Possible infection

blocTore · Jan 7, 2021

So not long ago, I've looked into my cookies and I saw this one named "dotomi" by doing some research I discovered it was an adware so I removed it. The thing is that I don't really remember visiting any suspicious site. The only sites I've visited are only like youtube and facebook. I've also resetted my laptop not long before discovering that cookie. I haven't seen the cookie again, but I would still like to check if there is something in my laptop.

Here are the logs:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-01-2021
Ran by Me K (administrator) on LAPTOP-9Q74QVBB (LENOVO 81MQ000JUS) (07-01-2021 19:35:50)
Running from C:\Users\Me K\Downloads
Loaded Profiles: Me K
Platform: Windows 10 Pro Education Version 1909 18363.1256 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360344.inf_amd64_fbce64bf2b60c333\B360372\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360344.inf_amd64_fbce64bf2b60c333\B360372\atiesrxx.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1141552 2020-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-07] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {066BB0F6-3B5D-4F71-8DA9-C24405A6414E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5b6dbc2c-1478-4cea-93f2-74ade4cd4957 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {20A691DE-C40E-4C67-91D9-9E04144174B4} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [63880 2019-01-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {67C26EF5-DBAD-4775-AE9A-EF6DC64CFCCA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0a6ef1c0-d86d-4bcc-96b3-91191244085f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {6D0AF89F-D3E8-4CC1-A8B0-E4921E597F13} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6dc0af33-cfde-4c44-b1fe-ddb28dcad4fb => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {72E33B71-F68C-4FA6-A6CB-EA748EBC2B1F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-12] (Google LLC -> Google LLC)
Task: {7686AC2E-1D8C-44B3-9228-443707EA52CE} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144312 2020-09-15] (Lenovo -> Lenovo Group Ltd.)
Task: {B3A0475F-18A9-48E0-A577-A8CF35E13E31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-12] (Google LLC -> Google LLC)
Task: {C38B8D0D-F408-461D-BA97-3864CBEC1563} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62280 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {DBB3B40F-B240-483E-B9DE-8A7343A4851F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ae8cc72b-8b3d-40d4-bc37-6223cd7f68f6 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {E83CF9B0-EB83-4FDA-ACD8-D409002B3A4E} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {EE2C6890-5DDC-47EC-BC21-A563DAA74F21} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {EF2F6C65-C995-4FD0-87DD-8590D0523D7A} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {FD727798-3582-420D-80E9-962C53CA9A44} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2019-01-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d54569d3-0247-4646-8a90-86734bb70fe8}: [DhcpNameServer] 169.254.23.227
Tcpip\..\Interfaces\{e3dcf97a-3bfd-4a01-87ea-ebd1233bb042}: [DhcpNameServer] 192.168.0.1

Chrome:
=======
CHR Profile: C:\Users\Me K\AppData\Local\Google\Chrome\User Data\Default [2021-01-07]
CHR Extension: (Slides) - C:\Users\Me K\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-12]
CHR Extension: (Just Black) - C:\Users\Me K\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2021-01-04]
CHR Extension: (Docs) - C:\Users\Me K\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-12]
CHR Extension: (Google Drive) - C:\Users\Me K\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-12]
CHR Extension: (YouTube) - C:\Users\Me K\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-12]
CHR Extension: (uBlock Origin) - C:\Users\Me K\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-01-04]
CHR Extension: (Sheets) - C:\Users\Me K\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-12]
CHR Extension: (Google Docs Offline) - C:\Users\Me K\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Me K\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-11-12]
CHR Extension: (Gmail) - C:\Users\Me K\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-12]
CHR Extension: (Chrome Media Router) - C:\Users\Me K\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-04]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [339096 2019-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-04] (Malwarebytes Inc -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6264152 2021-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [183504 2019-07-15] (BayHub Technology Inc. -> BayHubTech/O2Micro)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-01-04] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-04] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2021-01-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-01-04] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [139424 2021-01-07] (Malwarebytes Inc -> Malwarebytes)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2021-01-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-01-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-07 19:35 - 2021-01-07 19:35 - 000000000 ____D C:\Users\Me K\Downloads\FRST-OlderVersion
2021-01-07 10:06 - 2021-01-07 10:06 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-01-07 10:05 - 2021-01-07 10:05 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-01-07 10:05 - 2021-01-07 10:05 - 000139424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-01-04 21:52 - 2021-01-04 21:52 - 000000000 ____D C:\Users\Me K\AppData\Local\CrashDumps
2021-01-04 15:14 - 2021-01-04 15:14 - 000000000 ____D C:\Users\Me K\AppData\Local\PeerDistRepub
2021-01-04 14:40 - 2021-01-04 14:40 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-04 14:40 - 2021-01-04 14:40 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-01-04 14:40 - 2021-01-04 14:39 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-04 12:27 - 2021-01-04 12:27 - 000000000 ____D C:\Program Files\UNP
2021-01-04 11:51 - 2020-11-01 17:20 - 001784120 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-04 11:51 - 2020-11-01 17:20 - 001784120 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-04 11:51 - 2020-11-01 17:20 - 001374520 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-04 11:51 - 2020-11-01 17:20 - 001374520 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-04 11:51 - 2020-11-01 17:20 - 001085560 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-04 11:51 - 2020-11-01 17:20 - 001085560 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 064809272 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 053685048 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 004630840 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 004141368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 001341752 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 001341752 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000944408 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000944408 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000760632 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-01-04 11:51 - 2020-11-01 17:19 - 000737080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000621368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000496952 _____ C:\WINDOWS\system32\GameManager64.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000493368 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-01-04 11:51 - 2020-11-01 17:19 - 000468792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000456504 _____ C:\WINDOWS\system32\atieah64.exe
2021-01-04 11:51 - 2020-11-01 17:19 - 000432952 _____ C:\WINDOWS\system32\EEURestart.exe
2021-01-04 11:51 - 2020-11-01 17:19 - 000380216 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000352056 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-01-04 11:51 - 2020-11-01 17:19 - 000339768 _____ C:\WINDOWS\system32\clinfo.exe
2021-01-04 11:51 - 2020-11-01 17:19 - 000245560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000213304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000182600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000167224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000158856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000141112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000135992 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000134968 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000125752 _____ C:\WINDOWS\system32\atidxx64.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000122680 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000120632 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000107832 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000107320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000090936 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000075576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000070456 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000046904 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000043832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-01-04 11:51 - 2020-11-01 17:19 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-01-04 11:51 - 2020-11-01 17:18 - 071030584 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-01-04 11:51 - 2020-11-01 17:18 - 001686216 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-01-04 11:51 - 2020-11-01 17:18 - 001365568 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-01-04 11:51 - 2020-11-01 17:18 - 000941368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-01-04 11:51 - 2020-11-01 17:18 - 000768824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-01-04 11:51 - 2020-11-01 17:18 - 000553784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2021-01-04 11:51 - 2020-11-01 17:18 - 000547000 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-01-04 11:51 - 2020-11-01 17:18 - 000489784 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-01-04 11:51 - 2020-11-01 17:18 - 000466744 _____ C:\WINDOWS\system32\amdlogum.exe
2021-01-04 11:51 - 2020-11-01 17:18 - 000383800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2021-01-04 11:51 - 2020-11-01 17:18 - 000380216 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-01-04 11:51 - 2020-11-01 17:18 - 000167608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2021-01-04 11:51 - 2020-11-01 17:18 - 000130440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-01-04 11:51 - 2020-11-01 17:18 - 000130440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-01-04 11:51 - 2020-11-01 17:18 - 000108456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-01-04 11:51 - 2020-11-01 17:18 - 000108456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-01-04 11:51 - 2020-11-01 17:17 - 000136128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-01-04 11:51 - 2020-11-01 17:17 - 000120472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-01-04 11:51 - 2020-11-01 15:58 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-01-04 11:51 - 2020-11-01 15:58 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-01-04 11:51 - 2020-11-01 15:58 - 000544264 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-01-04 11:51 - 2020-11-01 15:58 - 000544264 _____ C:\WINDOWS\system32\atiapfxx.blb
2021-01-04 11:49 - 2020-08-27 01:45 - 001145480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCOM64.dll
2021-01-04 11:49 - 2020-08-27 01:45 - 000854112 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64U.dll
2021-01-04 11:49 - 2020-08-27 01:45 - 000468792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2021-01-04 11:49 - 2020-08-27 01:33 - 041590166 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-01-04 11:49 - 2019-05-06 23:44 - 000464832 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDUninstall.exe
2021-01-04 11:42 - 2021-01-04 11:42 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll
2021-01-04 11:42 - 2021-01-04 11:42 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-01-04 11:42 - 2021-01-04 11:42 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-01-04 11:42 - 2021-01-04 11:42 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-01-04 11:42 - 2021-01-04 11:42 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2021-01-04 11:42 - 2021-01-04 11:42 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-01-04 11:42 - 2021-01-04 11:42 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2021-01-04 11:42 - 2021-01-04 11:42 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2021-01-04 11:42 - 2021-01-04 11:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-04 11:42 - 2021-01-04 11:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-04 11:42 - 2021-01-04 11:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-04 11:42 - 2021-01-04 11:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-04 11:42 - 2021-01-04 11:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-04 11:42 - 2021-01-04 11:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-04 11:42 - 2021-01-04 11:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-04 11:42 - 2021-01-04 11:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-04 11:42 - 2021-01-04 11:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-04 11:42 - 2021-01-04 11:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-04 11:42 - 2021-01-04 11:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-04 11:42 - 2021-01-04 11:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-04 11:42 - 2021-01-04 11:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-04 11:42 - 2021-01-04 11:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-04 11:42 - 2021-01-04 11:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-04 11:42 - 2021-01-04 11:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-04 11:41 - 2021-01-04 11:41 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-01-04 11:41 - 2021-01-04 11:41 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-07 19:37 - 2020-11-12 21:30 - 000012458 _____ C:\Users\Me K\Downloads\FRST.txt
2021-01-07 19:36 - 2020-11-12 21:30 - 000000000 ____D C:\FRST
2021-01-07 19:35 - 2020-11-12 21:29 - 002282496 _____ (Farbar) C:\Users\Me K\Downloads\FRST64.exe
2021-01-07 19:02 - 2020-11-12 21:44 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-07 18:45 - 2020-11-12 22:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-07 16:41 - 2020-11-12 22:45 - 000000000 ____D C:\Users\Me K\AppData\Local\D3DSCache
2021-01-07 10:12 - 2020-11-12 22:41 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-07 10:12 - 2020-11-12 21:41 - 000000000 ____D C:\WINDOWS\INF
2021-01-07 10:05 - 2020-11-12 22:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-07 10:05 - 2020-11-12 22:26 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2021-01-07 10:04 - 2020-11-12 22:26 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2021-01-07 10:04 - 2020-11-12 21:31 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-07 02:34 - 2020-11-12 21:06 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-07 02:34 - 2020-11-12 21:06 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-07 02:34 - 2020-11-12 21:06 - 000002213 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-06 23:38 - 2020-11-12 21:44 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-06 23:38 - 2020-11-12 21:44 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-04 21:43 - 2020-11-12 20:36 - 000000000 ____D C:\Users\Me K\AppData\Local\PlaceholderTileLogoFolder
2021-01-04 16:44 - 2020-11-12 22:45 - 000000000 ____D C:\Users\Me K\AppData\Local\Packages
2021-01-04 15:14 - 2020-11-12 21:51 - 000000000 ____D C:\WINDOWS\OCR
2021-01-04 15:14 - 2020-11-12 21:33 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-04 14:40 - 2020-11-12 21:44 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-04 14:40 - 2020-11-12 21:17 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-04 14:40 - 2020-11-12 21:17 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-04 14:40 - 2020-11-12 21:17 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-01-04 14:39 - 2020-11-12 21:17 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-04 12:25 - 2020-11-12 22:45 - 000000000 ___RD C:\Users\Me K\3D Objects
2021-01-04 12:25 - 2018-09-19 13:11 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-04 12:24 - 2020-11-12 22:25 - 000258128 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-04 12:22 - 2020-11-12 21:44 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-04 12:22 - 2020-11-12 21:44 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-04 12:22 - 2020-11-12 21:44 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-04 12:22 - 2020-11-12 21:44 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-04 12:22 - 2020-11-12 21:44 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-04 12:22 - 2020-11-12 21:44 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-04 12:22 - 2020-11-12 21:44 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-04 12:22 - 2020-11-12 21:44 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-04 12:22 - 2020-11-12 21:44 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-04 12:22 - 2020-11-12 21:44 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-04 12:22 - 2020-11-12 21:44 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-01-04 11:22 - 2018-09-19 13:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-01-04 11:18 - 2020-11-12 23:11 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1573202340-3402057560-894555192-1001
2021-01-04 11:18 - 2020-11-12 23:11 - 000000000 ___RD C:\Users\Me K\OneDrive
2021-01-04 11:18 - 2020-11-12 22:43 - 000002367 _____ C:\Users\Me K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-04 11:09 - 2020-11-12 21:05 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-04 11:09 - 2020-11-12 21:05 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2021
Ran by Me K (07-01-2021 19:39:10)
Running from C:\Users\Me K\Downloads
Windows 10 Pro Education Version 1909 18363.1256 (X64) (2020-11-13 03:37:26)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1573202340-3402057560-894555192-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1573202340-3402057560-894555192-503 - Limited - Disabled)
Guest (S-1-5-21-1573202340-3402057560-894555192-501 - Limited - Disabled)
Me K (S-1-5-21-1573202340-3402057560-894555192-1001 - Administrator - Enabled) => C:\Users\Me K
WDAGUtilityAccount (S-1-5-21-1573202340-3402057560-894555192-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2019.0104.0147.3209 - Advanced Micro Devices, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1573202340-3402057560-894555192-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)

Packages:
=========
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2011.20.0_x64__k1h2ywk1493x8 [2021-01-05] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.1.19.0_x64__5grkq8ppsgwt4 [2021-01-05] (LENOVO INC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2020-11-12] (LinkedIn)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2021-01-04] (Microsoft Studios) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-11-12] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.16.228.0_x64__dt26b99r8h8gj [2021-01-04] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-12] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-12] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-12-14 17:17 - 2018-12-14 17:17 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-12-14 17:17 - 2018-12-14 17:17 - 002551808 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2021-01-04 12:33 - 2020-05-30 14:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2020-11-12 22:41 - 2020-04-09 09:17 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2018-12-14 17:18 - 2018-12-14 17:18 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-12-14 17:18 - 2018-12-14 17:18 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-12-14 17:18 - 2018-12-14 17:18 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-12-14 17:18 - 2018-12-14 17:18 - 000345600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-12-14 17:18 - 2018-12-14 17:18 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-12-14 17:18 - 2018-12-14 17:18 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-12-14 17:18 - 2018-12-14 17:18 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-12-14 17:18 - 2018-12-14 17:18 - 000502784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-12-14 17:18 - 2018-12-14 17:18 - 001413632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-01-04 03:45 - 2019-01-04 03:45 - 005786112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-12-14 17:17 - 2018-12-14 17:17 - 006303232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-12-14 17:17 - 2018-12-14 17:17 - 001077248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-12-14 17:17 - 2018-12-14 17:17 - 000323584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-12-14 17:17 - 2018-12-14 17:17 - 003556352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-12-14 17:17 - 2018-12-14 17:17 - 003699712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-12-14 17:17 - 2018-12-14 17:17 - 000331264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-12-14 17:17 - 2018-12-14 17:17 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-12-14 17:17 - 2018-12-14 17:17 - 000355328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-12-14 17:17 - 2018-12-14 17:17 - 076171264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-12-14 17:17 - 2018-12-14 17:17 - 005590528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-12-14 17:17 - 2018-12-14 17:17 - 000461312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-12-14 17:17 - 2018-12-14 17:17 - 000189952 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-12-14 17:17 - 2018-12-14 17:17 - 002821632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-12-14 17:18 - 2018-12-14 17:18 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-12-14 17:18 - 2018-12-14 17:18 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-12-14 17:18 - 2018-12-14 17:18 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-12-14 17:18 - 2018-12-14 17:18 - 000327680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-12-14 17:18 - 2018-12-14 17:18 - 000089600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-12-14 17:18 - 2018-12-14 17:18 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-12-14 17:18 - 2018-12-14 17:18 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1573202340-3402057560-894555192-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1573202340-3402057560-894555192-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1573202340-3402057560-894555192-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 02:31 - 2018-09-15 02:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1573202340-3402057560-894555192-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1573202340-3402057560-894555192-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C987278D-6082-4907-AC8E-52D0D867730D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10730.20103.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => No File
FirewallRules: [{933005D2-8396-4877-9ED2-85143549699D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{991E551C-1522-4D84-B09F-008A2F46B7C5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{21D759D5-305F-4654-9BAA-F65F94D9AFAF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E528313C-EB51-4727-AD74-72F1C5A5D105}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BF0EC957-B8BC-4118-9B64-40894E65F269}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:56.99 GB) (Free:32.25 GB) (57%)

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/07/2021 06:45:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 4.0.0.865, time stamp: 0x5fc55b58
Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x5f84e8d4
Exception code: 0xc0000005
Fault offset: 0x0000000000219dc5
Faulting process id: 0x1fa0
Faulting application start time: 0x01d6e506a6d21518
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: 33574f42-caa7-4314-ba80-bc56f6d545f9
Faulting package full name:
Faulting package-relative application ID:

Error: (01/05/2021 11:19:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 4.0.0.865, time stamp: 0x5fc55b58
Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x5f84e8d4
Exception code: 0xc0000005
Fault offset: 0x0000000000219dc5
Faulting process id: 0x414
Faulting application start time: 0x01d6e3e31f71c152
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: afb10115-2064-4d42-84a0-9a0ff4b6e961
Faulting package full name:
Faulting package-relative application ID:

Error: (01/05/2021 11:11:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MBAMService.exe, version: 3.2.0.943, time stamp: 0x5fbd5689
Faulting module name: ntdll.dll, version: 10.0.18362.1171, time stamp: 0x103a4719
Exception code: 0xc0000005
Fault offset: 0x00000000000072a6
Faulting process id: 0x4d0
Faulting application start time: 0x01d6e30db5a702fb
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: d142d85f-f8d2-4429-88a0-92f82c7ad599
Faulting package full name:
Faulting package-relative application ID:

Error: (01/05/2021 07:22:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_FrameServer, version: 10.0.18362.1, time stamp: 0x32d6c210
Faulting module name: frameserver.dll, version: 10.0.18362.1171, time stamp: 0x9609af31
Exception code: 0xc00d4e24
Fault offset: 0x00000000000605d9
Faulting process id: 0x864
Faulting application start time: 0x01d6e3c1e720e6b7
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: c:\windows\system32\frameserver.dll
Report Id: b7457618-1190-410d-81d7-5af2308f3dab
Faulting package full name:
Faulting package-relative application ID:

Error: (01/05/2021 09:52:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_FrameServer, version: 10.0.18362.1, time stamp: 0x32d6c210
Faulting module name: frameserver.dll, version: 10.0.18362.1171, time stamp: 0x9609af31
Exception code: 0xc00d4e24
Fault offset: 0x00000000000605d9
Faulting process id: 0x1bf8
Faulting application start time: 0x01d6e3725ffadbe0
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: c:\windows\system32\frameserver.dll
Report Id: 0f19298d-f713-4f65-aebc-1884ce002729
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2021 09:52:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 4.0.0.865, time stamp: 0x5fc55b58
Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x5f84e8d4
Exception code: 0xc0000005
Fault offset: 0x0000000000219dc5
Faulting process id: 0x16c0
Faulting application start time: 0x01d6e30dbc3c2142
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: 2d3d2262-3ab7-4afa-baef-0fd646cceeee
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2021 09:51:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MBAMService.exe, version: 3.2.0.943, time stamp: 0x5fbd5689
Faulting module name: ntdll.dll, version: 10.0.18362.1171, time stamp: 0x103a4719
Exception code: 0xc0000005
Fault offset: 0x00000000000072a6
Faulting process id: 0x1104
Faulting application start time: 0x01d6e30c6b3ae926
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 0a760b25-badc-4d7e-a8d8-9135d0f874a1
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2021 12:25:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 2656, ProfSvc PID: 1996.

System errors:
=============
Error: (01/05/2021 11:19:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Malwarebytes Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (01/05/2021 07:22:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Camera Frame Server service terminated unexpectedly. It has done this 2 time(s).

Error: (01/05/2021 09:53:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Camera Frame Server service terminated unexpectedly. It has done this 1 time(s).

Error: (01/04/2021 09:51:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Malwarebytes Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (01/04/2021 11:22:18 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Defender Antivirus Network Inspection Service service depends on the Windows Defender Antivirus Network Inspection System Driver service which failed to start because of the following error:
The service has not been started.

Error: (11/12/2020 09:18:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Malwarebytes Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (11/12/2020 08:54:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The System Guard Runtime Monitor Broker service terminated with the following error:
%%2147944147 = The authentication service is unknown.

