733 0x2c6c vga - ok
00:27:38.0733 0x2c6c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
00:27:38.0748 0x2c6c VgaSave - ok
00:27:38.0764 0x2c6c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:27:38.0764 0x2c6c vhdmp - ok
00:27:38.0811 0x2c6c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
00:27:38.0811 0x2c6c viaide - ok
00:27:38.0857 0x2c6c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:27:38.0857 0x2c6c volmgr - ok
00:27:38.0889 0x2c6c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:27:38.0904 0x2c6c volmgrx - ok
00:27:38.0920 0x2c6c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:27:38.0935 0x2c6c volsnap - ok
00:27:38.0935 0x2c6c vparxfrs - ok
00:27:38.0967 0x2c6c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:27:38.0982 0x2c6c vsmraid - ok
00:27:39.0045 0x2c6c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
00:27:39.0076 0x2c6c VSS - ok
00:27:39.0107 0x2c6c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
00:27:39.0107 0x2c6c vwifibus - ok
00:27:39.0107 0x2c6c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
00:27:39.0107 0x2c6c vwififlt - ok
00:27:39.0169 0x2c6c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
00:27:39.0185 0x2c6c vwifimp - ok
00:27:39.0232 0x2c6c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
00:27:39.0247 0x2c6c W32Time - ok
00:27:39.0263 0x2c6c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:27:39.0263 0x2c6c WacomPen - ok
00:27:39.0294 0x2c6c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:27:39.0294 0x2c6c WANARP - ok
00:27:39.0310 0x2c6c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:27:39.0310 0x2c6c Wanarpv6 - ok
00:27:39.0388 0x2c6c [ ECEB715BECE47E101DDEC06B11126066, 6BD577D6EABD48B1BA31955DB3DEEE68528EA54375CA64D233B723D161B45CBA ] wanatw C:\Windows\system32\DRIVERS\wanatw64.sys
00:27:39.0388 0x2c6c wanatw - ok
00:27:39.0481 0x2c6c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
00:27:39.0513 0x2c6c wbengine - ok
00:27:39.0544 0x2c6c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:27:39.0544 0x2c6c WbioSrvc - ok
00:27:39.0591 0x2c6c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:27:39.0591 0x2c6c wcncsvc - ok
00:27:39.0606 0x2c6c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:27:39.0622 0x2c6c WcsPlugInService - ok
00:27:39.0637 0x2c6c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:27:39.0637 0x2c6c Wd - ok
00:27:39.0684 0x2c6c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:27:39.0700 0x2c6c Wdf01000 - ok
00:27:39.0762 0x2c6c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:27:39.0778 0x2c6c WdiServiceHost - ok
00:27:39.0778 0x2c6c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:27:39.0793 0x2c6c WdiSystemHost - ok
00:27:39.0840 0x2c6c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
00:27:39.0856 0x2c6c WebClient - ok
00:27:39.0871 0x2c6c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:27:39.0871 0x2c6c Wecsvc - ok
00:27:39.0903 0x2c6c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:27:39.0903 0x2c6c wercplsupport - ok
00:27:39.0918 0x2c6c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
00:27:39.0918 0x2c6c WerSvc - ok
00:27:39.0949 0x2c6c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:27:39.0949 0x2c6c WfpLwf - ok
00:27:40.0027 0x2c6c [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
00:27:40.0027 0x2c6c WimFltr - ok
00:27:40.0043 0x2c6c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:27:40.0059 0x2c6c WIMMount - ok
00:27:40.0074 0x2c6c WinDefend - ok
00:27:40.0105 0x2c6c WinHttpAutoProxySvc - ok
00:27:40.0168 0x2c6c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:27:40.0183 0x2c6c Winmgmt - ok
00:27:40.0355 0x2c6c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
00:27:40.0402 0x2c6c WinRM - ok
00:27:40.0464 0x2c6c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
00:27:40.0464 0x2c6c WinUsb - ok
00:27:40.0527 0x2c6c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
00:27:40.0558 0x2c6c Wlansvc - ok
00:27:40.0714 0x2c6c [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:27:40.0776 0x2c6c wlidsvc - ok
00:27:40.0792 0x2c6c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:27:40.0792 0x2c6c WmiAcpi - ok
00:27:40.0839 0x2c6c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:27:40.0839 0x2c6c wmiApSrv - ok
00:27:40.0870 0x2c6c WMPNetworkSvc - ok
00:27:40.0901 0x2c6c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:27:40.0901 0x2c6c WPCSvc - ok
00:27:40.0932 0x2c6c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:27:40.0932 0x2c6c WPDBusEnum - ok
00:27:40.0948 0x2c6c wrccyqbi - ok
00:27:40.0979 0x2c6c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:27:40.0979 0x2c6c ws2ifsl - ok
00:27:41.0010 0x2c6c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
00:27:41.0010 0x2c6c wscsvc - ok
00:27:41.0010 0x2c6c WSearch - ok
00:27:41.0135 0x2c6c [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
00:27:41.0197 0x2c6c wuauserv - ok
00:27:41.0229 0x2c6c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:27:41.0229 0x2c6c WudfPf - ok
00:27:41.0291 0x2c6c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:27:41.0291 0x2c6c WUDFRd - ok
00:27:41.0322 0x2c6c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:27:41.0322 0x2c6c wudfsvc - ok
00:27:41.0353 0x2c6c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
00:27:41.0369 0x2c6c WwanSvc - ok
00:27:41.0385 0x2c6c ================ Scan global ===============================
00:27:41.0416 0x2c6c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
00:27:41.0447 0x2c6c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
00:27:41.0463 0x2c6c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
00:27:41.0494 0x2c6c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
00:27:41.0525 0x2c6c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
00:27:41.0525 0x2c6c [ Global ] - ok
00:27:41.0525 0x2c6c ================ Scan MBR ==================================
00:27:41.0541 0x2c6c [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
00:27:41.0837 0x2c6c \Device\Harddisk0\DR0 - ok
00:27:41.0837 0x2c6c ================ Scan VBR ==================================
00:27:41.0837 0x2c6c [ C390E3589D88C13E2E4B367DD63B5E22 ] \Device\Harddisk0\DR0\Partition1
00:27:41.0837 0x2c6c \Device\Harddisk0\DR0\Partition1 - ok
00:27:41.0837 0x2c6c [ AEE47885D25CCB3430C6EE0DBCC87E6F ] \Device\Harddisk0\DR0\Partition2
00:27:41.0868 0x2c6c \Device\Harddisk0\DR0\Partition2 - ok
00:27:41.0868 0x2c6c ================ Scan generic autorun ======================
00:27:41.0868 0x2c6c SynTPEnh - ok
00:27:42.0149 0x2c6c [ AB729318BD85B82FC4313DCF5DA93C8E, 30677159794FB4D99787C1D795F5CA8E6C97CBE9BF8932E8E1AE2851497D1E37 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
00:27:42.0274 0x2c6c RTHDVCPL - ok
00:27:42.0367 0x2c6c [ 7EB0AE9D61C9CD6FCE90F0E69804487A, 43C5BCC02BC49A1A6A39B16BFAAC5FBBA1C5EAFB1A18BDE87ABB5B6F1B5D4D4F ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
00:27:42.0414 0x2c6c RtHDVBg - ok
00:27:42.0414 0x2c6c NVHotkey - ok
00:27:42.0508 0x2c6c [ F2C49A7AA03FC231BE87A65E50D0B6F6, 549A188E8F1E2CA1E4A82EC4F5D7B45C24BAB2B1177EA848183D72F97E198E38 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
00:27:42.0555 0x2c6c IntelWireless - ok
00:27:42.0679 0x2c6c [ 0AD61A3C844EEFE88780749E362D1E57, 5F2EF864827F65130B3292F49A2AFEC45006980D061978DAB31A6ECB1F2A0200 ] c:\Program Files\Dell\QuickSet\QuickSet.exe
00:27:42.0742 0x2c6c QuickSet - ok
00:27:42.0804 0x2c6c [ A358C6D2F299ACDE00D40C605BA5FEDC, FFAE3A508C8756D67E7C37870E53A621D0F174A66E48BBD30B03F2DAF1C0BFB8 ] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
00:27:42.0820 0x2c6c FreeFallProtection - ok
00:27:42.0929 0x2c6c [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
00:27:42.0945 0x2c6c MSC - ok
00:27:43.0085 0x2c6c [ 960167F792324B884AB6600A1C8392DA, 21FE20A2BC6751DD4165009A8CE273EB5FEBAF1D45EE13C3D77EFF0E1616D2AD ] C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\fault.exe
00:27:43.0085 0x2c6c friends - ok
00:27:43.0132 0x2c6c [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
00:27:43.0147 0x2c6c NUSB3MON - ok
00:27:43.0210 0x2c6c [ 25107F58D1B8F60D67D1EE95798C0DE8, C3B5205E8818576EBF33E3B9FD8664A498714B823D9128FC1CA0A64F81499263 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
00:27:43.0210 0x2c6c IAStorIcon - ok
00:27:43.0319 0x2c6c [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
00:27:43.0335 0x2c6c ControlCenter3 - ok
00:27:43.0428 0x2c6c [ 640609646D2E6F805E89238F0ADD3A1A, 6E919DD8C93B4F1B7AA00404DDF11FDAA7C050C49028480C8E28F2DF99E99FED ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
00:27:43.0491 0x2c6c BrStsMon00 - ok
00:27:43.0569 0x2c6c [ 4D5D968FE6AE6BF94A807F73F7FF6B3D, 3D5D5D775EE251C2B903AA8DA804AE4D1632DD59A8A0A36C545FE984FCFE06DD ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
00:27:43.0600 0x2c6c BrMfcWnd - ok
00:27:43.0693 0x2c6c [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
00:27:43.0725 0x2c6c Adobe ARM - ok
00:27:43.0818 0x2c6c [ C482C535CBFEFE722EC1EB7F11F680A3, D7374A4BFEF274F7E33FDA40AA8ED8D8F78448E745A27032FE80475D5B1FAA63 ] C:\Program Files (x86)\Common Files\AOL\1376658552\ee\AOLSoftware.exe
00:27:43.0818 0x2c6c HostManager - ok
00:27:43.0818 0x2c6c ApnTBMon - ok
00:27:43.0865 0x2c6c [ F0CE006E1D14F45959985A05F8E81204, D9FE67DB4CEDB3B09A48C305DDE983A15695EE41C68CE222880D002C0D5D7688 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
00:27:43.0881 0x2c6c APSDaemon - ok
00:27:43.0943 0x2c6c [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
00:27:43.0959 0x2c6c SunJavaUpdateSched - ok
00:27:43.0990 0x2c6c [ A043F2DCB3DE6A01317FD7DDDAA53736, 7BF8BECC4AB5C21C5524F15EA3C5FF48EA2AE44AFCBADB443CFEBB72E2037A09 ] C:\Program Files (x86)\VNT\vntldr.exe
00:27:43.0990 0x2c6c VNT - ok
00:27:44.0099 0x2c6c [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe
00:27:44.0099 0x2c6c QuickTime Task - ok
00:27:44.0177 0x2c6c [ 603668084332DDB58D8C5AACE30B04FC, B6FA6BBE18D433F41F96640726444B7CB9D669BAE87A545E1408391B9469EDB9 ] C:\iTunesHelper.exe
00:27:44.0193 0x2c6c iTunesHelper - ok
00:27:44.0271 0x2c6c [ 6CE36EE8D47C825A8D0C56C846CF636F, 62611B4D1CB67E93BFEFCCE605D33A72C3AF2C362B904B571A9E671A178F73E1 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
00:27:44.0271 0x2c6c Launcher - ok
00:27:44.0317 0x2c6c [ B99C05C2C0AA671642962CBCCE138660, 3F17B69E226E15E216CCA07A5602529643B315C02C5CAB4C597DA948F105465E ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe
00:27:44.0317 0x2c6c DSUpdateLauncher - ok
00:27:44.0411 0x2c6c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:27:44.0427 0x2c6c Sidebar - ok
00:27:44.0458 0x2c6c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:27:44.0473 0x2c6c mctadmin - ok
00:27:44.0489 0x2c6c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:27:44.0520 0x2c6c Sidebar - ok
00:27:44.0520 0x2c6c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:27:44.0536 0x2c6c mctadmin - ok
00:27:44.0551 0x2c6c ooVoo.exe - ok
00:27:44.0692 0x2c6c [ 40ADA4963225D142B831D0551151210E, 3E6DB8F6FBFED4CC81FA6BF8E4280F4B02A2BDBBD10396F2887412D1DF2137CE ] C:\Users\Visuellspektrum B.E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
00:27:44.0692 0x2c6c DellSystemDetect - ok
00:27:44.0848 0x2c6c [ 1F7E04F6CDF9F556BB7666D711E1474F, B8952D493910732764CB6843E9A780E92293ADDBB624F0F938AADA67761589A9 ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Vcducbofyj\awjkumrw.exe
00:27:44.0848 0x2c6c Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Vcducbofyj\awjkumrw.exe. md5: 1F7E04F6CDF9F556BB7666D711E1474F, sha256: B8952D493910732764CB6843E9A780E92293ADDBB624F0F938AADA67761589A9
00:27:44.0879 0x2c6c uqdfumrw - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
00:27:52.0196 0x2d5c Object required for P2P: [ 960167F792324B884AB6600A1C8392DA ] C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\fault.exe
00:27:52.0274 0x2c6c uqdfumrw ( Trojan-Spy.Win32.ZBot.gen ) - infected
00:27:52.0274 0x2c6c Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Vcducbofyj\awjkumrw.exe
00:27:54.0754 0x2d5c Object send P2P result: true
00:27:54.0832 0x2c6c Object send P2P result: true
00:27:57.0328 0x2c6c Have new async UDS detects: 1
00:27:57.0328 0x2c6c friends - detected UDS

angerousObject.Multi.Generic ( 0 )
00:27:57.0328 0x2c6c friends ( UDS

angerousObject.Multi.Generic ) - infected
00:27:57.0328 0x2c6c Force sending object to P2P due to detect: C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\fault.exe
00:27:59.0886 0x2c6c Object send P2P result: true
00:28:02.0367 0x2c6c [ 1F7E04F6CDF9F556BB7666D711E1474F, B8952D493910732764CB6843E9A780E92293ADDBB624F0F938AADA67761589A9 ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Oitg\rwsjjjgkcrz.exe
00:28:02.0382 0x2c6c tionkcrz - ok
00:28:02.0382 0x2c6c Have new async UDS detects: 1
00:28:02.0382 0x2c6c tionkcrz - detected UDS

angerousObject.Multi.Generic ( 0 )
00:28:02.0382 0x2c6c tionkcrz ( UDS

angerousObject.Multi.Generic ) - infected
00:28:02.0382 0x2c6c Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Oitg\rwsjjjgkcrz.exe
00:28:04.0972 0x2c6c Object send P2P result: true
00:28:07.0437 0x2c6c ifoxxwzr - ok
00:28:07.0452 0x2c6c tfwywndb - ok
00:28:07.0452 0x2c6c liyezfcu - ok
00:28:07.0468 0x2c6c hffgquir - ok
00:28:07.0530 0x2c6c [ 274AC3CC062F4F2F8145A6CE71CA8D6D, BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F ] C:\Users\Visuellspektrum B.E\AppData\Local\System64\system64-print32.exe
00:28:07.0530 0x2c6c Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\System64\system64-print32.exe. md5: 274AC3CC062F4F2F8145A6CE71CA8D6D, sha256: BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F
00:28:07.0530 0x2c6c system64-print32 - detected LockedFile.Multi.Generic ( 1 )
00:28:09.0995 0x2c6c Detect turned to UDS exact due to KSN untrusted
00:28:09.0995 0x2c6c system64-print32 ( UDS

angerousObject.Multi.Generic ) - infected
00:28:09.0995 0x2c6c Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\System64\system64-print32.exe
00:28:12.0554 0x2c6c Object send P2P result: true
00:28:15.0065 0x2c6c [ 4C4592B7490BFA070C9720FD7B0D9A93, 0E9C758DB7578B638E281E95EA146BA7D8488449978B081BE7080C45642E9BBC ] C:\Users\VISUEL~1.E\AppData\Local\Temp\Hzqfxlacja\bgjjqimaw.exe
00:28:15.0065 0x2c6c Suspicious file ( NoAccess ): C:\Users\VISUEL~1.E\AppData\Local\Temp\Hzqfxlacja\bgjjqimaw.exe. md5: 4C4592B7490BFA070C9720FD7B0D9A93, sha256: 0E9C758DB7578B638E281E95EA146BA7D8488449978B081BE7080C45642E9BBC
00:28:15.0081 0x2c6c xlazimaw - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
00:28:17.0514 0x2c6c xlazimaw ( Trojan-Spy.Win32.ZBot.gen ) - infected
00:28:17.0514 0x2c6c Force sending object to P2P due to detect: C:\Users\VISUEL~1.E\AppData\Local\Temp\Hzqfxlacja\bgjjqimaw.exe
00:28:20.0073 0x2c6c Object send P2P result: true
00:28:22.0569 0x2c6c [ B492067250ABA2678B671313039D352B, 1A37AC1784189D561D27565C638120FF8A27A4DF5DD3A9438B18071C4413407C ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Chrome64\chrome64wave.exe
00:28:22.0569 0x2c6c Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Chrome64\chrome64wave.exe. md5: B492067250ABA2678B671313039D352B, sha256: 1A37AC1784189D561D27565C638120FF8A27A4DF5DD3A9438B18071C4413407C
00:28:22.0584 0x2c6c chrome64wave - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
00:28:25.0049 0x2c6c Object required for P2P: [ B492067250ABA2678B671313039D352B ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Chrome64\chrome64wave.exe
00:28:27.0623 0x2c6c Object send P2P result: true
00:28:27.0623 0x2c6c chrome64wave ( Trojan-Spy.Win32.ZBot.gen ) - infected
00:28:27.0623 0x2c6c Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Chrome64\chrome64wave.exe
00:28:30.0213 0x2c6c Object send P2P result: true
00:28:32.0693 0x2c6c [ 02B7736BCF35092A37CCD521658379CD, 6C70ABDE08D2995214E5B504BDB99D12693BBCA6038E7557E351C9A7DB40D2FA ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Perl32\perl32runner32.exe
00:28:32.0693 0x2c6c Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Perl32\perl32runner32.exe. md5: 02B7736BCF35092A37CCD521658379CD, sha256: 6C70ABDE08D2995214E5B504BDB99D12693BBCA6038E7557E351C9A7DB40D2FA
00:28:32.0709 0x2c6c perl32runner32 - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
00:28:35.0174 0x2c6c perl32runner32 ( Trojan-Spy.Win32.ZBot.gen ) - infected
00:28:35.0174 0x2c6c Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Perl32\perl32runner32.exe
00:28:38.0138 0x2c6c Object send P2P result: true
00:28:40.0774 0x2c6c [ 960167F792324B884AB6600A1C8392DA, 21FE20A2BC6751DD4165009A8CE273EB5FEBAF1D45EE13C3D77EFF0E1616D2AD ] C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\index.exe
00:28:40.0774 0x2c6c friends - ok
00:28:40.0774 0x2c6c Object required for P2P: [ 960167F792324B884AB6600A1C8392DA ] C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\index.exe
00:28:43.0426 0x2c6c Object send P2P result: true
00:28:43.0426 0x2c6c Have new async UDS detects: 1
00:28:43.0426 0x2c6c friends - detected UDS

angerousObject.Multi.Generic ( 0 )
00:28:43.0426 0x2c6c friends ( UDS

angerousObject.Multi.Generic ) - infected
00:28:43.0426 0x2c6c Force sending object to P2P due to detect: C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\index.exe
00:28:45.0969 0x2c6c Object send P2P result: true
00:28:48.0527 0x2c6c [ 274AC3CC062F4F2F8145A6CE71CA8D6D, BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F ] C:\Users\Visuellspektrum B.E\AppData\Roaming\Antivir32signal\win.exe
00:28:48.0527 0x2c6c Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Roaming\Antivir32signal\win.exe. md5: 274AC3CC062F4F2F8145A6CE71CA8D6D, sha256: BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F
00:28:48.0527 0x2c6c win - detected LockedFile.Multi.Generic ( 1 )
00:28:48.0527 0x2c6c Detect turned to UDS exact due to KSN untrusted
00:28:48.0527 0x2c6c win ( UDS

angerousObject.Multi.Generic ) - infected
00:28:48.0527 0x2c6c Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Roaming\Antivir32signal\win.exe
00:28:51.0678 0x2c6c Object send P2P result: true
00:29:06.0015 0x2c6c [ 274AC3CC062F4F2F8145A6CE71CA8D6D, BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F ] C:\Users\Visuellspektrum B.E\AppData\Roaming\Explorer64\explorer64login.exe
00:29:06.0030 0x2c6c Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Roaming\Explorer64\explorer64login.exe. md5: 274AC3CC062F4F2F8145A6CE71CA8D6D, sha256: BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F
00:29:06.0030 0x2c6c explorer64login - detected LockedFile.Multi.Generic ( 1 )
00:29:06.0030 0x2c6c Detect turned to UDS exact due to KSN untrusted
00:29:06.0030 0x2c6c explorer64login ( UDS

angerousObject.Multi.Generic ) - infected
00:29:06.0030 0x2c6c Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Roaming\Explorer64\explorer64login.exe
00:29:11.0288 0x2c6c Object send P2P result: true
00:29:13.0877 0x2c6c [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
00:29:13.0893 0x2c6c Uninstall C:\Users\Visuellspektrum B.E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64 - ok

00:29:13.0908 0x2c6c [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
00:29:13.0908 0x2c6c Uninstall C:\Users\Visuellspektrum B.E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910 - ok
00:29:14.0049 0x2c6c [ C84F100FF7A65DF5FAD4682041CA51E4, 580BADC917C497F526B42174C1CA89045760807EB170A6449B6D14BCE475C993 ] C:\Program Files (x86)\AOL 9.0 VR\AOL.EXE
00:29:14.0049 0x2c6c AOL Fast Start - ok
00:29:14.0127 0x2c6c [ 966FE904599B9A0F80EA498851180829, A95A67DF82FD40A0173C08919E7AB4B3CC207C8B8E07D850CC9C8AD0A44BF0CB ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
00:29:14.0142 0x2c6c GoogleChromeAutoLaunch_95998DA8AA06BA0E1CB0911F871E1ECB - ok
00:29:14.0142 0x2c6c [ C84F100FF7A65DF5FAD4682041CA51E4, 580BADC917C497F526B42174C1CA89045760807EB170A6449B6D14BCE475C993 ] C:\Program Files (x86)\AOL 9.0 VR\AOL.EXE
00:29:14.0142 0x2c6c AOL Fast Start - ok
00:29:14.0158 0x2c6c Waiting for KSN requests completion. In queue: 5
00:29:15.0172 0x2c6c Waiting for KSN requests completion. In queue: 5
00:29:16.0186 0x2c6c Waiting for KSN requests completion. In queue: 5
00:29:17.0216 0x2c6c AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
00:29:17.0309 0x2c6c Win FW state via NFP2: enabled
00:29:19.0758 0x2c6c ============================================================
00:29:19.0758 0x2c6c Scan finished
00:29:19.0758 0x2c6c ============================================================
00:29:19.0774 0x1554 Detected object count: 10
00:29:19.0774 0x1554 Actual detected object count: 10
00:30:48.0523 0x1554 uqdfumrw ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
00:30:48.0523 0x1554 uqdfumrw ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
00:30:48.0523 0x1554 friends ( UDS

angerousObject.Multi.Generic ) - skipped by user
00:30:48.0523 0x1554 friends ( UDS

angerousObject.Multi.Generic ) - User select action: Skip
00:30:48.0523 0x1554 tionkcrz ( UDS

angerousObject.Multi.Generic ) - skipped by user
00:30:48.0523 0x1554 tionkcrz ( UDS

angerousObject.Multi.Generic ) - User select action: Skip
00:30:48.0523 0x1554 system64-print32 ( UDS

angerousObject.Multi.Generic ) - skipped by user
00:30:48.0523 0x1554 system64-print32 ( UDS

angerousObject.Multi.Generic ) - User select action: Skip
00:30:48.0523 0x1554 xlazimaw ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
00:30:48.0523 0x1554 xlazimaw ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
00:30:48.0523 0x1554 chrome64wave ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
00:30:48.0523 0x1554 chrome64wave ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
00:30:48.0523 0x1554 perl32runner32 ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
00:30:48.0523 0x1554 perl32runner32 ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
00:30:48.0523 0x1554 friends ( UDS

angerousObject.Multi.Generic ) - skipped by user
00:30:48.0523 0x1554 friends ( UDS

angerousObject.Multi.Generic ) - User select action: Skip
00:30:48.0523 0x1554 win ( UDS

angerousObject.Multi.Generic ) - skipped by user
00:30:48.0523 0x1554 win ( UDS

angerousObject.Multi.Generic ) - User select action: Skip
00:30:48.0538 0x1554 explorer64login ( UDS

angerousObject.Multi.Generic ) - skipped by user
00:30:48.0538 0x1554 explorer64login ( UDS

angerousObject.Multi.Generic ) - User select action: Skip
00:31:23.0279 0x1848 Deinitialize success

fertig...

Einhorn66 · 14.11.2014, 01:01

Nun fall ch in die heia...muss morgen früh zur op...gucke danach rein

deeprybka · 14.11.2014, 01:04

Hast die Anweisung aber zum TDSS-Killer nicht befolgt.

Code:

ATTFilter

00:27:10.0918 0x2c6c Scan started
00:27:10.0918 0x2c6c Mode: Manual;

Bitte Scan mit den richtigen Einstellungen wiederholen.