Error: (11/12/2020 08:54:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Security Center service terminated with the following error:
The authentication service is unknown.

Windows Defender:
===================================
Date: 2021-01-04 11:34:15.176
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.1647.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===================================

Date: 2021-01-05 23:11:41.387
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-05 23:11:41.032
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-05 23:11:34.303
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-05 23:11:33.973
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-05 23:11:33.417
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-05 23:11:32.917
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-05 23:11:02.582
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-05 23:11:01.475
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: LENOVO ANCN23WW(V1.03) 03/29/2019
Motherboard: LENOVO LNVNB161216
Processor: AMD A6-9220C RADEON R5, 5 COMPUTE CORES 2C+3G
Percentage of memory in use: 58%
Total physical RAM: 3973.37 MB
Available physical RAM: 1659.61 MB
Total Virtual: 5125.37 MB
Available Virtual: 2149.75 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:56.99 GB) (Free:32.25 GB) NTFS

\\?\Volume{9b0d72bf-1276-488f-82f8-764feff2d967}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.54 GB) NTFS
\\?\Volume{2363401b-d716-4305-acb6-1ab1c94a6847}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 58.2 GB) (Disk ID: 2C5A1C2C)

Partition: GPT.

==================== End of Addition.txt =======================

==================== End of FRST.txt ========================

struppigel · Jan 7, 2021

Hello blocTore

I am Karsten and will gladly help you with any malware-related problems.

Please familiarize yourself with the following ground rules before you start.

Read my instructions thoroughly, carry out each step in the given order.
Do not make any changes to your system, or run any tools other than those I provided. Do not delete, fix, uninstall, or install anything unless I tell you to.
If you are unsure about anything or if you encounter any problems, please stop and inform me about it.
Stick with me until I tell you that your computer is clean. Absence of symptoms does not mean that your computer is free of malware.
Back up important files before we start.
Note: On weekends I might be slow to reply

-------------------------------------------------------------------

Your system logs look as clean as they can get

When you did a reset, did you do with with file deletion?
Are there any remaining issues with your system?

blocTore · Jan 8, 2021

I'm not sure what you mean by file deletion, if you mean wiping all the files then yes I did that.

Also, this morning, there was a strange event. On the taskbar, there was this "process?" (not sure of the term here, what I mean is like when for example you open chrome, you'd see that chrome is opened on the taskbar) and it appeared for a few seconds and they're was no icon shown so I couldn't know what it was.

struppigel · Jan 9, 2021

blocTore said:
I'm not sure what you mean by file deletion, if you mean wiping all the files then yes I did that.

Yes, that's what I meant. If you do a system reset with wiping all files, it gets rid of 99% of all malware. The only malware that can survive this is boot infectors because they don't reside in files. Let's do a boot infector scan just to be sure.

blocTore said:
Also, this morning, there was a strange event. On the taskbar, there was this "process?" (not sure of the term here, what I mean is like when for example you open chrome, you'd see that chrome is opened on the taskbar) and it appeared for a few seconds and they're was no icon shown so I couldn't know what it was.

I see errors in your logs that show that mbamtray.exe and services related to your webcam and Malwarebytes have problems and are being terminated unexpectedly. The not yet loaded icon might show the mbamtray.exe trying to run.
Does your webcam work properly?

TDSSKiller Scan

Please download TDSSKiller and save the file to your Desktop.
Right-Click TDSSKiller.exe and select

Run as administrator to run the programme.
Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.
Click Start Scan. Do not use the computer during the scan.
If objects are found, change the action to skip.
Click Continue and close the window.
A log will be created and saved to the root directory (usually C:\). Attach the file in your next reply.

blocTore · Jan 10, 2021

Hello,

My webcam doesn't work, but I'm fine with that since I never really use it.

As for TDSSKiller, I can't download it. Even clicking the link that says "click this if the download doesn't start" doesn't work.

struppigel · Jan 10, 2021

Do you want to keep using Malwarebytes?

Please try to download Tdsskiller from my Dropbox. Note: I renamed the file on purpose.
Proceed with the scan as instructed above.

blocTore · Jan 10, 2021

Yes I do want to keep Malwarebytes. Btw, just for a test, I tried my webcam and out of nowhere, it now works. I really don't know if it's important, but it seems a bit strange to me haha.

Anyways, for the scan, it didn't detect any thankfully. Here is the log:

19:49:56.0179 0x1cb4 TDSS rootkit removing tool 3.1.0.28 Apr 9 2019 21:11:46
19:49:56.0195 0x1cb4 UEFI system
19:49:59.0726 0x1cb4 ============================================================
19:49:59.0742 0x1cb4 Current date / time: 2021/01/10 19:49:59.0726
19:49:59.0757 0x1cb4 SystemInfo:
19:49:59.0757 0x1cb4
19:49:59.0757 0x1cb4 OS Version: 10.0.18363 ServicePack: 0.0
19:49:59.0757 0x1cb4 Product type: Workstation
19:49:59.0757 0x1cb4 ComputerName: LAPTOP-9Q74QVBB
19:49:59.0757 0x1cb4 UserName: Me K
19:49:59.0757 0x1cb4 Windows directory: C:\WINDOWS
19:49:59.0757 0x1cb4 System windows directory: C:\WINDOWS
19:49:59.0757 0x1cb4 Running under WOW64
19:49:59.0757 0x1cb4 Processor architecture: Intel x64
19:49:59.0757 0x1cb4 Number of processors: 2
19:49:59.0757 0x1cb4 Page size: 0x1000
19:49:59.0757 0x1cb4 Boot type: Normal boot
19:49:59.0757 0x1cb4 CodeIntegrityOptions = 0x0000C001
19:49:59.0757 0x1cb4 ============================================================
19:49:59.0882 0x1cb4 KLMD registered as C:\WINDOWS\system32\drivers\66569627.sys
19:49:59.0882 0x1cb4 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 18362.1, osProperties = 0x19
19:50:00.0257 0x1cb4 System UUID: {0370B437-7580-241C-67C1-CED7169CFBAB}
19:50:01.0070 0x1cb4 Drive \Device\Harddisk0\DR0 - Size: 0xE8F800000 ( 58.24 Gb ), SectorSize: 0x200, Cylinders: 0x1DB3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:50:01.0086 0x1cb4 Drive \Device\Harddisk0\DR0 - Size: 0xE8F800000 ( 58.24 Gb ), SectorSize: 0x200, Cylinders: 0x1DB3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:50:01.0086 0x1cb4 ============================================================
19:50:01.0086 0x1cb4 \Device\Harddisk0\DR0:
19:50:01.0086 0x1cb4 GPT partitions:
19:50:01.0086 0x1cb4 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {2363401B-D716-4305-ACB6-1AB1C94A6847}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
19:50:01.0086 0x1cb4 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {8AD41080-50CF-4444-BB92-88199B6B612B}, Name: Microsoft reserved partition, StartLBA 0x82800, BlocksNum 0x8000
19:50:01.0086 0x1cb4 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {00C7EF6C-49EB-453D-8048-164540CE3409}, Name: Basic data partition, StartLBA 0x8A800, BlocksNum 0x71FD000
19:50:01.0086 0x1cb4 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9B0D72BF-1276-488F-82F8-764FEFF2D967}, Name: Basic data partition, StartLBA 0x7287800, BlocksNum 0x1F4000
19:50:01.0086 0x1cb4 MBR partitions:
19:50:01.0086 0x1cb4 \Device\Harddisk0\DR0:
19:50:01.0086 0x1cb4 GPT partitions:
19:50:01.0086 0x1cb4 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {2363401B-D716-4305-ACB6-1AB1C94A6847}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
19:50:01.0086 0x1cb4 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {8AD41080-50CF-4444-BB92-88199B6B612B}, Name: Microsoft reserved partition, StartLBA 0x82800, BlocksNum 0x8000
19:50:01.0086 0x1cb4 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {00C7EF6C-49EB-453D-8048-164540CE3409}, Name: Basic data partition, StartLBA 0x8A800, BlocksNum 0x71FD000
19:50:01.0086 0x1cb4 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9B0D72BF-1276-488F-82F8-764FEFF2D967}, Name: Basic data partition, StartLBA 0x7287800, BlocksNum 0x1F4000
19:50:01.0086 0x1cb4 MBR partitions:
19:50:01.0086 0x1cb4 ============================================================
19:50:01.0101 0x1cb4 C: <-> \Device\Harddisk0\DR0\Partition3
19:50:01.0101 0x1cb4 ============================================================
19:50:01.0101 0x1cb4 Initialize success
19:50:01.0101 0x1cb4 ============================================================
19:50:18.0508 0x0e2c ============================================================
19:50:18.0508 0x0e2c Scan started
19:50:18.0508 0x0e2c Mode: Manual; SigCheck; TDLFS;
19:50:18.0508 0x0e2c ============================================================
19:50:18.0508 0x0e2c KSN ping started
19:50:18.0727 0x0e2c KSN ping finished: true
19:50:20.0430 0x0e2c ================ Scan BIOS =================================
19:50:20.0430 0x0e2c BIOS info: vendor = LENOVO, version = ANCN23WW(V1.03), releaseDate = 03/29/2019
19:50:20.0430 0x0e2c Base board info: manufacturer = LENOVO, product = LNVNB161216, version = SDK0K13476 WIN
19:50:26.0336 0x0e2c [ BA181B2A359046C7B2CB971FA4593B7D, 213C5E946FECF5EEB1BB20EED6B63811C0690D645354BAD632D7659DB88B57D0 ] BIOS
19:50:26.0336 0x0e2c BIOS - ok
19:50:26.0336 0x0e2c ================ Scan system memory ========================
19:50:26.0336 0x0e2c System memory - ok
19:50:26.0352 0x0e2c ================ Scan services =============================
19:50:26.0508 0x0e2c [ 214FD47FAA4CA006B575B65AC7604E3A, 071F296DAD21044232A52350496BC77C0E5C0EE799FC387D9D730664F6A4B67E ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
19:50:26.0649 0x0e2c 1394ohci - ok
19:50:26.0680 0x0e2c [ 4A8F6E456977488CC4C77149792340E9, 6E8D7D4360543D1CB2343B4C323063A6BF69CEA364FB205114753B337DB4806F ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
19:50:26.0711 0x0e2c 3ware - ok
19:50:26.0727 0x0e2c [ 9752D7CCF7308A97D8144EDD6BCAC65E, 1962FB94B5E1950C2BEB9762CFBA60DD5E4C3CDBA19136A04C563413B9A99A67 ] AarSvc C:\WINDOWS\System32\AarSvc.dll
19:50:26.0774 0x0e2c AarSvc - ok
19:50:26.0836 0x0e2c [ 1F3525FAEC7C36E31F936DB133AF5679, 048090E9C30A5E9D56B700FB06EDF3CE2444F7D07D62C68942A3EDAB782A2DC4 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
19:50:26.0883 0x0e2c ACPI - ok
19:50:26.0899 0x0e2c [ 97CD5E972FA665A42E9C087B1DFAE6E6, A0F1FB5AECE906F59DF1B3291F49C42F90AF1AEB1E7CFC1D2CC0049C794223D9 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
19:50:26.0946 0x0e2c AcpiDev - ok
19:50:26.0961 0x0e2c [ D5294DC5293B58E1B400984AC326FF3B, 31810584C1D53F075D5A823FC4AFFC3E021941281F1F03959B84002ED52AFB5D ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
19:50:26.0993 0x0e2c acpiex - ok
19:50:27.0008 0x0e2c [ 8E4182F6A345D2D85F9AC3BCBBD7F18C, D4EE54871113EAD4754AB58222D7E4A3B1DEF80B4B6F5524B1B4BB901340FF7D ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
19:50:27.0040 0x0e2c acpipagr - ok
19:50:27.0055 0x0e2c [ 48D460FAA6929BC81869CC7299A6B70A, 32A3A96B2708148B8F5461E666995BE9119F61C73DAB5EC373D014F0F13D0297 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
19:50:27.0102 0x0e2c AcpiPmi - ok
19:50:27.0118 0x0e2c [ B9EDE7133F52C0B989A66CA3B39AA588, 16F189B1D5AB90D981C6EBC1B4794EBA5D53FF1AD3A3A13720C927889C5C38F3 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
19:50:27.0149 0x0e2c acpitime - ok
19:50:27.0165 0x0e2c [ F926A77DF5FFFDFED0D7BEDA55B4759F, 0A76F1CE9BEDC20FE2F00F21ACB960D4E3A3688FF718B214618C1D50E666D854 ] ACPIVPC C:\WINDOWS\System32\drivers\AcpiVpc.sys
19:50:27.0211 0x0e2c ACPIVPC - ok
19:50:27.0227 0x0e2c [ D264D55A2C13C9BF6F0CD8AF323DD0B5, E39F3532787FFE81163E5D0656B4F25B9ED9097EC302449E33E626F79E6BE464 ] Acx01000 C:\WINDOWS\system32\drivers\Acx01000.sys
19:50:27.0290 0x0e2c Acx01000 - ok
19:50:27.0352 0x0e2c [ 126384CA8ADA5F1E061CAE75581CEE8F, C3E2085B7A50928780CB4F693643C76E623417227E3B564F4EF5DC9AB6F66976 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:50:27.0415 0x0e2c ADP80XX - ok
19:50:27.0461 0x0e2c [ 9BFEAAD2EFAF678B8BBFC986D94A9757, EBD622CB21FC60C443044DD1CFA65AF8E480B6795F60B5F90D6F7358565575DC ] AFD C:\WINDOWS\system32\drivers\afd.sys
19:50:27.0524 0x0e2c AFD - ok
19:50:27.0540 0x0e2c [ B4140E3532580E3CD46DEAEEE1915BD5, 4238B0E8054DCB065E16FCEE04DBFDFD1E275C3B167E53CB13E1EDBB223D76CC ] afunix C:\WINDOWS\system32\drivers\afunix.sys
19:50:27.0586 0x0e2c afunix - ok
19:50:27.0602 0x0e2c [ 17DB18542C9F2E7DC285BAFC95AD571F, 5BD0957B39A1730310BDA213D751515EA278CDA09B59CF7D85161291532B4220 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:50:27.0649 0x0e2c ahcache - ok
19:50:27.0665 0x0e2c [ 232B30ECEFBB1BEC07F2DF21D46DCDB6, BC840D8E3473A100BE396CDF977E4909303E3F9E2086DB4ABCED249ACF7F17D9 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
19:50:27.0711 0x0e2c AJRouter - ok
19:50:27.0727 0x0e2c [ FADF878C0D61D07170C91C891EBC72B2, 896D685EF63B0041558A51096506FD915A99B3FE2D524E6834C1F996383134DB ] ALG C:\WINDOWS\System32\alg.exe
19:50:27.0758 0x0e2c ALG - ok
19:50:27.0821 0x0e2c [ 4CFC9AE54578FF0631A7CC868B1F08CA, 0767B482E323720F39D57396B103197F057091DA90FF886B75A7D466A5FC1063 ] AMD External Events Utility C:\WINDOWS\System32\DriverStore\FileRepository\u0360344.inf_amd64_fbce64bf2b60c333\B360372\atiesrxx.exe
19:50:27.0868 0x0e2c AMD External Events Utility - ok
19:50:27.0883 0x0e2c [ 79D4EE739BE87D8FFF088F90FF497787, 7E514410F2D87B54AE8DF07002FBB154A28D2833495B4529B8D917E8DC28DFD0 ] amdgpio2 C:\WINDOWS\System32\drivers\amdgpio2.sys
19:50:27.0915 0x0e2c amdgpio2 - ok
19:50:27.0930 0x0e2c [ C520A9575A10D0DAE81588DDB1B93B50, 57C13FBE50EAB6C7F8A15CB7917FFD8CB8ABCDD40E2EC1A1962B72842F26A513 ] amdi2c C:\WINDOWS\System32\drivers\amdi2c.sys
19:50:27.0946 0x0e2c amdi2c - ok
19:50:27.0977 0x0e2c [ 538FC7D3EE3985AF28FF51191CC11883, B6ECB8426368B1F883878A3AD6B2133D609347B7A8E610159B0213A34EB1FF8B ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
19:50:28.0008 0x0e2c AmdK8 - ok
19:50:28.0024 0x0e2c amdkmdag - ok
19:50:28.0055 0x0e2c [ 6DF64CDECBDF4903145DE05140BA366C, A21BA0E3F9527F3D43E4B709E79E7C8160D6FC8C84C0C676D9DA688DB874E076 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
19:50:28.0086 0x0e2c AmdPPM - ok
19:50:28.0102 0x0e2c [ 5B94184287D630318652B815D7D42762, 0A3AF18439B6BB4AF119C8020A3D0220ED6CC8AE04E20032F846E77777700A0A ] amdpsp C:\WINDOWS\system32\drivers\amdpsp.sys
19:50:28.0133 0x0e2c amdpsp - ok
19:50:28.0149 0x0e2c [ 6BA3FF67D317AF6A6946CCF4E80B5B33, A8E375860F06374F3A9DCACDB99D5D574C8430C07E71D5D60A0FACC24C49B669 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
19:50:28.0180 0x0e2c amdsata - ok
19:50:28.0196 0x0e2c [ 3FD087BF35CFC998037DF2534ED9CBC2, 71C4D8924AAEBE362C167E18F4C1B38D5151D70AD05F75DCC3EB748A37DD5C95 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
19:50:28.0243 0x0e2c amdsbs - ok
19:50:28.0258 0x0e2c [ 51A66C1AEAA6D365DB0C46CB4C04E569, 5A38ACC5B8C72B73F50973EF01E1975600BB5FE9852B157FB6C64E6D2497E712 ] amduart C:\WINDOWS\System32\drivers\amduart.sys
19:50:28.0274 0x0e2c amduart - ok
19:50:28.0290 0x0e2c [ B6AF8AAE55DC50EA0610FCFF92133952, D990C7A19D2C4CDFA4E08EC64941BAD0F378D23BFC5D93026CCACC97A283A2C9 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
19:50:28.0321 0x0e2c amdxata - ok
19:50:28.0336 0x0e2c [ 9807EA3EAA5308F5AFE06F5D6E52BCA4, 5913CBB9AEBB2DAEA4EC664B1D6B1C06396C6D8958C306949686AD5E46218648 ] AppID C:\WINDOWS\system32\drivers\appid.sys
19:50:28.0383 0x0e2c AppID - ok
19:50:28.0399 0x0e2c [ 592C89A1D1F314C6C87B197B3E528C45, 0B51BCFA282FD2BC7AC71BFB42A3142513DEDB49440F8915585271547B0441FE ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
19:50:28.0446 0x0e2c AppIDSvc - ok
19:50:28.0461 0x0e2c [ 504A8AD4594AD852F5503F45491E079C, 92DAC4717E2E2682629FD48E30EF908F6320EED79B09A57D0F807794981E242A ] Appinfo C:\WINDOWS\System32\appinfo.dll
19:50:28.0508 0x0e2c Appinfo - ok
19:50:28.0524 0x0e2c [ 596E89CC34B11527EBC15495B575079B, 0400155D6BE74ABD1F9D1BAF83862213CE0BDC63D5F2E8B92EFB498D14EF3329 ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
19:50:28.0555 0x0e2c applockerfltr - ok
19:50:28.0587 0x0e2c [ 02925575E48B33E8F3D6715CF81AAC20, 53B2DBB08C99F13530BD291D3CD62B22BADEB8F921818DE978603A56944F4418 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:50:28.0618 0x0e2c AppMgmt - ok
19:50:28.0665 0x0e2c [ FC20F1A38FD840CAC04A1CE0FC0243F5, 56B3517F40D12F299518C2C532D8481E68C52364F161575C7EC5E4B7D5E9BD7B ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
19:50:28.0743 0x0e2c AppReadiness - ok
19:50:28.0790 0x0e2c [ 63D3B1DF43B6DFDB0EB9DCA99A323A5B, AC0249B6B6A7E05CAFCFC490B84AE9A7DE5515B3A58EE6AC1CFEFABE790FB6A1 ] AppVClient C:\WINDOWS\system32\AppVClient.exe
19:50:28.0837 0x0e2c AppVClient - ok
19:50:28.0868 0x0e2c [ 8FA9A06482202DC0D2C93F01EA4ACC89, 561E46D2EA7442498500F5187F90889A82BF169FD47BF9F3D497FE856CE2ABB9 ] AppvStrm C:\WINDOWS\system32\drivers\AppvStrm.sys
19:50:28.0883 0x0e2c AppvStrm - ok
19:50:28.0915 0x0e2c [ CA7518C52B2D648163570B543E4889CB, 147FAB2381304C93E574FB14C05837701B94EA98C23780ED425689AC872A6F0E ] AppvVemgr C:\WINDOWS\system32\drivers\AppvVemgr.sys
19:50:28.0946 0x0e2c AppvVemgr - ok
19:50:28.0962 0x0e2c [ ABE96FE0ABC35A947CEE3ED18705ADCD, A7343D8C1F927B16E852FEB5A4645F3397BC28A8B831462009FD851B02FDE9E9 ] AppvVfs C:\WINDOWS\system32\drivers\AppvVfs.sys
19:50:28.0993 0x0e2c AppvVfs - ok
19:50:29.0133 0x0e2c [ A6952890023888F7EA5C93E7A902EE40, 442C495ACBC7FE2474644093C352FF541B9FED7CCEFD1B2F393B372C2C074529 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
19:50:29.0368 0x0e2c AppXSvc - ok
19:50:29.0383 0x0e2c [ A05FF69C88EAB79E51430E6982BCC6F0, 728622D57C390DC8C6D883D148D14DB4DB3E94EF99B726F4ABDD552F32347B30 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
19:50:29.0415 0x0e2c arcsas - ok
19:50:29.0462 0x0e2c [ 4E3B9CADB3468D8507A41E2C1F531B22, 9777A67209E0461CD74550B850F2A5C94709372E0B3DB9CB5D39B6548A363105 ] AssignedAccessManagerSvc C:\WINDOWS\System32\assignedaccessmanagersvc.dll
19:50:29.0555 0x0e2c AssignedAccessManagerSvc - ok
19:50:29.0571 0x0e2c [ A6275119CE5EC54FDBC62C307503F767, D6E6A2D68EE31F13D92A9D7620E3DB46A6BC4415703E35D47769982BFD9A25DD ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
19:50:29.0602 0x0e2c AsyncMac - ok
19:50:29.0618 0x0e2c [ 24BBA22E1D375187474459501D81A9AF, 542802C79B3CBFC0D94F9C50A93459D2D3E6B87F0AFC5E32B07108B806041507 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
19:50:29.0649 0x0e2c atapi - ok
19:50:29.0680 0x0e2c [ 808993D7EC6389526E72C99D0A03EFAD, 02FEE849EDD8FA8901BAA739D9A2D94D5894837A8117C113960384ED85F0A3A8 ] AtherosSvc C:\WINDOWS\System32\drivers\AdminService.exe
19:50:29.0712 0x0e2c AtherosSvc - ok
19:50:29.0743 0x0e2c [ 08D3A5CE2FE501438099002524E26E5F, F6CFB657EF0488959A637459DF2278419ABA3DEDDEF731156DCBD5DBB3C5817E ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
19:50:29.0774 0x0e2c AtiHDAudioService - ok
19:50:29.0805 0x0e2c [ 80F1A0B29CD3F7EBC290EC1A9D36D078, E3278CBD642A6CB58B1DEC524E5BA76B894B1E42ACD0B83976BCD55BC51FBD2E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:50:29.0883 0x0e2c AudioEndpointBuilder - ok
19:50:29.0977 0x0e2c [ AEEC2A748169AFB1DAF1C864ADF21748, 735727CAA1CA3297AEA96AFF365D4E390BD9D779006477601E9ED26D28C59090 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
19:50:30.0118 0x0e2c Audiosrv - ok
19:50:30.0133 0x0e2c [ 23410CD6AD97FDF3FD465ACBB6C170E2, 31259CB3F2009157A59266854B2FAF2A90057D9BDFF24EBBEAD868D23F6567F6 ] autotimesvc C:\WINDOWS\System32\autotimesvc.dll
19:50:30.0180 0x0e2c autotimesvc - ok
19:50:30.0196 0x0e2c [ 1ACEAC60F187E1CB03E16A6C1963E20E, F0BB3CF335CB77AFBCCF21B2F5962C1B4289C757BDCBB35FFD19B0B4410EA37A ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
19:50:30.0227 0x0e2c AxInstSV - ok
19:50:30.0258 0x0e2c [ A1FF5E48350A1C3332190CA008916F0E, 403639275459836DD9B243B16FD226951157A9EE6B295A0C0947249C3DEDD8E8 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
19:50:30.0305 0x0e2c b06bdrv - ok
19:50:30.0321 0x0e2c [ 96ECA99B219CBB4F7C95176E492F53BF, 8189D0DBA3331145FB99D4EE188DE48799F0940DE79D46FB9444914C5B4D4146 ] bam C:\WINDOWS\system32\drivers\bam.sys
19:50:30.0352 0x0e2c bam - ok
19:50:30.0368 0x0e2c [ 2EA5A34CE470500BC36B02BD25836B2C, E2F6EE196A580F1AEF6145FE476692CF5053C31C742972E7BDECE30142623054 ] BasicDisplay C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_307898c750ba9e44\BasicDisplay.sys
19:50:30.0415 0x0e2c BasicDisplay - ok
19:50:30.0430 0x0e2c [ A48DAFD906B1912D738A9A90559EF5F3, 3ED950F996552E94D23F9B42300B11D46659F99621B8215EAA7A157B03640F2F ] BasicRender C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_ba2a8de08ea0d469\BasicRender.sys
19:50:30.0462 0x0e2c BasicRender - ok
19:50:30.0524 0x0e2c [ EC94C57FBD1D566503E589FD3A474D33, 603105A75328CD91FC9F2BAE4E1659EDA9E6A5F80DB07F6386AEE50EB264716F ] BcastDVRUserService C:\WINDOWS\System32\BcastDVRUserService.dll
19:50:30.0634 0x0e2c BcastDVRUserService - ok
19:50:30.0665 0x0e2c [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
19:50:30.0696 0x0e2c bcmfn2 - ok
19:50:30.0727 0x0e2c [ 7FBEA6D39D9C687519AE5747C74963CD, 2FE70732CABEEC2385EAFF68F28B9746EE541EAFC5F75D3F7DBDEDCA3998C39C ] BDESVC C:\WINDOWS\System32\bdesvc.dll
19:50:30.0790 0x0e2c BDESVC - ok
19:50:30.0805 0x0e2c [ A5D43CA19863A29D219C3C588D936FFC, EECA12E6D5BB7C827BE0B7E5C4484BECEEDF53E5E9BF81B7EEBE7EC43CA8AD53 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:50:30.0852 0x0e2c Beep - ok
19:50:30.0899 0x0e2c [ C0C775DCD5464ED420183A9BAC8D5BD2, 454C2F67F86C26C8E7A59386D959E6150E20B2EDD663C843E64992C753DCDB58 ] BFE C:\WINDOWS\System32\bfe.dll
19:50:30.0977 0x0e2c BFE - ok