Einhorn66 · 14.11.2014, 13:20

Code:

ATTFilter

12:46:54.0107 0x2958  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
12:47:00.0050 0x2958  ============================================================
12:47:00.0050 0x2958  Current date / time: 2014/11/14 12:47:00.0050
12:47:00.0050 0x2958  SystemInfo:
12:47:00.0050 0x2958  
12:47:00.0050 0x2958  OS Version: 6.1.7601 ServicePack: 1.0
12:47:00.0050 0x2958  Product type: Workstation
12:47:00.0050 0x2958  ComputerName: VISUELLSPEKTRUM
12:47:00.0050 0x2958  UserName: Visuellspektrum B.E
12:47:00.0050 0x2958  Windows directory: C:\Windows
12:47:00.0050 0x2958  System windows directory: C:\Windows
12:47:00.0050 0x2958  Running under WOW64
12:47:00.0050 0x2958  Processor architecture: Intel x64
12:47:00.0050 0x2958  Number of processors: 8
12:47:00.0050 0x2958  Page size: 0x1000
12:47:00.0050 0x2958  Boot type: Normal boot
12:47:00.0050 0x2958  ============================================================
12:47:00.0180 0x2958  KLMD registered as C:\Windows\system32\drivers\69223330.sys
12:47:00.0585 0x2958  System UUID: {1392FE88-96D1-62D4-112D-3696EAE75F54}
12:47:01.0350 0x2958  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:47:01.0381 0x2958  ============================================================
12:47:01.0381 0x2958  \Device\Harddisk0\DR0:
12:47:01.0381 0x2958  MBR partitions:
12:47:01.0381 0x2958  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
12:47:01.0381 0x2958  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x48AF80EB
12:47:01.0381 0x2958  ============================================================
12:47:01.0397 0x2958  C: <-> \Device\Harddisk0\DR0\Partition2
12:47:01.0397 0x2958  ============================================================
12:47:01.0397 0x2958  Initialize success
12:47:01.0397 0x2958  ============================================================
12:47:03.0832 0x16bc  ============================================================
12:47:03.0832 0x16bc  Scan started
12:47:03.0832 0x16bc  Mode: Manual; 
12:47:03.0832 0x16bc  ============================================================
12:47:03.0832 0x16bc  KSN ping started
12:47:17.0652 0x16bc  KSN ping finished: true
12:47:18.0310 0x16bc  ================ Scan system memory ========================
12:47:18.0310 0x16bc  System memory - ok
12:47:18.0310 0x16bc  ================ Scan services =============================
12:47:18.0544 0x16bc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:47:18.0560 0x16bc  1394ohci - ok
12:47:18.0606 0x16bc  [ 7A505465BBB1EB8B5AD4D76E8749383B, 999FBBFAF8CCF68D8B7EB5C4F23A5FC00F911FDD0ED192BE9C51F1BC4BE0EA51 ] Acceler         C:\Windows\system32\DRIVERS\Accelern.sys
12:47:18.0622 0x16bc  Acceler - ok
12:47:18.0653 0x16bc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:47:18.0653 0x16bc  ACPI - ok
12:47:18.0687 0x16bc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:47:18.0687 0x16bc  AcpiPmi - ok
12:47:18.0781 0x16bc  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:47:18.0812 0x16bc  AdobeARMservice - ok
12:47:18.0937 0x16bc  [ D51145F6B0CE987850F13A61DAD5E531, 67CB6AB8C42781FA717CBEF81F3C658747E3B7814383056A56EDA99583FDBFD5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:47:18.0953 0x16bc  AdobeFlashPlayerUpdateSvc - ok
12:47:19.0015 0x16bc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:47:19.0015 0x16bc  adp94xx - ok
12:47:19.0062 0x16bc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:47:19.0077 0x16bc  adpahci - ok
12:47:19.0109 0x16bc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:47:19.0109 0x16bc  adpu320 - ok
12:47:19.0140 0x16bc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:47:19.0140 0x16bc  AeLookupSvc - ok
12:47:19.0233 0x16bc  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
12:47:19.0233 0x16bc  AERTFilters - ok
12:47:19.0296 0x16bc  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
12:47:19.0311 0x16bc  AFD - ok
12:47:19.0358 0x16bc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:47:19.0358 0x16bc  agp440 - ok
12:47:19.0405 0x16bc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:47:19.0405 0x16bc  ALG - ok
12:47:19.0452 0x16bc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:47:19.0452 0x16bc  aliide - ok
12:47:19.0499 0x16bc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:47:19.0499 0x16bc  amdide - ok
12:47:19.0545 0x16bc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:47:19.0545 0x16bc  AmdK8 - ok
12:47:19.0577 0x16bc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:47:19.0577 0x16bc  AmdPPM - ok
12:47:19.0655 0x16bc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:47:19.0655 0x16bc  amdsata - ok
12:47:19.0702 0x16bc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:47:19.0718 0x16bc  amdsbs - ok
12:47:19.0734 0x16bc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:47:19.0734 0x16bc  amdxata - ok
12:47:19.0827 0x16bc  [ 85180CF88C5EBAD73B452A43A004CA51, 24D25495DC21293FC1F37EE7E7C2A4725E66D3D25BE05D7EDF4BB4F444C65526 ] AOL ACS         C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
12:47:19.0827 0x16bc  AOL ACS - ok
12:47:19.0874 0x16bc  APNMCP - ok
12:47:19.0936 0x16bc  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:47:19.0936 0x16bc  AppID - ok
12:47:19.0968 0x16bc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:47:19.0968 0x16bc  AppIDSvc - ok
12:47:19.0999 0x16bc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:47:20.0014 0x16bc  Appinfo - ok
12:47:20.0077 0x16bc  [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:47:20.0077 0x16bc  Apple Mobile Device - ok
12:47:20.0108 0x16bc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:47:20.0108 0x16bc  arc - ok
12:47:20.0139 0x16bc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:47:20.0139 0x16bc  arcsas - ok
12:47:20.0326 0x16bc  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:47:20.0326 0x16bc  aspnet_state - ok
12:47:20.0358 0x16bc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:47:20.0358 0x16bc  AsyncMac - ok
12:47:20.0420 0x16bc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:47:20.0420 0x16bc  atapi - ok
12:47:20.0467 0x16bc  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:47:20.0498 0x16bc  AudioEndpointBuilder - ok
12:47:20.0529 0x16bc  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:47:20.0529 0x16bc  AudioSrv - ok
12:47:20.0560 0x16bc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:47:20.0560 0x16bc  AxInstSV - ok
12:47:20.0623 0x16bc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:47:20.0638 0x16bc  b06bdrv - ok
12:47:20.0701 0x16bc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:47:20.0701 0x16bc  b57nd60a - ok
12:47:20.0748 0x16bc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:47:20.0748 0x16bc  BDESVC - ok
12:47:20.0779 0x16bc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:47:20.0779 0x16bc  Beep - ok
12:47:20.0857 0x16bc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:47:20.0872 0x16bc  BFE - ok
12:47:20.0919 0x16bc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:47:20.0935 0x16bc  BITS - ok
12:47:20.0966 0x16bc  bjdkpcji - ok
12:47:20.0982 0x16bc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:47:20.0982 0x16bc  blbdrive - ok
12:47:21.0060 0x16bc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:47:21.0075 0x16bc  Bonjour Service - ok
12:47:21.0122 0x16bc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:47:21.0122 0x16bc  bowser - ok
12:47:21.0138 0x16bc  bpjnxbfz - ok
12:47:21.0169 0x16bc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:47:21.0169 0x16bc  BrFiltLo - ok
12:47:21.0184 0x16bc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys

Code:

ATTFilter

12:47:21.0184 0x16bc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:47:21.0184 0x16bc  BrFiltUp - ok
12:47:21.0216 0x16bc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:47:21.0216 0x16bc  Browser - ok
12:47:21.0247 0x16bc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:47:21.0262 0x16bc  Brserid - ok
12:47:21.0294 0x16bc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:47:21.0294 0x16bc  BrSerWdm - ok
12:47:21.0309 0x16bc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:47:21.0309 0x16bc  BrUsbMdm - ok
12:47:21.0325 0x16bc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:47:21.0325 0x16bc  BrUsbSer - ok
12:47:21.0387 0x16bc  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
12:47:21.0403 0x16bc  BrYNSvc - ok
12:47:21.0418 0x16bc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:47:21.0418 0x16bc  BTHMODEM - ok
12:47:21.0465 0x16bc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:47:21.0481 0x16bc  bthserv - ok
12:47:21.0621 0x16bc  [ DDF88F23DBCDDB77CEEC258703019F4F, 1087A1D7EDB38B8E482DA2F2456236D64750D5439F62A4FE75B20E421092D8D4 ] catalog         C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\nph_insulin\wallet.exe
12:47:21.0637 0x16bc  catalog - ok
12:47:21.0637 0x16bc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:47:21.0637 0x16bc  cdfs - ok
12:47:21.0699 0x16bc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:47:21.0699 0x16bc  cdrom - ok
12:47:21.0746 0x16bc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:47:21.0746 0x16bc  CertPropSvc - ok
12:47:21.0777 0x16bc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:47:21.0777 0x16bc  circlass - ok
12:47:21.0840 0x16bc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:47:21.0840 0x16bc  CLFS - ok
12:47:22.0011 0x16bc  [ 871EEE78F98D6E31C80FD39433A8FE2F, 67602F597FADA1E7102BC373287A4A78339E057D37FCEAD0B2502F70450EC7CE ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
12:47:22.0058 0x16bc  ClickToRunSvc - ok
12:47:22.0152 0x16bc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:47:22.0152 0x16bc  clr_optimization_v2.0.50727_32 - ok
12:47:22.0230 0x16bc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:47:22.0230 0x16bc  clr_optimization_v2.0.50727_64 - ok
12:47:22.0308 0x16bc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:47:22.0308 0x16bc  clr_optimization_v4.0.30319_32 - ok
12:47:22.0339 0x16bc  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:47:22.0339 0x16bc  clr_optimization_v4.0.30319_64 - ok
12:47:22.0386 0x16bc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:47:22.0386 0x16bc  CmBatt - ok
12:47:22.0432 0x16bc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:47:22.0448 0x16bc  cmdide - ok
12:47:22.0526 0x16bc  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
12:47:22.0542 0x16bc  CNG - ok
12:47:22.0588 0x16bc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:47:22.0588 0x16bc  Compbatt - ok
12:47:22.0635 0x16bc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:47:22.0635 0x16bc  CompositeBus - ok
12:47:22.0666 0x16bc  COMSysApp - ok
12:47:22.0682 0x16bc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:47:22.0682 0x16bc  crcdisk - ok
12:47:22.0713 0x2964  Object required for P2P: [ D51145F6B0CE987850F13A61DAD5E531 ] AdobeFlashPlayerUpdateSvc
12:47:22.0729 0x16bc  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:47:22.0729 0x16bc  CryptSvc - ok
12:47:22.0776 0x16bc  [ FBE228ABEAB2BE13B9C3A3A112D4D8DC, A9FF2DC38CBE00AAD904BB7EC74480953D513E46FDE607A7773FF5A2A25B8C15 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
12:47:22.0776 0x16bc  CtClsFlt - ok
12:47:22.0900 0x16bc  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:47:22.0916 0x16bc  cvhsvc - ok
12:47:22.0932 0x16bc  cypvewap - ok
12:47:22.0978 0x16bc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:47:22.0994 0x16bc  DcomLaunch - ok
12:47:23.0010 0x16bc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:47:23.0025 0x16bc  defragsvc - ok
12:47:23.0056 0x16bc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:47:23.0056 0x16bc  DfsC - ok
12:47:23.0088 0x16bc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:47:23.0088 0x16bc  Dhcp - ok
12:47:23.0103 0x16bc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:47:23.0103 0x16bc  discache - ok
12:47:23.0150 0x16bc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:47:23.0166 0x16bc  Disk - ok
12:47:23.0197 0x16bc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:47:23.0197 0x16bc  Dnscache - ok
12:47:23.0290 0x16bc  [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
12:47:23.0290 0x16bc  DockLoginService - ok
12:47:23.0322 0x16bc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:47:23.0337 0x16bc  dot3svc - ok
12:47:23.0353 0x16bc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:47:23.0368 0x16bc  DPS - ok
12:47:23.0415 0x16bc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:47:23.0415 0x16bc  drmkaud - ok
12:47:23.0478 0x16bc  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:47:23.0509 0x16bc  DXGKrnl - ok
12:47:23.0556 0x16bc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:47:23.0556 0x16bc  EapHost - ok
12:47:23.0680 0x16bc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:47:23.0743 0x16bc  ebdrv - ok
12:47:23.0774 0x16bc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
12:47:23.0805 0x16bc  EFS - ok
12:47:23.0883 0x16bc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:47:23.0899 0x16bc  ehRecvr - ok
12:47:23.0914 0x16bc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:47:23.0930 0x16bc  ehSched - ok
12:47:23.0961 0x16bc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:47:23.0977 0x16bc  elxstor - ok
12:47:24.0024 0x16bc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:47:24.0024 0x16bc  ErrDev - ok
12:47:24.0070 0x16bc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:47:24.0070 0x16bc  EventSystem - ok
12:47:24.0226 0x16bc  [ B56D9602DB5FE1C116B1CA5EFD8E2E50, 34F52939089A98860E659BEF6AB8275BC50C33CC282DD3D34E13909BB7E3E575 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
12:47:24.0242 0x16bc  EvtEng - ok
12:47:24.0289 0x16bc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:47:24.0289 0x16bc  exfat - ok
12:47:24.0320 0x16bc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:47:24.0320 0x16bc  fastfat - ok
12:47:24.0382 0x16bc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:47:24.0398 0x16bc  Fax - ok
12:47:24.0429 0x16bc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

[CODE]12:47:24.0460 0x16bc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:47:24.0460 0x16bc fdPHost - ok
12:47:24.0476 0x16bc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:47:24.0476 0x16bc FDResPub - ok
12:47:24.0492 0x16bc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:47:24.0492 0x16bc FileInfo - ok
12:47:24.0523 0x16bc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:47:24.0523 0x16bc Filetrace - ok
12:47:24.0523 0x16bc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:47:24.0523 0x16bc flpydisk - ok
12:47:24.0554 0x16bc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:47:24.0554 0x16bc FltMgr - ok
12:47:24.0616 0x16bc [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:47:24.0648 0x16bc FontCache - ok
12:47:24.0726 0x16bc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:47:24.0726 0x16bc FontCache3.0.0.0 - ok
12:47:24.0741 0x16bc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:47:24.0757 0x16bc FsDepends - ok
12:47:24.0774 0x16bc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:47:24.0790 0x16bc Fs_Rec - ok
12:47:24.0821 0x16bc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:47:24.0821 0x16bc fvevol - ok
12:47:24.0852 0x16bc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:47:24.0852 0x16bc gagp30kx - ok
12:47:24.0884 0x16bc [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:47:24.0884 0x16bc GEARAspiWDM - ok
12:47:24.0946 0x16bc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:47:24.0962 0x16bc gpsvc - ok
12:47:25.0040 0x16bc [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:47:25.0040 0x16bc gupdate - ok
12:47:25.0055 0x16bc [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:47:25.0055 0x16bc gupdatem - ok
12:47:25.0071 0x16bc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:47:25.0071 0x16bc hcw85cir - ok
12:47:25.0118 0x16bc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:47:25.0133 0x16bc HDAudBus - ok
12:47:25.0164 0x16bc [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:47:25.0164 0x16bc HECIx64 - ok
12:47:25.0180 0x16bc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:47:25.0180 0x16bc HidBatt - ok
12:47:25.0196 0x16bc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:47:25.0211 0x16bc HidBth - ok
12:47:25.0227 0x16bc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:47:25.0227 0x16bc HidIr - ok
12:47:25.0274 0x16bc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:47:25.0274 0x16bc hidserv - ok
12:47:25.0274 0x2964 Object send P2P result: true
12:47:25.0320 0x16bc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
12:47:25.0320 0x16bc HidUsb - ok
12:47:25.0367 0x16bc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:47:25.0367 0x16bc hkmsvc - ok
12:47:25.0398 0x16bc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:47:25.0414 0x16bc HomeGroupListener - ok
12:47:25.0445 0x16bc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:47:25.0445 0x16bc HomeGroupProvider - ok
12:47:25.0492 0x16bc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:47:25.0508 0x16bc HpSAMD - ok
12:47:25.0586 0x16bc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:47:25.0601 0x16bc HTTP - ok
12:47:25.0632 0x16bc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:47:25.0632 0x16bc hwpolicy - ok
12:47:25.0664 0x16bc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:47:25.0664 0x16bc i8042prt - ok
12:47:25.0728 0x16bc [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:47:25.0744 0x16bc iaStor - ok
12:47:25.0855 0x16bc [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:47:25.0855 0x16bc IAStorDataMgrSvc - ok
12:47:25.0870 0x16bc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:47:25.0886 0x16bc iaStorV - ok
12:47:25.0948 0x16bc [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:47:25.0964 0x16bc idsvc - ok
12:47:26.0011 0x16bc IEEtwCollectorService - ok
12:47:26.0042 0x16bc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:47:26.0042 0x16bc iirsp - ok
12:47:26.0104 0x16bc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:47:26.0120 0x16bc IKEEXT - ok
12:47:26.0260 0x16bc [ 491DADCC74327FABC85E0AB80AF8F204, 6E2CCC161EBDE932F800C90DACD59568E10851FC74236D33ECBC654B1FBA71EA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:47:26.0307 0x16bc IntcAzAudAddService - ok
12:47:26.0354 0x16bc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:47:26.0354 0x16bc intelide - ok
12:47:26.0401 0x16bc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:47:26.0401 0x16bc intelppm - ok
12:47:26.0432 0x16bc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:47:26.0432 0x16bc IPBusEnum - ok
12:47:26.0479 0x16bc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:47:26.0479 0x16bc IpFilterDriver - ok
12:47:26.0526 0x16bc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:47:26.0526 0x16bc iphlpsvc - ok
12:47:26.0557 0x16bc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:47:26.0572 0x16bc IPMIDRV - ok
12:47:26.0604 0x16bc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:47:26.0604 0x16bc IPNAT - ok
12:47:26.0650 0x16bc [ 0FA89CB1B99AD494CE36DD2DE717D696, 5B35B26C625306A7AD5A00FCAC46FD6D60061F1C8171352B5EF1C916A667AC92 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:47:26.0666 0x16bc iPod Service - ok
12:47:26.0713 0x16bc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:47:26.0713 0x16bc IRENUM - ok
12:47:26.0728 0x16bc ireyrvls - ok
12:47:26.0744 0x16bc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:47:26.0760 0x16bc isapnp - ok
12:47:26.0793 0x16bc [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:47:26.0808 0x16bc iScsiPrt - ok
12:47:26.0824 0x16bc jdghtads - ok
12:47:26.0855 0x16bc [ 08ED99A8271CF0B808C595D88ECEE779, 440ECE9999FF17A70792E530A03A9D38F44C6245F06C47C988474E110C42168C ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
12:47:26.0871 0x16bc JMCR - ok
12:47:26.0886 0x16bc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:47:26.0886 0x16bc kbdclass - ok
12:47:26.0918 0x16bc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:47:26.0918 0x16bc kbdhid - ok
12:47:26.0949 0x16bc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
12:47:26.0949 0x16bc KeyIso - ok
12:47:26.0980 0x16bc [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:47:26.0996 0x16bc KSecDD - ok
12:47:27.0011 0x16bc [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:47:27.0027 0x16bc KSecPkg - ok
12:47:27.0042 0x16bc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:47:27.0042 0x16bc ksthunk - ok
12:47:27.0105 0x16bc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:47:27.0120 0x16bc KtmRm - ok
12:47:27.0152 0x16bc kwyjdkfc - ok
12:47:27.0183 0x16bc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:47:27.0183 0x16bc LanmanServer - ok
12:47:27.0214 0x16bc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:47:27.0214 0x16bc LanmanWorkstation - ok
12:47:27.0261 0x16bc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:47:27.0261 0x16bc lltdio - ok
12:47:27.0292 0x16bc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:47:27.0308 0x16bc lltdsvc - ok
12:47:27.0323 0x16bc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:47:27.0323 0x16bc lmhosts - ok
12:47:27.0386 0x16bc [ 23D990150D56B670A62B21B9ABDD45EE, BB9DBC0D02474976420321162C3AB1FDF975FA0494B1030488B03BC98A65F888 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:47:27.0386 0x16bc LMS - ok
12:47:27.0401 0x16bc logxmmoa - ok
12:47:27.0417 0x16bc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:47:27.0432 0x16bc LSI_FC - ok
12:47:27.0464 0x16bc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:47:27.0464 0x16bc LSI_SAS - ok
12:47:27.0479 0x16bc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:47:27.0479 0x16bc LSI_SAS2 - ok
12:47:27.0495 0x16bc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:47:27.0510 0x16bc LSI_SCSI - ok
12:47:27.0526 0x16bc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:47:27.0526 0x16bc luafv - ok
12:47:27.0542 0x16bc mbcrpyut - ok
12:47:27.0620 0x16bc [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
12:47:27.0620 0x16bc McComponentHostService - ok
12:47:27.0651 0x16bc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:47:27.0666 0x16bc Mcx2Svc - ok
12:47:27.0682 0x16bc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:47:27.0682 0x16bc megasas - ok
12:47:27.0698 0x16bc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:47:27.0698 0x16bc MegaSR - ok
12:47:27.0729 0x16bc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:47:27.0744 0x16bc MMCSS - ok
12:47:27.0760 0x16bc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:47:27.0760 0x16bc Modem - ok
12:47:27.0808 0x16bc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:47:27.0809 0x16bc monitor - ok
12:47:27.0856 0x16bc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:47:27.0856 0x16bc mouclass - ok
12:47:27.0887 0x16bc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:47:27.0887 0x16bc mouhid - ok
12:47:27.0934 0x16bc [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:47:27.0934 0x16bc mountmgr - ok
12:47:27.0996 0x16bc [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
12:47:27.0996 0x16bc MpFilter - ok
12:47:28.0058 0x16bc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:47:28.0058 0x16bc mpio - ok
12:47:28.0277 0x16bc [ 6DDB2BEFF00EA756FF0F65132330D4F4, A50749C3FDB57B686F91109CC55DF05300A6DF224B58649CE514506D074EADC9 ] MpKslcafc224f c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7587C0C0-6B36-4747-8F64-DBB36113111E}\MpKslcafc224f.sys
12:47:28.0277 0x16bc MpKslcafc224f - ok
12:47:28.0308 0x16bc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:47:28.0308 0x16bc mpsdrv - ok
12:47:28.0370 0x16bc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:47:28.0386 0x16bc MpsSvc - ok
12:47:28.0433 0x16bc [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:47:28.0433 0x16bc MRxDAV - ok
12:47:28.0464 0x16bc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:47:28.0464 0x16bc mrxsmb - ok
12:47:28.0526 0x16bc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:47:28.0542 0x16bc mrxsmb10 - ok
12:47:28.0542 0x16bc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:47:28.0558 0x16bc mrxsmb20 - ok
12:47:28.0589 0x16bc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:47:28.0589 0x16bc msahci - ok
12:47:28.0604 0x16bc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:47:28.0604 0x16bc msdsm - ok
12:47:28.0620 0x16bc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:47:28.0636 0x16bc MSDTC - ok
12:47:28.0682 0x16bc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:47:28.0682 0x16bc Msfs - ok
12:47:28.0698 0x16bc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:47:28.0698 0x16bc mshidkmdf - ok
12:47:28.0729 0x16bc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:47:28.0729 0x16bc msisadrv - ok
12:47:28.0760 0x16bc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:47:28.0776 0x16bc MSiSCSI - ok
12:47:28.0776 0x16bc msiserver - ok
12:47:28.0807 0x16bc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:47:28.0807 0x16bc MSKSSRV - ok
12:47:28.0887 0x16bc [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
12:47:28.0887 0x16bc MsMpSvc - ok
12:47:28.0903 0x16bc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:47:28.0903 0x16bc MSPCLOCK - ok
12:47:28.0903 0x16bc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:47:28.0903 0x16bc MSPQM - ok
12:47:28.0950 0x16bc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:47:28.0950 0x16bc MsRPC - ok
12:47:28.0981 0x16bc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:47:28.0981 0x16bc mssmbios - ok
12:47:28.0996 0x16bc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:47:28.0996 0x16bc MSTEE - ok
12:47:29.0012 0x16bc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:47:29.0012 0x16bc MTConfig - ok
12:47:29.0043 0x16bc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:47:29.0043 0x16bc Mup - ok
12:47:29.0090 0x16bc [ A9BC2302FBDF52C8AF4E2FC966288D21, 4CBDCDCC2BA8133BDC0BA1A1EB47FB9241CAACF93544BAD37175417DA9E616D6 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

Code:

ATTFilter

12:47:29.0106 0x16bc  MyWiFiDHCPDNS - ok
12:47:29.0137 0x16bc  mznekkmt - ok
12:47:29.0168 0x16bc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:47:29.0184 0x16bc  napagent - ok
12:47:29.0230 0x16bc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:47:29.0230 0x16bc  NativeWifiP - ok
12:47:29.0308 0x16bc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:47:29.0340 0x16bc  NDIS - ok
12:47:29.0355 0x16bc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:47:29.0355 0x16bc  NdisCap - ok
12:47:29.0371 0x16bc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:47:29.0371 0x16bc  NdisTapi - ok
12:47:29.0402 0x16bc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:47:29.0402 0x16bc  Ndisuio - ok
12:47:29.0433 0x16bc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:47:29.0449 0x16bc  NdisWan - ok
12:47:29.0480 0x16bc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:47:29.0480 0x16bc  NDProxy - ok
12:47:29.0496 0x16bc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:47:29.0496 0x16bc  NetBIOS - ok
12:47:29.0511 0x16bc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:47:29.0511 0x16bc  NetBT - ok
12:47:29.0527 0x16bc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
12:47:29.0527 0x16bc  Netlogon - ok
12:47:29.0558 0x16bc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:47:29.0558 0x16bc  Netman - ok
12:47:29.0589 0x16bc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:47:29.0605 0x16bc  NetMsmqActivator - ok
12:47:29.0605 0x16bc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:47:29.0605 0x16bc  NetPipeActivator - ok
12:47:29.0636 0x16bc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:47:29.0652 0x16bc  netprofm - ok
12:47:29.0652 0x16bc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:47:29.0667 0x16bc  NetTcpActivator - ok
12:47:29.0667 0x16bc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:47:29.0667 0x16bc  NetTcpPortSharing - ok
12:47:29.0920 0x16bc  [ 18555F48844C2861D9DCE8F2B7223AE5, 35F8C0DFCF14780F86AD9A476A7AE22A98589B27ED9C7E109945CBBD227E6E2B ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
12:47:30.0108 0x16bc  NETw5s64 - ok
12:47:30.0154 0x16bc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:47:30.0154 0x16bc  nfrd960 - ok
12:47:30.0186 0x16bc  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:47:30.0186 0x16bc  NisDrv - ok
12:47:30.0248 0x16bc  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
12:47:30.0248 0x16bc  NisSrv - ok
12:47:30.0295 0x16bc  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:47:30.0310 0x16bc  NlaSvc - ok
12:47:30.0310 0x16bc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:47:30.0326 0x16bc  Npfs - ok
12:47:30.0342 0x16bc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:47:30.0342 0x16bc  nsi - ok
12:47:30.0357 0x16bc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:47:30.0357 0x16bc  nsiproxy - ok
12:47:30.0435 0x16bc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:47:30.0466 0x16bc  Ntfs - ok
12:47:30.0498 0x16bc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:47:30.0498 0x16bc  Null - ok
12:47:30.0544 0x16bc  [ 285ACEC1B13A15BA520AAE06BACB9CFF, A6F576763818D4EAB2CDA3857F2963F61FDA67D7B581C52E1EB1DDB32FD642C3 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
12:47:30.0544 0x16bc  nusb3hub - ok
12:47:30.0576 0x16bc  [ F6D625FF7B56BB6EA063F0D3A5BBC996, 830196E96C120367BDA8C0EC9D7B85A642D41E8108189B1A72193299A6C005B1 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:47:30.0591 0x16bc  nusb3xhc - ok
12:47:30.0607 0x16bc  [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
12:47:30.0622 0x16bc  NVHDA - ok
12:47:30.0998 0x16bc  [ 011F0596D167D073E6813AE88E7947A9, 2EF87754BE6477DAEF0B1C60C5BA5B6E038D2687EDCBE0A15B1A0862FF8D81BE ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:47:31.0341 0x16bc  nvlddmkm - ok
12:47:31.0403 0x16bc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:47:31.0403 0x16bc  nvraid - ok
12:47:31.0435 0x16bc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:47:31.0450 0x16bc  nvstor - ok
12:47:31.0481 0x16bc  [ E72422F9C55078DFA298AC7AA0A87970, F6CB073B5BCD66E77BAF45E1FA3F8A6AE337728F7AE21FF53319669FA82A0C82 ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:47:31.0481 0x16bc  nvsvc - ok
12:47:31.0528 0x16bc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:47:31.0528 0x16bc  nv_agp - ok
12:47:31.0637 0x16bc  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:47:31.0637 0x16bc  odserv - ok
12:47:31.0653 0x16bc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:47:31.0653 0x16bc  ohci1394 - ok
12:47:31.0715 0x16bc  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:47:31.0715 0x16bc  ose - ok
12:47:31.0918 0x16bc  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:47:32.0043 0x16bc  osppsvc - ok
12:47:32.0090 0x16bc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:47:32.0105 0x16bc  p2pimsvc - ok
12:47:32.0137 0x16bc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:47:32.0152 0x16bc  p2psvc - ok
12:47:32.0183 0x16bc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:47:32.0183 0x16bc  Parport - ok
12:47:32.0215 0x16bc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:47:32.0215 0x16bc  partmgr - ok
12:47:32.0230 0x16bc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:47:32.0230 0x16bc  PcaSvc - ok
12:47:32.0261 0x16bc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:47:32.0277 0x16bc  pci - ok
12:47:32.0308 0x16bc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:47:32.0308 0x16bc  pciide - ok
12:47:32.0324 0x16bc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:47:32.0339 0x16bc  pcmcia - ok
12:47:32.0355 0x16bc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:47:32.0355 0x16bc  pcw - ok
12:47:32.0386 0x16bc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:47:32.0402 0x16bc  PEAUTH - ok
12:47:32.0480 0x16bc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:47:32.0480 0x16bc  PerfHost - ok
12:47:32.0558 0x16bc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:47:32.0589 0x16bc  pla - ok
12:47:32.0636 0x16bc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:47:32.0636 0x16bc  PlugPlay - ok
12:47:32.0667 0x16bc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

Code:

ATTFilter

12:47:32.0667 0x16bc  PNRPAutoReg - ok
12:47:32.0698 0x16bc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:47:32.0714 0x16bc  PNRPsvc - ok
12:47:32.0745 0x16bc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:47:32.0761 0x16bc  PolicyAgent - ok
12:47:32.0792 0x16bc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:47:32.0792 0x16bc  Power - ok
12:47:32.0823 0x16bc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:47:32.0823 0x16bc  PptpMiniport - ok
12:47:32.0870 0x16bc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:47:32.0870 0x16bc  Processor - ok
12:47:32.0901 0x16bc  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:47:32.0901 0x16bc  ProfSvc - ok
12:47:32.0917 0x16bc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:47:32.0917 0x16bc  ProtectedStorage - ok
12:47:32.0963 0x16bc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:47:32.0963 0x16bc  Psched - ok
12:47:33.0010 0x16bc  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
12:47:33.0010 0x16bc  PxHlpa64 - ok
12:47:33.0041 0x16bc  [ 0928BD20273625622722FE1DE5BBDE57, 5313C222F8810D3A62CCE64482B5E50E58BBE2A2C298A23C84A454C34324AC52 ] qicflt          C:\Windows\system32\DRIVERS\qicflt.sys
12:47:33.0041 0x16bc  qicflt - ok
12:47:33.0119 0x16bc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:47:33.0166 0x16bc  ql2300 - ok
12:47:33.0182 0x16bc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:47:33.0182 0x16bc  ql40xx - ok
12:47:33.0213 0x16bc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:47:33.0229 0x16bc  QWAVE - ok
12:47:33.0244 0x16bc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:47:33.0244 0x16bc  QWAVEdrv - ok
12:47:33.0260 0x16bc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:47:33.0260 0x16bc  RasAcd - ok
12:47:33.0291 0x16bc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:47:33.0291 0x16bc  RasAgileVpn - ok
12:47:33.0307 0x16bc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:47:33.0307 0x16bc  RasAuto - ok
12:47:33.0338 0x16bc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:47:33.0338 0x16bc  Rasl2tp - ok
12:47:33.0385 0x16bc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:47:33.0400 0x16bc  RasMan - ok
12:47:33.0416 0x16bc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:47:33.0416 0x16bc  RasPppoe - ok
12:47:33.0447 0x16bc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:47:33.0447 0x16bc  RasSstp - ok
12:47:33.0478 0x16bc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:47:33.0494 0x16bc  rdbss - ok
12:47:33.0509 0x16bc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:47:33.0509 0x16bc  rdpbus - ok
12:47:33.0525 0x16bc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:47:33.0525 0x16bc  RDPCDD - ok
12:47:33.0556 0x16bc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:47:33.0556 0x16bc  RDPENCDD - ok
12:47:33.0556 0x16bc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:47:33.0556 0x16bc  RDPREFMP - ok
12:47:33.0619 0x16bc  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:47:33.0619 0x16bc  RdpVideoMiniport - ok
12:47:33.0665 0x16bc  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:47:33.0681 0x16bc  RDPWD - ok
12:47:33.0728 0x16bc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:47:33.0743 0x16bc  rdyboost - ok
12:47:33.0821 0x16bc  [ 0AA473966357C4A41B5EB19649EB6E5E, D4F1EADDECE41481332CBF03B8CAB4AC6AB048834DF013DB30757E7941F306FE ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
12:47:33.0837 0x16bc  RegSrvc - ok
12:47:33.0868 0x16bc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:47:33.0868 0x16bc  RemoteAccess - ok
12:47:33.0915 0x16bc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:47:33.0915 0x16bc  RemoteRegistry - ok
12:47:33.0946 0x16bc  [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
12:47:33.0946 0x16bc  RimUsb - ok
12:47:34.0112 0x16bc  [ BDDC447AB46625A54619808575D5CB46, 5321343BFB972A111D27DED7A3F3A3520E0C77104E6139ADC7765C76A459ED9C ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
12:47:34.0143 0x16bc  RoxMediaDB12OEM - ok
12:47:34.0175 0x16bc  [ CE203243ADF512540249DF9C264F12DD, 7BC0A6E9A422D832DDF046F28EA0F80A879A007B7116C4B830D6A39DCDD09EF5 ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
12:47:34.0206 0x16bc  RoxWatch12 - ok
12:47:34.0221 0x16bc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:47:34.0221 0x16bc  RpcEptMapper - ok
12:47:34.0253 0x16bc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:47:34.0253 0x16bc  RpcLocator - ok
12:47:34.0284 0x16bc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:47:34.0299 0x16bc  RpcSs - ok
12:47:34.0331 0x16bc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:47:34.0331 0x16bc  rspndr - ok
12:47:34.0377 0x16bc  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:47:34.0393 0x16bc  RTL8167 - ok
12:47:34.0393 0x16bc  rvqhafqh - ok
12:47:34.0409 0x16bc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
12:47:34.0409 0x16bc  SamSs - ok
12:47:34.0440 0x16bc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:47:34.0440 0x16bc  sbp2port - ok
12:47:34.0487 0x16bc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:47:34.0487 0x16bc  SCardSvr - ok
12:47:34.0518 0x16bc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:47:34.0518 0x16bc  scfilter - ok
12:47:34.0580 0x16bc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:47:34.0596 0x16bc  Schedule - ok
12:47:34.0627 0x16bc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:47:34.0627 0x16bc  SCPolicySvc - ok
12:47:34.0658 0x16bc  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
12:47:34.0674 0x16bc  sdbus - ok
12:47:34.0705 0x16bc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:47:34.0721 0x16bc  SDRSVC - ok
12:47:34.0736 0x16bc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:47:34.0736 0x16bc  secdrv - ok
12:47:34.0767 0x16bc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:47:34.0767 0x16bc  seclogon - ok
12:47:34.0783 0x16bc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:47:34.0783 0x16bc  SENS - ok
12:47:34.0799 0x16bc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:47:34.0799 0x16bc  SensrSvc - ok
12:47:34.0845 0x16bc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:47:34.0845 0x16bc  Serenum - ok
12:47:34.0861 0x16bc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:47:34.0861 0x16bc  Serial - ok
12:47:34.0892 0x16bc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:47:34.0908 0x16bc  sermouse - ok
12:47:34.0939 0x16bc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:47:34.0939 0x16bc  SessionEnv - ok
12:47:34.0972 0x16bc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
12:47:34.0972 0x16bc  sffdisk - ok
12:47:34.0990 0x16bc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:47:34.0990 0x16bc  sffp_mmc - ok
12:47:35.0005 0x16bc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
12:47:35.0005 0x16bc  sffp_sd - ok
12:47:35.0037 0x16bc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:47:35.0037 0x16bc  sfloppy - ok
12:47:35.0099 0x16bc  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
12:47:35.0115 0x16bc  Sftfs - ok
12:47:35.0193 0x16bc  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:47:35.0208 0x16bc  sftlist - ok
12:47:35.0239 0x16bc  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:47:35.0255 0x16bc  Sftplay - ok
12:47:35.0271 0x16bc  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:47:35.0271 0x16bc  Sftredir - ok
12:47:35.0364 0x16bc  [ E1974A92AC0914A3859359A0A8C82C68, 4908917F72D6E531B44488F06A05915F0DA9767758E44C886F5F93F46BA79654 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
12:47:35.0364 0x16bc  SftService - ok
12:47:35.0380 0x16bc  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
12:47:35.0395 0x16bc  Sftvol - ok
12:47:35.0427 0x16bc  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:47:35.0427 0x16bc  sftvsa - ok
12:47:35.0458 0x16bc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:47:35.0473 0x16bc  SharedAccess - ok
12:47:35.0520 0x16bc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:47:35.0520 0x16bc  ShellHWDetection - ok
12:47:35.0551 0x16bc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:47:35.0551 0x16bc  SiSRaid2 - ok
12:47:35.0567 0x16bc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:47:35.0567 0x16bc  SiSRaid4 - ok
12:47:35.0661 0x16bc  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:47:35.0676 0x16bc  SkypeUpdate - ok
12:47:35.0707 0x16bc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:47:35.0707 0x16bc  Smb - ok
12:47:35.0739 0x16bc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:47:35.0754 0x16bc  SNMPTRAP - ok
12:47:35.0770 0x16bc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:47:35.0770 0x16bc  spldr - ok
12:47:35.0817 0x16bc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:47:35.0817 0x16bc  Spooler - ok
12:47:35.0957 0x16bc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:47:36.0035 0x16bc  sppsvc - ok
12:47:36.0066 0x16bc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:47:36.0066 0x16bc  sppuinotify - ok
12:47:36.0113 0x16bc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:47:36.0113 0x16bc  srv - ok
12:47:36.0129 0x16bc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:47:36.0144 0x16bc  srv2 - ok
12:47:36.0160 0x16bc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:47:36.0160 0x16bc  srvnet - ok
12:47:36.0191 0x16bc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:47:36.0191 0x16bc  SSDPSRV - ok
12:47:36.0222 0x16bc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:47:36.0222 0x16bc  SstpSvc - ok
12:47:36.0253 0x16bc  [ 92E7F6666633D2DD91D527503DAA7BE0, E97C7FFCAF2C7A83B270B6C797A91C2731FEA26874FE1E59B4CB55D5D98744BB ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
12:47:36.0253 0x16bc  stdcfltn - ok
12:47:36.0331 0x16bc  [ C6539A0CB1EBFF488D3D4B070C4F17F8, F889F58BF2ABDAD91E814D7F72879EFA735F672E6B8BAC22D8B3E390D3D93926 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:47:36.0347 0x16bc  Stereo Service - ok
12:47:36.0378 0x16bc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:47:36.0378 0x16bc  stexstor - ok
12:47:36.0425 0x16bc  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
12:47:36.0425 0x16bc  StillCam - ok
12:47:36.0503 0x16bc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:47:36.0519 0x16bc  stisvc - ok
12:47:36.0565 0x16bc  [ 9E182DD94496550A22A392CC1A8E0F52, 6F630982F7AFDF409F24BB0D9815592000FC8A47200F4FEC4A5C5ED241810244 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
12:47:36.0612 0x16bc  stllssvr - ok
12:47:36.0628 0x16bc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:47:36.0628 0x16bc  swenum - ok
12:47:36.0659 0x16bc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:47:36.0675 0x16bc  swprv - ok
12:47:36.0737 0x16bc  [ 36F506C894E1EA59C65FAF6398BDF49A, 70B7CA69958796C3AFA1ACA4C3BF054CBFEE84DC73A55D395EFED4A80B5399A2 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
12:47:36.0784 0x16bc  SynTP - ok
12:47:36.0846 0x16bc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:47:36.0877 0x16bc  SysMain - ok
12:47:36.0971 0x16bc  [ C7A3D0DA9A546B9127A88CDFC514A531, 7234E42EC90A393626B5F528151952F248F790AD40BB6B966EC4FB5D9BB6059C ] SystemStoreService C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe
12:47:36.0987 0x16bc  SystemStoreService - ok
12:47:37.0002 0x16bc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:47:37.0019 0x16bc  TabletInputService - ok
12:47:37.0052 0x16bc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll

Code:

ATTFilter

12:47:37.0068 0x16bc  TapiSrv - ok
12:47:37.0083 0x16bc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:47:37.0083 0x16bc  TBS - ok
12:47:37.0161 0x16bc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:47:37.0208 0x16bc  Tcpip - ok
12:47:37.0270 0x16bc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:47:37.0302 0x16bc  TCPIP6 - ok
12:47:37.0364 0x16bc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:47:37.0364 0x16bc  tcpipreg - ok
12:47:37.0395 0x16bc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:47:37.0395 0x16bc  TDPIPE - ok
12:47:37.0426 0x16bc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:47:37.0426 0x16bc  TDTCP - ok
12:47:37.0458 0x16bc  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:47:37.0458 0x16bc  tdx - ok
12:47:37.0692 0x16bc  [ 9CC341BE32EEC138702795768DE9DE99, 61F580B40075680C72E40286BC6D69E94653A0F5574FFE08B46A9011AC88C58B ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
12:47:37.0801 0x16bc  TeamViewer9 - ok
12:47:37.0816 0x16bc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:47:37.0832 0x16bc  TermDD - ok
12:47:37.0879 0x16bc  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
12:47:37.0926 0x16bc  TermService - ok
12:47:37.0941 0x16bc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:47:37.0941 0x16bc  Themes - ok
12:47:37.0972 0x16bc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:47:37.0972 0x16bc  THREADORDER - ok
12:47:37.0988 0x16bc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:47:38.0004 0x16bc  TrkWks - ok
12:47:38.0082 0x16bc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:47:38.0082 0x16bc  TrustedInstaller - ok
12:47:38.0113 0x16bc  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:47:38.0113 0x16bc  tssecsrv - ok
12:47:38.0175 0x16bc  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:47:38.0191 0x16bc  TsUsbFlt - ok
12:47:38.0238 0x16bc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:47:38.0238 0x16bc  tunnel - ok
12:47:38.0300 0x16bc  [ 825E7A1F48FB8BCFBA27C178AAB4E275, 94F039917B52BEFFFE383E14A6169AE81B6E79C30BA7DD017A9CFE15708A1605 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
12:47:38.0316 0x16bc  TurboB - ok
12:47:38.0362 0x16bc  [ B206BE1174D5964D49A56BB6C4E0524A, 9D7DA11220B69E2EDEA9E55EC0E4CB554DD7F638ABF49B76353CE5A5C75965B8 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
12:47:38.0378 0x16bc  TurboBoost - ok
12:47:38.0425 0x16bc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:47:38.0425 0x16bc  uagp35 - ok
12:47:38.0472 0x16bc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:47:38.0472 0x16bc  udfs - ok
12:47:38.0487 0x16bc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:47:38.0487 0x16bc  UI0Detect - ok
12:47:38.0534 0x16bc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:47:38.0534 0x16bc  uliagpkx - ok
12:47:38.0581 0x16bc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
12:47:38.0581 0x16bc  umbus - ok
12:47:38.0596 0x16bc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:47:38.0612 0x16bc  UmPass - ok
12:47:38.0784 0x16bc  [ CBDEE152D73200EE49031A26310B9D3E, 92E22235446F8DB3BFE97EDE7DE7D33F43EAC5957C5B41ACCEC4EBFD19BFF819 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:47:38.0830 0x16bc  UNS - ok
12:47:38.0877 0x16bc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:47:38.0877 0x16bc  upnphost - ok
12:47:38.0924 0x16bc  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
12:47:38.0924 0x16bc  USBAAPL64 - ok
12:47:38.0971 0x16bc  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:47:38.0971 0x16bc  usbaudio - ok
12:47:39.0002 0x16bc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:47:39.0002 0x16bc  usbccgp - ok
12:47:39.0033 0x16bc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:47:39.0033 0x16bc  usbcir - ok
12:47:39.0064 0x16bc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
12:47:39.0064 0x16bc  usbehci - ok
12:47:39.0096 0x16bc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:47:39.0111 0x16bc  usbhub - ok
12:47:39.0127 0x16bc  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:47:39.0127 0x16bc  usbohci - ok
12:47:39.0174 0x16bc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:47:39.0174 0x16bc  usbprint - ok
12:47:39.0205 0x16bc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:47:39.0220 0x16bc  USBSTOR - ok
12:47:39.0252 0x16bc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:47:39.0252 0x16bc  usbuhci - ok
12:47:39.0283 0x16bc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
12:47:39.0283 0x16bc  usbvideo - ok
12:47:39.0298 0x16bc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:47:39.0298 0x16bc  UxSms - ok
12:47:39.0314 0x16bc  uzdhxgpw - ok
12:47:39.0330 0x16bc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
12:47:39.0330 0x16bc  VaultSvc - ok
12:47:39.0345 0x16bc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:47:39.0345 0x16bc  vdrvroot - ok
12:47:39.0408 0x16bc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:47:39.0423 0x16bc  vds - ok
12:47:39.0439 0x16bc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:47:39.0439 0x16bc  vga - ok
12:47:39.0454 0x16bc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:47:39.0454 0x16bc  VgaSave - ok
12:47:39.0470 0x16bc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:47:39.0486 0x16bc  vhdmp - ok
12:47:39.0517 0x16bc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:47:39.0517 0x16bc  viaide - ok
12:47:39.0548 0x16bc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:47:39.0548 0x16bc  volmgr - ok
12:47:39.0595 0x16bc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:47:39.0595 0x16bc  volmgrx - ok
12:47:39.0610 0x16bc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:47:39.0626 0x16bc  volsnap - ok
12:47:39.0626 0x16bc  vparxfrs - ok
12:47:39.0657 0x16bc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:47:39.0657 0x16bc  vsmraid - ok
12:47:39.0751 0x16bc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:47:39.0782 0x16bc  VSS - ok
12:47:39.0798 0x16bc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:47:39.0798 0x16bc  vwifibus - ok
12:47:39.0813 0x16bc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:47:39.0813 0x16bc  vwififlt - ok
12:47:39.0844 0x16bc  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
12:47:39.0844 0x16bc  vwifimp - ok
12:47:39.0891 0x16bc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:47:39.0907 0x16bc  W32Time - ok
12:47:39.0922 0x16bc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:47:39.0922 0x16bc  WacomPen - ok
12:47:39.0954 0x16bc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:47:39.0954 0x16bc  WANARP - ok
12:47:39.0969 0x16bc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:47:39.0969 0x16bc  Wanarpv6 - ok
12:47:40.0047 0x16bc  [ ECEB715BECE47E101DDEC06B11126066, 6BD577D6EABD48B1BA31955DB3DEEE68528EA54375CA64D233B723D161B45CBA ] wanatw          C:\Windows\system32\DRIVERS\wanatw64.sys
12:47:40.0047 0x16bc  wanatw - ok
12:47:40.0125 0x16bc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:47:40.0156 0x16bc  wbengine - ok
12:47:40.0203 0x16bc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:47:40.0219 0x16bc  WbioSrvc - ok
12:47:40.0266 0x16bc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:47:40.0266 0x16bc  wcncsvc - ok
12:47:40.0281 0x16bc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:47:40.0281 0x16bc  WcsPlugInService - ok
12:47:40.0297 0x16bc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:47:40.0312 0x16bc  Wd - ok
12:47:40.0359 0x16bc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:47:40.0375 0x16bc  Wdf01000 - ok
12:47:40.0422 0x16bc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:47:40.0422 0x16bc  WdiServiceHost - ok
12:47:40.0422 0x16bc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:47:40.0422 0x16bc  WdiSystemHost - ok
12:47:40.0453 0x16bc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
12:47:40.0468 0x16bc  WebClient - ok
12:47:40.0500 0x16bc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:47:40.0500 0x16bc  Wecsvc - ok
12:47:40.0515 0x16bc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:47:40.0515 0x16bc  wercplsupport - ok
12:47:40.0546 0x16bc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll

Code:

ATTFilter

12:47:40.0546 0x16bc  WerSvc - ok
12:47:40.0578 0x16bc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:47:40.0578 0x16bc  WfpLwf - ok
12:47:40.0624 0x16bc  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
12:47:40.0640 0x16bc  WimFltr - ok
12:47:40.0640 0x16bc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:47:40.0656 0x16bc  WIMMount - ok
12:47:40.0671 0x16bc  WinDefend - ok
12:47:40.0687 0x16bc  WinHttpAutoProxySvc - ok
12:47:40.0734 0x16bc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:47:40.0749 0x16bc  Winmgmt - ok
12:47:40.0890 0x16bc  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:47:40.0936 0x16bc  WinRM - ok
12:47:40.0968 0x16bc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:47:40.0983 0x16bc  WinUsb - ok
12:47:41.0030 0x16bc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:47:41.0046 0x16bc  Wlansvc - ok
12:47:41.0186 0x16bc  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:47:41.0248 0x16bc  wlidsvc - ok
12:47:41.0280 0x16bc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:47:41.0280 0x16bc  WmiAcpi - ok
12:47:41.0311 0x16bc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:47:41.0311 0x16bc  wmiApSrv - ok
12:47:41.0342 0x16bc  WMPNetworkSvc - ok
12:47:41.0373 0x16bc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:47:41.0373 0x16bc  WPCSvc - ok
12:47:41.0404 0x16bc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:47:41.0404 0x16bc  WPDBusEnum - ok
12:47:41.0436 0x16bc  wrccyqbi - ok
12:47:41.0451 0x16bc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:47:41.0451 0x16bc  ws2ifsl - ok
12:47:41.0482 0x16bc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:47:41.0482 0x16bc  wscsvc - ok
12:47:41.0482 0x16bc  WSearch - ok
12:47:41.0607 0x16bc  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:47:41.0654 0x16bc  wuauserv - ok
12:47:41.0685 0x16bc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:47:41.0685 0x16bc  WudfPf - ok
12:47:41.0716 0x16bc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:47:41.0716 0x16bc  WUDFRd - ok
12:47:41.0748 0x16bc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:47:41.0763 0x16bc  wudfsvc - ok
12:47:41.0794 0x16bc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:47:41.0794 0x16bc  WwanSvc - ok
12:47:41.0810 0x16bc  ================ Scan global ===============================
12:47:41.0841 0x16bc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:47:41.0872 0x16bc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:47:41.0888 0x16bc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:47:41.0904 0x16bc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:47:41.0935 0x16bc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:47:41.0950 0x16bc  [ Global ] - ok
12:47:41.0950 0x16bc  ================ Scan MBR ==================================
12:47:41.0950 0x16bc  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
12:47:42.0231 0x16bc  \Device\Harddisk0\DR0 - ok
12:47:42.0231 0x16bc  ================ Scan VBR ==================================
12:47:42.0231 0x16bc  [ C390E3589D88C13E2E4B367DD63B5E22 ] \Device\Harddisk0\DR0\Partition1
12:47:42.0231 0x16bc  \Device\Harddisk0\DR0\Partition1 - ok
12:47:42.0247 0x16bc  [ AEE47885D25CCB3430C6EE0DBCC87E6F ] \Device\Harddisk0\DR0\Partition2
12:47:42.0278 0x16bc  \Device\Harddisk0\DR0\Partition2 - ok
12:47:42.0278 0x16bc  ================ Scan generic autorun ======================
12:47:42.0278 0x16bc  SynTPEnh - ok
12:47:42.0512 0x16bc  [ AB729318BD85B82FC4313DCF5DA93C8E, 30677159794FB4D99787C1D795F5CA8E6C97CBE9BF8932E8E1AE2851497D1E37 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
12:47:42.0668 0x16bc  RTHDVCPL - ok
12:47:42.0762 0x16bc  [ 7EB0AE9D61C9CD6FCE90F0E69804487A, 43C5BCC02BC49A1A6A39B16BFAAC5FBBA1C5EAFB1A18BDE87ABB5B6F1B5D4D4F ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
12:47:42.0793 0x16bc  RtHDVBg - ok
12:47:42.0808 0x16bc  NVHotkey - ok
12:47:42.0886 0x16bc  [ F2C49A7AA03FC231BE87A65E50D0B6F6, 549A188E8F1E2CA1E4A82EC4F5D7B45C24BAB2B1177EA848183D72F97E198E38 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
12:47:42.0933 0x16bc  IntelWireless - ok
12:47:43.0044 0x16bc  [ 0AD61A3C844EEFE88780749E362D1E57, 5F2EF864827F65130B3292F49A2AFEC45006980D061978DAB31A6ECB1F2A0200 ] c:\Program Files\Dell\QuickSet\QuickSet.exe
12:47:43.0232 0x16bc  QuickSet - ok
12:47:43.0294 0x16bc  [ A358C6D2F299ACDE00D40C605BA5FEDC, FFAE3A508C8756D67E7C37870E53A621D0F174A66E48BBD30B03F2DAF1C0BFB8 ] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
12:47:43.0434 0x16bc  FreeFallProtection - ok
12:47:43.0528 0x16bc  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
12:47:43.0559 0x16bc  MSC - ok
12:47:43.0653 0x16bc  [ 748683C5C27B786CED184D14442E44E9, F8E7B068A9DADDDAB85846FABE65851A857337BB862F3BEB4E6A2944C1FF51FE ] C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\speaker.exe
12:47:43.0653 0x16bc  friends - ok
12:47:43.0715 0x16bc  [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
12:47:43.0715 0x16bc  NUSB3MON - ok
12:47:43.0778 0x16bc  [ 25107F58D1B8F60D67D1EE95798C0DE8, C3B5205E8818576EBF33E3B9FD8664A498714B823D9128FC1CA0A64F81499263 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
12:47:43.0793 0x16bc  IAStorIcon - ok
12:47:43.0887 0x16bc  [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
12:47:43.0887 0x16bc  ControlCenter3 - ok
12:47:44.0023 0x16bc  [ 640609646D2E6F805E89238F0ADD3A1A, 6E919DD8C93B4F1B7AA00404DDF11FDAA7C050C49028480C8E28F2DF99E99FED ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
12:47:44.0071 0x16bc  BrStsMon00 - ok
12:47:44.0169 0x16bc  [ 4D5D968FE6AE6BF94A807F73F7FF6B3D, 3D5D5D775EE251C2B903AA8DA804AE4D1632DD59A8A0A36C545FE984FCFE06DD ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
12:47:44.0200 0x16bc  BrMfcWnd - ok
12:47:44.0262 0x16bc  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:47:44.0278 0x16bc  Adobe ARM - ok
12:47:44.0356 0x16bc  [ C482C535CBFEFE722EC1EB7F11F680A3, D7374A4BFEF274F7E33FDA40AA8ED8D8F78448E745A27032FE80475D5B1FAA63 ] C:\Program Files (x86)\Common Files\AOL\1376658552\ee\AOLSoftware.exe
12:47:44.0356 0x16bc  HostManager - ok
12:47:44.0356 0x16bc  ApnTBMon - ok
12:47:44.0418 0x16bc  [ F0CE006E1D14F45959985A05F8E81204, D9FE67DB4CEDB3B09A48C305DDE983A15695EE41C68CE222880D002C0D5D7688 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:47:44.0418 0x16bc  APSDaemon - ok
12:47:44.0481 0x16bc  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
12:47:44.0496 0x16bc  SunJavaUpdateSched - ok
12:47:44.0512 0x16bc  [ A043F2DCB3DE6A01317FD7DDDAA53736, 7BF8BECC4AB5C21C5524F15EA3C5FF48EA2AE44AFCBADB443CFEBB72E2037A09 ] C:\Program Files (x86)\VNT\vntldr.exe
12:47:44.0527 0x16bc  VNT - ok
12:47:44.0605 0x16bc  [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe
12:47:44.0605 0x16bc  QuickTime Task - ok
12:47:44.0637 0x16bc  [ 603668084332DDB58D8C5AACE30B04FC, B6FA6BBE18D433F41F96640726444B7CB9D669BAE87A545E1408391B9469EDB9 ] C:\iTunesHelper.exe
12:47:44.0652 0x16bc  iTunesHelper - ok
12:47:44.0715 0x16bc  [ 6CE36EE8D47C825A8D0C56C846CF636F, 62611B4D1CB67E93BFEFCCE605D33A72C3AF2C362B904B571A9E671A178F73E1 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
12:47:44.0761 0x16bc  Launcher - ok
12:47:44.0793 0x16bc  [ B99C05C2C0AA671642962CBCCE138660, 3F17B69E226E15E216CCA07A5602529643B315C02C5CAB4C597DA948F105465E ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe
12:47:44.0793 0x16bc  DSUpdateLauncher - ok
12:47:44.0886 0x16bc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:47:44.0902 0x16bc  Sidebar - ok
12:47:44.0933 0x16bc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:47:44.0933 0x16bc  mctadmin - ok
12:47:44.0964 0x16bc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:47:44.0995 0x16bc  Sidebar - ok
12:47:44.0995 0x16bc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:47:44.0995 0x16bc  mctadmin - ok
12:47:45.0058 0x16bc  ooVoo.exe - ok
12:47:45.0183 0x16bc  [ 40ADA4963225D142B831D0551151210E, 3E6DB8F6FBFED4CC81FA6BF8E4280F4B02A2BDBBD10396F2887412D1DF2137CE ] C:\Users\Visuellspektrum B.E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
12:47:45.0183 0x16bc  DellSystemDetect - ok
12:47:45.0323 0x16bc  [ 1F7E04F6CDF9F556BB7666D711E1474F, B8952D493910732764CB6843E9A780E92293ADDBB624F0F938AADA67761589A9 ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Vcducbofyj\awjkumrw.exe
12:47:45.0323 0x16bc  Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Vcducbofyj\awjkumrw.exe. md5: 1F7E04F6CDF9F556BB7666D711E1474F, sha256: B8952D493910732764CB6843E9A780E92293ADDBB624F0F938AADA67761589A9
12:47:45.0354 0x16bc  uqdfumrw - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
12:47:47.0962 0x16bc  uqdfumrw ( Trojan-Spy.Win32.ZBot.gen ) - infected
12:47:47.0962 0x16bc  Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Vcducbofyj\awjkumrw.exe
12:47:50.0469 0x16bc  Object send P2P result: true
12:47:52.0971 0x16bc  [ 1F7E04F6CDF9F556BB7666D711E1474F, B8952D493910732764CB6843E9A780E92293ADDBB624F0F938AADA67761589A9 ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Oitg\rwsjjjgkcrz.exe
12:47:52.0987 0x16bc  tionkcrz - ok
12:47:52.0987 0x16bc  Have new async UDS detects: 1
12:47:52.0987 0x16bc  tionkcrz - detected UDS:DangerousObject.Multi.Generic ( 0 )
12:47:52.0987 0x16bc  tionkcrz ( UDS:DangerousObject.Multi.Generic ) - infected
12:47:52.0987 0x16bc  Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Oitg\rwsjjjgkcrz.exe
12:47:55.0527 0x16bc  Object send P2P result: true
12:47:57.0995 0x16bc  ifoxxwzr - ok
12:47:58.0011 0x16bc  tfwywndb - ok
12:47:58.0026 0x16bc  liyezfcu - ok

Einhorn66 · 14.11.2014, 13:24

Code:

ATTFilter

12:47:58.0026 0x16bc  hffgquir - ok
12:47:58.0057 0x16bc  [ 274AC3CC062F4F2F8145A6CE71CA8D6D, BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F ] C:\Users\Visuellspektrum B.E\AppData\Local\System64\system64-print32.exe
12:47:58.0057 0x16bc  Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\System64\system64-print32.exe. md5: 274AC3CC062F4F2F8145A6CE71CA8D6D, sha256: BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F
12:47:58.0057 0x16bc  system64-print32 - detected LockedFile.Multi.Generic ( 1 )
12:48:00.0573 0x16bc  Detect turned to UDS exact due to KSN untrusted
12:48:00.0573 0x16bc  system64-print32 ( UDS:DangerousObject.Multi.Generic ) - infected
12:48:00.0573 0x16bc  Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\System64\system64-print32.exe
12:48:03.0150 0x16bc  Object send P2P result: true
12:48:05.0678 0x16bc  [ 4C4592B7490BFA070C9720FD7B0D9A93, 0E9C758DB7578B638E281E95EA146BA7D8488449978B081BE7080C45642E9BBC ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Hzqfxlacja\bgjjqimaw.exe
12:48:05.0678 0x16bc  Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Hzqfxlacja\bgjjqimaw.exe. md5: 4C4592B7490BFA070C9720FD7B0D9A93, sha256: 0E9C758DB7578B638E281E95EA146BA7D8488449978B081BE7080C45642E9BBC
12:48:05.0694 0x16bc  xlazimaw - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
12:48:08.0534 0x16bc  xlazimaw ( Trojan-Spy.Win32.ZBot.gen ) - infected
12:48:08.0534 0x16bc  Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Hzqfxlacja\bgjjqimaw.exe
12:48:11.0063 0x16bc  Object send P2P result: true
12:48:13.0545 0x16bc  [ B492067250ABA2678B671313039D352B, 1A37AC1784189D561D27565C638120FF8A27A4DF5DD3A9438B18071C4413407C ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Chrome64\chrome64wave.exe
12:48:13.0545 0x16bc  Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Chrome64\chrome64wave.exe. md5: B492067250ABA2678B671313039D352B, sha256: 1A37AC1784189D561D27565C638120FF8A27A4DF5DD3A9438B18071C4413407C
12:48:13.0545 0x16bc  chrome64wave - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
12:48:16.0087 0x16bc  Object required for P2P: [ B492067250ABA2678B671313039D352B ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Chrome64\chrome64wave.exe
12:48:29.0638 0x16bc  Object send P2P result: true
12:48:29.0638 0x16bc  chrome64wave ( Trojan-Spy.Win32.ZBot.gen ) - infected
12:48:29.0638 0x16bc  Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Chrome64\chrome64wave.exe
12:48:32.0212 0x16bc  Object send P2P result: true
12:48:34.0693 0x16bc  [ 02B7736BCF35092A37CCD521658379CD, 6C70ABDE08D2995214E5B504BDB99D12693BBCA6038E7557E351C9A7DB40D2FA ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Perl32\perl32runner32.exe
12:48:34.0693 0x16bc  Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Perl32\perl32runner32.exe. md5: 02B7736BCF35092A37CCD521658379CD, sha256: 6C70ABDE08D2995214E5B504BDB99D12693BBCA6038E7557E351C9A7DB40D2FA
12:48:34.0708 0x16bc  perl32runner32 - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
12:48:37.0298 0x16bc  perl32runner32 ( Trojan-Spy.Win32.ZBot.gen ) - infected
12:48:37.0298 0x16bc  Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Perl32\perl32runner32.exe
12:48:39.0858 0x16bc  Object send P2P result: true
12:48:42.0405 0x16bc  [ 960167F792324B884AB6600A1C8392DA, 21FE20A2BC6751DD4165009A8CE273EB5FEBAF1D45EE13C3D77EFF0E1616D2AD ] C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\index.exe
12:48:42.0421 0x16bc  friends - ok
12:48:42.0452 0x16bc  [ 274AC3CC062F4F2F8145A6CE71CA8D6D, BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Win\win.exe
12:48:42.0452 0x16bc  Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Win\win.exe. md5: 274AC3CC062F4F2F8145A6CE71CA8D6D, sha256: BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F
12:48:42.0468 0x16bc  win - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
12:48:42.0468 0x16bc  win ( Trojan-Spy.Win32.ZBot.gen ) - infected
12:48:42.0468 0x16bc  Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Win\win.exe
12:48:45.0001 0x16bc  Object send P2P result: true
12:48:46.0955 0x29c8  Object required for P2P: [ 960167F792324B884AB6600A1C8392DA ] C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\index.exe
12:48:47.0454 0x16bc  [ 274AC3CC062F4F2F8145A6CE71CA8D6D, BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F ] C:\Users\Visuellspektrum B.E\AppData\Roaming\Explorer64\explorer64login.exe
12:48:47.0454 0x16bc  Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Roaming\Explorer64\explorer64login.exe. md5: 274AC3CC062F4F2F8145A6CE71CA8D6D, sha256: BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F
12:48:47.0454 0x16bc  explorer64login - detected LockedFile.Multi.Generic ( 1 )
12:48:47.0454 0x16bc  Detect turned to UDS exact due to KSN untrusted
12:48:47.0454 0x16bc  explorer64login ( UDS:DangerousObject.Multi.Generic ) - infected
12:48:47.0454 0x16bc  Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Roaming\Explorer64\explorer64login.exe
12:48:49.0502 0x29c8  Object send P2P result: true
12:48:50.0003 0x16bc  Object send P2P result: true
12:48:52.0425 0x16bc  Have new async UDS detects: 1
12:48:52.0425 0x16bc  friends - detected UDS:DangerousObject.Multi.Generic ( 0 )
12:48:52.0425 0x16bc  friends ( UDS:DangerousObject.Multi.Generic ) - infected
12:48:52.0425 0x16bc  Force sending object to P2P due to detect: C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\index.exe
12:48:54.0968 0x16bc  Object send P2P result: true
12:48:57.0431 0x16bc  [ 947F3B6E8FAEA508E2A89C29B0D246F3, 4BC953761CB8C91F50F76677CFBBE41A19601266D964514504000271BDC7C9A9 ] C:\Users\Visuellspektrum B.E\AppData\Roaming\Notepad\notepadservices64.exe
12:48:57.0431 0x16bc  Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Roaming\Notepad\notepadservices64.exe. md5: 947F3B6E8FAEA508E2A89C29B0D246F3, sha256: 4BC953761CB8C91F50F76677CFBBE41A19601266D964514504000271BDC7C9A9
12:48:57.0431 0x16bc  notepadservices64 - detected LockedFile.Multi.Generic ( 1 )
12:48:59.0981 0x16bc  notepadservices64 ( LockedFile.Multi.Generic ) - warning
12:48:59.0981 0x16bc  Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Roaming\Notepad\notepadservices64.exe
12:49:02.0529 0x16bc  Object send P2P result: true
12:49:05.0104 0x16bc  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
12:49:05.0120 0x16bc  Uninstall C:\Users\Visuellspektrum B.E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64 - ok
12:49:05.0136 0x16bc  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
12:49:05.0136 0x16bc  Uninstall C:\Users\Visuellspektrum B.E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910 - ok
12:49:05.0198 0x16bc  [ C84F100FF7A65DF5FAD4682041CA51E4, 580BADC917C497F526B42174C1CA89045760807EB170A6449B6D14BCE475C993 ] C:\Program Files (x86)\AOL 9.0 VR\AOL.EXE
12:49:05.0198 0x16bc  AOL Fast Start - ok
12:49:05.0260 0x16bc  [ 966FE904599B9A0F80EA498851180829, A95A67DF82FD40A0173C08919E7AB4B3CC207C8B8E07D850CC9C8AD0A44BF0CB ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
12:49:05.0276 0x16bc  GoogleChromeAutoLaunch_95998DA8AA06BA0E1CB0911F871E1ECB - ok
12:49:05.0292 0x16bc  [ C84F100FF7A65DF5FAD4682041CA51E4, 580BADC917C497F526B42174C1CA89045760807EB170A6449B6D14BCE475C993 ] C:\Program Files (x86)\AOL 9.0 VR\AOL.EXE
12:49:05.0292 0x16bc  AOL Fast Start - ok
12:49:05.0292 0x16bc  Waiting for KSN requests completion. In queue: 5
12:49:06.0292 0x16bc  Waiting for KSN requests completion. In queue: 5
12:49:07.0296 0x16bc  Waiting for KSN requests completion. In queue: 5
12:49:08.0310 0x16bc  Waiting for KSN requests completion. In queue: 5
12:49:09.0340 0x16bc  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
12:49:09.0340 0x16bc  Win FW state via NFP2: enabled
12:49:11.0789 0x16bc  ============================================================
12:49:11.0789 0x16bc  Scan finished
12:49:11.0789 0x16bc  ============================================================
12:49:11.0805 0x0b20  Detected object count: 10
12:49:11.0805 0x0b20  Actual detected object count: 10
12:50:19.0934 0x0b20  uqdfumrw ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
12:50:19.0934 0x0b20  uqdfumrw ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip 
12:50:19.0934 0x0b20  tionkcrz ( UDS:DangerousObject.Multi.Generic ) - skipped by user
12:50:19.0934 0x0b20  tionkcrz ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip 
12:50:19.0934 0x0b20  system64-print32 ( UDS:DangerousObject.Multi.Generic ) - skipped by user
12:50:19.0934 0x0b20  system64-print32 ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip 
12:50:19.0934 0x0b20  xlazimaw ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
12:50:19.0934 0x0b20  xlazimaw ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip 
12:50:19.0934 0x0b20  chrome64wave ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
12:50:19.0934 0x0b20  chrome64wave ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip 
12:50:19.0934 0x0b20  perl32runner32 ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
12:50:19.0934 0x0b20  perl32runner32 ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip 
12:50:19.0934 0x0b20  win ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
12:50:19.0934 0x0b20  win ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip 
12:50:19.0934 0x0b20  explorer64login ( UDS:DangerousObject.Multi.Generic ) - skipped by user
12:50:19.0934 0x0b20  explorer64login ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip 
12:50:19.0934 0x0b20  friends ( UDS:DangerousObject.Multi.Generic ) - skipped by user
12:50:19.0934 0x0b20  friends ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip 
12:50:19.0950 0x0b20  notepadservices64 ( LockedFile.Multi.Generic ) - skipped by user
12:50:19.0950 0x0b20  notepadservices64 ( LockedFile.Multi.Generic ) - User select action: Skip 
12:50:51.0229 0x22f4  ============================================================
12:50:51.0229 0x22f4  Scan started
12:50:51.0229 0x22f4  Mode: Manual; 
12:50:51.0229 0x22f4  ============================================================
12:50:51.0229 0x22f4  KSN ping started
12:51:05.0659 0x22f4  KSN ping finished: true
12:51:05.0924 0x22f4  ================ Scan system memory ========================
12:51:05.0924 0x22f4  System memory - ok
12:51:05.0924 0x22f4  ================ Scan services =============================
12:51:06.0096 0x22f4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:51:06.0096 0x22f4  1394ohci - ok
12:51:06.0143 0x22f4  [ 7A505465BBB1EB8B5AD4D76E8749383B, 999FBBFAF8CCF68D8B7EB5C4F23A5FC00F911FDD0ED192BE9C51F1BC4BE0EA51 ] Acceler         C:\Windows\system32\DRIVERS\Accelern.sys
12:51:06.0143 0x22f4  Acceler - ok
12:51:06.0174 0x22f4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:51:06.0189 0x22f4  ACPI - ok
12:51:06.0221 0x22f4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:51:06.0221 0x22f4  AcpiPmi - ok
12:51:06.0299 0x22f4  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:51:06.0299 0x22f4  AdobeARMservice - ok
12:51:06.0408 0x22f4  [ D51145F6B0CE987850F13A61DAD5E531, 67CB6AB8C42781FA717CBEF81F3C658747E3B7814383056A56EDA99583FDBFD5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:51:06.0408 0x22f4  AdobeFlashPlayerUpdateSvc - ok
12:51:06.0408 0x22f4  Object required for P2P: [ D51145F6B0CE987850F13A61DAD5E531 ] AdobeFlashPlayerUpdateSvc
12:51:08.0968 0x22f4  Object send P2P result: true
12:51:09.0046 0x22f4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:51:09.0046 0x22f4  adp94xx - ok
12:51:09.0077 0x22f4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:51:09.0077 0x22f4  adpahci - ok
12:51:09.0108 0x22f4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:51:09.0108 0x22f4  adpu320 - ok
12:51:09.0139 0x22f4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:51:09.0139 0x22f4  AeLookupSvc - ok
12:51:09.0236 0x22f4  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
12:51:09.0252 0x22f4  AERTFilters - ok
12:51:09.0326 0x22f4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
12:51:09.0328 0x22f4  AFD - ok
12:51:09.0359 0x22f4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:51:09.0359 0x22f4  agp440 - ok
12:51:09.0375 0x22f4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:51:09.0375 0x22f4  ALG - ok
12:51:09.0406 0x22f4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:51:09.0406 0x22f4  aliide - ok
12:51:09.0437 0x22f4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:51:09.0437 0x22f4  amdide - ok
12:51:09.0453 0x22f4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:51:09.0453 0x22f4  AmdK8 - ok
12:51:09.0468 0x22f4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:51:09.0468 0x22f4  AmdPPM - ok
12:51:09.0499 0x22f4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:51:09.0499 0x22f4  amdsata - ok
12:51:09.0515 0x22f4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:51:09.0515 0x22f4  amdsbs - ok
12:51:09.0531 0x22f4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:51:09.0531 0x22f4  amdxata - ok
12:51:09.0611 0x22f4  [ 85180CF88C5EBAD73B452A43A004CA51, 24D25495DC21293FC1F37EE7E7C2A4725E66D3D25BE05D7EDF4BB4F444C65526 ] AOL ACS         C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
12:51:09.0611 0x22f4  AOL ACS - ok
12:51:09.0611 0x22f4  APNMCP - ok
12:51:09.0657 0x22f4  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:51:09.0657 0x22f4  AppID - ok
12:51:09.0689 0x22f4  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:51:09.0689 0x22f4  AppIDSvc - ok
12:51:09.0739 0x22f4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:51:09.0739 0x22f4  Appinfo - ok
12:51:09.0803 0x22f4  [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:51:09.0803 0x22f4  Apple Mobile Device - ok
12:51:09.0834 0x22f4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:51:09.0834 0x22f4  arc - ok
12:51:09.0850 0x22f4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:51:09.0850 0x22f4  arcsas - ok
12:51:09.0990 0x22f4  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:51:09.0992 0x22f4  aspnet_state - ok
12:51:10.0013 0x22f4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:51:10.0014 0x22f4  AsyncMac - ok
12:51:10.0045 0x22f4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys

Code:

ATTFilter

12:51:10.0046 0x22f4  atapi - ok
12:51:10.0112 0x22f4  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:51:10.0133 0x22f4  AudioEndpointBuilder - ok
12:51:10.0161 0x22f4  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:51:10.0186 0x22f4  AudioSrv - ok
12:51:10.0219 0x22f4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:51:10.0223 0x22f4  AxInstSV - ok
12:51:10.0267 0x22f4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:51:10.0280 0x22f4  b06bdrv - ok
12:51:10.0282 0x22f4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:51:10.0297 0x22f4  b57nd60a - ok
12:51:10.0328 0x22f4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:51:10.0328 0x22f4  BDESVC - ok
12:51:10.0344 0x22f4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:51:10.0344 0x22f4  Beep - ok
12:51:10.0406 0x22f4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:51:10.0406 0x22f4  BFE - ok
12:51:10.0469 0x22f4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:51:10.0484 0x22f4  BITS - ok
12:51:10.0484 0x22f4  bjdkpcji - ok
12:51:10.0500 0x22f4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:51:10.0500 0x22f4  blbdrive - ok
12:51:10.0562 0x22f4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:51:10.0562 0x22f4  Bonjour Service - ok
12:51:10.0594 0x22f4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:51:10.0594 0x22f4  bowser - ok
12:51:10.0594 0x22f4  bpjnxbfz - ok
12:51:10.0609 0x22f4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:51:10.0609 0x22f4  BrFiltLo - ok
12:51:10.0625 0x22f4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:51:10.0625 0x22f4  BrFiltUp - ok
12:51:10.0656 0x22f4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:51:10.0656 0x22f4  Browser - ok
12:51:10.0687 0x22f4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:51:10.0703 0x22f4  Brserid - ok
12:51:10.0718 0x22f4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:51:10.0718 0x22f4  BrSerWdm - ok
12:51:10.0734 0x22f4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:51:10.0734 0x22f4  BrUsbMdm - ok
12:51:10.0750 0x22f4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:51:10.0750 0x22f4  BrUsbSer - ok
12:51:10.0821 0x22f4  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
12:51:10.0837 0x22f4  BrYNSvc - ok
12:51:10.0852 0x22f4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:51:10.0852 0x22f4  BTHMODEM - ok
12:51:10.0885 0x22f4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:51:10.0885 0x22f4  bthserv - ok
12:51:11.0012 0x22f4  [ DDF88F23DBCDDB77CEEC258703019F4F, 1087A1D7EDB38B8E482DA2F2456236D64750D5439F62A4FE75B20E421092D8D4 ] catalog         C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\nph_insulin\wallet.exe
12:51:11.0012 0x22f4  catalog - ok
12:51:11.0028 0x22f4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:51:11.0028 0x22f4  cdfs - ok
12:51:11.0059 0x22f4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:51:11.0059 0x22f4  cdrom - ok
12:51:11.0090 0x22f4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:51:11.0090 0x22f4  CertPropSvc - ok
12:51:11.0108 0x22f4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:51:11.0108 0x22f4  circlass - ok
12:51:11.0155 0x22f4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:51:11.0155 0x22f4  CLFS - ok
12:51:11.0295 0x22f4  [ 871EEE78F98D6E31C80FD39433A8FE2F, 67602F597FADA1E7102BC373287A4A78339E057D37FCEAD0B2502F70450EC7CE ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
12:51:11.0326 0x22f4  ClickToRunSvc - ok
12:51:11.0404 0x22f4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:51:11.0404 0x22f4  clr_optimization_v2.0.50727_32 - ok
12:51:11.0451 0x22f4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:51:11.0451 0x22f4  clr_optimization_v2.0.50727_64 - ok
12:51:11.0513 0x22f4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:51:11.0513 0x22f4  clr_optimization_v4.0.30319_32 - ok
12:51:11.0529 0x22f4  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:51:11.0529 0x22f4  clr_optimization_v4.0.30319_64 - ok
12:51:11.0545 0x22f4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:51:11.0545 0x22f4  CmBatt - ok
12:51:11.0591 0x22f4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:51:11.0591 0x22f4  cmdide - ok
12:51:11.0654 0x22f4  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
12:51:11.0654 0x22f4  CNG - ok
12:51:11.0669 0x22f4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:51:11.0669 0x22f4  Compbatt - ok
12:51:11.0701 0x22f4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:51:11.0716 0x22f4  CompositeBus - ok
12:51:11.0716 0x22f4  COMSysApp - ok
12:51:11.0732 0x22f4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:51:11.0732 0x22f4  crcdisk - ok
12:51:11.0763 0x22f4  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:51:11.0779 0x22f4  CryptSvc - ok
12:51:11.0810 0x22f4  [ FBE228ABEAB2BE13B9C3A3A112D4D8DC, A9FF2DC38CBE00AAD904BB7EC74480953D513E46FDE607A7773FF5A2A25B8C15 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
12:51:11.0810 0x22f4  CtClsFlt - ok
12:51:11.0903 0x22f4  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:51:11.0919 0x22f4  cvhsvc - ok
12:51:11.0919 0x22f4  cypvewap - ok
12:51:11.0966 0x22f4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:51:11.0981 0x22f4  DcomLaunch - ok
12:51:12.0028 0x22f4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:51:12.0044 0x22f4  defragsvc - ok
12:51:12.0075 0x22f4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:51:12.0075 0x22f4  DfsC - ok
12:51:12.0106 0x22f4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:51:12.0122 0x22f4  Dhcp - ok
12:51:12.0137 0x22f4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:51:12.0137 0x22f4  discache - ok
12:51:12.0169 0x22f4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:51:12.0169 0x22f4  Disk - ok
12:51:12.0200 0x22f4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:51:12.0200 0x22f4  Dnscache - ok
12:51:12.0262 0x22f4  [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
12:51:12.0262 0x22f4  DockLoginService - ok
12:51:12.0309 0x22f4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:51:12.0309 0x22f4  dot3svc - ok
12:51:12.0340 0x22f4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:51:12.0340 0x22f4  DPS - ok
12:51:12.0356 0x22f4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:51:12.0356 0x22f4  drmkaud - ok
12:51:12.0418 0x22f4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:51:12.0434 0x22f4  DXGKrnl - ok
12:51:12.0465 0x22f4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:51:12.0465 0x22f4  EapHost - ok
12:51:12.0637 0x22f4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:51:12.0683 0x22f4  ebdrv - ok
12:51:12.0715 0x22f4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
12:51:12.0715 0x22f4  EFS - ok
12:51:12.0777 0x22f4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:51:12.0793 0x22f4  ehRecvr - ok
12:51:12.0839 0x22f4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:51:12.0839 0x22f4  ehSched - ok
12:51:12.0886 0x22f4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:51:12.0886 0x22f4  elxstor - ok
12:51:12.0917 0x22f4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:51:12.0917 0x22f4  ErrDev - ok
12:51:12.0949 0x22f4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:51:12.0949 0x22f4  EventSystem - ok
12:51:13.0058 0x22f4  [ B56D9602DB5FE1C116B1CA5EFD8E2E50, 34F52939089A98860E659BEF6AB8275BC50C33CC282DD3D34E13909BB7E3E575 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
12:51:13.0073 0x22f4  EvtEng - ok
12:51:13.0105 0x22f4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:51:13.0105 0x22f4  exfat - ok
12:51:13.0136 0x22f4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:51:13.0136 0x22f4  fastfat - ok
12:51:13.0198 0x22f4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:51:13.0214 0x22f4  Fax - ok
12:51:13.0229 0x22f4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:51:13.0245 0x22f4  fdc - ok
12:51:13.0261 0x22f4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:51:13.0261 0x22f4  fdPHost - ok
12:51:13.0292 0x22f4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:51:13.0292 0x22f4  FDResPub - ok
12:51:13.0292 0x22f4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:51:13.0307 0x22f4  FileInfo - ok
12:51:13.0323 0x22f4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:51:13.0323 0x22f4  Filetrace - ok
12:51:13.0339 0x22f4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:51:13.0339 0x22f4  flpydisk - ok
12:51:13.0354 0x22f4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:51:13.0354 0x22f4  FltMgr - ok
12:51:13.0417 0x22f4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:51:13.0448 0x22f4  FontCache - ok
12:51:13.0510 0x22f4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:51:13.0510 0x22f4  FontCache3.0.0.0 - ok
12:51:13.0541 0x22f4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:51:13.0541 0x22f4  FsDepends - ok
12:51:13.0573 0x22f4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:51:13.0573 0x22f4  Fs_Rec - ok
12:51:13.0604 0x22f4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:51:13.0619 0x22f4  fvevol - ok
12:51:13.0635 0x22f4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:51:13.0635 0x22f4  gagp30kx - ok
12:51:13.0666 0x22f4  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:51:13.0666 0x22f4  GEARAspiWDM - ok
12:51:13.0713 0x22f4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:51:13.0729 0x22f4  gpsvc - ok
12:51:13.0791 0x22f4  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:51:13.0807 0x22f4  gupdate - ok
12:51:13.0807 0x22f4  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:51:13.0807 0x22f4  gupdatem - ok
12:51:13.0822 0x22f4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:51:13.0822 0x22f4  hcw85cir - ok
12:51:13.0869 0x22f4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:51:13.0869 0x22f4  HDAudBus - ok
12:51:13.0900 0x22f4  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
12:51:13.0900 0x22f4  HECIx64 - ok
12:51:13.0916 0x22f4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:51:13.0916 0x22f4  HidBatt - ok
12:51:13.0947 0x22f4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:51:13.0947 0x22f4  HidBth - ok
12:51:13.0963 0x22f4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:51:13.0963 0x22f4  HidIr - ok
12:51:13.0994 0x22f4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:51:13.0994 0x22f4  hidserv - ok
12:51:14.0025 0x22f4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
12:51:14.0025 0x22f4  HidUsb - ok
12:51:14.0072 0x22f4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:51:14.0072 0x22f4  hkmsvc - ok
12:51:14.0103 0x22f4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:51:14.0119 0x22f4  HomeGroupListener - ok
12:51:14.0165 0x22f4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:51:14.0165 0x22f4  HomeGroupProvider - ok
12:51:14.0197 0x22f4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:51:14.0197 0x22f4  HpSAMD - ok
12:51:14.0243 0x22f4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:51:14.0259 0x22f4  HTTP - ok
12:51:14.0290 0x22f4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:51:14.0290 0x22f4  hwpolicy - ok
12:51:14.0321 0x22f4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:51:14.0321 0x22f4  i8042prt - ok
12:51:14.0368 0x22f4  [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
12:51:14.0384 0x22f4  iaStor - ok
12:51:14.0462 0x22f4  [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:51:14.0462 0x22f4  IAStorDataMgrSvc - ok
12:51:14.0493 0x22f4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:51:14.0493 0x22f4  iaStorV - ok
12:51:14.0571 0x22f4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:51:14.0587 0x22f4  idsvc - ok
12:51:14.0587 0x22f4  IEEtwCollectorService - ok
12:51:14.0618 0x22f4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:51:14.0618 0x22f4  iirsp - ok
12:51:14.0680 0x22f4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:51:14.0696 0x22f4  IKEEXT - ok
12:51:14.0789 0x22f4  [ 491DADCC74327FABC85E0AB80AF8F204, 6E2CCC161EBDE932F800C90DACD59568E10851FC74236D33ECBC654B1FBA71EA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:51:14.0836 0x22f4  IntcAzAudAddService - ok
12:51:14.0867 0x22f4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:51:14.0867 0x22f4  intelide - ok
12:51:14.0883 0x22f4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:51:14.0883 0x22f4  intelppm - ok
12:51:14.0914 0x22f4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:51:14.0914 0x22f4  IPBusEnum - ok
12:51:14.0945 0x22f4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:51:14.0945 0x22f4  IpFilterDriver - ok
12:51:14.0992 0x22f4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:51:15.0008 0x22f4  iphlpsvc - ok
12:51:15.0039 0x22f4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:51:15.0039 0x22f4  IPMIDRV - ok
12:51:15.0086 0x22f4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:51:15.0086 0x22f4  IPNAT - ok
12:51:15.0148 0x22f4  [ 0FA89CB1B99AD494CE36DD2DE717D696, 5B35B26C625306A7AD5A00FCAC46FD6D60061F1C8171352B5EF1C916A667AC92 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:51:15.0148 0x22f4  iPod Service - ok
12:51:15.0164 0x22f4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:51:15.0164 0x22f4  IRENUM - ok
12:51:15.0179 0x22f4  ireyrvls - ok
12:51:15.0195 0x22f4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:51:15.0195 0x22f4  isapnp - ok
12:51:15.0226 0x22f4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:51:15.0242 0x22f4  iScsiPrt - ok
12:51:15.0242 0x22f4  jdghtads - ok
12:51:15.0273 0x22f4  [ 08ED99A8271CF0B808C595D88ECEE779, 440ECE9999FF17A70792E530A03A9D38F44C6245F06C47C988474E110C42168C ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
12:51:15.0289 0x22f4  JMCR - ok
12:51:15.0289 0x22f4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
12:51:15.0289 0x22f4  kbdclass - ok
12:51:15.0320 0x22f4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
12:51:15.0320 0x22f4  kbdhid - ok
12:51:15.0335 0x22f4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
12:51:15.0335 0x22f4  KeyIso - ok
12:51:15.0351 0x22f4  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:51:15.0351 0x22f4  KSecDD - ok
12:51:15.0382 0x22f4  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:51:15.0382 0x22f4  KSecPkg - ok
12:51:15.0398 0x22f4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:51:15.0398 0x22f4  ksthunk - ok
12:51:15.0460 0x22f4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:51:15.0460 0x22f4  KtmRm - ok
12:51:15.0460 0x22f4  kwyjdkfc - ok
12:51:15.0491 0x22f4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll

Code:

ATTFilter

12:51:15.0507 0x22f4  LanmanServer - ok
12:51:15.0538 0x22f4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:51:15.0538 0x22f4  LanmanWorkstation - ok
12:51:15.0554 0x22f4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:51:15.0554 0x22f4  lltdio - ok
12:51:15.0601 0x22f4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:51:15.0601 0x22f4  lltdsvc - ok
12:51:15.0616 0x22f4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:51:15.0616 0x22f4  lmhosts - ok
12:51:15.0679 0x22f4  [ 23D990150D56B670A62B21B9ABDD45EE, BB9DBC0D02474976420321162C3AB1FDF975FA0494B1030488B03BC98A65F888 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:51:15.0694 0x22f4  LMS - ok
12:51:15.0694 0x22f4  logxmmoa - ok
12:51:15.0710 0x22f4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:51:15.0710 0x22f4  LSI_FC - ok
12:51:15.0725 0x22f4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:51:15.0725 0x22f4  LSI_SAS - ok
12:51:15.0741 0x22f4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:51:15.0741 0x22f4  LSI_SAS2 - ok
12:51:15.0757 0x22f4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:51:15.0757 0x22f4  LSI_SCSI - ok
12:51:15.0772 0x22f4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:51:15.0788 0x22f4  luafv - ok
12:51:15.0788 0x22f4  mbcrpyut - ok
12:51:15.0850 0x22f4  [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
12:51:15.0850 0x22f4  McComponentHostService - ok
12:51:15.0881 0x22f4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:51:15.0881 0x22f4  Mcx2Svc - ok
12:51:15.0913 0x22f4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:51:15.0913 0x22f4  megasas - ok
12:51:15.0928 0x22f4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:51:15.0928 0x22f4  MegaSR - ok
12:51:15.0944 0x22f4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:51:15.0959 0x22f4  MMCSS - ok
12:51:15.0975 0x22f4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:51:15.0975 0x22f4  Modem - ok
12:51:16.0006 0x22f4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:51:16.0006 0x22f4  monitor - ok
12:51:16.0037 0x22f4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:51:16.0037 0x22f4  mouclass - ok
12:51:16.0053 0x22f4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:51:16.0053 0x22f4  mouhid - ok
12:51:16.0084 0x22f4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:51:16.0084 0x22f4  mountmgr - ok
12:51:16.0131 0x22f4  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
12:51:16.0147 0x22f4  MpFilter - ok
12:51:16.0178 0x22f4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:51:16.0193 0x22f4  mpio - ok
12:51:16.0365 0x22f4  [ 6DDB2BEFF00EA756FF0F65132330D4F4, A50749C3FDB57B686F91109CC55DF05300A6DF224B58649CE514506D074EADC9 ] MpKslcafc224f   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7587C0C0-6B36-4747-8F64-DBB36113111E}\MpKslcafc224f.sys
12:51:16.0365 0x22f4  MpKslcafc224f - ok
12:51:16.0381 0x22f4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:51:16.0381 0x22f4  mpsdrv - ok
12:51:16.0443 0x22f4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:51:16.0459 0x22f4  MpsSvc - ok
12:51:16.0490 0x22f4  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:51:16.0490 0x22f4  MRxDAV - ok
12:51:16.0521 0x22f4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:51:16.0521 0x22f4  mrxsmb - ok
12:51:16.0568 0x22f4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:51:16.0568 0x22f4  mrxsmb10 - ok
12:51:16.0583 0x22f4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:51:16.0583 0x22f4  mrxsmb20 - ok
12:51:16.0630 0x22f4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:51:16.0646 0x22f4  msahci - ok
12:51:16.0661 0x22f4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:51:16.0661 0x22f4  msdsm - ok
12:51:16.0677 0x22f4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:51:16.0677 0x22f4  MSDTC - ok
12:51:16.0708 0x22f4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:51:16.0708 0x22f4  Msfs - ok
12:51:16.0724 0x22f4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:51:16.0724 0x22f4  mshidkmdf - ok
12:51:16.0739 0x22f4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:51:16.0739 0x22f4  msisadrv - ok
12:51:16.0786 0x22f4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:51:16.0786 0x22f4  MSiSCSI - ok
12:51:16.0786 0x22f4  msiserver - ok
12:51:16.0817 0x22f4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:51:16.0817 0x22f4  MSKSSRV - ok
12:51:16.0864 0x22f4  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
12:51:16.0864 0x22f4  MsMpSvc - ok
12:51:16.0880 0x22f4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:51:16.0880 0x22f4  MSPCLOCK - ok
12:51:16.0880 0x22f4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:51:16.0880 0x22f4  MSPQM - ok
12:51:16.0927 0x22f4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:51:16.0927 0x22f4  MsRPC - ok
12:51:16.0958 0x22f4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:51:16.0958 0x22f4  mssmbios - ok
12:51:16.0989 0x22f4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:51:16.0989 0x22f4  MSTEE - ok
12:51:17.0005 0x22f4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:51:17.0005 0x22f4  MTConfig - ok
12:51:17.0036 0x22f4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:51:17.0036 0x22f4  Mup - ok
12:51:17.0067 0x22f4  [ A9BC2302FBDF52C8AF4E2FC966288D21, 4CBDCDCC2BA8133BDC0BA1A1EB47FB9241CAACF93544BAD37175417DA9E616D6 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
12:51:17.0067 0x22f4  MyWiFiDHCPDNS - ok
12:51:17.0083 0x22f4  mznekkmt - ok
12:51:17.0114 0x22f4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:51:17.0129 0x22f4  napagent - ok
12:51:17.0145 0x22f4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:51:17.0161 0x22f4  NativeWifiP - ok
12:51:17.0223 0x22f4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:51:17.0239 0x22f4  NDIS - ok
12:51:17.0254 0x22f4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:51:17.0254 0x22f4  NdisCap - ok
12:51:17.0270 0x22f4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:51:17.0270 0x22f4  NdisTapi - ok
12:51:17.0317 0x22f4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:51:17.0317 0x22f4  Ndisuio - ok
12:51:17.0348 0x22f4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:51:17.0348 0x22f4  NdisWan - ok
12:51:17.0363 0x22f4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:51:17.0363 0x22f4  NDProxy - ok
12:51:17.0379 0x22f4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

Code:

ATTFilter

12:51:17.0379 0x22f4  NetBIOS - ok
12:51:17.0410 0x22f4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:51:17.0426 0x22f4  NetBT - ok
12:51:17.0441 0x22f4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
12:51:17.0441 0x22f4  Netlogon - ok
12:51:17.0473 0x22f4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:51:17.0473 0x22f4  Netman - ok
12:51:17.0504 0x22f4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:51:17.0504 0x22f4  NetMsmqActivator - ok
12:51:17.0504 0x22f4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:51:17.0504 0x22f4  NetPipeActivator - ok
12:51:17.0535 0x22f4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:51:17.0551 0x22f4  netprofm - ok
12:51:17.0551 0x22f4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:51:17.0566 0x22f4  NetTcpActivator - ok
12:51:17.0566 0x22f4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:51:17.0566 0x22f4  NetTcpPortSharing - ok
12:51:17.0847 0x22f4  [ 18555F48844C2861D9DCE8F2B7223AE5, 35F8C0DFCF14780F86AD9A476A7AE22A98589B27ED9C7E109945CBBD227E6E2B ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
12:51:17.0987 0x22f4  NETw5s64 - ok
12:51:18.0034 0x22f4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:51:18.0034 0x22f4  nfrd960 - ok
12:51:18.0081 0x22f4  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:51:18.0081 0x22f4  NisDrv - ok
12:51:18.0112 0x22f4  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
12:51:18.0112 0x22f4  NisSrv - ok
12:51:18.0159 0x22f4  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:51:18.0159 0x22f4  NlaSvc - ok
12:51:18.0159 0x22f4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:51:18.0159 0x22f4  Npfs - ok
12:51:18.0190 0x22f4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:51:18.0206 0x22f4  nsi - ok
12:51:18.0237 0x22f4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:51:18.0237 0x22f4  nsiproxy - ok
12:51:18.0315 0x22f4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:51:18.0346 0x22f4  Ntfs - ok
12:51:18.0362 0x22f4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:51:18.0362 0x22f4  Null - ok
12:51:18.0393 0x22f4  [ 285ACEC1B13A15BA520AAE06BACB9CFF, A6F576763818D4EAB2CDA3857F2963F61FDA67D7B581C52E1EB1DDB32FD642C3 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
12:51:18.0409 0x22f4  nusb3hub - ok
12:51:18.0424 0x22f4  [ F6D625FF7B56BB6EA063F0D3A5BBC996, 830196E96C120367BDA8C0EC9D7B85A642D41E8108189B1A72193299A6C005B1 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:51:18.0424 0x22f4  nusb3xhc - ok
12:51:18.0455 0x22f4  [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
12:51:18.0455 0x22f4  NVHDA - ok
12:51:18.0830 0x22f4  [ 011F0596D167D073E6813AE88E7947A9, 2EF87754BE6477DAEF0B1C60C5BA5B6E038D2687EDCBE0A15B1A0862FF8D81BE ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:51:19.0048 0x22f4  nvlddmkm - ok
12:51:19.0111 0x22f4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:51:19.0111 0x22f4  nvraid - ok
12:51:19.0126 0x22f4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:51:19.0126 0x22f4  nvstor - ok
12:51:19.0157 0x22f4  [ E72422F9C55078DFA298AC7AA0A87970, F6CB073B5BCD66E77BAF45E1FA3F8A6AE337728F7AE21FF53319669FA82A0C82 ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:51:19.0173 0x22f4  nvsvc - ok
12:51:19.0189 0x22f4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:51:19.0189 0x22f4  nv_agp - ok
12:51:19.0267 0x22f4  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:51:19.0267 0x22f4  odserv - ok
12:51:19.0298 0x22f4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:51:19.0298 0x22f4  ohci1394 - ok
12:51:19.0329 0x22f4  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:51:19.0345 0x22f4  ose - ok
12:51:19.0532 0x22f4  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:51:19.0625 0x22f4  osppsvc - ok
12:51:19.0657 0x22f4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:51:19.0672 0x22f4  p2pimsvc - ok
12:51:19.0688 0x22f4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:51:19.0703 0x22f4  p2psvc - ok
12:51:19.0719 0x22f4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:51:19.0719 0x22f4  Parport - ok
12:51:19.0750 0x22f4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:51:19.0750 0x22f4  partmgr - ok
12:51:19.0766 0x22f4  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:51:19.0766 0x22f4  PcaSvc - ok
12:51:19.0797 0x22f4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:51:19.0813 0x22f4  pci - ok
12:51:19.0828 0x22f4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:51:19.0828 0x22f4  pciide - ok
12:51:19.0859 0x22f4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:51:19.0859 0x22f4  pcmcia - ok
12:51:19.0875 0x22f4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:51:19.0875 0x22f4  pcw - ok
12:51:19.0906 0x22f4  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:51:19.0906 0x22f4  PEAUTH - ok
12:51:19.0984 0x22f4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:51:19.0984 0x22f4  PerfHost - ok
12:51:20.0078 0x22f4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:51:20.0093 0x22f4  pla - ok
12:51:20.0140 0x22f4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:51:20.0140 0x22f4  PlugPlay - ok
12:51:20.0171 0x22f4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:51:20.0171 0x22f4  PNRPAutoReg - ok
12:51:20.0203 0x22f4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:51:20.0203 0x22f4  PNRPsvc - ok
12:51:20.0265 0x22f4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:51:20.0265 0x22f4  PolicyAgent - ok
12:51:20.0296 0x22f4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:51:20.0296 0x22f4  Power - ok
12:51:20.0374 0x22f4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:51:20.0374 0x22f4  PptpMiniport - ok
12:51:20.0405 0x22f4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:51:20.0405 0x22f4  Processor - ok
12:51:20.0452 0x22f4  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:51:20.0452 0x22f4  ProfSvc - ok
12:51:20.0468 0x22f4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:51:20.0468 0x22f4  ProtectedStorage - ok
12:51:20.0499 0x22f4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:51:20.0515 0x22f4  Psched - ok
12:51:20.0530 0x22f4  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
12:51:20.0530 0x22f4  PxHlpa64 - ok
12:51:20.0577 0x22f4  [ 0928BD20273625622722FE1DE5BBDE57, 5313C222F8810D3A62CCE64482B5E50E58BBE2A2C298A23C84A454C34324AC52 ] qicflt          C:\Windows\system32\DRIVERS\qicflt.sys
12:51:20.0577 0x22f4  qicflt - ok
12:51:20.0624 0x22f4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:51:20.0655 0x22f4  ql2300 - ok
12:51:20.0686 0x22f4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:51:20.0686 0x22f4  ql40xx - ok
12:51:20.0717 0x22f4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:51:20.0733 0x22f4  QWAVE - ok
12:51:20.0749 0x22f4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:51:20.0749 0x22f4  QWAVEdrv - ok
12:51:20.0780 0x22f4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:51:20.0780 0x22f4  RasAcd - ok
12:51:20.0811 0x22f4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:51:20.0811 0x22f4  RasAgileVpn - ok
12:51:20.0827 0x22f4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:51:20.0827 0x22f4  RasAuto - ok
12:51:20.0858 0x22f4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:51:20.0873 0x22f4  Rasl2tp - ok
12:51:20.0905 0x22f4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:51:20.0920 0x22f4  RasMan - ok
12:51:20.0936 0x22f4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:51:20.0936 0x22f4  RasPppoe - ok
12:51:20.0967 0x22f4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:51:20.0967 0x22f4  RasSstp - ok
12:51:21.0015 0x22f4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

Code:

ATTFilter

12:51:21.0015 0x22f4  rdbss - ok
12:51:21.0030 0x22f4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:51:21.0030 0x22f4  rdpbus - ok
12:51:21.0062 0x22f4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:51:21.0062 0x22f4  RDPCDD - ok
12:51:21.0093 0x22f4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:51:21.0108 0x22f4  RDPENCDD - ok
12:51:21.0108 0x22f4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:51:21.0108 0x22f4  RDPREFMP - ok
12:51:21.0155 0x22f4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:51:21.0155 0x22f4  RdpVideoMiniport - ok
12:51:21.0218 0x22f4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:51:21.0218 0x22f4  RDPWD - ok
12:51:21.0264 0x22f4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:51:21.0280 0x22f4  rdyboost - ok
12:51:21.0342 0x22f4  [ 0AA473966357C4A41B5EB19649EB6E5E, D4F1EADDECE41481332CBF03B8CAB4AC6AB048834DF013DB30757E7941F306FE ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
12:51:21.0358 0x22f4  RegSrvc - ok
12:51:21.0389 0x22f4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:51:21.0405 0x22f4  RemoteAccess - ok
12:51:21.0420 0x22f4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:51:21.0420 0x22f4  RemoteRegistry - ok
12:51:21.0452 0x22f4  [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
12:51:21.0452 0x22f4  RimUsb - ok
12:51:21.0639 0x22f4  [ BDDC447AB46625A54619808575D5CB46, 5321343BFB972A111D27DED7A3F3A3520E0C77104E6139ADC7765C76A459ED9C ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
12:51:21.0670 0x22f4  RoxMediaDB12OEM - ok
12:51:21.0717 0x22f4  [ CE203243ADF512540249DF9C264F12DD, 7BC0A6E9A422D832DDF046F28EA0F80A879A007B7116C4B830D6A39DCDD09EF5 ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
12:51:21.0732 0x22f4  RoxWatch12 - ok
12:51:21.0732 0x22f4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:51:21.0732 0x22f4  RpcEptMapper - ok
12:51:21.0748 0x22f4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:51:21.0764 0x22f4  RpcLocator - ok
12:51:21.0795 0x22f4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:51:21.0810 0x22f4  RpcSs - ok
12:51:21.0826 0x22f4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:51:21.0842 0x22f4  rspndr - ok
12:51:21.0888 0x22f4  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:51:21.0888 0x22f4  RTL8167 - ok
12:51:21.0904 0x22f4  rvqhafqh - ok
12:51:21.0904 0x22f4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
12:51:21.0920 0x22f4  SamSs - ok
12:51:21.0951 0x22f4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:51:21.0951 0x22f4  sbp2port - ok
12:51:21.0982 0x22f4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:51:21.0982 0x22f4  SCardSvr - ok
12:51:22.0013 0x22f4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:51:22.0013 0x22f4  scfilter - ok
12:51:22.0092 0x22f4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:51:22.0108 0x22f4  Schedule - ok
12:51:22.0139 0x22f4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:51:22.0139 0x22f4  SCPolicySvc - ok
12:51:22.0155 0x22f4  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
12:51:22.0155 0x22f4  sdbus - ok
12:51:22.0201 0x22f4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:51:22.0201 0x22f4  SDRSVC - ok
12:51:22.0217 0x22f4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:51:22.0217 0x22f4  secdrv - ok
12:51:22.0248 0x22f4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:51:22.0248 0x22f4  seclogon - ok
12:51:22.0264 0x22f4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:51:22.0264 0x22f4  SENS - ok
12:51:22.0295 0x22f4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:51:22.0295 0x22f4  SensrSvc - ok
12:51:22.0311 0x22f4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:51:22.0311 0x22f4  Serenum - ok
12:51:22.0326 0x22f4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:51:22.0326 0x22f4  Serial - ok
12:51:22.0357 0x22f4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:51:22.0357 0x22f4  sermouse - ok
12:51:22.0404 0x22f4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:51:22.0404 0x22f4  SessionEnv - ok
12:51:22.0420 0x22f4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
12:51:22.0420 0x22f4  sffdisk - ok
12:51:22.0435 0x22f4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:51:22.0435 0x22f4  sffp_mmc - ok
12:51:22.0451 0x22f4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
12:51:22.0451 0x22f4  sffp_sd - ok
12:51:22.0482 0x22f4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:51:22.0482 0x22f4  sfloppy - ok
12:51:22.0529 0x22f4  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
12:51:22.0545 0x22f4  Sftfs - ok
12:51:22.0623 0x22f4  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:51:22.0623 0x22f4  sftlist - ok
12:51:22.0654 0x22f4  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:51:22.0654 0x22f4  Sftplay - ok
12:51:22.0685 0x22f4  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:51:22.0685 0x22f4  Sftredir - ok
12:51:22.0747 0x22f4  [ E1974A92AC0914A3859359A0A8C82C68, 4908917F72D6E531B44488F06A05915F0DA9767758E44C886F5F93F46BA79654 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
12:51:22.0763 0x22f4  SftService - ok
12:51:22.0779 0x22f4  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
12:51:22.0779 0x22f4  Sftvol - ok
12:51:22.0825 0x22f4  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:51:22.0825 0x22f4  sftvsa - ok
12:51:22.0888 0x22f4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:51:22.0889 0x22f4  SharedAccess - ok
12:51:22.0936 0x22f4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:51:22.0951 0x22f4  ShellHWDetection - ok
12:51:22.0967 0x22f4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:51:22.0967 0x22f4  SiSRaid2 - ok
12:51:22.0982 0x22f4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:51:22.0982 0x22f4  SiSRaid4 - ok
12:51:23.0063 0x22f4  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:51:23.0079 0x22f4  SkypeUpdate - ok
12:51:23.0095 0x22f4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:51:23.0095 0x22f4  Smb - ok
12:51:23.0126 0x22f4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:51:23.0141 0x22f4  SNMPTRAP - ok
12:51:23.0141 0x22f4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:51:23.0141 0x22f4  spldr - ok
12:51:23.0204 0x22f4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:51:23.0204 0x22f4  Spooler - ok
12:51:23.0344 0x22f4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:51:23.0407 0x22f4  sppsvc - ok
12:51:23.0422 0x22f4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:51:23.0422 0x22f4  sppuinotify - ok
12:51:23.0469 0x22f4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:51:23.0469 0x22f4  srv - ok
12:51:23.0485 0x22f4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:51:23.0500 0x22f4  srv2 - ok
12:51:23.0516 0x22f4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:51:23.0516 0x22f4  srvnet - ok
12:51:23.0547 0x22f4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:51:23.0547 0x22f4  SSDPSRV - ok
12:51:23.0563 0x22f4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:51:23.0578 0x22f4  SstpSvc - ok
12:51:23.0594 0x22f4  [ 92E7F6666633D2DD91D527503DAA7BE0, E97C7FFCAF2C7A83B270B6C797A91C2731FEA26874FE1E59B4CB55D5D98744BB ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
12:51:23.0594 0x22f4  stdcfltn - ok
12:51:23.0672 0x22f4  [ C6539A0CB1EBFF488D3D4B070C4F17F8, F889F58BF2ABDAD91E814D7F72879EFA735F672E6B8BAC22D8B3E390D3D93926 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:51:23.0672 0x22f4  Stereo Service - ok
12:51:23.0707 0x22f4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:51:23.0707 0x22f4  stexstor - ok
12:51:23.0738 0x22f4  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
12:51:23.0738 0x22f4  StillCam - ok
12:51:23.0801 0x22f4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:51:23.0816 0x22f4  stisvc - ok
12:51:23.0847 0x22f4  [ 9E182DD94496550A22A392CC1A8E0F52, 6F630982F7AFDF409F24BB0D9815592000FC8A47200F4FEC4A5C5ED241810244 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
12:51:23.0847 0x22f4  stllssvr - ok
12:51:23.0879 0x22f4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:51:23.0879 0x22f4  swenum - ok
12:51:23.0910 0x22f4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:51:23.0925 0x22f4  swprv - ok
12:51:23.0988 0x22f4  [ 36F506C894E1EA59C65FAF6398BDF49A, 70B7CA69958796C3AFA1ACA4C3BF054CBFEE84DC73A55D395EFED4A80B5399A2 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
12:51:24.0019 0x22f4  SynTP - ok
12:51:24.0098 0x22f4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:51:24.0129 0x22f4  SysMain - ok
12:51:24.0207 0x22f4  [ C7A3D0DA9A546B9127A88CDFC514A531, 7234E42EC90A393626B5F528151952F248F790AD40BB6B966EC4FB5D9BB6059C ] SystemStoreService C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe
12:51:24.0223 0x22f4  SystemStoreService - ok
12:51:24.0254 0x22f4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:51:24.0254 0x22f4  TabletInputService - ok
12:51:24.0285 0x22f4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:51:24.0285 0x22f4  TapiSrv - ok
12:51:24.0316 0x22f4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:51:24.0316 0x22f4  TBS - ok
12:51:24.0394 0x22f4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:51:24.0426 0x22f4  Tcpip - ok
12:51:24.0472 0x22f4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:51:24.0519 0x22f4  TCPIP6 - ok
12:51:24.0566 0x22f4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:51:24.0566 0x22f4  tcpipreg - ok
12:51:24.0582 0x22f4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:51:24.0582 0x22f4  TDPIPE - ok
12:51:24.0628 0x22f4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:51:24.0628 0x22f4  TDTCP - ok
12:51:24.0660 0x22f4  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:51:24.0660 0x22f4  tdx - ok
12:51:24.0862 0x22f4  [ 9CC341BE32EEC138702795768DE9DE99, 61F580B40075680C72E40286BC6D69E94653A0F5574FFE08B46A9011AC88C58B ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
12:51:24.0956 0x22f4  TeamViewer9 - ok
12:51:24.0987 0x22f4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:51:24.0987 0x22f4  TermDD - ok
12:51:25.0050 0x22f4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
12:51:25.0050 0x22f4  TermService - ok
12:51:25.0096 0x22f4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:51:25.0096 0x22f4  Themes - ok
12:51:25.0128 0x22f4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:51:25.0128 0x22f4  THREADORDER - ok
12:51:25.0143 0x22f4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:51:25.0143 0x22f4  TrkWks - ok
12:51:25.0206 0x22f4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:51:25.0221 0x22f4  TrustedInstaller - ok
12:51:25.0237 0x22f4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:51:25.0252 0x22f4  tssecsrv - ok
12:51:25.0268 0x22f4  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:51:25.0284 0x22f4  TsUsbFlt - ok
12:51:25.0299 0x22f4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:51:25.0299 0x22f4  tunnel - ok
12:51:25.0330 0x22f4  [ 825E7A1F48FB8BCFBA27C178AAB4E275, 94F039917B52BEFFFE383E14A6169AE81B6E79C30BA7DD017A9CFE15708A1605 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
12:51:25.0346 0x22f4  TurboB - ok
12:51:25.0377 0x22f4  [ B206BE1174D5964D49A56BB6C4E0524A, 9D7DA11220B69E2EDEA9E55EC0E4CB554DD7F638ABF49B76353CE5A5C75965B8 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe

Code:

ATTFilter

12:51:25.0393 0x22f4  TurboBoost - ok
12:51:25.0408 0x22f4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:51:25.0408 0x22f4  uagp35 - ok
12:51:25.0455 0x22f4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:51:25.0455 0x22f4  udfs - ok
12:51:25.0486 0x22f4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:51:25.0486 0x22f4  UI0Detect - ok
12:51:25.0502 0x22f4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:51:25.0502 0x22f4  uliagpkx - ok
12:51:25.0533 0x22f4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
12:51:25.0533 0x22f4  umbus - ok
12:51:25.0564 0x22f4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:51:25.0564 0x22f4  UmPass - ok
12:51:25.0720 0x22f4  [ CBDEE152D73200EE49031A26310B9D3E, 92E22235446F8DB3BFE97EDE7DE7D33F43EAC5957C5B41ACCEC4EBFD19BFF819 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:51:25.0767 0x22f4  UNS - ok
12:51:25.0783 0x22f4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:51:25.0798 0x22f4  upnphost - ok
12:51:25.0814 0x22f4  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
12:51:25.0830 0x22f4  USBAAPL64 - ok
12:51:25.0861 0x22f4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:51:25.0861 0x22f4  usbaudio - ok
12:51:25.0892 0x22f4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:51:25.0892 0x22f4  usbccgp - ok
12:51:25.0908 0x22f4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:51:25.0923 0x22f4  usbcir - ok
12:51:25.0954 0x22f4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
12:51:25.0954 0x22f4  usbehci - ok
12:51:25.0970 0x22f4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:51:25.0986 0x22f4  usbhub - ok
12:51:26.0001 0x22f4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:51:26.0001 0x22f4  usbohci - ok
12:51:26.0048 0x22f4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:51:26.0048 0x22f4  usbprint - ok
12:51:26.0095 0x22f4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:51:26.0110 0x22f4  USBSTOR - ok
12:51:26.0126 0x22f4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:51:26.0126 0x22f4  usbuhci - ok
12:51:26.0157 0x22f4  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
12:51:26.0157 0x22f4  usbvideo - ok
12:51:26.0188 0x22f4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:51:26.0188 0x22f4  UxSms - ok
12:51:26.0188 0x22f4  uzdhxgpw - ok
12:51:26.0204 0x22f4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
12:51:26.0204 0x22f4  VaultSvc - ok
12:51:26.0235 0x22f4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:51:26.0235 0x22f4  vdrvroot - ok
12:51:26.0289 0x22f4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:51:26.0289 0x22f4  vds - ok
12:51:26.0323 0x22f4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:51:26.0324 0x22f4  vga - ok
12:51:26.0340 0x22f4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:51:26.0341 0x22f4  VgaSave - ok
12:51:26.0361 0x22f4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:51:26.0366 0x22f4  vhdmp - ok
12:51:26.0396 0x22f4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:51:26.0397 0x22f4  viaide - ok
12:51:26.0408 0x22f4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:51:26.0408 0x22f4  volmgr - ok
12:51:26.0454 0x22f4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:51:26.0454 0x22f4  volmgrx - ok
12:51:26.0470 0x22f4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:51:26.0486 0x22f4  volsnap - ok
12:51:26.0486 0x22f4  vparxfrs - ok
12:51:26.0501 0x22f4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:51:26.0517 0x22f4  vsmraid - ok
12:51:26.0610 0x22f4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:51:26.0626 0x22f4  VSS - ok
12:51:26.0657 0x22f4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:51:26.0657 0x22f4  vwifibus - ok
12:51:26.0657 0x22f4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:51:26.0657 0x22f4  vwififlt - ok
12:51:26.0673 0x22f4  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
12:51:26.0673 0x22f4  vwifimp - ok
12:51:26.0735 0x22f4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:51:26.0735 0x22f4  W32Time - ok
12:51:26.0751 0x22f4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:51:26.0751 0x22f4  WacomPen - ok
12:51:26.0782 0x22f4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:51:26.0782 0x22f4  WANARP - ok
12:51:26.0782 0x22f4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:51:26.0782 0x22f4  Wanarpv6 - ok
12:51:26.0844 0x22f4  [ ECEB715BECE47E101DDEC06B11126066, 6BD577D6EABD48B1BA31955DB3DEEE68528EA54375CA64D233B723D161B45CBA ] wanatw          C:\Windows\system32\DRIVERS\wanatw64.sys
12:51:26.0860 0x22f4  wanatw - ok
12:51:26.0938 0x22f4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:51:26.0954 0x22f4  wbengine - ok
12:51:26.0986 0x22f4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:51:26.0986 0x22f4  WbioSrvc - ok
12:51:27.0033 0x22f4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:51:27.0033 0x22f4  wcncsvc - ok
12:51:27.0048 0x22f4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:51:27.0048 0x22f4  WcsPlugInService - ok
12:51:27.0064 0x22f4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:51:27.0064 0x22f4  Wd - ok
12:51:27.0126 0x22f4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:51:27.0142 0x22f4  Wdf01000 - ok
12:51:27.0157 0x22f4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:51:27.0157 0x22f4  WdiServiceHost - ok
12:51:27.0157 0x22f4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:51:27.0173 0x22f4  WdiSystemHost - ok
12:51:27.0204 0x22f4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
12:51:27.0220 0x22f4  WebClient - ok
12:51:27.0235 0x22f4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:51:27.0235 0x22f4  Wecsvc - ok
12:51:27.0251 0x22f4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:51:27.0251 0x22f4  wercplsupport - ok
12:51:27.0267 0x22f4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:51:27.0267 0x22f4  WerSvc - ok
12:51:27.0298 0x22f4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:51:27.0298 0x22f4  WfpLwf - ok
12:51:27.0329 0x22f4  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
12:51:27.0329 0x22f4  WimFltr - ok
12:51:27.0345 0x22f4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:51:27.0345 0x22f4  WIMMount - ok
12:51:27.0360 0x22f4  WinDefend - ok
12:51:27.0360 0x22f4  WinHttpAutoProxySvc - ok
12:51:27.0438 0x22f4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:51:27.0438 0x22f4  Winmgmt - ok
12:51:27.0563 0x22f4  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:51:27.0610 0x22f4  WinRM - ok
12:51:27.0657 0x22f4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:51:27.0657 0x22f4  WinUsb - ok
12:51:27.0703 0x22f4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:51:27.0719 0x22f4  Wlansvc - ok
12:51:27.0859 0x22f4  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:51:27.0906 0x22f4  wlidsvc - ok
12:51:27.0922 0x22f4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:51:27.0922 0x22f4  WmiAcpi - ok
12:51:27.0953 0x22f4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:51:27.0969 0x22f4  wmiApSrv - ok
12:51:27.0984 0x22f4  WMPNetworkSvc - ok
12:51:28.0001 0x22f4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:51:28.0001 0x22f4  WPCSvc - ok
12:51:28.0032 0x22f4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:51:28.0032 0x22f4  WPDBusEnum - ok
12:51:28.0048 0x22f4  wrccyqbi - ok
12:51:28.0094 0x22f4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:51:28.0094 0x22f4  ws2ifsl - ok
12:51:28.0110 0x22f4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:51:28.0126 0x22f4  wscsvc - ok
12:51:28.0126 0x22f4  WSearch - ok
12:51:28.0235 0x22f4  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:51:28.0282 0x22f4  wuauserv - ok
12:51:28.0313 0x22f4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:51:28.0313 0x22f4  WudfPf - ok
12:51:28.0328 0x22f4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:51:28.0344 0x22f4  WUDFRd - ok
12:51:28.0375 0x22f4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:51:28.0375 0x22f4  wudfsvc - ok
12:51:28.0406 0x22f4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:51:28.0422 0x22f4  WwanSvc - ok
12:51:28.0438 0x22f4  ================ Scan global ===============================
12:51:28.0453 0x22f4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:51:28.0484 0x22f4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:51:28.0500 0x22f4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:51:28.0531 0x22f4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:51:28.0562 0x22f4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:51:28.0562 0x22f4  [ Global ] - ok
12:51:28.0562 0x22f4  ================ Scan MBR ==================================
12:51:28.0578 0x22f4  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
12:51:28.0859 0x22f4  \Device\Harddisk0\DR0 - ok
12:51:28.0859 0x22f4  ================ Scan VBR ==================================
12:51:28.0859 0x22f4  [ C390E3589D88C13E2E4B367DD63B5E22 ] \Device\Harddisk0\DR0\Partition1
12:51:28.0859 0x22f4  \Device\Harddisk0\DR0\Partition1 - ok
12:51:28.0859 0x22f4  [ AEE47885D25CCB3430C6EE0DBCC87E6F ] \Device\Harddisk0\DR0\Partition2
12:51:28.0890 0x22f4  \Device\Harddisk0\DR0\Partition2 - ok
12:51:28.0890 0x22f4  ================ Scan generic autorun ======================
12:51:28.0890 0x22f4  SynTPEnh - ok
12:51:29.0108 0x22f4  [ AB729318BD85B82FC4313DCF5DA93C8E, 30677159794FB4D99787C1D795F5CA8E6C97CBE9BF8932E8E1AE2851497D1E37 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
12:51:29.0233 0x22f4  RTHDVCPL - ok
12:51:29.0311 0x22f4  [ 7EB0AE9D61C9CD6FCE90F0E69804487A, 43C5BCC02BC49A1A6A39B16BFAAC5FBBA1C5EAFB1A18BDE87ABB5B6F1B5D4D4F ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
12:51:29.0358 0x22f4  RtHDVBg - ok
12:51:29.0358 0x22f4  NVHotkey - ok
12:51:29.0420 0x22f4  [ F2C49A7AA03FC231BE87A65E50D0B6F6, 549A188E8F1E2CA1E4A82EC4F5D7B45C24BAB2B1177EA848183D72F97E198E38 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
12:51:29.0467 0x22f4  IntelWireless - ok
12:51:29.0592 0x22f4  [ 0AD61A3C844EEFE88780749E362D1E57, 5F2EF864827F65130B3292F49A2AFEC45006980D061978DAB31A6ECB1F2A0200 ] c:\Program Files\Dell\QuickSet\QuickSet.exe
12:51:29.0639 0x22f4  QuickSet - ok
12:51:29.0717 0x22f4  [ A358C6D2F299ACDE00D40C605BA5FEDC, FFAE3A508C8756D67E7C37870E53A621D0F174A66E48BBD30B03F2DAF1C0BFB8 ] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
12:51:29.0717 0x22f4  FreeFallProtection - ok
12:51:29.0810 0x22f4  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
12:51:29.0842 0x22f4  MSC - ok
12:51:29.0951 0x22f4  [ 748683C5C27B786CED184D14442E44E9, F8E7B068A9DADDDAB85846FABE65851A857337BB862F3BEB4E6A2944C1FF51FE ] C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\speaker.exe
12:51:29.0966 0x22f4  friends - ok
12:51:30.0013 0x22f4  [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
12:51:30.0013 0x22f4  NUSB3MON - ok
12:51:30.0107 0x22f4  [ 25107F58D1B8F60D67D1EE95798C0DE8, C3B5205E8818576EBF33E3B9FD8664A498714B823D9128FC1CA0A64F81499263 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
12:51:30.0122 0x22f4  IAStorIcon - ok
12:51:30.0205 0x22f4  [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
12:51:30.0208 0x22f4  ControlCenter3 - ok
12:51:30.0339 0x22f4  [ 640609646D2E6F805E89238F0ADD3A1A, 6E919DD8C93B4F1B7AA00404DDF11FDAA7C050C49028480C8E28F2DF99E99FED ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
12:51:30.0407 0x22f4  BrStsMon00 - ok
12:51:30.0519 0x22f4  [ 4D5D968FE6AE6BF94A807F73F7FF6B3D, 3D5D5D775EE251C2B903AA8DA804AE4D1632DD59A8A0A36C545FE984FCFE06DD ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
12:51:30.0550 0x22f4  BrMfcWnd - ok
12:51:30.0613 0x22f4  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:51:30.0628 0x22f4  Adobe ARM - ok
12:51:30.0722 0x22f4  [ C482C535CBFEFE722EC1EB7F11F680A3, D7374A4BFEF274F7E33FDA40AA8ED8D8F78448E745A27032FE80475D5B1FAA63 ] C:\Program Files (x86)\Common Files\AOL\1376658552\ee\AOLSoftware.exe
12:51:30.0722 0x22f4  HostManager - ok
12:51:30.0722 0x22f4  ApnTBMon - ok
12:51:30.0769 0x22f4  [ F0CE006E1D14F45959985A05F8E81204, D9FE67DB4CEDB3B09A48C305DDE983A15695EE41C68CE222880D002C0D5D7688 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:51:30.0769 0x22f4  APSDaemon - ok
12:51:30.0831 0x22f4  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

Einhorn66 · 14.11.2014, 13:29

Code:

ATTFilter

12:51:30.0847 0x22f4  SunJavaUpdateSched - ok
12:51:30.0878 0x22f4  [ A043F2DCB3DE6A01317FD7DDDAA53736, 7BF8BECC4AB5C21C5524F15EA3C5FF48EA2AE44AFCBADB443CFEBB72E2037A09 ] C:\Program Files (x86)\VNT\vntldr.exe
12:51:30.0878 0x22f4  VNT - ok
12:51:30.0971 0x22f4  [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe
12:51:30.0971 0x22f4  QuickTime Task - ok
12:51:31.0008 0x22f4  [ 603668084332DDB58D8C5AACE30B04FC, B6FA6BBE18D433F41F96640726444B7CB9D669BAE87A545E1408391B9469EDB9 ] C:\iTunesHelper.exe
12:51:31.0008 0x22f4  iTunesHelper - ok
12:51:31.0086 0x22f4  [ 6CE36EE8D47C825A8D0C56C846CF636F, 62611B4D1CB67E93BFEFCCE605D33A72C3AF2C362B904B571A9E671A178F73E1 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
12:51:31.0086 0x22f4  Launcher - ok
12:51:31.0125 0x22f4  [ B99C05C2C0AA671642962CBCCE138660, 3F17B69E226E15E216CCA07A5602529643B315C02C5CAB4C597DA948F105465E ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe
12:51:31.0125 0x22f4  DSUpdateLauncher - ok
12:51:31.0203 0x22f4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:51:31.0236 0x22f4  Sidebar - ok
12:51:31.0268 0x22f4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:51:31.0268 0x22f4  mctadmin - ok
12:51:31.0299 0x22f4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:51:31.0314 0x22f4  Sidebar - ok
12:51:31.0330 0x22f4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:51:31.0330 0x22f4  mctadmin - ok
12:51:31.0377 0x22f4  ooVoo.exe - ok
12:51:31.0502 0x22f4  [ 40ADA4963225D142B831D0551151210E, 3E6DB8F6FBFED4CC81FA6BF8E4280F4B02A2BDBBD10396F2887412D1DF2137CE ] C:\Users\Visuellspektrum B.E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
12:51:31.0502 0x22f4  DellSystemDetect - ok
12:51:31.0642 0x22f4  [ 1F7E04F6CDF9F556BB7666D711E1474F, B8952D493910732764CB6843E9A780E92293ADDBB624F0F938AADA67761589A9 ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Vcducbofyj\awjkumrw.exe
12:51:31.0642 0x22f4  Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Vcducbofyj\awjkumrw.exe. md5: 1F7E04F6CDF9F556BB7666D711E1474F, sha256: B8952D493910732764CB6843E9A780E92293ADDBB624F0F938AADA67761589A9
12:51:31.0673 0x22f4  uqdfumrw - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
12:51:31.0673 0x22f4  uqdfumrw ( Trojan-Spy.Win32.ZBot.gen ) - infected
12:51:31.0673 0x22f4  Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Vcducbofyj\awjkumrw.exe
12:51:34.0203 0x22f4  Object send P2P result: true
12:51:36.0671 0x22f4  [ 1F7E04F6CDF9F556BB7666D711E1474F, B8952D493910732764CB6843E9A780E92293ADDBB624F0F938AADA67761589A9 ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Oitg\rwsjjjgkcrz.exe
12:51:36.0671 0x22f4  tionkcrz - ok
12:51:36.0671 0x22f4  Have new async UDS detects: 1
12:51:36.0671 0x22f4  tionkcrz - detected UDS:DangerousObject.Multi.Generic ( 0 )
12:51:36.0671 0x22f4  tionkcrz ( UDS:DangerousObject.Multi.Generic ) - infected
12:51:36.0671 0x22f4  Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Oitg\rwsjjjgkcrz.exe
12:51:39.0215 0x22f4  Object send P2P result: true
12:51:41.0664 0x22f4  ifoxxwzr - ok
12:51:41.0680 0x22f4  tfwywndb - ok
12:51:41.0695 0x22f4  liyezfcu - ok
12:51:41.0695 0x22f4  hffgquir - ok
12:51:41.0727 0x22f4  [ 274AC3CC062F4F2F8145A6CE71CA8D6D, BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F ] C:\Users\Visuellspektrum B.E\AppData\Local\System64\system64-print32.exe
12:51:41.0727 0x22f4  Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\System64\system64-print32.exe. md5: 274AC3CC062F4F2F8145A6CE71CA8D6D, sha256: BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F
12:51:41.0727 0x22f4  system64-print32 - detected LockedFile.Multi.Generic ( 1 )
12:51:41.0727 0x22f4  Detect turned to UDS exact due to KSN untrusted
12:51:41.0727 0x22f4  system64-print32 ( UDS:DangerousObject.Multi.Generic ) - infected
12:51:41.0727 0x22f4  Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\System64\system64-print32.exe
12:51:44.0269 0x22f4  Object send P2P result: true
12:51:46.0723 0x22f4  [ 4C4592B7490BFA070C9720FD7B0D9A93, 0E9C758DB7578B638E281E95EA146BA7D8488449978B081BE7080C45642E9BBC ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Hzqfxlacja\bgjjqimaw.exe
12:51:46.0723 0x22f4  Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Hzqfxlacja\bgjjqimaw.exe. md5: 4C4592B7490BFA070C9720FD7B0D9A93, sha256: 0E9C758DB7578B638E281E95EA146BA7D8488449978B081BE7080C45642E9BBC
12:51:46.0723 0x22f4  xlazimaw - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
12:51:46.0723 0x22f4  xlazimaw ( Trojan-Spy.Win32.ZBot.gen ) - infected
12:51:46.0723 0x22f4  Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Hzqfxlacja\bgjjqimaw.exe
12:51:49.0253 0x22f4  Object send P2P result: true
12:51:51.0725 0x22f4  [ B492067250ABA2678B671313039D352B, 1A37AC1784189D561D27565C638120FF8A27A4DF5DD3A9438B18071C4413407C ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Chrome64\chrome64wave.exe
12:51:51.0725 0x22f4  Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Chrome64\chrome64wave.exe. md5: B492067250ABA2678B671313039D352B, sha256: 1A37AC1784189D561D27565C638120FF8A27A4DF5DD3A9438B18071C4413407C
12:51:51.0741 0x22f4  chrome64wave - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
12:51:51.0741 0x22f4  Object required for P2P: [ B492067250ABA2678B671313039D352B ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Chrome64\chrome64wave.exe
12:51:54.0254 0x22f4  Object send P2P result: true
12:51:54.0254 0x22f4  chrome64wave ( Trojan-Spy.Win32.ZBot.gen ) - infected
12:51:54.0254 0x22f4  Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Chrome64\chrome64wave.exe
12:51:56.0773 0x22f4  Object send P2P result: true
12:51:59.0216 0x22f4  [ 02B7736BCF35092A37CCD521658379CD, 6C70ABDE08D2995214E5B504BDB99D12693BBCA6038E7557E351C9A7DB40D2FA ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Perl32\perl32runner32.exe
12:51:59.0216 0x22f4  Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Perl32\perl32runner32.exe. md5: 02B7736BCF35092A37CCD521658379CD, sha256: 6C70ABDE08D2995214E5B504BDB99D12693BBCA6038E7557E351C9A7DB40D2FA
12:51:59.0231 0x22f4  perl32runner32 - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
12:51:59.0231 0x22f4  perl32runner32 ( Trojan-Spy.Win32.ZBot.gen ) - infected
12:51:59.0231 0x22f4  Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Perl32\perl32runner32.exe
12:52:01.0746 0x22f4  Object send P2P result: true
12:52:04.0306 0x22f4  [ 960167F792324B884AB6600A1C8392DA, 21FE20A2BC6751DD4165009A8CE273EB5FEBAF1D45EE13C3D77EFF0E1616D2AD ] C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\index.exe
12:52:04.0306 0x22f4  friends - ok
12:52:04.0306 0x22f4  Object required for P2P: [ 960167F792324B884AB6600A1C8392DA ] C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\index.exe
12:52:17.0820 0x22f4  Object send P2P result: true
12:52:17.0820 0x22f4  Have new async UDS detects: 1
12:52:17.0820 0x22f4  friends - detected UDS:DangerousObject.Multi.Generic ( 0 )
12:52:17.0820 0x22f4  friends ( UDS:DangerousObject.Multi.Generic ) - infected
12:52:17.0820 0x22f4  Force sending object to P2P due to detect: C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.4\help\pt_br\current\index.exe
12:52:20.0360 0x22f4  Object send P2P result: true
12:52:22.0832 0x22f4  [ 274AC3CC062F4F2F8145A6CE71CA8D6D, BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F ] C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Win\win.exe
12:52:22.0832 0x22f4  Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Win\win.exe. md5: 274AC3CC062F4F2F8145A6CE71CA8D6D, sha256: BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F
12:52:22.0832 0x22f4  win - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
12:52:22.0832 0x22f4  win ( Trojan-Spy.Win32.ZBot.gen ) - infected
12:52:22.0832 0x22f4  Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Local\Temp\Win\win.exe
12:52:25.0362 0x22f4  Object send P2P result: true
12:52:27.0833 0x22f4  [ 274AC3CC062F4F2F8145A6CE71CA8D6D, BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F ] C:\Users\Visuellspektrum B.E\AppData\Roaming\Explorer64\explorer64login.exe
12:52:27.0833 0x22f4  Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Roaming\Explorer64\explorer64login.exe. md5: 274AC3CC062F4F2F8145A6CE71CA8D6D, sha256: BE413F0A246F292D5834CF9AA9995E81687EEBF2553C5CEC160258DD7A28F08F
12:52:27.0833 0x22f4  explorer64login - detected LockedFile.Multi.Generic ( 1 )
12:52:27.0833 0x22f4  Detect turned to UDS exact due to KSN untrusted
12:52:27.0833 0x22f4  explorer64login ( UDS:DangerousObject.Multi.Generic ) - infected
12:52:27.0833 0x22f4  Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Roaming\Explorer64\explorer64login.exe
12:52:30.0364 0x22f4  Object send P2P result: true
12:52:32.0866 0x22f4  [ 947F3B6E8FAEA508E2A89C29B0D246F3, 4BC953761CB8C91F50F76677CFBBE41A19601266D964514504000271BDC7C9A9 ] C:\Users\Visuellspektrum B.E\AppData\Roaming\Notepad\notepadservices64.exe
12:52:32.0866 0x22f4  Suspicious file ( NoAccess ): C:\Users\Visuellspektrum B.E\AppData\Roaming\Notepad\notepadservices64.exe. md5: 947F3B6E8FAEA508E2A89C29B0D246F3, sha256: 4BC953761CB8C91F50F76677CFBBE41A19601266D964514504000271BDC7C9A9
12:52:32.0866 0x22f4  notepadservices64 - detected LockedFile.Multi.Generic ( 1 )
12:52:32.0866 0x22f4  notepadservices64 ( LockedFile.Multi.Generic ) - warning
12:52:32.0866 0x22f4  Force sending object to P2P due to detect: C:\Users\Visuellspektrum B.E\AppData\Roaming\Notepad\notepadservices64.exe
12:52:35.0382 0x22f4  Object send P2P result: true
12:52:37.0932 0x22f4  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
12:52:37.0932 0x22f4  Uninstall C:\Users\Visuellspektrum B.E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64 - ok
12:52:37.0948 0x22f4  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
12:52:37.0948 0x22f4  Uninstall C:\Users\Visuellspektrum B.E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910 - ok
12:52:38.0010 0x22f4  [ C84F100FF7A65DF5FAD4682041CA51E4, 580BADC917C497F526B42174C1CA89045760807EB170A6449B6D14BCE475C993 ] C:\Program Files (x86)\AOL 9.0 VR\AOL.EXE
12:52:38.0010 0x22f4  AOL Fast Start - ok
12:52:38.0104 0x22f4  [ 966FE904599B9A0F80EA498851180829, A95A67DF82FD40A0173C08919E7AB4B3CC207C8B8E07D850CC9C8AD0A44BF0CB ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
12:52:38.0120 0x22f4  GoogleChromeAutoLaunch_95998DA8AA06BA0E1CB0911F871E1ECB - ok
12:52:38.0120 0x22f4  [ C84F100FF7A65DF5FAD4682041CA51E4, 580BADC917C497F526B42174C1CA89045760807EB170A6449B6D14BCE475C993 ] C:\Program Files (x86)\AOL 9.0 VR\AOL.EXE
12:52:38.0120 0x22f4  AOL Fast Start - ok
12:52:38.0135 0x22f4  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
12:52:38.0135 0x22f4  Win FW state via NFP2: enabled
12:52:40.0557 0x22f4  ============================================================
12:52:40.0557 0x22f4  Scan finished
12:52:40.0557 0x22f4  ============================================================
12:52:40.0573 0x2860  Detected object count: 10
12:52:40.0573 0x2860  Actual detected object count: 10
12:53:11.0410 0x2860  uqdfumrw ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
12:53:11.0410 0x2860  uqdfumrw ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip 
12:53:11.0410 0x2860  tionkcrz ( UDS:DangerousObject.Multi.Generic ) - skipped by user
12:53:11.0410 0x2860  tionkcrz ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip 
12:53:11.0410 0x2860  system64-print32 ( UDS:DangerousObject.Multi.Generic ) - skipped by user
12:53:11.0410 0x2860  system64-print32 ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip 
12:53:11.0426 0x2860  xlazimaw ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
12:53:11.0426 0x2860  xlazimaw ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip 
12:53:11.0426 0x2860  chrome64wave ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
12:53:11.0426 0x2860  chrome64wave ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip 
12:53:11.0426 0x2860  perl32runner32 ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
12:53:11.0426 0x2860  perl32runner32 ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip 
12:53:11.0426 0x2860  friends ( UDS:DangerousObject.Multi.Generic ) - skipped by user
12:53:11.0426 0x2860  friends ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip 
12:53:11.0426 0x2860  win ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
12:53:11.0426 0x2860  win ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip 
12:53:11.0426 0x2860  explorer64login ( UDS:DangerousObject.Multi.Generic ) - skipped by user
12:53:11.0426 0x2860  explorer64login ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip 
12:53:11.0426 0x2860  notepadservices64 ( LockedFile.Multi.Generic ) - skipped by user
12:53:11.0426 0x2860  notepadservices64 ( LockedFile.Multi.Generic ) - User select action: Skip 
12:54:35.0881 0x0a84  ============================================================
12:54:35.0881 0x0a84  Scan started
12:54:35.0881 0x0a84  Mode: Manual; SigCheck; TDLFS; 
12:54:35.0881 0x0a84  ============================================================
12:54:35.0881 0x0a84  KSN ping started
12:54:49.0312 0x0a84  KSN ping finished: true
12:54:49.0598 0x0a84  ================ Scan system memory ========================
12:54:49.0598 0x0a84  System memory - ok
12:54:49.0598 0x0a84  ================ Scan services =============================
12:54:49.0801 0x0a84  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:54:49.0895 0x0a84  1394ohci - ok
12:54:49.0926 0x0a84  [ 7A505465BBB1EB8B5AD4D76E8749383B, 999FBBFAF8CCF68D8B7EB5C4F23A5FC00F911FDD0ED192BE9C51F1BC4BE0EA51 ] Acceler         C:\Windows\system32\DRIVERS\Accelern.sys
12:54:49.0942 0x0a84  Acceler - ok
12:54:49.0973 0x0a84  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:54:49.0988 0x0a84  ACPI - ok
12:54:50.0020 0x0a84  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:54:50.0113 0x0a84  AcpiPmi - ok
12:54:50.0176 0x0a84  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:54:50.0191 0x0a84  AdobeARMservice - ok
12:54:50.0316 0x0a84  [ D51145F6B0CE987850F13A61DAD5E531, 67CB6AB8C42781FA717CBEF81F3C658747E3B7814383056A56EDA99583FDBFD5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:54:50.0332 0x0a84  AdobeFlashPlayerUpdateSvc - ok
12:54:50.0332 0x0a84  Object required for P2P: [ D51145F6B0CE987850F13A61DAD5E531 ] AdobeFlashPlayerUpdateSvc
12:54:52.0882 0x0a84  Object send P2P result: true
12:54:52.0945 0x0a84  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:54:52.0960 0x0a84  adp94xx - ok
12:54:52.0992 0x0a84  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:54:53.0007 0x0a84  adpahci - ok
12:54:53.0025 0x0a84  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:54:53.0040 0x0a84  adpu320 - ok
12:54:53.0056 0x0a84  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:54:53.0212 0x0a84  AeLookupSvc - ok
12:54:53.0321 0x0a84  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
12:54:53.0337 0x0a84  AERTFilters - ok
12:54:53.0368 0x0a84  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
12:54:53.0430 0x0a84  AFD - ok
12:54:53.0462 0x0a84  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:54:53.0477 0x0a84  agp440 - ok
12:54:53.0493 0x0a84  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:54:53.0524 0x0a84  ALG - ok
12:54:53.0555 0x0a84  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:54:53.0571 0x0a84  aliide - ok
12:54:53.0602 0x0a84  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:54:53.0618 0x0a84  amdide - ok
12:54:53.0649 0x0a84  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:54:53.0696 0x0a84  AmdK8 - ok
12:54:53.0711 0x0a84  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:54:53.0742 0x0a84  AmdPPM - ok
12:54:53.0774 0x0a84  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:54:53.0774 0x0a84  amdsata - ok
12:54:53.0805 0x0a84  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:54:53.0820 0x0a84  amdsbs - ok
12:54:53.0836 0x0a84  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:54:53.0852 0x0a84  amdxata - ok
12:54:53.0914 0x0a84  [ 85180CF88C5EBAD73B452A43A004CA51, 24D25495DC21293FC1F37EE7E7C2A4725E66D3D25BE05D7EDF4BB4F444C65526 ] AOL ACS         C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
12:54:53.0930 0x0a84  AOL ACS - ok

Code:

ATTFilter

12:54:53.0930 0x0a84  APNMCP - ok
12:54:53.0961 0x0a84  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:54:54.0102 0x0a84  AppID - ok
12:54:54.0133 0x0a84  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:54:54.0227 0x0a84  AppIDSvc - ok
12:54:54.0258 0x0a84  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:54:54.0321 0x0a84  Appinfo - ok
12:54:54.0399 0x0a84  [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:54:54.0414 0x0a84  Apple Mobile Device - ok
12:54:54.0430 0x0a84  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:54:54.0445 0x0a84  arc - ok
12:54:54.0461 0x0a84  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:54:54.0477 0x0a84  arcsas - ok
12:54:54.0601 0x0a84  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:54:54.0617 0x0a84  aspnet_state - ok
12:54:54.0633 0x0a84  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:54:54.0711 0x0a84  AsyncMac - ok
12:54:54.0742 0x0a84  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:54:54.0757 0x0a84  atapi - ok
12:54:54.0804 0x0a84  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:54:54.0851 0x0a84  AudioEndpointBuilder - ok
12:54:54.0882 0x0a84  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:54:54.0898 0x0a84  AudioSrv - ok
12:54:54.0945 0x0a84  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:54:54.0991 0x0a84  AxInstSV - ok
12:54:55.0101 0x0a84  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:54:55.0194 0x0a84  b06bdrv - ok
12:54:55.0272 0x0a84  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:54:55.0303 0x0a84  b57nd60a - ok
12:54:55.0335 0x0a84  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:54:55.0370 0x0a84  BDESVC - ok
12:54:55.0390 0x0a84  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:54:55.0430 0x0a84  Beep - ok
12:54:55.0480 0x0a84  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:54:55.0520 0x0a84  BFE - ok
12:54:55.0580 0x0a84  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:54:55.0653 0x0a84  BITS - ok
12:54:55.0668 0x0a84  bjdkpcji - ok
12:54:55.0684 0x0a84  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:54:55.0715 0x0a84  blbdrive - ok
12:54:55.0762 0x0a84  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:54:55.0793 0x0a84  Bonjour Service - ok
12:54:55.0824 0x0a84  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:54:55.0855 0x0a84  bowser - ok
12:54:55.0871 0x0a84  bpjnxbfz - ok
12:54:55.0887 0x0a84  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:54:55.0965 0x0a84  BrFiltLo - ok
12:54:55.0980 0x0a84  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:54:56.0059 0x0a84  BrFiltUp - ok
12:54:56.0090 0x0a84  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:54:56.0156 0x0a84  Browser - ok
12:54:56.0171 0x0a84  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:54:56.0249 0x0a84  Brserid - ok
12:54:56.0281 0x0a84  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:54:56.0327 0x0a84  BrSerWdm - ok
12:54:56.0343 0x0a84  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:54:56.0359 0x0a84  BrUsbMdm - ok
12:54:56.0374 0x0a84  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:54:56.0405 0x0a84  BrUsbSer - ok
12:54:56.0468 0x0a84  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
12:54:56.0499 0x0a84  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
12:54:56.0499 0x0a84  Detect skipped due to KSN trusted
12:54:56.0499 0x0a84  BrYNSvc - ok
12:54:56.0530 0x0a84  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:54:56.0577 0x0a84  BTHMODEM - ok
12:54:56.0624 0x0a84  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:54:56.0655 0x0a84  bthserv - ok
12:54:56.0764 0x0a84  [ DDF88F23DBCDDB77CEEC258703019F4F, 1087A1D7EDB38B8E482DA2F2456236D64750D5439F62A4FE75B20E421092D8D4 ] catalog         C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\nph_insulin\wallet.exe
12:54:56.0811 0x0a84  catalog - detected UnsignedFile.Multi.Generic ( 1 )
12:54:56.0811 0x0a84  catalog ( UnsignedFile.Multi.Generic ) - warning
12:54:59.0278 0x0a84  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:54:59.0356 0x0a84  cdfs - ok
12:54:59.0387 0x0a84  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:54:59.0418 0x0a84  cdrom - ok
12:54:59.0449 0x0a84  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:54:59.0512 0x0a84  CertPropSvc - ok
12:54:59.0543 0x0a84  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:54:59.0559 0x0a84  circlass - ok
12:54:59.0652 0x0a84  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:54:59.0668 0x0a84  CLFS - ok
12:55:00.0027 0x0a84  [ 871EEE78F98D6E31C80FD39433A8FE2F, 67602F597FADA1E7102BC373287A4A78339E057D37FCEAD0B2502F70450EC7CE ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
12:55:00.0105 0x0a84  ClickToRunSvc - ok
12:55:00.0307 0x0a84  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:55:00.0323 0x0a84  clr_optimization_v2.0.50727_32 - ok
12:55:00.0463 0x0a84  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:55:00.0479 0x0a84  clr_optimization_v2.0.50727_64 - ok
12:55:00.0588 0x0a84  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:55:00.0604 0x0a84  clr_optimization_v4.0.30319_32 - ok
12:55:00.0619 0x0a84  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:55:00.0635 0x0a84  clr_optimization_v4.0.30319_64 - ok
12:55:00.0682 0x0a84  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:55:00.0713 0x0a84  CmBatt - ok
12:55:00.0760 0x0a84  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:55:00.0775 0x0a84  cmdide - ok
12:55:00.0822 0x0a84  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
12:55:00.0853 0x0a84  CNG - ok
12:55:00.0885 0x0a84  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:55:00.0900 0x0a84  Compbatt - ok
12:55:00.0931 0x0a84  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:55:00.0963 0x0a84  CompositeBus - ok
12:55:00.0963 0x0a84  COMSysApp - ok
12:55:00.0978 0x0a84  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:55:00.0978 0x0a84  crcdisk - ok
12:55:01.0025 0x0a84  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:55:01.0056 0x0a84  CryptSvc - ok
12:55:01.0103 0x0a84  [ FBE228ABEAB2BE13B9C3A3A112D4D8DC, A9FF2DC38CBE00AAD904BB7EC74480953D513E46FDE607A7773FF5A2A25B8C15 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
12:55:01.0134 0x0a84  CtClsFlt - ok
12:55:01.0228 0x0a84  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:55:01.0259 0x0a84  cvhsvc - ok
12:55:01.0259 0x0a84  cypvewap - ok
12:55:01.0321 0x0a84  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:55:01.0368 0x0a84  DcomLaunch - ok
12:55:01.0415 0x0a84  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:55:01.0477 0x0a84  defragsvc - ok
12:55:01.0524 0x0a84  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:55:01.0571 0x0a84  DfsC - ok
12:55:01.0602 0x0a84  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:55:01.0665 0x0a84  Dhcp - ok
12:55:01.0680 0x0a84  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:55:01.0743 0x0a84  discache - ok
12:55:01.0805 0x0a84  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:55:01.0821 0x0a84  Disk - ok
12:55:01.0852 0x0a84  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:55:01.0930 0x0a84  Dnscache - ok
12:55:02.0008 0x0a84  [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
12:55:02.0086 0x0a84  DockLoginService - detected UnsignedFile.Multi.Generic ( 1 )
12:55:02.0086 0x0a84  Detect skipped due to KSN trusted
12:55:02.0086 0x0a84  DockLoginService - ok
12:55:02.0133 0x0a84  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:55:02.0179 0x0a84  dot3svc - ok
12:55:02.0226 0x0a84  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:55:02.0273 0x0a84  DPS - ok
12:55:02.0289 0x0a84  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:55:02.0335 0x0a84  drmkaud - ok
12:55:02.0398 0x0a84  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:55:02.0429 0x0a84  DXGKrnl - ok
12:55:02.0460 0x0a84  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:55:02.0507 0x0a84  EapHost - ok
12:55:02.0632 0x0a84  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:55:02.0741 0x0a84  ebdrv - ok
12:55:02.0772 0x0a84  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
12:55:02.0819 0x0a84  EFS - ok
12:55:02.0881 0x0a84  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:55:02.0944 0x0a84  ehRecvr - ok
12:55:02.0975 0x0a84  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:55:03.0053 0x0a84  ehSched - ok
12:55:03.0084 0x0a84  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:55:03.0100 0x0a84  elxstor - ok
12:55:03.0131 0x0a84  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:55:03.0147 0x0a84  ErrDev - ok
12:55:03.0193 0x0a84  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:55:03.0240 0x0a84  EventSystem - ok
12:55:03.0349 0x0a84  [ B56D9602DB5FE1C116B1CA5EFD8E2E50, 34F52939089A98860E659BEF6AB8275BC50C33CC282DD3D34E13909BB7E3E575 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
12:55:03.0396 0x0a84  EvtEng - ok
12:55:03.0412 0x0a84  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:55:03.0459 0x0a84  exfat - ok
12:55:03.0490 0x0a84  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:55:03.0521 0x0a84  fastfat - ok
12:55:03.0583 0x0a84  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:55:03.0646 0x0a84  Fax - ok
12:55:03.0677 0x0a84  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:55:03.0693 0x0a84  fdc - ok
12:55:03.0708 0x0a84  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:55:03.0755 0x0a84  fdPHost - ok
12:55:03.0771 0x0a84  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:55:03.0817 0x0a84  FDResPub - ok
12:55:03.0833 0x0a84  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:55:03.0849 0x0a84  FileInfo - ok
12:55:03.0880 0x0a84  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:55:03.0942 0x0a84  Filetrace - ok
12:55:03.0958 0x0a84  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:55:03.0973 0x0a84  flpydisk - ok
12:55:04.0020 0x0a84  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:55:04.0036 0x0a84  FltMgr - ok
12:55:04.0098 0x0a84  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:55:04.0176 0x0a84  FontCache - ok
12:55:04.0239 0x0a84  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:55:04.0254 0x0a84  FontCache3.0.0.0 - ok
12:55:04.0285 0x0a84  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:55:04.0285 0x0a84  FsDepends - ok
12:55:04.0317 0x0a84  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:55:04.0332 0x0a84  Fs_Rec - ok
12:55:04.0363 0x0a84  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:55:04.0379 0x0a84  fvevol - ok
12:55:04.0410 0x0a84  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:55:04.0410 0x0a84  gagp30kx - ok
12:55:04.0441 0x0a84  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:55:04.0457 0x0a84  GEARAspiWDM - ok
12:55:04.0504 0x0a84  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:55:04.0566 0x0a84  gpsvc - ok
12:55:04.0597 0x0a84  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:55:04.0613 0x0a84  gupdate - ok
12:55:04.0613 0x0a84  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:55:04.0629 0x0a84  gupdatem - ok
12:55:04.0644 0x0a84  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:55:04.0691 0x0a84  hcw85cir - ok
12:55:04.0707 0x0a84  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:55:04.0738 0x0a84  HDAudBus - ok
12:55:04.0769 0x0a84  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
12:55:04.0785 0x0a84  HECIx64 - ok
12:55:04.0800 0x0a84  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:55:04.0831 0x0a84  HidBatt - ok
12:55:04.0847 0x0a84  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:55:04.0863 0x0a84  HidBth - ok
12:55:04.0878 0x0a84  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:55:04.0909 0x0a84  HidIr - ok
12:55:04.0925 0x0a84  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:55:04.0972 0x0a84  hidserv - ok
12:55:05.0003 0x0a84  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
12:55:05.0034 0x0a84  HidUsb - ok
12:55:05.0065 0x0a84  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:55:05.0128 0x0a84  hkmsvc - ok
12:55:05.0143 0x0a84  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:55:05.0190 0x0a84  HomeGroupListener - ok
12:55:05.0221 0x0a84  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:55:05.0237 0x0a84  HomeGroupProvider - ok
12:55:05.0268 0x0a84  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:55:05.0268 0x0a84  HpSAMD - ok
12:55:05.0315 0x0a84  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:55:05.0393 0x0a84  HTTP - ok
12:55:05.0409 0x0a84  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:55:05.0424 0x0a84  hwpolicy - ok
12:55:05.0455 0x0a84  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:55:05.0471 0x0a84  i8042prt - ok
12:55:05.0518 0x0a84  [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
12:55:05.0533 0x0a84  iaStor - ok
12:55:05.0611 0x0a84  [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:55:05.0627 0x0a84  IAStorDataMgrSvc - ok
12:55:05.0658 0x0a84  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:55:05.0674 0x0a84  iaStorV - ok
12:55:05.0736 0x0a84  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:55:05.0767 0x0a84  idsvc - ok
12:55:05.0767 0x0a84  IEEtwCollectorService - ok
12:55:05.0814 0x0a84  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:55:05.0814 0x0a84  iirsp - ok
12:55:05.0861 0x0a84  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:55:05.0908 0x0a84  IKEEXT - ok
12:55:06.0001 0x0a84  [ 491DADCC74327FABC85E0AB80AF8F204, 6E2CCC161EBDE932F800C90DACD59568E10851FC74236D33ECBC654B1FBA71EA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:55:06.0064 0x0a84  IntcAzAudAddService - ok
12:55:06.0095 0x0a84  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:55:06.0111 0x0a84  intelide - ok
12:55:06.0126 0x0a84  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:55:06.0142 0x0a84  intelppm - ok
12:55:06.0189 0x0a84  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:55:06.0251 0x0a84  IPBusEnum - ok
12:55:06.0267 0x0a84  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:55:06.0313 0x0a84  IpFilterDriver - ok
12:55:06.0345 0x0a84  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:55:06.0407 0x0a84  iphlpsvc - ok
12:55:06.0454 0x0a84  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:55:06.0485 0x0a84  IPMIDRV - ok
12:55:06.0501 0x0a84  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:55:06.0563 0x0a84  IPNAT - ok

Code:

ATTFilter

12:55:06.0610 0x0a84  [ 0FA89CB1B99AD494CE36DD2DE717D696, 5B35B26C625306A7AD5A00FCAC46FD6D60061F1C8171352B5EF1C916A667AC92 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:55:06.0625 0x0a84  iPod Service - ok
12:55:06.0657 0x0a84  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:55:06.0719 0x0a84  IRENUM - ok
12:55:06.0719 0x0a84  ireyrvls - ok
12:55:06.0735 0x0a84  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:55:06.0750 0x0a84  isapnp - ok
12:55:06.0781 0x0a84  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:55:06.0797 0x0a84  iScsiPrt - ok
12:55:06.0797 0x0a84  jdghtads - ok
12:55:06.0828 0x0a84  [ 08ED99A8271CF0B808C595D88ECEE779, 440ECE9999FF17A70792E530A03A9D38F44C6245F06C47C988474E110C42168C ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
12:55:06.0844 0x0a84  JMCR - ok
12:55:06.0859 0x0a84  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
12:55:06.0859 0x0a84  kbdclass - ok
12:55:06.0891 0x0a84  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
12:55:06.0922 0x0a84  kbdhid - ok
12:55:06.0953 0x0a84  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
12:55:06.0969 0x0a84  KeyIso - ok
12:55:07.0000 0x0a84  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:55:07.0015 0x0a84  KSecDD - ok
12:55:07.0047 0x0a84  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:55:07.0062 0x0a84  KSecPkg - ok
12:55:07.0078 0x0a84  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:55:07.0125 0x0a84  ksthunk - ok
12:55:07.0187 0x0a84  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:55:07.0234 0x0a84  KtmRm - ok
12:55:07.0234 0x0a84  kwyjdkfc - ok
12:55:07.0265 0x0a84  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:55:07.0312 0x0a84  LanmanServer - ok
12:55:07.0343 0x0a84  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:55:07.0391 0x0a84  LanmanWorkstation - ok
12:55:07.0406 0x0a84  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:55:07.0453 0x0a84  lltdio - ok
12:55:07.0500 0x0a84  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:55:07.0547 0x0a84  lltdsvc - ok
12:55:07.0562 0x0a84  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:55:07.0609 0x0a84  lmhosts - ok
12:55:07.0656 0x0a84  [ 23D990150D56B670A62B21B9ABDD45EE, BB9DBC0D02474976420321162C3AB1FDF975FA0494B1030488B03BC98A65F888 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:55:07.0672 0x0a84  LMS - ok
12:55:07.0672 0x0a84  logxmmoa - ok
12:55:07.0703 0x0a84  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:55:07.0703 0x0a84  LSI_FC - ok
12:55:07.0718 0x0a84  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:55:07.0734 0x0a84  LSI_SAS - ok
12:55:07.0750 0x0a84  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:55:07.0750 0x0a84  LSI_SAS2 - ok
12:55:07.0765 0x0a84  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:55:07.0781 0x0a84  LSI_SCSI - ok
12:55:07.0796 0x0a84  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:55:07.0828 0x0a84  luafv - ok
12:55:07.0843 0x0a84  mbcrpyut - ok
12:55:07.0906 0x0a84  [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
12:55:07.0921 0x0a84  McComponentHostService - ok
12:55:07.0968 0x0a84  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:55:07.0984 0x0a84  Mcx2Svc - ok
12:55:07.0984 0x0a84  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:55:07.0999 0x0a84  megasas - ok
12:55:08.0030 0x0a84  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:55:08.0046 0x0a84  MegaSR - ok
12:55:08.0077 0x0a84  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:55:08.0124 0x0a84  MMCSS - ok
12:55:08.0140 0x0a84  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:55:08.0186 0x0a84  Modem - ok
12:55:08.0202 0x0a84  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:55:08.0218 0x0a84  monitor - ok
12:55:08.0233 0x0a84  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:55:08.0249 0x0a84  mouclass - ok
12:55:08.0264 0x0a84  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:55:08.0296 0x0a84  mouhid - ok
12:55:08.0327 0x0a84  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:55:08.0342 0x0a84  mountmgr - ok
12:55:08.0374 0x0a84  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
12:55:08.0389 0x0a84  MpFilter - ok
12:55:08.0436 0x0a84  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:55:08.0452 0x0a84  mpio - ok
12:55:08.0623 0x0a84  [ 6DDB2BEFF00EA756FF0F65132330D4F4, A50749C3FDB57B686F91109CC55DF05300A6DF224B58649CE514506D074EADC9 ] MpKslcafc224f   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7587C0C0-6B36-4747-8F64-DBB36113111E}\MpKslcafc224f.sys
12:55:08.0639 0x0a84  MpKslcafc224f - ok
12:55:08.0654 0x0a84  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:55:08.0701 0x0a84  mpsdrv - ok
12:55:08.0748 0x0a84  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:55:08.0826 0x0a84  MpsSvc - ok
12:55:08.0873 0x0a84  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:55:08.0904 0x0a84  MRxDAV - ok
12:55:08.0935 0x0a84  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:55:08.0966 0x0a84  mrxsmb - ok
12:55:09.0013 0x0a84  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:55:09.0060 0x0a84  mrxsmb10 - ok
12:55:09.0076 0x0a84  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:55:09.0107 0x0a84  mrxsmb20 - ok
12:55:09.0154 0x0a84  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:55:09.0169 0x0a84  msahci - ok
12:55:09.0185 0x0a84  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:55:09.0200 0x0a84  msdsm - ok
12:55:09.0216 0x0a84  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:55:09.0247 0x0a84  MSDTC - ok
12:55:09.0294 0x0a84  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:55:09.0356 0x0a84  Msfs - ok
12:55:09.0372 0x0a84  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:55:09.0419 0x0a84  mshidkmdf - ok
12:55:09.0450 0x0a84  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:55:09.0466 0x0a84  msisadrv - ok
12:55:09.0497 0x0a84  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:55:09.0544 0x0a84  MSiSCSI - ok
12:55:09.0559 0x0a84  msiserver - ok
12:55:09.0575 0x0a84  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:55:09.0637 0x0a84  MSKSSRV - ok
12:55:09.0684 0x0a84  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
12:55:09.0700 0x0a84  MsMpSvc - ok
12:55:09.0700 0x0a84  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:55:09.0762 0x0a84  MSPCLOCK - ok
12:55:09.0762 0x0a84  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:55:09.0809 0x0a84  MSPQM - ok
12:55:09.0856 0x0a84  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:55:09.0871 0x0a84  MsRPC - ok
12:55:09.0887 0x0a84  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:55:09.0902 0x0a84  mssmbios - ok
12:55:09.0918 0x0a84  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:55:09.0980 0x0a84  MSTEE - ok
12:55:09.0996 0x0a84  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:55:10.0027 0x0a84  MTConfig - ok
12:55:10.0043 0x0a84  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:55:10.0058 0x0a84  Mup - ok
12:55:10.0090 0x0a84  [ A9BC2302FBDF52C8AF4E2FC966288D21, 4CBDCDCC2BA8133BDC0BA1A1EB47FB9241CAACF93544BAD37175417DA9E616D6 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
12:55:10.0105 0x0a84  MyWiFiDHCPDNS - ok
12:55:10.0121 0x0a84  mznekkmt - ok
12:55:10.0168 0x0a84  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:55:10.0214 0x0a84  napagent - ok
12:55:10.0261 0x0a84  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:55:10.0292 0x0a84  NativeWifiP - ok
12:55:10.0355 0x0a84  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:55:10.0370 0x0a84  NDIS - ok
12:55:10.0402 0x0a84  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:55:10.0433 0x0a84  NdisCap - ok
12:55:10.0448 0x0a84  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:55:10.0480 0x0a84  NdisTapi - ok
12:55:10.0511 0x0a84  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:55:10.0542 0x0a84  Ndisuio - ok
12:55:10.0589 0x0a84  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:55:10.0620 0x0a84  NdisWan - ok
12:55:10.0651 0x0a84  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:55:10.0698 0x0a84  NDProxy - ok
12:55:10.0714 0x0a84  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:55:10.0776 0x0a84  NetBIOS - ok
12:55:10.0792 0x0a84  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:55:10.0854 0x0a84  NetBT - ok
12:55:10.0870 0x0a84  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
12:55:10.0885 0x0a84  Netlogon - ok
12:55:10.0916 0x0a84  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:55:10.0963 0x0a84  Netman - ok
12:55:10.0979 0x0a84  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:55:10.0994 0x0a84  NetMsmqActivator - ok
12:55:11.0010 0x0a84  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:55:11.0010 0x0a84  NetPipeActivator - ok
12:55:11.0041 0x0a84  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:55:11.0088 0x0a84  netprofm - ok
12:55:11.0088 0x0a84  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:55:11.0104 0x0a84  NetTcpActivator - ok
12:55:11.0104 0x0a84  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:55:11.0119 0x0a84  NetTcpPortSharing - ok
12:55:11.0384 0x0a84  [ 18555F48844C2861D9DCE8F2B7223AE5, 35F8C0DFCF14780F86AD9A476A7AE22A98589B27ED9C7E109945CBBD227E6E2B ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
12:55:11.0650 0x0a84  NETw5s64 - ok
12:55:11.0728 0x0a84  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:55:11.0743 0x0a84  nfrd960 - ok
12:55:11.0774 0x0a84  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:55:11.0790 0x0a84  NisDrv - ok
12:55:11.0868 0x0a84  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe

Code:

ATTFilter

12:55:11.0884 0x0a84  NisSrv - ok
12:55:11.0930 0x0a84  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:55:11.0962 0x0a84  NlaSvc - ok
12:55:11.0993 0x0a84  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:55:12.0024 0x0a84  Npfs - ok
12:55:12.0055 0x0a84  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:55:12.0118 0x0a84  nsi - ok
12:55:12.0149 0x0a84  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:55:12.0196 0x0a84  nsiproxy - ok
12:55:12.0305 0x0a84  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:55:12.0383 0x0a84  Ntfs - ok
12:55:12.0430 0x0a84  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:55:12.0492 0x0a84  Null - ok
12:55:12.0554 0x0a84  [ 285ACEC1B13A15BA520AAE06BACB9CFF, A6F576763818D4EAB2CDA3857F2963F61FDA67D7B581C52E1EB1DDB32FD642C3 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
12:55:12.0570 0x0a84  nusb3hub - ok
12:55:12.0679 0x0a84  [ F6D625FF7B56BB6EA063F0D3A5BBC996, 830196E96C120367BDA8C0EC9D7B85A642D41E8108189B1A72193299A6C005B1 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:55:12.0695 0x0a84  nusb3xhc - ok
12:55:12.0773 0x0a84  [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
12:55:12.0788 0x0a84  NVHDA - ok
12:55:13.0649 0x0a84  [ 011F0596D167D073E6813AE88E7947A9, 2EF87754BE6477DAEF0B1C60C5BA5B6E038D2687EDCBE0A15B1A0862FF8D81BE ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:55:14.0086 0x0a84  nvlddmkm - ok
12:55:14.0133 0x0a84  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:55:14.0164 0x0a84  nvraid - ok
12:55:14.0180 0x0a84  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:55:14.0195 0x0a84  nvstor - ok
12:55:14.0227 0x0a84  [ E72422F9C55078DFA298AC7AA0A87970, F6CB073B5BCD66E77BAF45E1FA3F8A6AE337728F7AE21FF53319669FA82A0C82 ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:55:14.0242 0x0a84  nvsvc - ok
12:55:14.0273 0x0a84  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:55:14.0289 0x0a84  nv_agp - ok
12:55:14.0351 0x0a84  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:55:14.0383 0x0a84  odserv - ok
12:55:14.0383 0x0a84  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:55:14.0429 0x0a84  ohci1394 - ok
12:55:14.0461 0x0a84  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:55:14.0476 0x0a84  ose - ok
12:55:14.0710 0x0a84  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:55:14.0897 0x0a84  osppsvc - ok
12:55:14.0929 0x0a84  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:55:14.0991 0x0a84  p2pimsvc - ok
12:55:15.0086 0x0a84  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:55:15.0148 0x0a84  p2psvc - ok
12:55:15.0210 0x0a84  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:55:15.0226 0x0a84  Parport - ok
12:55:15.0288 0x0a84  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:55:15.0304 0x0a84  partmgr - ok
12:55:15.0335 0x0a84  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:55:15.0366 0x0a84  PcaSvc - ok
12:55:15.0413 0x0a84  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:55:15.0429 0x0a84  pci - ok
12:55:15.0460 0x0a84  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:55:15.0476 0x0a84  pciide - ok
12:55:15.0507 0x0a84  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:55:15.0538 0x0a84  pcmcia - ok
12:55:15.0569 0x0a84  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:55:15.0569 0x0a84  pcw - ok
12:55:15.0648 0x0a84  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:55:15.0695 0x0a84  PEAUTH - ok
12:55:15.0804 0x0a84  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:55:15.0835 0x0a84  PerfHost - ok
12:55:15.0991 0x0a84  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:55:16.0087 0x0a84  pla - ok
12:55:16.0149 0x0a84  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:55:16.0227 0x0a84  PlugPlay - ok
12:55:16.0290 0x0a84  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:55:16.0305 0x0a84  PNRPAutoReg - ok
12:55:16.0368 0x0a84  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:55:16.0399 0x0a84  PNRPsvc - ok
12:55:16.0461 0x0a84  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:55:16.0524 0x0a84  PolicyAgent - ok
12:55:16.0602 0x0a84  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:55:16.0649 0x0a84  Power - ok
12:55:16.0680 0x0a84  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:55:16.0711 0x0a84  PptpMiniport - ok
12:55:16.0805 0x0a84  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:55:16.0820 0x0a84  Processor - ok
12:55:16.0898 0x0a84  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:55:16.0961 0x0a84  ProfSvc - ok
12:55:16.0976 0x0a84  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:55:16.0976 0x0a84  ProtectedStorage - ok
12:55:17.0007 0x0a84  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:55:17.0054 0x0a84  Psched - ok
12:55:17.0085 0x0a84  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
12:55:17.0101 0x0a84  PxHlpa64 - ok
12:55:17.0132 0x0a84  [ 0928BD20273625622722FE1DE5BBDE57, 5313C222F8810D3A62CCE64482B5E50E58BBE2A2C298A23C84A454C34324AC52 ] qicflt          C:\Windows\system32\DRIVERS\qicflt.sys
12:55:17.0132 0x0a84  qicflt - ok
12:55:17.0210 0x0a84  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:55:17.0241 0x0a84  ql2300 - ok
12:55:17.0273 0x0a84  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:55:17.0288 0x0a84  ql40xx - ok
12:55:17.0335 0x0a84  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:55:17.0366 0x0a84  QWAVE - ok
12:55:17.0382 0x0a84  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:55:17.0429 0x0a84  QWAVEdrv - ok
12:55:17.0444 0x0a84  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:55:17.0507 0x0a84  RasAcd - ok
12:55:17.0538 0x0a84  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:55:17.0553 0x0a84  RasAgileVpn - ok
12:55:17.0585 0x0a84  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:55:17.0647 0x0a84  RasAuto - ok
12:55:17.0694 0x0a84  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:55:17.0741 0x0a84  Rasl2tp - ok
12:55:17.0772 0x0a84  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:55:17.0834 0x0a84  RasMan - ok
12:55:17.0865 0x0a84  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:55:17.0897 0x0a84  RasPppoe - ok
12:55:17.0928 0x0a84  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:55:17.0959 0x0a84  RasSstp - ok
12:55:17.0990 0x0a84  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:55:18.0037 0x0a84  rdbss - ok
12:55:18.0053 0x0a84  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:55:18.0084 0x0a84  rdpbus - ok
12:55:18.0099 0x0a84  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:55:18.0131 0x0a84  RDPCDD - ok
12:55:18.0146 0x0a84  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:55:18.0193 0x0a84  RDPENCDD - ok
12:55:18.0193 0x0a84  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:55:18.0224 0x0a84  RDPREFMP - ok
12:55:18.0255 0x0a84  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:55:18.0271 0x0a84  RdpVideoMiniport - ok
12:55:18.0318 0x0a84  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:55:18.0349 0x0a84  RDPWD - ok
12:55:18.0380 0x0a84  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:55:18.0396 0x0a84  rdyboost - ok
12:55:18.0474 0x0a84  [ 0AA473966357C4A41B5EB19649EB6E5E, D4F1EADDECE41481332CBF03B8CAB4AC6AB048834DF013DB30757E7941F306FE ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
12:55:18.0505 0x0a84  RegSrvc - ok
12:55:18.0536 0x0a84  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:55:18.0599 0x0a84  RemoteAccess - ok
12:55:18.0645 0x0a84  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:55:18.0708 0x0a84  RemoteRegistry - ok
12:55:18.0739 0x0a84  [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
12:55:18.0770 0x0a84  RimUsb - ok
12:55:18.0926 0x0a84  [ BDDC447AB46625A54619808575D5CB46, 5321343BFB972A111D27DED7A3F3A3520E0C77104E6139ADC7765C76A459ED9C ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
12:55:18.0957 0x0a84  RoxMediaDB12OEM - ok
12:55:19.0004 0x0a84  [ CE203243ADF512540249DF9C264F12DD, 7BC0A6E9A422D832DDF046F28EA0F80A879A007B7116C4B830D6A39DCDD09EF5 ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
12:55:19.0004 0x0a84  RoxWatch12 - ok
12:55:19.0035 0x0a84  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:55:19.0098 0x0a84  RpcEptMapper - ok
12:55:19.0098 0x0a84  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:55:19.0129 0x0a84  RpcLocator - ok
12:55:19.0176 0x0a84  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:55:19.0207 0x0a84  RpcSs - ok
12:55:19.0238 0x0a84  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:55:19.0285 0x0a84  rspndr - ok
12:55:19.0332 0x0a84  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:55:19.0363 0x0a84  RTL8167 - ok
12:55:19.0363 0x0a84  rvqhafqh - ok
12:55:19.0379 0x0a84  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
12:55:19.0394 0x0a84  SamSs - ok
12:55:19.0410 0x0a84  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

Code:

ATTFilter

12:55:19.0425 0x0a84  sbp2port - ok
12:55:19.0457 0x0a84  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:55:19.0488 0x0a84  SCardSvr - ok
12:55:19.0519 0x0a84  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:55:19.0550 0x0a84  scfilter - ok
12:55:19.0613 0x0a84  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:55:19.0691 0x0a84  Schedule - ok
12:55:19.0722 0x0a84  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:55:19.0753 0x0a84  SCPolicySvc - ok
12:55:19.0784 0x0a84  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
12:55:19.0815 0x0a84  sdbus - ok
12:55:19.0847 0x0a84  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:55:19.0909 0x0a84  SDRSVC - ok
12:55:19.0940 0x0a84  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:55:19.0987 0x0a84  secdrv - ok
12:55:20.0034 0x0a84  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:55:20.0096 0x0a84  seclogon - ok
12:55:20.0112 0x0a84  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:55:20.0159 0x0a84  SENS - ok
12:55:20.0174 0x0a84  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:55:20.0221 0x0a84  SensrSvc - ok
12:55:20.0237 0x0a84  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:55:20.0268 0x0a84  Serenum - ok
12:55:20.0283 0x0a84  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:55:20.0299 0x0a84  Serial - ok
12:55:20.0346 0x0a84  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:55:20.0361 0x0a84  sermouse - ok
12:55:20.0408 0x0a84  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:55:20.0439 0x0a84  SessionEnv - ok
12:55:20.0471 0x0a84  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
12:55:20.0502 0x0a84  sffdisk - ok
12:55:20.0549 0x0a84  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:55:20.0580 0x0a84  sffp_mmc - ok
12:55:20.0595 0x0a84  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
12:55:20.0611 0x0a84  sffp_sd - ok
12:55:20.0642 0x0a84  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:55:20.0673 0x0a84  sfloppy - ok
12:55:20.0720 0x0a84  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
12:55:20.0751 0x0a84  Sftfs - ok
12:55:20.0829 0x0a84  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:55:20.0845 0x0a84  sftlist - ok
12:55:20.0876 0x0a84  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:55:20.0892 0x0a84  Sftplay - ok
12:55:20.0907 0x0a84  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:55:20.0923 0x0a84  Sftredir - ok
12:55:21.0001 0x0a84  [ E1974A92AC0914A3859359A0A8C82C68, 4908917F72D6E531B44488F06A05915F0DA9767758E44C886F5F93F46BA79654 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
12:55:21.0017 0x0a84  SftService - ok
12:55:21.0032 0x0a84  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
12:55:21.0048 0x0a84  Sftvol - ok
12:55:21.0079 0x0a84  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:55:21.0095 0x0a84  sftvsa - ok
12:55:21.0141 0x0a84  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:55:21.0204 0x0a84  SharedAccess - ok
12:55:21.0235 0x0a84  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:55:21.0297 0x0a84  ShellHWDetection - ok
12:55:21.0329 0x0a84  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:55:21.0344 0x0a84  SiSRaid2 - ok
12:55:21.0360 0x0a84  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:55:21.0360 0x0a84  SiSRaid4 - ok
12:55:21.0438 0x0a84  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:55:21.0453 0x0a84  SkypeUpdate - ok
12:55:21.0485 0x0a84  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:55:21.0531 0x0a84  Smb - ok
12:55:21.0547 0x0a84  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:55:21.0578 0x0a84  SNMPTRAP - ok
12:55:21.0609 0x0a84  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:55:21.0609 0x0a84  spldr - ok
12:55:21.0656 0x0a84  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:55:21.0703 0x0a84  Spooler - ok
12:55:21.0828 0x0a84  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:55:21.0937 0x0a84  sppsvc - ok
12:55:21.0953 0x0a84  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:55:21.0999 0x0a84  sppuinotify - ok
12:55:22.0046 0x0a84  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:55:22.0093 0x0a84  srv - ok
12:55:22.0140 0x0a84  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:55:22.0202 0x0a84  srv2 - ok
12:55:22.0233 0x0a84  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:55:22.0265 0x0a84  srvnet - ok
12:55:22.0311 0x0a84  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:55:22.0374 0x0a84  SSDPSRV - ok
12:55:22.0421 0x0a84  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:55:22.0483 0x0a84  SstpSvc - ok
12:55:22.0514 0x0a84  [ 92E7F6666633D2DD91D527503DAA7BE0, E97C7FFCAF2C7A83B270B6C797A91C2731FEA26874FE1E59B4CB55D5D98744BB ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
12:55:22.0530 0x0a84  stdcfltn - ok
12:55:22.0592 0x0a84  [ C6539A0CB1EBFF488D3D4B070C4F17F8, F889F58BF2ABDAD91E814D7F72879EFA735F672E6B8BAC22D8B3E390D3D93926 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:55:22.0608 0x0a84  Stereo Service - ok
12:55:22.0639 0x0a84  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:55:22.0655 0x0a84  stexstor - ok
12:55:22.0701 0x0a84  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
12:55:22.0748 0x0a84  StillCam - ok
12:55:22.0795 0x0a84  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:55:22.0842 0x0a84  stisvc - ok
12:55:22.0904 0x0a84  [ 9E182DD94496550A22A392CC1A8E0F52, 6F630982F7AFDF409F24BB0D9815592000FC8A47200F4FEC4A5C5ED241810244 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
12:55:22.0920 0x0a84  stllssvr - ok
12:55:22.0935 0x0a84  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:55:22.0951 0x0a84  swenum - ok
12:55:22.0982 0x0a84  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:55:23.0045 0x0a84  swprv - ok
12:55:23.0107 0x0a84  [ 36F506C894E1EA59C65FAF6398BDF49A, 70B7CA69958796C3AFA1ACA4C3BF054CBFEE84DC73A55D395EFED4A80B5399A2 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
12:55:23.0138 0x0a84  SynTP - ok
12:55:23.0216 0x0a84  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:55:23.0294 0x0a84  SysMain - ok
12:55:23.0372 0x0a84  [ C7A3D0DA9A546B9127A88CDFC514A531, 7234E42EC90A393626B5F528151952F248F790AD40BB6B966EC4FB5D9BB6059C ] SystemStoreService C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe
12:55:23.0403 0x0a84  SystemStoreService - detected UnsignedFile.Multi.Generic ( 1 )
12:55:23.0403 0x0a84  Detect skipped due to KSN trusted
12:55:23.0403 0x0a84  SystemStoreService - ok
12:55:23.0435 0x0a84  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:55:23.0466 0x0a84  TabletInputService - ok
12:55:23.0497 0x0a84  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:55:23.0544 0x0a84  TapiSrv - ok
12:55:23.0575 0x0a84  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:55:23.0622 0x0a84  TBS - ok
12:55:23.0715 0x0a84  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:55:23.0762 0x0a84  Tcpip - ok
12:55:23.0809 0x0a84  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:55:23.0856 0x0a84  TCPIP6 - ok
12:55:23.0918 0x0a84  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:55:23.0949 0x0a84  tcpipreg - ok
12:55:23.0981 0x0a84  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:55:24.0012 0x0a84  TDPIPE - ok
12:55:24.0059 0x0a84  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:55:24.0090 0x0a84  TDTCP - ok
12:55:24.0121 0x0a84  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:55:24.0152 0x0a84  tdx - ok
12:55:24.0371 0x0a84  [ 9CC341BE32EEC138702795768DE9DE99, 61F580B40075680C72E40286BC6D69E94653A0F5574FFE08B46A9011AC88C58B ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
12:55:24.0495 0x0a84  TeamViewer9 - ok
12:55:24.0527 0x0a84  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:55:24.0542 0x0a84  TermDD - ok
12:55:24.0589 0x0a84  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
12:55:24.0636 0x0a84  TermService - ok
12:55:24.0683 0x0a84  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:55:24.0698 0x0a84  Themes - ok
12:55:24.0714 0x0a84  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:55:24.0745 0x0a84  THREADORDER - ok
12:55:24.0761 0x0a84  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:55:24.0807 0x0a84  TrkWks - ok
12:55:24.0870 0x0a84  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:55:24.0932 0x0a84  TrustedInstaller - ok
12:55:24.0963 0x0a84  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:55:24.0979 0x0a84  tssecsrv - ok
12:55:25.0026 0x0a84  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:55:25.0073 0x0a84  TsUsbFlt - ok
12:55:25.0104 0x0a84  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:55:25.0151 0x0a84  tunnel - ok
12:55:25.0182 0x0a84  [ 825E7A1F48FB8BCFBA27C178AAB4E275, 94F039917B52BEFFFE383E14A6169AE81B6E79C30BA7DD017A9CFE15708A1605 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
12:55:25.0182 0x0a84  TurboB - ok
12:55:25.0244 0x0a84  [ B206BE1174D5964D49A56BB6C4E0524A, 9D7DA11220B69E2EDEA9E55EC0E4CB554DD7F638ABF49B76353CE5A5C75965B8 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
12:55:25.0260 0x0a84  TurboBoost - ok
12:55:25.0291 0x0a84  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:55:25.0291 0x0a84  uagp35 - ok
12:55:25.0338 0x0a84  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

14.11.2014, 00:38	#20
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Neuer Postbank Trojaner. Wie muss ich vorgehen? So ist es... __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

14.11.2014, 00:42	#22
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Neuer Postbank Trojaner. Wie muss ich vorgehen? Ok... __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

14.11.2014, 00:52	#24
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Neuer Postbank Trojaner. Wie muss ich vorgehen? Copy & paste __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Neuer Postbank Trojaner. Wie muss ich vorgehen?

Plagegeister aller Art und deren Bekämpfung: Neuer Postbank Trojaner. Wie muss ich vorgehen?