19:50:31.0009 0x0e2c [ 3A76993B8FA2AE8B27D2AC01F8ACBE7D, ED778CC20E06A3E442BC807D8E87FB4E9B4F36E76E8881C49E00B7F9250CBA34 ] BHTPCRDR C:\WINDOWS\system32\drivers\bhtpcrdr.sys
19:50:31.0024 0x0e2c BHTPCRDR - ok
19:50:31.0040 0x0e2c [ DB99A1C2CE74021082A06191AB3A77E0, 671D20C28A825DF1FA3C7FFC72FD5657E59D94A7DC71CDD46F410A1FD26CA8FE ] bindflt C:\WINDOWS\system32\drivers\bindflt.sys
19:50:31.0071 0x0e2c bindflt - ok
19:50:31.0149 0x0e2c [ 6F869E8F65C8EA4F7AAA2624DEBA72B0, FDD99298BCF277F9EE504D3A3D4079D925EFD80B7C248E0387E8740E2DDE6585 ] BITS C:\WINDOWS\System32\qmgr.dll
19:50:31.0274 0x0e2c BITS - ok
19:50:31.0305 0x0e2c [ 94CFE63BA2BBEFAFB4774A7F0FB92545, E1653E757B6CDEEAF653F22F8F37EA191C38662B8E3D38354D55EE76E6B7C5FF ] BluetoothUserService C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll
19:50:31.0368 0x0e2c BluetoothUserService - ok
19:50:31.0399 0x0e2c [ EE14F8F0269DB5C26D3DAD7B1A65894B, F1BFA7B723B324F78B8DED1597BAD8091FF0298BC8DBAC29FB793F2D33F5456C ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
19:50:31.0446 0x0e2c bowser - ok
19:50:31.0462 0x0e2c [ EAFA1477969865CB0B7D705800009469, C479BA4B59D13B83B1EC5425B0587EB88BDB9FC9DF990D7991DBCE2279235525 ] BrokerInfrastructure C:\WINDOWS\System32\psmsrv.dll
19:50:31.0509 0x0e2c BrokerInfrastructure - ok
19:50:31.0571 0x0e2c [ A2F1CC29FFBEC1E260E84CD5EFC9DB8D, DA2A7393C118033A5AFDA686090E4EBBF981BE3A5446DB2B411785CFF62F0972 ] BTAGService C:\WINDOWS\System32\BTAGService.dll
19:50:31.0649 0x0e2c BTAGService - ok
19:50:31.0665 0x0e2c [ 99F8FF52444A2FFF682B18F2A44A128C, 8B495F0FDF8E7D13E98AEB5DB26B6C338903FC1AD2EA2D7DAEEB0044589AA168 ] BtFilter C:\WINDOWS\System32\drivers\btfilter.sys
19:50:31.0696 0x0e2c BtFilter - ok
19:50:31.0727 0x0e2c [ 322B6B1434B0A352C8944DA0FF76D0EF, 521933DFFEBB07326CA782FF960A879B0097A4AFF0D7233D0C70F0B3D7C8552B ] BthA2dp C:\WINDOWS\System32\drivers\BthA2dp.sys
19:50:31.0759 0x0e2c BthA2dp - ok
19:50:31.0790 0x0e2c [ 42C9AFF4636ACE3DCFB79FEF85345545, CD11AE283264371906D8FAA0F959F13F8CD4A46D5A0D9AFAC657E2FE0F1634C0 ] BthAvctpSvc C:\WINDOWS\System32\BthAvctpSvc.dll
19:50:31.0852 0x0e2c BthAvctpSvc - ok
19:50:31.0868 0x0e2c [ A174D8A04B437D03FFF7D4F02CAB7332, AF6C7A13676A85D05FC5B8B53A3256FD4B059B3B27B4EEDB4384A3C0091F506F ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
19:50:31.0915 0x0e2c BthEnum - ok
19:50:31.0930 0x0e2c [ 48AE897A64019A816D694241BF62E266, E2F7F0318DC412497AD4906314C08488979F9B9D84AB5FAB404461D324B50A27 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
19:50:31.0977 0x0e2c BthHFEnum - ok
19:50:31.0993 0x0e2c [ 9E958ED983C0DD9C690248084219C2DE, 2F6DE7E74D1F82FAF07A513AF8A5F9307A05715D261A276B874575EED903F4EF ] BthLEEnum C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
19:50:32.0024 0x0e2c BthLEEnum - ok
19:50:32.0040 0x0e2c [ D1F115CA98D91473907FDAE6FBD280AD, 5D966789BE8FD3913E25D6709C5F6FAA8CE1AA75800B86604493CE16F68EFE6B ] BthMini C:\WINDOWS\System32\drivers\BTHMINI.sys
19:50:32.0087 0x0e2c BthMini - ok
19:50:32.0102 0x0e2c [ 98C477D98674C799758B3C6E9950E11A, D864987FC3DEA86E713539DD440B7FB981FF2F41BD2840BF12601411C8CF5099 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
19:50:32.0134 0x0e2c BTHMODEM - ok
19:50:32.0149 0x0e2c [ BCD11BDC707A4A2563774476AF6FCCBB, 8D55D6211A3839827EE2EF788F6B75A935E52C1E56E5E73A2B5F46E73EAD37FD ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
19:50:32.0196 0x0e2c BthPan - ok
19:50:32.0259 0x0e2c [ 6AC17972A8678E2F2EBC36EC40DB119A, F2E3AEDBF437AB2F9787A4D3D9A4EB386B6DE68FDF40F2F17C466222B4D377AB ] BTHPORT C:\WINDOWS\System32\drivers\BTHport.sys
19:50:32.0368 0x0e2c BTHPORT - ok
19:50:32.0399 0x0e2c [ 21C61BD1A570F76B0C9A3E51693FABB9, 761E99B3D2DCF90EE5AB004E466C808FE1A99537507C38C56E0F60007DD3839F ] bthserv C:\WINDOWS\system32\bthserv.dll
19:50:32.0446 0x0e2c bthserv - ok
19:50:32.0462 0x0e2c [ 2212F0E65690203A8ADC9A3E6FB7E338, 3F91463CE72D7DB0C5F320A5F473AB9C48556240DC3AACD73E398FEAA977CA07 ] BTHUSB C:\WINDOWS\System32\drivers\BTHUSB.sys
19:50:32.0493 0x0e2c BTHUSB - ok
19:50:32.0509 0x0e2c [ 600CA7D3C456198089558B142D86C065, F33B5A9513170297D4AF12DDD44CA195204DE398737B341537CBAE9D6F08005D ] bttflt C:\WINDOWS\system32\drivers\bttflt.sys
19:50:32.0540 0x0e2c bttflt - ok
19:50:32.0556 0x0e2c [ 58F44FD7BA873AAA8FE6C9473702492B, 44114E8906CB70BD426442D67534FE7105B257CD35F08C7D02DB1D5ECBF2F6C5 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
19:50:32.0587 0x0e2c buttonconverter - ok
19:50:32.0602 0x0e2c [ D3FC817DA4694E586135A3221811B409, B889FD8F588023358AA3EC0017CB5392D9F4F8A8B5DB637BE18A044C8C7982C4 ] CAD C:\WINDOWS\System32\drivers\CAD.sys
19:50:32.0634 0x0e2c CAD - ok
19:50:32.0665 0x0e2c [ 20F367FFA8F366B64FE07C37FE9E7B9D, 22BE6BB3880ABE329A3F8B7AE604CBF815FCC069A6863DB7FD8B4637AFEDB67E ] camsvc C:\WINDOWS\system32\CapabilityAccessManager.dll
19:50:32.0712 0x0e2c camsvc - ok
19:50:32.0727 0x0e2c [ 99D78BE6EB2DE4AD40A82C0FC1C27ADB, B42CDCEC121D892D65C870650C1478C93187D842DDB21DD85A479D6428136957 ] CaptureService C:\WINDOWS\System32\CaptureService.dll
19:50:32.0774 0x0e2c CaptureService - ok
19:50:32.0837 0x0e2c [ 19656FFDC3E7D3478A1644DE40279DCD, 2282CC74323E5C6E1772DECF05A52931419CA1CBCE09004365DEBC3923C9C6CC ] cbdhsvc C:\WINDOWS\System32\cbdhsvc.dll
19:50:32.0931 0x0e2c cbdhsvc - ok
19:50:32.0962 0x0e2c [ 3E9C20ED02FAA6D194C060BC6E7D587E, FDF9996AFE6EA77FB3FBF5C4D021C2669203D05495F6A36E01A3B08BB296B14C ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:50:32.0993 0x0e2c cdfs - ok
19:50:33.0040 0x0e2c [ E113427C8D2653E589A2657018B27047, DFC41E3C9D1D329BF3A52F8F6B6251500401B43E7AD468114611E2A990260D1E ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
19:50:33.0102 0x0e2c CDPSvc - ok
19:50:33.0149 0x0e2c [ F619B279078E8F61AE795244617A5DAE, D47EF374FBD2F63F6733EAF86A9CCD476CA8A3BC54C054A4961D2D923455E148 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
19:50:33.0212 0x0e2c CDPUserSvc - ok
19:50:33.0243 0x0e2c [ 81E3779064C04790E30F25770F0AEADD, E7460E7C556D9C1497B9962838E3E1D261AA39392BB2501C67B2DDB870AF2EBB ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
19:50:33.0274 0x0e2c cdrom - ok
19:50:33.0290 0x0e2c [ A83AC120A059FBD515C05018EE1E7B94, 9B5BA5798FD5CFAE20B5A78673A0D9DDFB8D648396C3A4EC0E10F820C927EBDA ] CertPropSvc C:\WINDOWS\System32\certprop.dll
19:50:33.0352 0x0e2c CertPropSvc - ok
19:50:33.0368 0x0e2c [ E5259475D04AA9C04D2B44DB0BAC05D8, D474C0AC0D6FCD11D94C10B6D0B756918B61A326046EF49D82B8A89A98294F70 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
19:50:33.0415 0x0e2c cht4iscsi - ok
19:50:33.0493 0x0e2c [ C748EE7BCE13820DB957C79B64219992, 4503B96BFE7C7A6DDB183E7590EC32D698AEC3F75A71B7AC368EEAC87D03B2E8 ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
19:50:33.0587 0x0e2c cht4vbd - ok
19:50:33.0618 0x0e2c [ B7FCEF757304710463D78C1155764BA7, 35F30E3016742879CD51A3786DE5EAE685BFCE9ECFA4F05942625A207CBBAD83 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
19:50:33.0649 0x0e2c circlass - ok
19:50:33.0681 0x0e2c [ B5AD10D47CBD71DAD98E48D812A8D253, 40513354C05B94BD1F253392C23032DE4FAFA44B0754C12A6483226D71E99378 ] CldFlt C:\WINDOWS\system32\drivers\cldflt.sys
19:50:33.0727 0x0e2c CldFlt - ok
19:50:33.0759 0x0e2c [ 12417C280F6561B0D42BE55ED7929B9D, 27BF2375A1E3E5E55F251FA4DCFDF515616BCCAD62FAFF4CE6C0095D55004BFD ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
19:50:33.0806 0x0e2c CLFS - ok
19:50:33.0852 0x0e2c [ 33C244FF52053941EFB725F294851244, DE780EB9CB65CA2D47B62878DF6363BF3D5266D246B945B0023042A56B121339 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
19:50:33.0931 0x0e2c ClipSVC - ok
19:50:33.0962 0x0e2c [ 61F6E1DB8CC17FFDEC5DDE1715320729, 18701706C0CC83B9719921D304A4659BB764CCB6C0A097D9035138DAB166719A ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
19:50:33.0993 0x0e2c CmBatt - ok
19:50:34.0040 0x0e2c [ 87D308475107793079F0611A2D301583, 7A7AD946FE12C5FA07927BF7A0B62015127BB1DB68B73B19C86BE7AF7B661E4B ] CNG C:\WINDOWS\system32\Drivers\cng.sys
19:50:34.0103 0x0e2c CNG - ok
19:50:34.0118 0x0e2c [ 6FD42010608BC1B77D60947175E0BFD9, 81C84FB81A0A6AAC064CC6E12AD60FE0CF667440621BCA191FF83C2F66EFD2CF ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
19:50:34.0134 0x0e2c cnghwassist - ok
19:50:34.0181 0x0e2c [ 54789D18CB08EBB83C3BF07E87928F1F, DCD7FEEF65F3E7B0FF675243CAEFF400FFF8CEB6F7650984A6BF1F72C3D42ABF ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_43ac632006e874bb\CompositeBus.sys
19:50:34.0228 0x0e2c CompositeBus - ok
19:50:34.0243 0x0e2c COMSysApp - ok
19:50:34.0259 0x0e2c [ 77FE273FA6FFE487E689194DB20ACAE2, EFA8E4F01E77F3D83A5212CE2F6097EEFEE433653685BDBBF07A2E17CC8AE178 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
19:50:34.0274 0x0e2c condrv - ok
19:50:34.0306 0x0e2c [ FE452ED1B65A516DE1CF3B4B55165BA7, F14FAA3EAD0E0018D128C32FC9E9E824FB5ACA4DE87E1079A4DE7D1090940ED4 ] ConsentUxUserSvc C:\WINDOWS\System32\ConsentUxClient.dll
19:50:34.0353 0x0e2c ConsentUxUserSvc - ok
19:50:34.0399 0x0e2c [ 2E1D612538780D8EF3EC5C0DB5B080E0, D7217EBDD8E654E009B700597DCF9AD9A3FD3688160E134C05DD017FDFCCF844 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
19:50:34.0462 0x0e2c CoreMessagingRegistrar - ok
19:50:34.0509 0x0e2c [ F9027C1E644A8A703C7A0218E5E79569, 6A57C5B146EF52D2CE6A6C75485A7DD50324D9DB756F770926ECB655CBF7E58D ] CredentialEnrollmentManagerUserSvc C:\WINDOWS\system32\CredentialEnrollmentManager.exe
19:50:34.0540 0x0e2c CredentialEnrollmentManagerUserSvc - ok
19:50:34.0571 0x0e2c [ F9027C1E644A8A703C7A0218E5E79569, 6A57C5B146EF52D2CE6A6C75485A7DD50324D9DB756F770926ECB655CBF7E58D ] CredentialEnrollmentManagerUserSvc_3319d C:\WINDOWS\system32\CredentialEnrollmentManager.exe
19:50:34.0603 0x0e2c CredentialEnrollmentManagerUserSvc_3319d - ok
19:50:34.0634 0x0e2c [ 0C757F912068DD931C2BB80845702779, 9FE5843B1943814B61DD859B313CDC739E0B24CBDC2DDD55D16895E4D445C0D9 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
19:50:34.0681 0x0e2c CryptSvc - ok
19:50:34.0712 0x0e2c [ B311FBCF624B636C808463D138BCCEA2, D646681EED40763B02CE59B229F44ACCCE9A2BF8C432AA00DAB961246A51D8CB ] CSC C:\WINDOWS\system32\drivers\csc.sys
19:50:34.0774 0x0e2c CSC - ok
19:50:34.0806 0x0e2c [ 63FFF791CD1F225CCF114A756636F5DB, 410E28C0C5D5D60C52935FB0A7E173FA9B0F45052DC21D9EBA7F56D48543A5EE ] CscService C:\WINDOWS\System32\cscsvc.dll
19:50:34.0884 0x0e2c CscService - ok
19:50:34.0899 0x0e2c [ D32047ED7F2718871AFC215FFF4760C2, A3F954BC3C22EEEC50610039CB8E6082C1533AE5C92C12C85BAF3569D499A7BE ] dam C:\WINDOWS\system32\drivers\dam.sys
19:50:34.0931 0x0e2c dam - ok
19:50:34.0993 0x0e2c [ 98E76FA120294D28C4B02C257BCFB63C, 6ADBB3FB5BC2FD53318B60D2C73998EF2C2614A3CD132A843DEAE2314CECA36C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:50:35.0118 0x0e2c DcomLaunch - ok
19:50:35.0149 0x0e2c [ 84D865A4A6560C39C8F92397BA4CC617, D0C6960578E76ED470A627C690EAF00883B23893EA523B62BF2E4E56409D4CAE ] defragsvc C:\WINDOWS\System32\defragsvc.dll
19:50:35.0212 0x0e2c defragsvc - ok
19:50:35.0228 0x0e2c [ 5024C3EF66AC8151709E3E78A0B695E4, 82CDF702368901C3A697E63791E12600DD0A112D4121C6BF10DB056FDD05746F ] DeviceAssociationBrokerSvc C:\WINDOWS\System32\deviceaccess.dll
19:50:35.0274 0x0e2c DeviceAssociationBrokerSvc - ok
19:50:35.0306 0x0e2c [ 8AB0C55A78B0C18991ACC62C13167DDD, D7E24A6611FEBA7F69E1261B00DE4AB45019EE525B28F45F6AE20E6E11670D52 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:50:35.0368 0x0e2c DeviceAssociationService - ok
19:50:35.0384 0x0e2c [ C28BA33FE1373DE12B5FC1873FFAE4BE, 54D6EC2E21DFBA341EFE237ABDB08F00EA8A2479124750C3719375FC628459D8 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
19:50:35.0431 0x0e2c DeviceInstall - ok
19:50:35.0462 0x0e2c [ 8D86908792ACE66D8445CDD2D3C1CDFA, C54C507088B0478C538FEBF4F991DB7573B8468DBF3E8E2A757D52333B6BC78F ] DevicePickerUserSvc C:\WINDOWS\System32\Windows.Devices.Picker.dll
19:50:35.0524 0x0e2c DevicePickerUserSvc - ok
19:50:35.0571 0x0e2c [ B676FE5B9CFAEBE78A85DD970112D894, 5F5A04587595DC198C435DF237663FC6E382C0F03EEC8AE8218301BA11854A2F ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
19:50:35.0649 0x0e2c DevicesFlowUserSvc - ok
19:50:35.0665 0x0e2c [ DC2944BD2B4DBA7AE74A32D8B57C554C, C33FA2CBD29137CB86B856F010166B59D4756A34308EC872B90AFB47493341E7 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
19:50:35.0712 0x0e2c DevQueryBroker - ok
19:50:35.0728 0x0e2c [ D974C10E19DDC10622E30904AEE16FA3, 02A219750F23F183A8E2927AF0EFF8DCD631529FA618A704BE090E94057120AB ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
19:50:35.0759 0x0e2c Dfsc - ok
19:50:35.0790 0x0e2c [ FB33F16EEC1CAD34F5FDFC7D493273B7, 6EA35FBDA569ABBD379028D94AA53B1D67D640498D5DAAB78881186043DD33BB ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
19:50:35.0853 0x0e2c Dhcp - ok
19:50:35.0868 0x0e2c [ 5EA359BC3722CF5F6E1FC3636D3CAA8E, 8E0D0BF4F708E6590741498E3454E388B3B755DFB63F3DA00F6748E94CEB6CFF ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
19:50:35.0915 0x0e2c diagnosticshub.standardcollector.service - ok
19:50:35.0946 0x0e2c [ 1A50B307CBBBDC67328515BCD249282F, 42A674A078EC86AA1C4F39BC2C65DA7EE4ACDF6EFFF54B957C05496BE4BCF3BC ] diagsvc C:\WINDOWS\system32\DiagSvc.dll
19:50:35.0993 0x0e2c diagsvc - ok
19:50:36.0134 0x0e2c [ 271E1405E3A22845EA40A40C541427B4, 00901DE9434F06F4D67371FA1FA75FA8820D3A7C80D860E6E8B9D1F9B1665FD5 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
19:50:36.0368 0x0e2c DiagTrack - ok
19:50:36.0400 0x0e2c [ F13316A14B8E7319C5DCD77A439BCCCF, 25035525DD878A7C00816AE654D5160609601EE726BD2CF0595D0AB8336DFC86 ] disk C:\WINDOWS\system32\drivers\disk.sys
19:50:36.0431 0x0e2c disk - ok
19:50:36.0446 0x0e2c [ 0CFEE37EB6A5F24251D7FFC4FBC39548, F1A1C6CCB790CF8AEFE4ED20704ECE89B972831245ED9C650134FF00B158E7EC ] DispBrokerDesktopSvc C:\WINDOWS\System32\DispBroker.Desktop.dll
19:50:36.0509 0x0e2c DispBrokerDesktopSvc - ok
19:50:36.0571 0x0e2c [ B8F1CEDBA76858962C4EBF39C507B017, 596CF489B18626277F218999E6F9EA2189A3F2D8039721D1587326CCA1811E32 ] DisplayEnhancementService C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
19:50:36.0665 0x0e2c DisplayEnhancementService - ok
19:50:36.0712 0x0e2c [ 9EDCEBF0E96D0BE8422D25B8FA4F386E, FF94DD44D651C818BCC86B15D117F70474A0BD1FB3A7AF4A65834C24E21370F6 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
19:50:36.0806 0x0e2c DmEnrollmentSvc - ok
19:50:36.0821 0x0e2c [ 0F4ABC6AEF95AC1E50D3F36808DE4C3D, 2A9B58065318AEA1E54DBD4E11A35DF8202D859B77E486D4E8706FE6BDD25FD5 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
19:50:36.0853 0x0e2c dmvsc - ok
19:50:36.0868 0x0e2c [ A4F5D5C81B9690B8ACB8798A5C711D31, A30F92686E84544CE1D36682F4E81836BDDAE9C1F08C2524BAB9671F7B5CD14C ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
19:50:36.0915 0x0e2c dmwappushservice - ok
19:50:36.0946 0x0e2c [ A63C091C3FE59D48C28F9B9139974A9F, 8441D721839C6046734AFCC525B438D12A294B80CA979A469883E68F57A5A440 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:50:36.0993 0x0e2c Dnscache - ok
19:50:37.0025 0x0e2c [ 7A8428929D11D112534178311305E01C, A6CE9C0F02A0A0590602A8984D5F1B14B8BD26EE1E03A07BA521F23BBE029441 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
19:50:37.0087 0x0e2c dot3svc - ok
19:50:37.0103 0x0e2c [ FC37ABA7F9026FFB255CEC78AC2410E4, EEBE379C184D39F821BB0B11EB3F7A68EBEF2964CACCCC0197A79A1E770FBCA5 ] DPS C:\WINDOWS\system32\dps.dll
19:50:37.0150 0x0e2c DPS - ok
19:50:37.0150 0x0e2c [ B011016A148EA7AEB6DDA8C2DA1AAA63, 4A96BCED858B2BBEBFA845C577D846779BD44A40412A13BF57BB4054BF4DBAB6 ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys
19:50:37.0181 0x0e2c drmkaud - ok
19:50:37.0212 0x0e2c [ B56EF803807EFA10F09429ABEC310603, 03C88B5D3DCA0ACB2F5862B6DCAD470C0D3B24108FB0202F016F26E3011F56C4 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
19:50:37.0259 0x0e2c DsmSvc - ok
19:50:37.0275 0x0e2c [ CE06775BD98FDF4E2DA40F5C92FC70AF, 0102E78F904E46924D44E5EE29F18404CCD477AC48944A5B5C0C51C83D4F175E ] DsSvc C:\WINDOWS\System32\DsSvc.dll
19:50:37.0321 0x0e2c DsSvc - ok
19:50:37.0353 0x0e2c [ 15653F0DB240DE46090B6AB27DBD1916, 96753BCDC9D5F588647645D5C167FDAA4715A6316EF768A4DC472ED8A5F52A0C ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll
19:50:37.0400 0x0e2c DusmSvc - ok
19:50:37.0540 0x0e2c [ CA901FB9EC308F5118567A6FC4618F05, 7E116B7AB67642460823B614F7E3D1606D7ADC02C59C05FD69A66A8E8EC1E8D6 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:50:37.0712 0x0e2c DXGKrnl - ok
19:50:37.0743 0x0e2c [ F48869A7BE7437F4742DD9D4126FD770, 4F3D3F167B0846F97255F4549DC5EB9DACCD9FE2A5AC1E4658366AB2B8A9C420 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
19:50:37.0790 0x0e2c Eaphost - ok
19:50:37.0915 0x0e2c [ E326127FB5622481C00EA40401039B2D, 87912CFA98C696211A430B86B607B03EC7D7A9CC34D0D34BD80B2F579AB76D73 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
19:50:38.0072 0x0e2c ebdrv - ok
19:50:38.0103 0x0e2c [ 5373E4594A071FE6031AD481CD23E910, FEA3F1F82AC2109B5ABD187D7A8C1688D99DC356F9F40DC904AC0B524F28B428 ] EFS C:\WINDOWS\System32\lsass.exe
19:50:38.0134 0x0e2c EFS - ok
19:50:38.0150 0x0e2c [ 8A00A8300D25BAEFBB718436D55207B7, 076652CED4C4A0F7B1F0D17C4A6F43A8B017E5C5AB092306AC5AA8BACE2F19F2 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
19:50:38.0181 0x0e2c EhStorClass - ok
19:50:38.0212 0x0e2c [ C31E54032B1B24F561535228F7714F85, 1DC6FAEE368B867518A12D2AC7421E6685EF527B1716535DA29A5213398DBC22 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:50:38.0243 0x0e2c EhStorTcgDrv - ok
19:50:38.0259 0x0e2c [ 910F199C081D8D7471173333265982E3, 5F0388D48A39494FD7CFEB7DDB2EC20E04B5CA46BCCFC473D5007A6B8200BF80 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
19:50:38.0322 0x0e2c embeddedmode - ok
19:50:38.0353 0x0e2c [ A6E1F209DEC05136E770766CA767DB58, AB990225803CC271D46A5259F1E7C57AE2AAE8BE1989C317BCE751DB3503723A ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
19:50:38.0415 0x0e2c EntAppSvc - ok
19:50:38.0431 0x0e2c [ 122DD638F997E3EB08E442DACFEE0D78, 9667489726ED7B30270EFEEC57008EAA22FDCDBF162FD2E741E026051D17B09F ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
19:50:38.0478 0x0e2c ErrDev - ok
19:50:38.0493 0x0e2c [ 2EC5A65E71610FBA01F1E5CF054E9701, BFEF603B610D14608DCE066380BB680A56851E894823E24C2A5880A264CA2BD5 ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
19:50:38.0525 0x0e2c ESProtectionDriver - ok
19:50:38.0572 0x0e2c [ 5C8D90F85E319BAC9C9BBADED9901757, 362842144E79EDCE807F37F879F2F5F4EC282FA12554C8ECDFA772B45272FDB2 ] ETD C:\WINDOWS\System32\drivers\ETD.sys
19:50:38.0618 0x0e2c ETD - ok
19:50:38.0634 0x0e2c [ E772DFB4387F5BFEDD659702D61EEC47, 6DD638B2EA6633B83815DC68CB8A479C8D6390561F8BE4BBD7C2BFE7EBDAA742 ] ETDHCF C:\WINDOWS\System32\drivers\ETDHCF.sys
19:50:38.0650 0x0e2c ETDHCF - ok
19:50:38.0681 0x0e2c [ 1C7CA0822045F473B806834F0ADD2A6F, 594D4F87E3B097FB98C16E344754CC281FE0EBB626E87973F996504C168FC995 ] ETDService C:\WINDOWS\System32\ETDService.exe
19:50:38.0712 0x0e2c ETDService - ok
19:50:38.0790 0x0e2c [ BF284F0EA9321E12BAF802FA706ED606, A578A8631F42EA06276905E65D9747AC3A4197AE1E61B762C8FA0F7F9B238608 ] EventLog C:\WINDOWS\System32\wevtsvc.dll
19:50:38.0931 0x0e2c EventLog - ok
19:50:38.0962 0x0e2c [ FEF065D9CA53F22A90400CD120D1015D, DB15AC37DE7D98F63E7196BCEF2BF139BB198A1BEA435BE3BE5E3E1A5F5FE64C ] EventSystem C:\WINDOWS\system32\es.dll
19:50:39.0025 0x0e2c EventSystem - ok
19:50:39.0056 0x0e2c [ E25A3F31BDAB7D8C9D17390852A4CD96, 9B276776C67D354C969E30BC4D9501355E10568F0A87E9029DFBD5C587003188 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
19:50:39.0118 0x0e2c exfat - ok
19:50:39.0134 0x0e2c [ 4131D58864DFA0E4EC55C7BB89F5E207, 1BB31ACEACB757C7F35127B4C3ADEE47C9F04F4CD406E396895767B5FD2F5FF1 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
19:50:39.0181 0x0e2c fastfat - ok
19:50:39.0212 0x0e2c [ C6F56E6CF1822CFB9D8F85870453675E, 0257954D0C8978C7E163C918A79A5D35AA7626D9D5236BA55FEAA3EB5A44DBEF ] Fax C:\WINDOWS\system32\fxssvc.exe
19:50:39.0275 0x0e2c Fax - ok
19:50:39.0290 0x0e2c [ F2F45F7B58EDBA2255AA0D0EDCE16C0F, 3B8961E134D73788A83855D949B4956A13EFC9EA500227475052D3BC7511016D ] fdc C:\WINDOWS\System32\drivers\fdc.sys
19:50:39.0337 0x0e2c fdc - ok
19:50:39.0353 0x0e2c [ 574937AAC16BC828BA35DA6639972660, BCC1431B0062AFA56B2A754EC381FD3BDDF0864929BB16B174E13827D2088D9C ] fdPHost C:\WINDOWS\system32\fdPHost.dll
19:50:39.0384 0x0e2c fdPHost - ok
19:50:39.0415 0x0e2c [ 5414A54236322C5ED8691CEC1A38EF80, A66E093F96383FAD9AB11C350A9712D64016F3EF7753124ABA368F969B74B276 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
19:50:39.0447 0x0e2c FDResPub - ok
19:50:39.0478 0x0e2c [ 9AC5E05D599A49DC91E2F438F93D719F, E3D583CA50ECDAC508EBC1642F5565DD42541E4E9C7AE1B709A042CB1A3A0CC0 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
19:50:39.0509 0x0e2c fhsvc - ok
19:50:39.0525 0x0e2c [ 35E6FE3288B6147F844B1845564FF161, 167F38BBDE88FDF7F30A626D7E1AF59006FE936D40D14C27FAEBDFCB2ECB6DAF ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
19:50:39.0572 0x0e2c FileCrypt - ok
19:50:39.0587 0x0e2c [ 5F4FB09BC4D33E6E3793AEA41D555697, 501AA763CA8E7BC2A5C760254A58E1732BD8616F72FD908A413E85E8148B07D6 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
19:50:39.0603 0x0e2c FileInfo - ok
19:50:39.0618 0x0e2c [ 75ABB7E381E36922230D55670B26D21A, 4F30A8FAD774DC669AEB2046C29A4E6C5C24ED7C99D034B3E97DED2F85001960 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
19:50:39.0665 0x0e2c Filetrace - ok
19:50:39.0681 0x0e2c [ D8745E1CEAA1150AD7E76E7E8687A308, B0507BCCEE86AD302DA9B4576E57307001CDC5310EA4C6E71520CEA7699709BB ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
19:50:39.0712 0x0e2c flpydisk - ok
19:50:39.0744 0x0e2c [ 7967D905658C7A8F2E81C04C28A0E1CA, E5A068309C96763842CC45AC5A17E234EFE43A0A309DEF567FE250FC73E7C0F4 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:50:39.0790 0x0e2c FltMgr - ok
19:50:39.0822 0x0e2c [ 8FA1C9F471EDBC89AE7EDFA85418C0AF, 53F6947AB1FFE05C2157C44CBFD794F8C155D47F3DAB5AB5C50C3770ECFD718F ] FMAPOService C:\WINDOWS\System32\FMService64.exe
19:50:39.0853 0x0e2c FMAPOService - ok
19:50:39.0947 0x0e2c [ D97817DD024E693799F8E014EA2D8D37, C56CD6975BB14ECC2371209A9379587AAB1BAB70C84D614057B643EFE2EE262E ] FontCache C:\WINDOWS\system32\FntCache.dll
19:50:40.0087 0x0e2c FontCache - ok
19:50:40.0103 0x0e2c [ 6431A8760ACC8616B0C3A36B9E74C062, 1F406F9B4D8B1098465A091E3683E27BFF73906F08436924279A8EB8AD475DCF ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:50:40.0134 0x0e2c FontCache3.0.0.0 - ok
19:50:40.0165 0x0e2c [ B2A0E65AD59DC517AE6DD2FE5F0CF84B, 7F674F3BA0737593F8526A1C9738BCE582C17526AC6CAE1E0059684709C05BE2 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
19:50:40.0244 0x0e2c FrameServer - ok
19:50:40.0259 0x0e2c [ 9640EC828267B5BC7E587D581E3FCEA0, 996B4FDAE249E4BC4A9BA3935586AC8F93F243DD9C697DE6EA6EFC6120C80BB7 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
19:50:40.0290 0x0e2c FsDepends - ok
19:50:40.0306 0x0e2c [ 8DC43B0CC985D4FD9155739BD774471D, FCB9BF96A463A5D0A876BC5775F756268452FF284500A33D83DB20047BD08CF3 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:50:40.0337 0x0e2c Fs_Rec - ok
19:50:40.0384 0x0e2c [ 5063FA79B3C809605ADF0898DFF836CE, E4F8212CCE865203BB31AE19069ECB4C9BCFDD7F6F55469093F4FE9203EBD3F1 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:50:40.0431 0x0e2c fvevol - ok
19:50:40.0462 0x0e2c [ EF8A6E4DDD8A6F5840B96C1C238B59EC, 55BD969E15AE16EABC399D99AA48FB7A9CF7FDB73CAD8B2A79095B37B3731C75 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
19:50:40.0494 0x0e2c gencounter - ok
19:50:40.0525 0x0e2c [ 56694161233F5A703E2C875BF4265407, 0427C583537E9CC4FA6110B826ACC64930F86A4F3BBEA4FE272F489219D1409E ] genericusbfn C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys
19:50:40.0556 0x0e2c genericusbfn - ok
19:50:40.0634 0x0e2c [ 73B55FF29D257E78B5357D2F143F3628, A2B59DE73A8C1B681FF15E61E62B48FD54D6E44B68DD2EC8F80989B6D1E61D84 ] GoogleChromeElevationService C:\Program Files\Google\Chrome\Application\87.0.4280.141\elevation_service.exe
19:50:40.0712 0x0e2c GoogleChromeElevationService - ok
19:50:40.0744 0x0e2c [ 66ACDC2BF5346E2FC24AD20207AD43B7, EBD873D28714D7B504ADF96A6BF0F13A39ED9BCA021DABB09C5CDF5BC1B461CC ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:50:40.0775 0x0e2c GPIOClx0101 - ok
19:50:40.0837 0x0e2c [ DE75097F223B1502196F27B38C152F95, 7BA6732A1E5B28F02BCFE6D1E61CB84E58CA25272DD0F2B6EF35727DE53EF78B ] gpsvc C:\WINDOWS\System32\gpsvc.dll
19:50:40.0947 0x0e2c gpsvc - ok
19:50:40.0962 0x0e2c [ ECF72E76711455EEB362E2E175395F87, 14E3D4396678303BACA9EE6A60869CE3EBBCEF58E71B25FA077D6DA4F94F1390 ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
19:50:40.0994 0x0e2c GpuEnergyDrv - ok
19:50:41.0009 0x0e2c [ 7A9DDF886942F5C791360BD76B06D874, 6550823ACF882D115B3922CD34C54479D0B2662CD187B98D5D4F203154C1947D ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
19:50:41.0056 0x0e2c GraphicsPerfSvc - ok
19:50:41.0072 0x0e2c [ 84E8954D8AFA6B6F5025EC059144CDE2, 7B03A99631843989C71E6F133BD71E243F33F86516BDA3455784FB11D4FF6736 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:50:41.0103 0x0e2c gupdate - ok
19:50:41.0119 0x0e2c [ 84E8954D8AFA6B6F5025EC059144CDE2, 7B03A99631843989C71E6F133BD71E243F33F86516BDA3455784FB11D4FF6736 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:50:41.0150 0x0e2c gupdatem - ok
19:50:41.0181 0x0e2c [ 543F752593EB8943A2A7F483C51723F5, 1272DD24BBAB7E65346260DA733C92E69F09386DDB21354B26DEAD1025BCEBF0 ] HdAudAddService C:\WINDOWS\System32\drivers\HdAudio.sys
19:50:41.0244 0x0e2c HdAudAddService - ok
19:50:41.0259 0x0e2c [ 1D742547071FC1436ED72A3F9DB6E1F0, 3E69AC41B139C294BC139E641C9D98C3FBFAF547B00C7C82EB0CB4132CBB0588 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
19:50:41.0290 0x0e2c HDAudBus - ok
19:50:41.0306 0x0e2c [ 23CB986FD6DC1D8022831254C609E481, D5669912870A3E498C576D24DBC61918364055AC90715C2ADF08C7572AE1EC57 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
19:50:41.0337 0x0e2c HidBatt - ok
19:50:41.0353 0x0e2c [ 66D600FD44E03A923D4FF579A8CF60EE, 9AB087930E10AC5146F9F1E900E0CEDFC7A53EE8E5ADE43A8E7250FE5E1E6E12 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
19:50:41.0400 0x0e2c HidBth - ok
19:50:41.0415 0x0e2c [ F5468C4442990B23D99FEA900B63338F, 90495D0A53F8E635E3999B297DC719294BBF08A57E5596049DE10903EDAF54A5 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
19:50:41.0447 0x0e2c hidi2c - ok
19:50:41.0462 0x0e2c [ 34642FB049036D8BAAA42C922A82CCBC, FAB504F789B8AD00D54BA7AFC9D6141E22BF2A35218D7F57260E5233B5609166 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
19:50:41.0494 0x0e2c hidinterrupt - ok
19:50:41.0509 0x0e2c [ C789878B45C886DBD967826B491C9C19, 29ACA42E3B8307078D03FD77831A534DE3EFF38A20ABB08EDF81089A94E2E585 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
19:50:41.0540 0x0e2c HidIr - ok
19:50:41.0556 0x0e2c [ ACA51FC51A8D0959D3FF0E822A760E77, 2D780AA5D36E6A95CF1F0513B0BCAEC94ED2B9CC85CD071F630F3DC9B068086D ] hidserv C:\WINDOWS\system32\hidserv.dll
19:50:41.0603 0x0e2c hidserv - ok
19:50:41.0619 0x0e2c [ ADBB0F49BCD51D8149AF57C63F1BE889, 620E3B821A301CC3BEC8D09B7F8A88E06EEB68B11707AC5EBED204B9156F7590 ] hidspi C:\WINDOWS\System32\drivers\hidspi.sys
19:50:41.0666 0x0e2c hidspi - ok
19:50:41.0681 0x0e2c [ E6FB73DDF8BB4DF3F9BAE8D650ED2540, 6419EA5EA3F5FB0091335A784C3F133503C085C4E33A6C44557AB98F9F0B8495 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
19:50:41.0712 0x0e2c HidUsb - ok
19:50:41.0744 0x0e2c [ A195E0255B056E2968B3A4BE21588E35, 769CAAE42AC023E8B9167F6FFE23D35C77FBB4276309E9F72494B056B43E2258 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
19:50:41.0775 0x0e2c HpSAMD - ok
19:50:41.0837 0x0e2c [ 3DAE8017FDE9DC3EE7E341D5F96CAFDE, E437A96C93DF6E911D2905F3930A8B7BC7398288927CD1FED015B081C82C8A6B ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
19:50:41.0916 0x0e2c HTTP - ok
19:50:41.0947 0x0e2c [ 6E7C4CAE43DA57A46DE9AC07D3400719, 3F5552758C8DF6D3C2A06FB19A3DB104916E2DCBD0C85DF15A40463EE5E0A614 ] hvcrash C:\WINDOWS\System32\drivers\hvcrash.sys
19:50:41.0962 0x0e2c hvcrash - ok
19:50:41.0978 0x0e2c [ 2B51ABC2AD3A5D1476D2833F8F03239A, 05F01D07F21EFFEBA25D82E7E7988405A0E8ED3D2AA6AF80BF207EDF0490B347 ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
19:50:42.0009 0x0e2c HvHost - ok
19:50:42.0025 0x0e2c [ 755973F4AD6747F08FB5BCAF98088C94, 66FFF222EE1DF78BBBA713C98A2702F47882521C413BC44D85C1F7BDC9C3959D ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
19:50:42.0056 0x0e2c hvservice - ok
19:50:42.0072 0x0e2c [ C1AE2929CAD05CD2AA1FA835B06023A0, 4FA13362C7132114904C31EE2D96AED773BD0473FF73713B6D8C1030A4C2FE13 ] HwNClx0101 C:\WINDOWS\system32\Drivers\mshwnclx.sys
19:50:42.0119 0x0e2c HwNClx0101 - ok
19:50:42.0134 0x0e2c [ 3D5054457DD70E28A30D3CB1A352D468, E64EDA20E4A99F3ED04BA35BEAAFC85AB708EBC01F57BCA2B03A2407AEED3595 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
19:50:42.0150 0x0e2c hwpolicy - ok
19:50:42.0166 0x0e2c [ 4B0CB29B31E937AAC09EC0E66B03A70B, 351BD5B31B4256ABBDE0C414C0CCA10A84139023C0459C0AE8C9B9FF375E49D2 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
19:50:42.0197 0x0e2c hyperkbd - ok
19:50:42.0228 0x0e2c [ 454416484E10579883D0DE1CE13E695D, 1EB9269A57C176FFF386FE89298369EDA2028D57CA08C03CC09AE8E111A309DD ] HyperVideo C:\WINDOWS\System32\drivers\HyperVideo.sys
19:50:42.0244 0x0e2c HyperVideo - ok
19:50:42.0275 0x0e2c [ B475892255B02D33CF29B24FBD4AFDC9, 1678F2C246A6BCB434970C6E6394AD257D49BA3943AC46018359128099D82D35 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
19:50:42.0306 0x0e2c i8042prt - ok
19:50:42.0322 0x0e2c [ 9E5AECAB5F05218D9AC923E7CEA1CE15, FAAA46F22944E043A90AE6E9F0F86AF187FC2819C563DA375B2A409347BB2C35 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
19:50:42.0369 0x0e2c iagpio - ok
19:50:42.0384 0x0e2c [ 48EDB9B5DAB7D294951A520330F13715, 9296A14590DFD94A3C728CAF3CA91BA211F27974F9CFF8417CDDC00D1453315C ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
19:50:42.0416 0x0e2c iai2c - ok
19:50:42.0447 0x0e2c [ 6C3EDE394C71D5A67A504F55E35B6F47, 6FF5D13EF69E8FBCB4772C7B5C4D5770C78E0B29F9164FA1611EFDE91CE876BE ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
19:50:42.0478 0x0e2c iaLPSS2i_GPIO2 - ok
19:50:42.0494 0x0e2c [ 806D14CEAF25E5F2DFCBA8E7E33B86BB, 2141DE558461B592D4111A0388D1AAC8062FA72CD1E2A2D2D68279A9633288E9 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
19:50:42.0541 0x0e2c iaLPSS2i_GPIO2_BXT_P - ok
19:50:42.0556 0x0e2c [ 87DDDAE1693484BD0A210C877BDA00C2, E353D90D0B79A70F976FD5EA1CB7E25A97835E25116962EA035424715B2F43FE ] iaLPSS2i_GPIO2_CNL C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys
19:50:42.0603 0x0e2c iaLPSS2i_GPIO2_CNL - ok
19:50:42.0619 0x0e2c [ 8D3E3C431367E3BA632B4396CA662E1A, 71FDC25244298D62A335769D6ED43394C33FBD8DB05AA54CA924A2977F37858F ] iaLPSS2i_GPIO2_GLK C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys
19:50:42.0650 0x0e2c iaLPSS2i_GPIO2_GLK - ok
19:50:42.0681 0x0e2c [ 149F1260537C4F68C3F67C363B62F3C5, 3F1F9EC7571D0F82D3F5BBA298965491260708F05EBAAA2CC23483521A5FF079 ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
19:50:42.0728 0x0e2c iaLPSS2i_I2C - ok
19:50:42.0744 0x0e2c [ 3E641E905A6DBF29CBA1E72BBE349808, BF354297A55713D9E2DD4044D42810C007733EE54D5A80D58B96DD279D92C716 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
19:50:42.0791 0x0e2c iaLPSS2i_I2C_BXT_P - ok
19:50:42.0806 0x0e2c [ B78D6AF79045B0DAB58596AF75037516, F99CAA667A832173BE4C879712360937BF7267CEAF88D5C4798A500861E4018A ] iaLPSS2i_I2C_CNL C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys
19:50:42.0853 0x0e2c iaLPSS2i_I2C_CNL - ok
19:50:42.0884 0x0e2c [ 2ED3B41C7CB4101ACB15D84D8AB5AA9D, A92487129B81376471C842B9932FF3A7B3ABBBB89797978E3FDEAF71A6FD5E3F ] iaLPSS2i_I2C_GLK C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys
19:50:42.0916 0x0e2c iaLPSS2i_I2C_GLK - ok
19:50:42.0931 0x0e2c [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:50:42.0962 0x0e2c iaLPSSi_GPIO - ok
19:50:42.0978 0x0e2c [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:50:43.0025 0x0e2c iaLPSSi_I2C - ok
19:50:43.0072 0x0e2c [ 92175FB164CDD9A49821DCE51D9E2699, 140358A5529D3E1495607B61D1326B76679EFB0E3392A3486000D82FD21926FC ] iaStorAVC C:\WINDOWS\system32\drivers\iaStorAVC.sys
19:50:43.0134 0x0e2c iaStorAVC - ok
19:50:43.0166 0x0e2c [ E027678E8F76B2225C64CD186986E249, C5B41E88E4EC5DAE4FDCBF02B160026C1A8B4E1624B5B2AA4EA9E3A9DC514A47 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
19:50:43.0212 0x0e2c iaStorV - ok
19:50:43.0244 0x0e2c [ B9D28B4AF5C5D472DB6659B787811CF3, 944C27097141BED73C053D648E59E6A1F4FAD6823550741F1132AE325B70D681 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
19:50:43.0291 0x0e2c ibbus - ok
19:50:43.0322 0x0e2c [ B33F26DCC3E07ACC95DD146F3078BAB2, 7A17DA5FACB61A3C64F7DC15DEE86F8235B2C55E55519E5C25D1FDF06ADF67F6 ] icssvc C:\WINDOWS\System32\tetheringservice.dll
19:50:43.0369 0x0e2c icssvc - ok
19:50:43.0431 0x0e2c [ 28C1538260F7957FC0524C02C0979009, E6A935D9B00B82378EAB2867A1D234C0EF1CF40410A7E0013D2420D704B8C639 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
19:50:43.0525 0x0e2c IKEEXT - ok
19:50:43.0541 0x0e2c [ 2B8CAE19E7005BDAF806BC825274B52D, A5F28FC23416F7BDE8265D91B074200D6B70B4B538D20ECC83B4275C62729765 ] ImControllerService C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
19:50:43.0572 0x0e2c ImControllerService - ok
19:50:43.0588 0x0e2c [ 7EDB7CCEDC86F03D3254274564DB0E99, 58C7B50D8306E3B2334634DDF81B99B61E2EBF4D35B3E43BE02C7BEFECA77E0C ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
19:50:43.0634 0x0e2c IndirectKmd - ok
19:50:43.0744 0x0e2c [ 92DD5CB8D6F93502DAFA65A9D850C131, E2E377EA76C2ECB6A0836B944B8E1E0757FF3A88319C224084DE93B9D7433751 ] InstallService C:\WINDOWS\system32\InstallService.dll
19:50:43.0900 0x0e2c InstallService - ok
19:50:44.0150 0x0e2c [ F0866D0DC6962F4D9B7C9DF3F8DF9EB2, 04C17F6D1ACD9D5A98E70A68E427F7EFC1928A19A22F6889E2FDC3B2E832131A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
19:50:44.0384 0x0e2c IntcAzAudAddService - ok
19:50:44.0431 0x0e2c [ 160442E71355709601379251B83671E8, 910AC3AAE87EFD6BDFD2DAC8E692B1B1F2D30FDB69B02DE35E6DC7FAD3677069 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
19:50:44.0447 0x0e2c intelide - ok
19:50:44.0478 0x0e2c [ E4B0203E943935A5D02930187ECC6073, 0D9BCFE6739FF868F341443A14E7CC9FADB9BA39B0DA57E69FE070BC7616AA4A ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
19:50:44.0525 0x0e2c intelpep - ok
19:50:44.0541 0x0e2c [ 8D6ADFE99C1DC577C74B0148E70ED5BB, 3CB473C80B1F0B4BF32D5F76A600A972D4AFB5E62882FB09F48B6D40F3285F07 ] intelpmax C:\WINDOWS\System32\drivers\intelpmax.sys
19:50:44.0572 0x0e2c intelpmax - ok
19:50:44.0603 0x0e2c [ BF696833734ECF0F5920B5A6B1820EBC, C68C17A5D9D49D9762682697A43C8B6E208C2BA3A8CD5B45B35BD60F4BA599FD ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
19:50:44.0634 0x0e2c intelppm - ok
19:50:44.0650 0x0e2c [ A89BF4378628224DA411A76FF6913E95, 2572614EB43DA5BE591B8484CD05D4F8FB991BF3331A976A87A03DC3585FB100 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
19:50:44.0681 0x0e2c iorate - ok
19:50:44.0697 0x0e2c [ 02A2D46896B4312F084D5095D00B6DE7, 0D27C86EC5B2D9DEC9F88729AB16F79638769455179ABE23C86A519858104176 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:50:44.0744 0x0e2c IpFilterDriver - ok
19:50:44.0791 0x0e2c [ 0EB4405D79E1463454A79D42CCBC95E8, 83581555B7E99E34CCC09A1E5909F00D8BED61C345A2F3E47915C1594943B226 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
19:50:44.0869 0x0e2c iphlpsvc - ok
19:50:44.0884 0x0e2c [ 4BAA9037E2D4544906A7E9BDFE0CFCB5, 2E9A4BD67408B4193D4BDD2E934739BFE7F3FD0F0B649F44E861C5EF49F82A0F ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:50:44.0916 0x0e2c IPMIDRV - ok
19:50:44.0947 0x0e2c [ 5E05C0FEA671B910FEBC634E796C38B5, 7531CA77A2586E6F7085E1776EB6E5B665EAE3782C5EA7C2B7E5D3039F922397 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
19:50:44.0994 0x0e2c IPNAT - ok
19:50:45.0009 0x0e2c [ 3BB90B22F0D8A58B261A1B1AE6B80EAD, 6F5246DAA62C8F4E318E88EDAA48CD9ABD00591111F1E3F421E3E8D1D3377AF7 ] IPT C:\WINDOWS\System32\drivers\ipt.sys
19:50:45.0025 0x0e2c IPT - ok
19:50:45.0056 0x0e2c [ 5B4848FF9C6D605563BE8E21D4D2F70F, 394335BF90F7761515914A63D0F9DA122465D755D1C0E27329289228E15384FD ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll
19:50:45.0088 0x0e2c IpxlatCfgSvc - ok
19:50:45.0103 0x0e2c [ 054FE6D33A16F8CE82DCBA85AEE69B76, 3EA2188A9E5568B415CBB02B06A96DECDB37B9F07489145921CD34501823B704 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
19:50:45.0134 0x0e2c isapnp - ok
19:50:45.0166 0x0e2c [ 3A8753E069B7AD305C38736566B30A19, 7F449F6356E930024E1019C180410DD49D43C7C5B3DD10AEF647FF3AA41FB547 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
19:50:45.0197 0x0e2c iScsiPrt - ok
19:50:45.0228 0x0e2c [ 7C65B40F45AD2545443D009A837D7893, BD0A1831377E965414278C1BC813B008B52B6674B03994A6ADD4DEC43F568276 ] ItSas35i C:\WINDOWS\system32\drivers\ItSas35i.sys
19:50:45.0259 0x0e2c ItSas35i - ok
19:50:45.0275 0x0e2c [ A6C674D09B6231702D1DE55E26441BA8, 395DEEACDA99CC90B567FB493F613FC2C34ABF4A34A158E173367F550AE31D87 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
19:50:45.0306 0x0e2c kbdclass - ok
19:50:45.0322 0x0e2c [ FC6793F3CEA0B44CB516BEE39CA47538, A211547E85B488DDEA3D9FA6080CA9014FB08EAA7C72D54E561D159909F548F6 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
19:50:45.0369 0x0e2c kbdhid - ok
19:50:45.0385 0x0e2c [ B773A19F81C442DF6FE7C6271ED7CFF4, DCF1CEC745A9B6D8B8A4C031707FA6E618B522B4C4D7D51725BB2ED691DED48F ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
19:50:45.0400 0x0e2c kdnic - ok
19:50:45.0416 0x0e2c [ 5373E4594A071FE6031AD481CD23E910, FEA3F1F82AC2109B5ABD187D7A8C1688D99DC356F9F40DC904AC0B524F28B428 ] KeyIso C:\WINDOWS\system32\lsass.exe
19:50:45.0447 0x0e2c KeyIso - ok
19:50:45.0478 0x0e2c [ 699C7DEBA7FBC8A8C4DC0D1491CFA85D, 5FEC882B04414D219F8601B0A076ECA1A2E5AFAA645981FA5DFE988DB049FC06 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
19:50:45.0510 0x0e2c KSecDD - ok
19:50:45.0525 0x0e2c [ 7D39ECDB130A53AFB1A49CE4B287E06E, FFBA8182330EAB9D68606C50FECB7F33131481F2D780272CA00D653D0D7E6FF7 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:50:45.0556 0x0e2c KSecPkg - ok
19:50:45.0572 0x0e2c [ 85F56430EDB7F15D7E74562B4B9F45ED, 8546D87E71206BE9DEEB7885152554719A322B5BBC5C02A56193F16E4A516FB9 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
19:50:45.0619 0x0e2c ksthunk - ok
19:50:45.0635 0x0e2c [ 2A4F33C288355AF81387C4030C00FEBB, 2A2263CD1670D14DE27F7B5FA70E4037ADFE00A65D93A0C6B3C584435FD93FCE ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
19:50:45.0697 0x0e2c KtmRm - ok
19:50:45.0728 0x0e2c [ 7445884AB1995E1605840E5C8947DDA3, FC7817855F8CA8616BD5A941992468E6EB7FFFCAA21E332C3E4B832E7CA92EF4 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
19:50:45.0775 0x0e2c LanmanServer - ok
19:50:45.0806 0x0e2c [ DBD0EF344429E03FE0E04864977EF501, 230C0FD9565DE8F6B15B0A5FEB4F7322F006A3BC5162A5413D4B0DA98E17022E ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:50:45.0869 0x0e2c LanmanWorkstation - ok
19:50:45.0900 0x0e2c [ A0F0A4060A20B52ABD1D0A6096836645, 86532E8AD34ACE8316351E5E46F6DE9EDCB3448EDC77D43D743CD3D52480F6E4 ] LenovoVantageService C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\LenovoVantageService.exe
19:50:45.0916 0x0e2c LenovoVantageService - ok
19:50:45.0931 0x0e2c [ C74D6825D4F8F587AFBFE4CFAFA6CCE2, 8E00369E9DF24BAB5314B7BFC748A5413124654DA9CA37DE90B9309FD68139AE ] lfsvc C:\WINDOWS\System32\lfsvc.dll
19:50:45.0978 0x0e2c lfsvc - ok
19:50:45.0994 0x0e2c [ 1DDE097A358F533F58060B49A06B0AA4, F392D6EB5FD31A5A063E0DD091C3438A6C02DBBBDE12515C663BEB815F17587B ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
19:50:46.0041 0x0e2c LicenseManager - ok
19:50:46.0056 0x0e2c [ A0D1856F57DFCF58D8A9E23D8B205886, 228803C88590C8AC10A1730CADA38A48DEB0236FDC6695673D70C40F91F3948D ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
19:50:46.0103 0x0e2c lltdio - ok
19:50:46.0135 0x0e2c [ 27DA2D87DA23C2AB3328AFBA945DFEF4, E3E570EB6B9AF06B1CC1EB09DA7E660F4BCE3EF40842D143BE0611F7DE4B2BC3 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
19:50:46.0181 0x0e2c lltdsvc - ok
19:50:46.0197 0x0e2c [ 21DCCE84ACEE6DF560A54901460B1974, 2EE4A5C334CAD770B5A4BE77D0FDF10F084B10FCC9DFAF434338224B263A23B6 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
19:50:46.0244 0x0e2c lmhosts - ok
19:50:46.0275 0x0e2c [ 8EC5966393F3D2FB1F3663D47F059571, 0EC6328DE76D3817972BF1EBE897473D55B62D4EBFB8B1FE087FE3D2073B0446 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
19:50:46.0306 0x0e2c LSI_SAS - ok
19:50:46.0322 0x0e2c [ B3A55D8E17DC2CEC64C55031B60692E5, B4E9CC96946149FB6ADEE7FA52C5C01E02843AB932A1ED1747E42B8519DCAFE7 ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
19:50:46.0353 0x0e2c LSI_SAS2i - ok
19:50:46.0385 0x0e2c [ 08F9429D6D41E0D217C415D052BC84D6, 823597418DAA875AF30B2EBD5B2C224170E1589B2A841EB879144BAD51B3A8CF ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
19:50:46.0400 0x0e2c LSI_SAS3i - ok
19:50:46.0431 0x0e2c [ 21A85C6B86AF33EDED64F556D2DB7E32, 64B72F8B3967DF9B5BC2F83BB410ED9A4D68E824EFFFD35E4E615335D05DA286 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
19:50:46.0447 0x0e2c LSI_SSS - ok
19:50:46.0494 0x0e2c [ 15CCC877D9310B916D2E5C7C54A73250, CDA556F4623AEC50FA1662FC6076CD7685220A253B954147DA73F140A4AC8852 ] LSM C:\WINDOWS\System32\lsm.dll
19:50:46.0572 0x0e2c LSM - ok
19:50:46.0603 0x0e2c [ B1F6D849F8DDF1406454899C1BF5A1C5, 15E66A2DC64AAF1810C26827E2E95FD6393DEA843034A0CAA51AE9580CCBB822 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
19:50:46.0650 0x0e2c luafv - ok
19:50:46.0666 0x0e2c [ 60A53F8506D3BC02E1761DA33A8D2DF0, EAB4D640D3577DFDCD91DAD5BBFFA4FE78AFC579D7712C8F92558F038ABD4BE4 ] LxpSvc C:\WINDOWS\System32\LanguageOverlayServer.dll
19:50:46.0728 0x0e2c LxpSvc - ok
19:50:46.0744 0x0e2c [ 1294A83A7E61544E5C3678A40237F842, 120EC51CAA8D917E6B6FBD1E22E7AC59858C148EADA9B3F81EB03D82DD608EFD ] MapsBroker C:\WINDOWS\System32\moshost.dll
19:50:46.0791 0x0e2c MapsBroker - ok
19:50:46.0822 0x0e2c [ 7B1EFA88175EFB47970D274E671C8BE8, EE9E0C2DB1F4E358C1ECB9740E096AFB9271B85B84E6DFA3016E52635CCFFE5E ] mausbhost C:\WINDOWS\System32\drivers\mausbhost.sys
19:50:46.0869 0x0e2c mausbhost - ok
19:50:46.0885 0x0e2c [ 822938D041A15C2FF4841C656D94F604, 0077D7CB82B14423BD831E833F60CCE0239198E32200CD41051276E00C995BE8 ] mausbip C:\WINDOWS\System32\drivers\mausbip.sys
19:50:46.0916 0x0e2c mausbip - ok
19:50:46.0947 0x0e2c [ E956422EB6EFB3B06762FD4FC90FF572, D9B0B6451A2855E433A980A8DCF105D57616722C33C8F8ACA9C8446C6E616974 ] MBAMChameleon C:\WINDOWS\System32\Drivers\MbamChameleon.sys
19:50:46.0963 0x0e2c MBAMChameleon - ok
19:50:46.0994 0x0e2c [ BF46AFE0CC03D9A5883E74438170B841, 43309A4DBCF15F09AB3066E96C498785C4F41DBCA8467B0385FCA467AE370980 ] MbamElam C:\WINDOWS\system32\DRIVERS\MbamElam.sys
19:50:47.0010 0x0e2c MbamElam - ok
19:50:47.0041 0x0e2c [ FC30373AA8C9FCA43798FC7F46E1AD8C, 065BB482DF954E1923D16DC79D40683B2D18420790231E4C9499AE34F3441901 ] MBAMFarflt C:\WINDOWS\system32\DRIVERS\farflt.sys
19:50:47.0072 0x0e2c MBAMFarflt - ok
19:50:47.0088 0x0e2c [ C849F6494301A421931F82AF8A3862B3, 52420242E377FA06BE1055B61BAD1D6F7E0794FCFD8F27CBD907F4CA01FA133F ] MBAMProtection C:\WINDOWS\system32\DRIVERS\mbam.sys
19:50:47.0119 0x0e2c MBAMProtection - ok
19:50:47.0400 0x0e2c [ 9A463A0386D75F5EE3D496966FA5E466, 340E72FF6E0AD4D48749EED73452EBB5A6B7679BFB98FBBEDF8C4C6A2B3D118C ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
19:50:47.0697 0x0e2c MBAMService - ok
19:50:47.0744 0x0e2c [ A1CB214CAD55EFE911245FD79AD01CD3, 0A05F9FF66B0829769075F6EBC1668003913F2A08A78322E70464BDA95F7EDC9 ] MBAMSwissArmy C:\WINDOWS\System32\Drivers\mbamswissarmy.sys
19:50:47.0775 0x0e2c MBAMSwissArmy - ok
19:50:47.0791 0x0e2c [ 68409ABB4B11326AC56B4E6EF75A05E1, 375D101971564C3C6B704A09CB5B196FD220E29F4BD1EED9977BABF28DAF68B2 ] MBAMWebProtection C:\WINDOWS\system32\DRIVERS\mwac.sys
19:50:47.0822 0x0e2c MBAMWebProtection - ok
19:50:47.0853 0x0e2c [ AD72EA72A524720D6FAA09DCAEEF3990, 671646DAA2522ECB0B57930B7A526AA14861756C85643A8D79980D4EDC311CAD ] MbbCx C:\WINDOWS\system32\drivers\MbbCx.sys
19:50:47.0900 0x0e2c MbbCx - ok
19:50:47.0916 0x0e2c [ 1BB90BE197FB0D96185B1E3A78177A57, F0EAC8FE2C696022AFC21B3546450C90CD19C65F390ED460421A6F3F588F8A4B ] megasas C:\WINDOWS\system32\drivers\megasas.sys
19:50:47.0947 0x0e2c megasas - ok
19:50:47.0963 0x0e2c [ AEF3EA8036FF17BF8BD9403B1D76A876, 949358C4BFB2C4AEA4FDE9F26E9A5263DD50423BD17A3B830119875BC14211EC ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
19:50:47.0994 0x0e2c megasas2i - ok
19:50:48.0010 0x0e2c [ 91680A3466B271AAE802452BDE032380, 95C5EA5F6741C63443F6046585716CBFB61F5A905C288C64CB69E09AC3AF2079 ] megasas35i C:\WINDOWS\system32\drivers\megasas35i.sys
19:50:48.0041 0x0e2c megasas35i - ok
19:50:48.0088 0x0e2c [ 721FC491970364F1065C791629323502, A6997BA88BDD70D266A62728460254D5B6E4FF1737E7F2DCF4D0C1F332D089D2 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
19:50:48.0135 0x0e2c megasr - ok
19:50:48.0150 0x0e2c [ F1DE8D5576D0200A808C3475FC6E90A5, B6E9793FB86425042DD547E07AB86B17E18092BD24B8D1782784BCA9834467C8 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
19:50:48.0197 0x0e2c MessagingService - ok
19:50:48.0228 0x0e2c [ 41A35E2FFC5F68F2345CAFDBA29D59E3, DCF1E7EE3A79A670E8AE9B2F83013F01F52DDB23CDAC0BEDCD874543E99F1B9F ] Microsoft_Bluetooth_AvrcpTransport C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys
19:50:48.0260 0x0e2c Microsoft_Bluetooth_AvrcpTransport - ok
19:50:48.0291 0x0e2c [ 2FED744A5C32D935ED3A229CF7FA5D05, 4DA5BE07D15A0446F390ED5030F33C4D3EF903723E3C82A6E7D5BAC0399AF2B5 ] MixedRealityOpenXRSvc C:\WINDOWS\System32\MixedRealityRuntime.dll
19:50:48.0322 0x0e2c MixedRealityOpenXRSvc - ok
19:50:48.0385 0x0e2c [ 3FFE0858D0E44AD01151A1D20EFE8C6E, 44AD3E4453992289720B09B4C43725C07F8E16ACD3A2065080B0B59CBD56FC27 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
19:50:48.0447 0x0e2c mlx4_bus - ok
19:50:48.0478 0x0e2c [ CABA725AA198FB1B8FC88BC863BC6C4E, F4A467FFFEA42EC236E7CAFC22DDCE630608722B7DE84806D1C97DCE7A66756E ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
19:50:48.0510 0x0e2c MMCSS - ok
19:50:48.0525 0x0e2c [ BD0744EA7533D420236F4958CDC88332, 5FCEA3BA97DC951485851BC0C299BDBD8F6195F8F5BF90F399EFC0F64C79FD42 ] Modem C:\WINDOWS\system32\drivers\modem.sys
19:50:48.0557 0x0e2c Modem - ok
19:50:48.0588 0x0e2c [ B5B8EFDB66C59A95B88DF40D1A5C62D3, 711B003A068D3E63EAB4FC9965B28BB9D6DFCAB7212CCF118ED3AC73327E46AF ] monitor C:\WINDOWS\System32\drivers\monitor.sys
19:50:48.0619 0x0e2c monitor - ok
19:50:48.0635 0x0e2c [ 2636838B7F077F20C9FE4EB6C4762887, 152B4D9DCA39CEBE703ACACFCD4D020EA65E503BA417811C5168BBD64FD51840 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
19:50:48.0666 0x0e2c mouclass - ok
19:50:48.0697 0x0e2c [ A461B82FE51C46FA77C124190E1A24E5, A0A1854783D9415892F5BCAF02BB5D0005C321CC051D8262D7C042A21E694EEB ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
19:50:48.0728 0x0e2c mouhid - ok
19:50:48.0744 0x0e2c [ B85C904F394A8F13159541CFEB131B85, 502C3915B2ECCC02EECB262144B7E259FC740C43854E13CFF51D9319DDF8C7C8 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
19:50:48.0775 0x0e2c mountmgr - ok
19:50:48.0791 0x0e2c [ 4F42CBB27A7B4AA26BE4DCCA6C25D136, 0987ABF8212CDC420B0F40E040E4097D414D389DC0010DD58167593E31C6E97D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
19:50:48.0838 0x0e2c mpsdrv - ok
19:50:48.0900 0x0e2c [ AEB01CEB6F9D5F2AADC399B93315B5D5, 51837321CE35C3A1A39203D7DF7408D22E3B71F62C1F84C101384B576EDD30DD ] mpssvc C:\WINDOWS\system32\mpssvc.dll
19:50:48.0994 0x0e2c mpssvc - ok
19:50:49.0010 0x0e2c [ 6D7E0D16C4158099E4DD6D7F1E4DC8B3, 746F8D13D57209F099BB0B20DDE134F04197998ADDD6FA0DD4ED9931D45EFACF ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
19:50:49.0057 0x0e2c MRxDAV - ok
19:50:49.0088 0x0e2c [ 81D84DA690D6EA929B2B98D4B4B5DEAF, 88E89984FD9A1E8D81BCEADF9F87211320CA8277785A519EF822456B33139D77 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:50:49.0150 0x0e2c mrxsmb - ok
19:50:49.0166 0x0e2c [ 3A938538858C3D6C2A7C67484056173B, 0D842AA98401C1B10FB0E645387DEC35C578E234106517AC0011A78A764C9C8D ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:50:49.0197 0x0e2c mrxsmb20 - ok
19:50:49.0229 0x0e2c [ 90F0B61C3A11A7D2E718FC70EDF55942, A0DB00D8C0D2928D2004CEAE96B2F6971FD909FD149B56F74F110203A314A7D2 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
19:50:49.0275 0x0e2c MsBridge - ok
19:50:49.0291 0x0e2c [ DC59FE37CFF118B6DAC426FE9923B32C, 8DDC6D67A14B549946D103F2A5E7B1EB23C68BB6E7B8ECBC192365C7323EC458 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:50:49.0338 0x0e2c MSDTC - ok
19:50:49.0369 0x0e2c [ FD79E6397F6915348FC7797018B496EF, 0D94E9498CF5CB5E9BF5537C0510DB7922380745335DF99AF8A1F34EC8134A5A ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:50:49.0400 0x0e2c Msfs - ok
19:50:49.0416 0x0e2c [ 5CC4AE59BAC4DDE8C0ECB05A4A965D19, 56618151F45271CDAE0E6EAF9E5358B1B0E46761633234E14E7571722449443D ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:50:49.0447 0x0e2c msgpiowin32 - ok
19:50:49.0463 0x0e2c [ 22813FD068277CC4994CB3FB5547AA23, AA5FCFEE8161EA12ED65FAB5A662EE3BFF5B7D725DEFF081FCB45C534FAC976A ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:50:49.0494 0x0e2c mshidkmdf - ok
19:50:49.0525 0x0e2c [ ED11DC4C201FF6C06F171E18B379B589, 37E1901ECF54A22D016B844B68847B3894EDCA7854D713C46951BD41684735BB ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
19:50:49.0557 0x0e2c mshidumdf - ok
19:50:49.0572 0x0e2c [ B96409D62458CF2D45895A8B112B1E24, 73E57262DCA69935FB93A5D6FBDB7D516C80532924E49325275839A84FA4F620 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
19:50:49.0604 0x0e2c msisadrv - ok
19:50:49.0619 0x0e2c [ 7A11436A666D4CDD1D650FBC92738C8C, A45F0037374FA16D032D8AB31343CAA005393931542884C58187CE18BC8A1848 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
19:50:49.0682 0x0e2c MSiSCSI - ok
19:50:49.0682 0x0e2c msiserver - ok
19:50:49.0713 0x0e2c [ 50524ADEAAD6B939103D45EF886D74A1, 56E564BFAF1C11F3846B690437B5B6810A728045294C906B794869AF13B4E79D ] MSKSSRV C:\WINDOWS\System32\drivers\MSKSSRV.sys
19:50:49.0744 0x0e2c MSKSSRV - ok
19:50:49.0775 0x0e2c [ D65874265E85BEF4E54740FB69803430, 5A368710766359A45B9E5ED0C381D2B3DD971C4D4BA563EAF2464AC3E372F7DE ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
19:50:49.0807 0x0e2c MsLldp - ok
19:50:49.0822 0x0e2c [ FAFA1781D123CD9B2542719DD523177D, FDDA2690AE37D970935A74CBD54492331E520DBC0D4C8484812E75678AE7383C ] MSPCLOCK C:\WINDOWS\System32\drivers\MSPCLOCK.sys
19:50:49.0869 0x0e2c MSPCLOCK - ok
19:50:49.0869 0x0e2c [ 031C0DAF57390C77A409E00031548827, ECB8E06EC52F84C206C77D605B07DEED2CA0B150E4645CF870E2DBE6CE8573F7 ] MSPQM C:\WINDOWS\System32\drivers\MSPQM.sys
19:50:49.0916 0x0e2c MSPQM - ok
19:50:49.0947 0x0e2c [ 2485FF576C5E3761791CC11DB8B094B4, 700F6E566CED17228C0F3C0E0CDD8734120755B83F96F6827266B943B8072C4B ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
19:50:49.0979 0x0e2c MsRPC - ok
19:50:50.0025 0x0e2c [ 04919085140DA55C3A5C0B08517EABAC, E632CAC868B9367591EA2791B2B93EE0E93F414460AE8F4C851307A761577886 ] MsSecFlt C:\WINDOWS\system32\drivers\mssecflt.sys
19:50:50.0057 0x0e2c MsSecFlt - ok
19:50:50.0072 0x0e2c [ 84AB9DA4C598BE81A7D0B88C8AE2DF41, A52BDE35B576B48EEECE245D9FD28FFDEAD402C17BC411A92849BEC93C7A1AAA ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
19:50:50.0104 0x0e2c mssmbios - ok
19:50:50.0119 0x0e2c [ E13D4B1DD649D69E974C51B2D550E4FC, 1D5DECC4CC515D74625283D4703F9D9A4B1EE013DA61CCB736690F63906B2E7D ] MSTEE C:\WINDOWS\System32\drivers\MSTEE.sys
19:50:50.0150 0x0e2c MSTEE - ok
19:50:50.0166 0x0e2c [ EA16B406DCEF72848A1E2BA9B32469CF, ABF2B0A6B03AF147C04A0E7E788E866D9B84BE1EB7D7ED25641F7BF0B3C25138 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
19:50:50.0213 0x0e2c MTConfig - ok
19:50:50.0229 0x0e2c [ B49EDC579AA2E7EB7B1BC11C0A65CAAD, 1AD44A59EFC580496879633B78CE99D1FFDD3703D9943394A82F51B247C26FDC ] Mup C:\WINDOWS\system32\Drivers\mup.sys
19:50:50.0260 0x0e2c Mup - ok
19:50:50.0275 0x0e2c [ 62F9AE1AB6F9B3825A4DB481E2613940, 02B4D85EB99AFF67BBBF2BD29E3747BBDD627F09F1F0FE62E5BF9AF6062C2E27 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
19:50:50.0307 0x0e2c mvumis - ok
19:50:50.0354 0x0e2c [ D727DD8EA3CD56115F9BDD5C33F9D1B9, 888B19C1348A307BDFF84477D7B2A84D721A37689AA124536D12BDC26BCED4B5 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:50:50.0432 0x0e2c NativeWifiP - ok
19:50:50.0479 0x0e2c [ 3509BB296C4E2F8D71089C17DFB6CEAF, 2F1A77B938104698AC6D9E4F0184AE53745998C232EEA7BC7CD42A4ED21006F7 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
19:50:50.0557 0x0e2c NaturalAuthentication - ok
19:50:50.0588 0x0e2c [ C8A90D48FB91BB96583322053FF67D2E, 97950F7F9E7BAE1BB1CC009D6227868E5623B7AC82D6C42563AB99499CC751F5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
19:50:50.0635 0x0e2c NcaSvc - ok
19:50:50.0650 0x0e2c [ EFB5FD540250551584268843E66DC3AA, A360D2DB285791CE94EC07C7A0C6CD2CD6D1C58DA089CB32427A07F7B19137AA ] NcbService C:\WINDOWS\System32\ncbservice.dll
19:50:50.0713 0x0e2c NcbService - ok
19:50:50.0729 0x0e2c [ 9EB402A3A00433B271C2DE5B904AA770, 4E95FECBF1C71F7CB574651FA2B1F8B23AE16543887D80432D178809A5833C42 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
19:50:50.0775 0x0e2c NcdAutoSetup - ok
19:50:50.0791 0x0e2c [ 323CE279076206EB4B1EC4FE85A81FEB, F224109E7A447EB98266D24270ADAB4D71681018FCCA1B3405686D2776ED0376 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
19:50:50.0822 0x0e2c ndfltr - ok
19:50:50.0900 0x0e2c [ E82CE23C3E1CD0415C9E9A8E852A78FB, 454C060BB2C01C8B0AE6CA1CE1C02CAB71B1F43345C42F2760093854CBD4CDB5 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
19:50:50.0979 0x0e2c NDIS - ok
19:50:51.0010 0x0e2c [ 7BAFB78DCBF0C74C1F1453E11DEC841B, CC53F3488607DF025000CBD58185499BCB05029EFAB20C3EF175C97E90CA8D7E ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
19:50:51.0041 0x0e2c NdisCap - ok
19:50:51.0072 0x0e2c [ DB14DD4CE1D762ABDD2C69F86E359D18, 2815A03E2F04F6BFE8C70D550854DE8B5269B5B0074A9675E87704BD793F6BDA ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
19:50:51.0104 0x0e2c NdisImPlatform - ok
19:50:51.0119 0x0e2c [ 254F52488599A2CA55DDABEE89415714, F0E50F3EABCE7DA1E83419C6CE07A9D536EFE710D800FAF6475FA087EC25BCAD ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:50:51.0166 0x0e2c NdisTapi - ok
19:50:51.0182 0x0e2c [ 5F74158F98277E08CEA499AC7041A798, 517338614196FC5F0F70F6AC8C89590D093912D33F46D0D580CDFA6E8E8F919B ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
19:50:51.0229 0x0e2c Ndisuio - ok
19:50:51.0244 0x0e2c [ 44FB0EB6FD78309E8A6A767B91AF3374, DB4E3333A64CF4B6E3A1EACC14D44BE264ACC89773CDE1449D8752D9A3D2811F ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:50:51.0291 0x0e2c NdisVirtualBus - ok
19:50:51.0307 0x0e2c [ E85F8D502518D6A5C51F6A56461A7FCE, AAD454FAFC811E7E604894504CA92A3064A2C4DAA40221FCF22D0D096AD914E4 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
19:50:51.0354 0x0e2c NdisWan - ok
19:50:51.0385 0x0e2c [ E85F8D502518D6A5C51F6A56461A7FCE, AAD454FAFC811E7E604894504CA92A3064A2C4DAA40221FCF22D0D096AD914E4 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:50:51.0432 0x0e2c ndiswanlegacy - ok
19:50:51.0447 0x0e2c [ C91AE4E1A91B338F85D2F64667F0C6AA, FF3FB1764DC5B95B6238DE8BB7152B14FADE799B2D712499C7CA758C204E9071 ] NDKPing C:\WINDOWS\system32\drivers\NDKPing.sys
19:50:51.0479 0x0e2c NDKPing - ok
19:50:51.0510 0x0e2c [ 3E22C2C5C353F1983F20288FF00D2853, 2426A90C5AAED20A233F8ADFB6CEBD65719D70E1F72E6E161D1AA45E86278BE7 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
19:50:51.0557 0x0e2c ndproxy - ok
19:50:51.0572 0x0e2c [ 340AC1BF4E5727DC58E16E9F0806B36F, 5BFB10B9BAECBCBC6C8E61FF3E9D82CB3F1779681268687AFB742B015C5F1740 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
19:50:51.0619 0x0e2c Ndu - ok
19:50:51.0635 0x0e2c [ 53FF0E34116C7835CB795C15341C2ECC, CE332489445F9DF1737AAAFDDD58610C5237C4510F09B8F76B5157A52272ED30 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
19:50:51.0697 0x0e2c NetAdapterCx - ok
19:50:51.0713 0x0e2c [ 42F0CF6F74257A58D8F1EA68EA7782B8, 7BF400D21BF8098CBC2B697FBE5E680DF22CC77379299F2F15B71DAEE4D04F7F ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
19:50:51.0744 0x0e2c NetBIOS - ok
19:50:51.0776 0x0e2c [ FF207E415B21D18E97BA3371BD4E3058, 2EA8161001A34A1A26E3D32BB33C12DF9305C948CA82F868BBC5ABB7D94D0678 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:50:51.0822 0x0e2c NetBT - ok
19:50:51.0838 0x0e2c [ 5373E4594A071FE6031AD481CD23E910, FEA3F1F82AC2109B5ABD187D7A8C1688D99DC356F9F40DC904AC0B524F28B428 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:50:51.0869 0x0e2c Netlogon - ok
19:50:51.0901 0x0e2c [ 379EAAFFA73FE386D3A94DA05AA82EEC, 9EA329BF0CE04F3768A943E6579D61342C1AB625B1844897C5EB5B59BE4C8BC2 ] Netman C:\WINDOWS\System32\netman.dll
19:50:51.0947 0x0e2c Netman - ok
19:50:51.0994 0x0e2c [ 8E03DBF17C69A57A2D758249DF6C1EBB, 73D098149BE70FF5DCB956C1CBDFA50F57DC8B4DC19E65DF0A1DD52409E0D7D5 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
19:50:52.0057 0x0e2c netprofm - ok
19:50:52.0104 0x0e2c [ 52C81BF18B4DE114AFAD3FB92EF626B6, D290D1840890E5CD9088852EF00951462A790C97E32C7BD0F04600F927F49E47 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
19:50:52.0166 0x0e2c NetSetupSvc - ok
19:50:52.0182 0x0e2c [ A35D38A33A4DE8EA83FBD73524DAA0D2, 092705C17D057E86EA25B269819CCFFD21A2F72A8563CFBE2941A38559E13620 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:50:52.0213 0x0e2c NetTcpPortSharing - ok
19:50:52.0244 0x0e2c [ EC430C9956B16255BAF80A5317BA2675, 6DA2BE1E3C0ECC7C195EC707824A4166B71D9EE218CC5B704D5A24961F8E6021 ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
19:50:52.0276 0x0e2c netvsc - ok
19:50:52.0322 0x0e2c [ 009CFEA73B021463EB8287C23D6812E6, 881B026ADF6C66FA01ADD65B1A8E56D914AB737B04633F085CA557634953C6A0 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
19:50:52.0401 0x0e2c NgcCtnrSvc - ok
19:50:52.0463 0x0e2c [ A3E88BA1F249E819AE625645552B93F5, CBB304348C61A9FDA4F7F2FD46CE6EDDC61898C44626E45A6B1F0C5D4147DEB7 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
19:50:52.0557 0x0e2c NgcSvc - ok
19:50:52.0588 0x0e2c [ 68E981435D25F7C1CDFDE6A17FE367F4, 17CA174A6B38E9D874830B79DC005EBB5599BD3411BE1480F238585B88CFA4BD ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
19:50:52.0651 0x0e2c NlaSvc - ok
19:50:52.0666 0x0e2c [ 744DE5F3E878FA12739C0BD98A972153, D0179A8B31EB86B2C677C0AA3390F61510AE2F6CE48E42801F3B1352B4A291ED ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:50:52.0697 0x0e2c Npfs - ok
19:50:52.0713 0x0e2c [ 2F0A6D060CB7A32A96004A5A8A61E9FE, D450F549C380C9DA4663ADA1777F6687C7461D82DCB6C739FA708870B4118964 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
19:50:52.0760 0x0e2c npsvctrig - ok
19:50:52.0791 0x0e2c [ 7A92D9DB681E48655475F9D071E34950, BCE27B53E265DDC75B3372F26DC017669378C85C1B1CF8145D8A582A737BE25F ] nsi C:\WINDOWS\system32\nsisvc.dll
19:50:52.0838 0x0e2c nsi - ok
19:50:52.0854 0x0e2c [ 7B37EF7E59C204DF60105C70BBE0D27E, 20EFC058E1BA0DECC1E7001ADB5AAE299DE684B1114E1B66CEB5B78A746384DD ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
19:50:52.0901 0x0e2c nsiproxy - ok
19:50:53.0041 0x0e2c [ 19F80E8705BE58BF144F3F4F6B88E035, 20900D437D076B4E225174235E0BD460A35DF6FD5AA6F07D9F59F2C64E563BCD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:50:53.0182 0x0e2c Ntfs - ok
19:50:53.0198 0x0e2c [ 7DE33B6BCD2113B39090D005BA5CFE9E, 1E84F2E321BB303320F6A40CC1EF22328BC162C9E433E4559F7D42160058EA78 ] Null C:\WINDOWS\system32\drivers\Null.sys
19:50:53.0244 0x0e2c Null - ok
19:50:53.0276 0x0e2c [ F7E5F5D6F7A645A263F71D53F4B0EFD1, 6ED8BA49AA366F8DAF2186E2418635E6C85B80E40F3BA1455087955466447DFE ] nvdimm C:\WINDOWS\System32\drivers\nvdimm.sys
19:50:53.0307 0x0e2c nvdimm - ok
19:50:53.0323 0x0e2c [ 34185B2FFC507E1C93F1A90CC7F74ACD, 1AA777B0963100512399D12FCECA596A06F59BA17ED8C3B8148243BAA9F8CF76 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
19:50:53.0354 0x0e2c nvraid - ok
19:50:53.0385 0x0e2c [ 516681B5A77104029F18468E5428678F, D864C5AEBBF819D31842D1C1825543558C4CC07711A71B01AB3C7B3480FB6782 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
19:50:53.0416 0x0e2c nvstor - ok
19:50:53.0448 0x0e2c [ 2FE93B11037D1FDF5933CCE466F4A3B1, 5E9EF6AB071CB374C7EF18AD9C365CE62946A586FB56E5E0CEC8C98AE67C3928 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
19:50:53.0494 0x0e2c OneSyncSvc - ok
19:50:53.0541 0x0e2c [ E3AE4DBE322A281DA6A8905CF1619E26, 3D553F1F79A2E4E33291E7C51F387DA6792EAA49B337825A1CB5E42DD91BE18F ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
19:50:53.0588 0x0e2c p2pimsvc - ok
19:50:53.0619 0x0e2c [ 63971F9592E9264CDD944E120CBAAF8A, D582C28E9F43D4ADEE2BB7DA69A889136E76B663CE06FD3051C017D47BF7604C ] p2psvc C:\WINDOWS\system32\p2psvc.dll
19:50:53.0682 0x0e2c p2psvc - ok
19:50:53.0698 0x0e2c [ AC682BC99BECA3A6C8C71234A9BC4225, 1FB6177AD97EDDA35D8F30ACE2FE2996A07DA62999A788146A4FAB70A6E25CBE ] Parport C:\WINDOWS\System32\drivers\parport.sys
19:50:53.0744 0x0e2c Parport - ok
19:50:53.0760 0x0e2c [ D64F3982FCCC6842507D1A5FED60618B, 03F6E12F6D59651076F89FA356E84A9782DC242C1861A72BBCA0DAB519DF5F3D ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
19:50:53.0791 0x0e2c partmgr - ok
19:50:53.0838 0x0e2c [ 7EC6A2398FC093AB91F9621038E32937, 09B868E8951B79000D55282D4C87A66F845307450BA651FC2D6AA6581470A767 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
19:50:53.0885 0x0e2c PcaSvc - ok
19:50:53.0916 0x0e2c [ F2B2C3B46454CA0BF160F0393BFB1620, 74BA1902A310EAF815A7866B8693D03878A0AEAF77032CF37CFA993937E91243 ] pci C:\WINDOWS\system32\drivers\pci.sys
19:50:53.0963 0x0e2c pci - ok
19:50:53.0979 0x0e2c [ 9DA37445A6AFB408289A618A57B46945, FB51DA33D135ADF1787EFFDD8569887F1C449D07ADCC25BF31055D4A7C1318CC ] pciide C:\WINDOWS\system32\drivers\pciide.sys
19:50:54.0010 0x0e2c pciide - ok
19:50:54.0026 0x0e2c [ C98DC1ACC9D5C4754BE83E28233369B9, 8FF4F1001D71E531FB8F7FB7E5F8CC485FE5DE9FF580B3E1BD6764D9ABB377A5 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
19:50:54.0057 0x0e2c pcmcia - ok
19:50:54.0073 0x0e2c [ 9B7C96AB92C3EA3D6D7DE2291FDC0893, A3682D50AD47BF713B036E01A103BAD0DF668D87B81B85CA3AA3E0B5588E487B ] pcw C:\WINDOWS\system32\drivers\pcw.sys
19:50:54.0104 0x0e2c pcw - ok
19:50:54.0135 0x0e2c [ 87B12300DE1D5D0C4CAFFE2F3D16EFE7, 92C1BDA89A0C83915665E0F6DC3CB04035C5D9D396AB2A3C1B75098D873037FE ] pdc C:\WINDOWS\system32\drivers\pdc.sys
19:50:54.0166 0x0e2c pdc - ok
19:50:54.0213 0x0e2c [ 4F25D29A759B4ADFC4C76A3305D878AD, 91BF9B8A3CCC84E23BBC9ADA9879AA9F4B31794931304D91A2B8125765B2F58A ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
19:50:54.0307 0x0e2c PEAUTH - ok
19:50:54.0401 0x0e2c [ DD862D97C38953177C798BEC6707512B, A897D851EB0F0A38D09015F33666E041D228DA919CF4F4FB07CB6618F80D3527 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
19:50:54.0557 0x0e2c PeerDistSvc - ok
19:50:54.0588 0x0e2c [ 3EDF20F5B059DD88ED7DBAF40CF31CA7, 4460E7CEF33CABD01263AA975E512A0622B305B9B74DDACC90EDC8CCABAAD745 ] perceptionsimulation C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe
19:50:54.0620 0x0e2c perceptionsimulation - ok
19:50:54.0635 0x0e2c [ 5AAC1089AC330F737B445158094FD4B0, 51292603648329B34BC747E7815407DA0B0A89E7D837A4D75A3B6F31EAD61AE8 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
19:50:54.0666 0x0e2c percsas2i - ok
19:50:54.0698 0x0e2c [ 12E63DAE1AEFAF7C7C3A533184B14C11, 488BDFB0D73B3E77D10FFD4A403A98771FA2029CCE1BB4950E77DA264E422FA0 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
19:50:54.0713 0x0e2c percsas3i - ok
19:50:54.0791 0x0e2c [ 0EC027E95D4B022102940FA3CD930E46, A802DE40D4F9FEA20516D4D8BA65942F48E47546DEB116C75B7A9EDB1F2EAAC6 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
19:50:54.0838 0x0e2c PerfHost - ok
19:50:54.0995 0x0e2c [ 31863D1A2E8EA3BC2DA1ED1920930A2D, 5127DDF1DF17226849B89DC740060C49EE6BDB5EECA8457BEEB8811F9001AAA6 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
19:50:55.0073 0x0e2c PhoneSvc - ok
19:50:55.0104 0x0e2c [ D4AE23C2024C079A8B3F3A11229B19D2, D94A6399B8508EF9DF09FB9E8FD237958CA4A6D32B43E25E6034003704561520 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
19:50:55.0151 0x0e2c PimIndexMaintenanceSvc - ok
19:50:55.0198 0x0e2c [ EECE33B2A411A0CC8DFF062811464A3E, 989F5EF24BFBB9ED96CC54E1343E5DEB398CFE5B00E488D1028A2925D2FE6DFC ] PktMon C:\WINDOWS\system32\drivers\PktMon.sys
19:50:55.0229 0x0e2c PktMon - ok
19:50:55.0291 0x0e2c [ 2FAE35C18735EE9A79A0C97B417FF9C1, 32EDB0DDB08FA8C6A3E511D0D14280F303AA1D7E5E6556658836DB8663390DC3 ] pla C:\WINDOWS\system32\pla.dll
19:50:55.0401 0x0e2c pla - ok
19:50:55.0432 0x0e2c [ C28BA33FE1373DE12B5FC1873FFAE4BE, 54D6EC2E21DFBA341EFE237ABDB08F00EA8A2479124750C3719375FC628459D8 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
19:50:55.0479 0x0e2c PlugPlay - ok
19:50:55.0495 0x0e2c [ 26C53135EE0B51441B17AE473962303F, 8DFA17C92F1DF6F49B28E828EFD7444CA7F366F666BB7B3EEC46A3BD678E7642 ] pmem C:\WINDOWS\System32\drivers\pmem.sys
19:50:55.0526 0x0e2c pmem - ok
19:50:55.0557 0x0e2c [ 4689DC2AEF21B8764CC4F4AD6712210A, 9D2747224CA01271EA7665AF3636C5F9507EF5C70033D5EC8C923D1AC5C8A31B ] PNPMEM C:\WINDOWS\System32\drivers\pnpmem.sys
19:50:55.0588 0x0e2c PNPMEM - ok
19:50:55.0604 0x0e2c [ 65272396F9B8D1F01E020639E1AC5DC3, 852FEA677D3D500BC208BE0C6E759EC668AD9DD6D694119ABE736DEB3D136F32 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
19:50:55.0651 0x0e2c PNRPAutoReg - ok
19:50:55.0682 0x0e2c [ E3AE4DBE322A281DA6A8905CF1619E26, 3D553F1F79A2E4E33291E7C51F387DA6792EAA49B337825A1CB5E42DD91BE18F ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
19:50:55.0729 0x0e2c PNRPsvc - ok
19:50:55.0760 0x0e2c [ 4FC9AC0B06074E1669FBF126C593A153, ABB0DEF921BCB84DE1BEFA6EACDFD4E0081F141E7F542CB3983593B97CE61371 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
19:50:55.0823 0x0e2c PolicyAgent - ok
19:50:55.0838 0x0e2c [ 3DC43052FC990C7A0F3697F6E9142273, 058C5FCBA09D603C48BEC6F2F9982D1D0C490915A79D304B90718A3823E69192 ] portcfg C:\WINDOWS\System32\drivers\portcfg.sys
19:50:55.0885 0x0e2c portcfg - ok
19:50:55.0916 0x0e2c [ 5F2DF79A55B4AA9291E323FE25A8A885, 379B264D67B87DAB6A55C5BEA9FAC9B065C7720E19D5DFBF6A7A9B9D0F247466 ] Power C:\WINDOWS\system32\umpo.dll
19:50:55.0963 0x0e2c Power - ok
19:50:55.0979 0x0e2c [ 627C7573539A6CD64E5C34D4F630A3B1, B1837DC01C4F5ECBC65F0D5CC4331CB30E620789B7CF00B77A50FA3F55481BDB ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
19:50:56.0026 0x0e2c PptpMiniport - ok
19:50:56.0182 0x0e2c [ D9D9E766AA54BE041B8DC1B5A3E74042, E560BBF2663D3C08557CC05493D092128D9C68058C62F9B56239500F5AEC26D0 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:50:56.0401 0x0e2c PrintNotify - ok
19:50:56.0448 0x0e2c [ 413E3993F91E01368F779D4241AA2CD4, 914B3B4BF78C15162E248D12484817AE2BEF7760758A412E70FC19BC1AE52A49 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
19:50:56.0495 0x0e2c PrintWorkflowUserSvc - ok
19:50:56.0526 0x0e2c [ 882C3A7C2518CA54C0C4CA356AD4152C, 9B6F1CBE7E6351F80340CA65EE40C46B91E70BA3413D2E6ED89C3E3688AC72FB ] Processor C:\WINDOWS\System32\drivers\processr.sys
19:50:56.0557 0x0e2c Processor - ok
19:50:56.0604 0x0e2c [ 51F442F8500FF48A22BE93A94965395E, 4D8770453AE5756A6E0F7A2E89D1E0F83684A253ECF82E55969F402F87F8CF4E ] ProfSvc C:\WINDOWS\system32\profsvc.dll
19:50:56.0667 0x0e2c ProfSvc - ok
19:50:56.0682 0x0e2c [ C0EF1DA7CB74EB2E0B87686AB7AA7454, 2053809FAD23211A336F30F306B5C11D93F6DE5E7A38CE021CD535E5E5EDE21D ] Psched C:\WINDOWS\system32\drivers\pacer.sys
19:50:56.0729 0x0e2c Psched - ok
19:50:56.0760 0x0e2c [ B83845E954ED27A558F388695C9FB82C, 984160C7361CE8BEED73AE58382CC9DBC2CC7973FD54BA9175EF39A9A3C499CC ] PushToInstall C:\WINDOWS\system32\PushToInstall.dll
19:50:56.0807 0x0e2c PushToInstall - ok
19:50:56.0917 0x0e2c [ 6C848BBDA8B5C66540E03BD7F605C1A6, 6959A0C5BF1C75BB71B41BFE185017F6A25AB211551529F4A6213DD01A90AF8F ] Qcamain10x64 C:\WINDOWS\System32\drivers\Qcamain10x64.sys
19:50:57.0026 0x0e2c Qcamain10x64 - ok
19:50:57.0057 0x0e2c [ 902B3BFA50DF02D2EDEA86DF91BFF7AD, 62BF7D8E977006262067AEC75AD8D090B761D836614EE2819B8F58F10EAD5684 ] QcomWlanSrv C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe
19:50:57.0088 0x0e2c QcomWlanSrv - ok
19:50:57.0120 0x0e2c [ E862021CE0B9DA301969D8843A6F6AD8, 03772F4AACB9F7F9D65E53A63F1247B36A3863444AFA28578B430445FFABF082 ] QWAVE C:\WINDOWS\system32\qwave.dll
19:50:57.0182 0x0e2c QWAVE - ok
19:50:57.0198 0x0e2c [ 00664026ACC782597B77AAAB5B65E715, F4B18D321BBAD9DF4EC7C44742FB65D09C70EE7AD26A30E26EE583305B643F82 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
19:50:57.0229 0x0e2c QWAVEdrv - ok
19:50:57.0260 0x0e2c [ E000172D517986EB493DBB0C42F76DCA, CE5D7D84972CA167F71F40502FE30C3AF6AB3F484D5582DAB0C2DFC361770EBE ] Ramdisk C:\WINDOWS\system32\DRIVERS\ramdisk.sys
19:50:57.0276 0x0e2c Ramdisk - ok
19:50:57.0307 0x0e2c [ 84E05BABA2B16499881D9E8BBC0779AC, 548E5BE36F836F8B955F186813CF512D0AF5B4FF7BC4D842D881A79520BE4B26 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:50:57.0338 0x0e2c RasAcd - ok
19:50:57.0354 0x0e2c [ 6B33F48B08B4B04EDB17B180CDA83E0A, 325C18BE1BABF124F0B42D38A619B849D20852FA8063ED79F429B2C65AAF9466 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
19:50:57.0401 0x0e2c RasAgileVpn - ok
19:50:57.0417 0x0e2c [ F9804C84CEA2184B1E61E61E897B369E, E266464AD299D738BA14BD38A0EAB1B67C9DE8858DB3A1DA0186385754757886 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:50:57.0463 0x0e2c RasAuto - ok
19:50:57.0479 0x0e2c [ 555E33527CC3C34620E49F5F86C8F7B0, 3E5EF22BA5CD091C55D71D66FA803C7990846887A1295A063A62F5088238538E ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
19:50:57.0526 0x0e2c Rasl2tp - ok
19:50:57.0573 0x0e2c [ 06C51BE7091AE791D01C674DA9A72D83, 1E1FDEAFE6D9A521B14424F36CA1F3076E4BCA1855978F4B766DF63A2014C7B3 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:50:57.0667 0x0e2c RasMan - ok
19:50:57.0682 0x0e2c [ A5FBC5FD8026AE164ECAD4882B24486E, 4B757832CDAC4C269E618013146E5AA94371CCDCF1ED7426DBC2724458DC08FD ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:50:57.0729 0x0e2c RasPppoe - ok
19:50:57.0745 0x0e2c [ FE1C387B8C3BC89D907D3BB06F83315F, F5F219A3D68914571DCC514AD418F8681E03D120090E2ED39ED4557D6BD1F0AF ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
19:50:57.0792 0x0e2c RasSstp - ok
19:50:57.0823 0x0e2c [ A8A43EEF8C1B7B03750D180D0DFD0D16, 9DA7ED320D8BACBD90C0D2A645A62A3D81D32CF7AFD2FE6A7CFF95C204665E18 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:50:57.0870 0x0e2c rdbss - ok
19:50:57.0885 0x0e2c [ D02EA52890750A5980EE970586942695, 4E321C27D0DC476F27A3B0720BC1188F6E549D1FA7B7E77E6BDE5F869E983A08 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
19:50:57.0932 0x0e2c rdpbus - ok
19:50:57.0948 0x0e2c [ 0227E0CD11B007A48327F5C86C41A6C9, D3E27276C72DBBAFDDF5BBEB9810B7AA4D8E2E86F86E23FAEEC1650898B4190C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
19:50:57.0995 0x0e2c RDPDR - ok
19:50:58.0042 0x0e2c [ B276A5816508DF357F58CDC514E6EAD8, 73BC81E49B0832D82A42601CC2D46EBB817489DA76C618D0952DE8521219E740 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:50:58.0057 0x0e2c RdpVideoMiniport - ok
19:50:58.0088 0x0e2c [ CD3A6A87C682363E227F065B8E59D94C, F7174E6F5A7ECBEEBC68A79C500890C12F826A70594C46C7817A49D992C6F030 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
19:50:58.0120 0x0e2c rdyboost - ok
19:50:58.0229 0x0e2c [ A66B18D587B6DBD58B59290A9771F561, 6094EF05F100BDD5827A58449433FD912DDD17FB0C30BE76C4D75CA5BE6C6EF3 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
19:50:58.0338 0x0e2c ReFS - ok
19:50:58.0385 0x0e2c [ EB0BB6BAD926A1024D1025641C03FF9D, 57F4DF6141D5597A90FA7601C00904F6B4DF2E9067FD3B00B9D70F3CC40B1233 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
19:50:58.0464 0x0e2c ReFSv1 - ok
19:50:58.0495 0x0e2c [ FB59F5B9260EB2E1A106EC2113304B22, 8FABC6E18DCAAEA8D4F3BB2BD223B28FF72BAE222BBA6EBD22D2A5D99043F0FD ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:50:58.0557 0x0e2c RemoteAccess - ok
19:50:58.0573 0x0e2c [ 15D9B88C7258263375BA462B96E61860, 3209521819139C2DC44B45E31907B5249CC780A3B11F7029E8DE9E94C29B8296 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:50:58.0635 0x0e2c RemoteRegistry - ok
19:50:58.0682 0x0e2c [ DD45958D94737FAE0A12F8A9FE96932A, A441203CD296D68FD8EA26C32C743E6993E8242F73506F7B292C7E62AB83EDC6 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
19:50:58.0745 0x0e2c RetailDemo - ok
19:50:58.0776 0x0e2c [ FF46B8795B06BAB591F082FBEF17DC91, 080098FED6F70BF410A5833D1AB991DEBF7D8549D49BA0958F0403A6A24D71E7 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
19:50:58.0823 0x0e2c RFCOMM - ok
19:50:58.0839 0x0e2c [ E3DE6D17049E592A710284B4C811E7BF, 3290298073AE13C3AEB166E77B1B2F570607571385C585D52FC392968659181E ] rhproxy C:\WINDOWS\System32\drivers\rhproxy.sys
19:50:58.0885 0x0e2c rhproxy - ok
19:50:58.0917 0x0e2c [ FFF722B500A34FF91B3392B74218A9C3, 0B8676BC166077B4F6495C07474C2F063AAA90F86EFC1AA6E754C278A0832060 ] RmSvc C:\WINDOWS\System32\RMapi.dll
19:50:58.0964 0x0e2c RmSvc - ok
19:50:58.0979 0x0e2c [ 062DC225116FFBED51B91BE8504B814B, F241FBB89C01AD8A0E513948DC57C1C151D5640540C70195B11503147C1EE6EF ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
19:50:59.0042 0x0e2c RpcEptMapper - ok
19:50:59.0057 0x0e2c [ A089120B99842F0A3CE8AE586A31BD56, CDFAA0429D8EF28E7011CFEB00C8CB08F63A4AF53A1FA6D41D23F86D85D80CA5 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:50:59.0104 0x0e2c RpcLocator - ok
19:50:59.0167 0x0e2c [ 98E76FA120294D28C4B02C257BCFB63C, 6ADBB3FB5BC2FD53318B60D2C73998EF2C2614A3CD132A843DEAE2314CECA36C ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:50:59.0276 0x0e2c RpcSs - ok
19:50:59.0307 0x0e2c [ CCF4A5CEC8FA38035007AB19EB0EBE2E, 05C7701A1A2FCEDCD0F5EC6EF069F73C48D920448EFB010E5E7FBEEA3438F014 ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
19:50:59.0339 0x0e2c rspndr - ok
19:50:59.0401 0x0e2c [ C24C6B5E7FB44011F278F38F599879D5, F0296DBB769CA8358F380C3A81BBBD2B668D1128039D5A0BEAE6530C4A4A5007 ] RtkAudioUniversalService C:\WINDOWS\System32\RtkAudUService64.exe
19:50:59.0479 0x0e2c RtkAudioUniversalService - ok
19:50:59.0495 0x0e2c [ 40CD5DB1671197EFBD5C3AB16B9B037C, A1DB4872DB0AF87E4E1F8506483200838E62B0FCE17E77ED9DEA47DE1C230C84 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
19:50:59.0526 0x0e2c s3cap - ok
19:50:59.0542 0x0e2c [ 5373E4594A071FE6031AD481CD23E910, FEA3F1F82AC2109B5ABD187D7A8C1688D99DC356F9F40DC904AC0B524F28B428 ] SamSs C:\WINDOWS\system32\lsass.exe
19:50:59.0573 0x0e2c SamSs - ok
19:50:59.0589 0x0e2c [ C111AC7C9698EAC8DAEA3425DAD68F42, 2B1C2FBD95FF7C18B13114A573DC47991F1323C8280C006B27013717BA731788 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
19:50:59.0620 0x0e2c sbp2port - ok
19:50:59.0651 0x0e2c [ BE608E708FA15B843BE80DED58805611, 6FE11AC52F7FBEBB062EE90E623C718518116B12AE0EEA79696D0F90D8C968CB ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
19:50:59.0714 0x0e2c SCardSvr - ok
19:50:59.0729 0x0e2c [ 8EE8366D8E3F021447F384D7C4DEE195, 62D015742754A58EE9A1EEA4D482E11E2B318C40A9F8EC9939D88024F9DA77FB ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
19:50:59.0792 0x0e2c ScDeviceEnum - ok
19:50:59.0807 0x0e2c [ E979E097C5D284F3BD8EC9607897F911, 77F8A74A6E8EE3255F01F8FFB6962F799C8399411966993054A488A11B0DDD5F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:50:59.0854 0x0e2c scfilter - ok
19:50:59.0901 0x0e2c [ B588B3853451FE667958349CB34F2D7E, 335F708D92892A3AE45983A6D9F41041271DC16FF7414454B2548D7764E3D46D ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:50:59.0995 0x0e2c Schedule - ok
19:51:00.0010 0x0e2c [ 1FF0B5E9E6C463A1B8F627F4BB2AFB95, 74B88EC879B9619B199EE31E6A0B403FE1F6FD3CC1A9E84F3378F7DACC5E42D7 ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
19:51:00.0073 0x0e2c scmbus - ok
19:51:00.0089 0x0e2c [ A83AC120A059FBD515C05018EE1E7B94, 9B5BA5798FD5CFAE20B5A78673A0D9DDFB8D648396C3A4EC0E10F820C927EBDA ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
19:51:00.0151 0x0e2c SCPolicySvc - ok
19:51:00.0182 0x0e2c [ 00E6D8D42B3B68557CF5161A544AA7C2, 50284F76D3920CC4FBB37F2CB2B0886742644408E6033DB1F07F42C6D61130B2 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
19:51:00.0229 0x0e2c sdbus - ok
19:51:00.0245 0x0e2c [ 801D9B80964AC7240F82C452709E28F8, 061103B80623B2A406F14AC3635A1B73D70F2523A96765FB846531C2112B2999 ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys
19:51:00.0292 0x0e2c SDFRd - ok
19:51:00.0323 0x0e2c [ 1AF6215665C076BAA4B97D722BD11955, 35247678536B8B29453C032F4B0C155622CCD813CC2EE25DF082DD80A5583CD9 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
19:51:00.0370 0x0e2c SDRSVC - ok
19:51:00.0401 0x0e2c [ 14B11BF6B3B0D4D54C4F649DB701A597, CDC8546F068A87C434B4674DE0C031D6B22B0D9E9926C5D8852AAAB20010E77B ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
19:51:00.0432 0x0e2c sdstor - ok
19:51:00.0464 0x0e2c [ 512FD6039A256324A745DF4FA01D5D02, 5EDDB6B714C2D35085D09BFDA3FED3365385B949DD62C6A405EC161C9F9AC2EA ] seclogon C:\WINDOWS\system32\seclogon.dll
19:51:00.0511 0x0e2c seclogon - ok
19:51:00.0557 0x0e2c [ 7D65E47C70C0C85E2318717925871A88, 50C1580D42F04D4A35668A0A8E11FF7073DCAB19DAF90D894F54F0C1D1830E8F ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
19:51:00.0620 0x0e2c SecurityHealthService - ok
19:51:00.0698 0x0e2c [ 96243F3E5DB42CBA80BDAF43F98341FF, 2794A4FE23D410AEE54D71CD6BC56AA155C967C7C5D7BB1EE2F2BF4F3F65AFDC ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll
19:51:00.0792 0x0e2c SEMgrSvc - ok
19:51:00.0823 0x0e2c [ 84F8DAF82B643F63D5D6EF93F8F5BB95, B946740A87C875713829F4ED88C44B2D8ADF7132683CDF8E89B70D16B77B60B8 ] SENS C:\WINDOWS\System32\sens.dll
19:51:00.0870 0x0e2c SENS - ok
19:51:00.0886 0x0e2c Sense - ok
19:51:00.0948 0x0e2c [ EA7F202EE760B3F949191FDF86E553EA, B7D7EFF9F543B5DC37D69EC4665C031C6FCC2135E527301DEAC0A16766EE60E1 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
19:51:01.0057 0x0e2c SensorDataService - ok
19:51:01.0089 0x0e2c [ D83530B2386434C004C0E4E41DD61843, 2D66E1AA30E1CFF0471E515817B350D1A637D88934790295D2EDE03A9443F2C0 ] SensorService C:\WINDOWS\system32\SensorService.dll
19:51:01.0151 0x0e2c SensorService - ok
19:51:01.0182 0x0e2c [ 706087D7D9D2A5347F6B327B353E9E08, 9962FF6718615913C2C42E3C3C26C082E8D1E7FDAC7C7454E4CDCB14AA6948C8 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
19:51:01.0229 0x0e2c SensrSvc - ok
19:51:01.0245 0x0e2c [ E1F507DB004880A5903EF7522912331B, 6A4A5E471FCB51D180A616ED7655F9DF428BF4F83BD822B60CBCF8E156755284 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
19:51:01.0276 0x0e2c SerCx - ok
19:51:01.0292 0x0e2c [ F43CB691DE5A8595B1558EC70E11F238, BE978529263B17EB95923326580507D964A08122FAF17F4C880AB36C4AC7DCEE ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
19:51:01.0323 0x0e2c SerCx2 - ok
19:51:01.0354 0x0e2c [ 570C25D873C1BB07CEC1D244F540FBD7, B130072C4D67CECAE0530AE3BCDA3C2CE6E43915534D9DA07E9403E0E5932F71 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
19:51:01.0386 0x0e2c Serenum - ok
19:51:01.0401 0x0e2c [ 75643A5BE2FB697CACB327C98571C1E0, 2652E67FAA7D514056D81D29FB8D8CEE629002DCF32FEE6A49183514654D2292 ] Serial C:\WINDOWS\System32\drivers\serial.sys
19:51:01.0448 0x0e2c Serial - ok
19:51:01.0464 0x0e2c [ 408A7AF941752F2CF6113A5028F10479, 17AF544225C5A7560FBB962FF1515844CB1A7A5287278D7EB67B382EA03ACF7E ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
19:51:01.0495 0x0e2c sermouse - ok
19:51:01.0573 0x0e2c [ 0C1E0D0CD0B4683A27E27BC15A50921B, 55AD04803406E8A120C623E21E040AD7C7E1DBEAD9370887111FEEADFC78F0F4 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
19:51:01.0636 0x0e2c SessionEnv - ok
19:51:01.0651 0x0e2c [ B6ED1B9FF9EE3406AFE6937EE50626A6, 06895C22BD93ED1F68E7F029227FCA4F550E44936682E5BADB58983E78441D6E ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
19:51:01.0682 0x0e2c sfloppy - ok
19:51:01.0714 0x0e2c [ C0F588AB65EE3869C38C1BD10A0AEF85, 8395188C4194A65B1106C0A9B1287DEB60513B1D5443DE6E55AB58C71EE49A1E ] SgrmAgent C:\WINDOWS\system32\drivers\SgrmAgent.sys
19:51:01.0729 0x0e2c SgrmAgent - ok
19:51:01.0761 0x0e2c [ C51AA0BB954EA45E85572E6CC29BA6F4, 2DF8A183B3DCA4DE156433280FD69B49E7B20B474211D7125FBE256CA25D769C ] SgrmBroker C:\WINDOWS\system32\SgrmBroker.exe
19:51:01.0807 0x0e2c SgrmBroker - ok
19:51:01.0854 0x0e2c [ FF5D569D4EEB6ABE49C66EE778EB70FA, 2CA762967321DD026E09A19CC4B7E40A721FC846A193EBAB16623F1B957D0FF6 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:51:01.0917 0x0e2c SharedAccess - ok
19:51:01.0964 0x0e2c [ 1C1309727A1AEDB288C10E1C521A246E, BCC251405447E2AC4FE75764E13CFEFF473333785BF4FBC428DEE34BC7F2A8BF ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
19:51:02.0011 0x0e2c SharedRealitySvc - ok
19:51:02.0042 0x0e2c [ 66E6C9C7AEB812EF3F7ED69143E8E287, 4C85FF6D3281EBD05DA823B6FD272EFA53C3AFD2C41A86E4684BB43E4FCF003A ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:51:02.0104 0x0e2c ShellHWDetection - ok
19:51:02.0136 0x0e2c [ 6A69B5648C532E363F1FB93292B4B144, 83C77DFDBFA24219123AF7A9BBDF737A0A8B98022ED28B0820E72D8F42D38500 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
19:51:02.0183 0x0e2c shpamsvc - ok
19:51:02.0198 0x0e2c [ 74343FE7D336D4D82AFCCD17504E93BC, 1D48F035F271593792E6BF15EE480FBB9013FB95DEB37860F7F933B5C0E08203 ] silabser C:\WINDOWS\System32\drivers\silabser.sys
19:51:02.0229 0x0e2c silabser - ok
19:51:02.0261 0x0e2c [ E1FCDB9B82A224C4EB01F7A0C54DF557, 50F152B1469761C5065A7C4B2E3AB5FB2DC4D96F78B41B58CAC697E9A54C70C5 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:51:02.0292 0x0e2c SiSRaid2 - ok
19:51:02.0308 0x0e2c [ 0588849E68C841A706081A294E51E759, DCAD7CF4326DB5E307078CE819D704506E1205685AA8E9A9C14C24F8C0689FFA ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
19:51:02.0339 0x0e2c SiSRaid4 - ok
19:51:02.0386 0x0e2c [ 7A160562207FA446643277E75C6D697B, B6A34380356430BBEB4D3B23D0075E0E22DE6652CEFAB77C62BC8FF6981E7DE0 ] SmartSAMD C:\WINDOWS\system32\drivers\SmartSAMD.sys
19:51:02.0417 0x0e2c SmartSAMD - ok
19:51:02.0433 0x0e2c [ B15241350252D74581FE956F358478C5, 540802AF873C4B325D8E8E9CFC5026B7BC0CB44F96DBEF1886221C47F0EAE4D1 ] smbdirect C:\WINDOWS\system32\DRIVERS\smbdirect.sys
19:51:02.0479 0x0e2c smbdirect - ok
19:51:02.0495 0x0e2c [ C2003AE2D8289E0A3885E6987C5AB398, 133E4C9B49BA3EA2CAC947031B8F8A75EF5784C4EDE93B13099BE61FADE14A0D ] SmbDrv C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
19:51:02.0526 0x0e2c SmbDrv - ok
19:51:02.0542 0x0e2c [ 97A2B8625FFEB3AEFC55C6EE0D10D06B, 139222B8C02F7E464DC55D395395C571854CC9B5973D91B63A864363C667CF5F ] SmbDrvI C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys
19:51:02.0573 0x0e2c SmbDrvI - ok
19:51:02.0589 0x0e2c [ 7EC5BE35AFE354E89378300C2455FE69, 2D6355E532C00DC0DE11C52013FE971722CCA26F1ADF691D6B919C042A8DDF3B ] smphost C:\WINDOWS\System32\smphost.dll
19:51:02.0620 0x0e2c smphost - ok
19:51:02.0667 0x0e2c [ 0D5698724FA6A269B9379C41FE2C1333, BC8120380CE3A1603AF2D67CDA9040A11F12EC0E03D2A2AB6F28E8847D679A90 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
19:51:02.0729 0x0e2c SmsRouter - ok
19:51:02.0776 0x0e2c [ 78172782B1E1E26933D67A9DA912158C, 354CFFF20D10A00A1DEFCD1B6B225C5B258D98D8CD94FDD905678DF8A62EDE34 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
19:51:02.0823 0x0e2c SNMPTRAP - ok
19:51:02.0854 0x0e2c [ C391BA62AABE300F9815B20268DD5969, B1A5E6839CB1209755735C0A50FCD01794BBB0B22BF888EEF66611A5DCFBFA4B ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
19:51:02.0917 0x0e2c spaceport - ok
19:51:02.0933 0x0e2c [ B0FC1C59BC63170BE57D66837FB6BEED, 58C979A655FA6EAD84DA6A0D606A917903C71A59D0D8CD16F2C7282CC76D5A2E ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
19:51:02.0964 0x0e2c SpatialGraphFilter - ok
19:51:02.0979 0x0e2c [ D6E649E8482AA227B8F985116D115A9A, ADAD215D0F3A6FE046000FF9E7E7BDD6288438A8D6E7EEEF980205B73F32A990 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
19:51:03.0011 0x0e2c SpbCx - ok
19:51:03.0058 0x0e2c [ BF1285BEBBE77B6A1AC052C2C64AD536, D65D9E3358BE51C0F70F810581DEB1FAE2A51C79CCFCDA85C56454411A42117B ] spectrum C:\WINDOWS\system32\spectrum.exe
19:51:03.0151 0x0e2c spectrum - ok
19:51:03.0198 0x0e2c [ EE05481E1FA1441E4EC010D24B7E624B, 9D3EE4E60DD54D54803A9F47E375AA5BE6BC77922D2149BED303478548BFA945 ] Spooler C:\WINDOWS\System32\spoolsv.exe
19:51:03.0292 0x0e2c Spooler - ok
19:51:03.0479 0x0e2c [ 13AE3EB0F5BEC12A555099235F07C77A, B8894298AC2E15C2F8382411F19EC979F73CC8EB609D64EC84E55F435B1E7AEB ] sppsvc C:\WINDOWS\system32\sppsvc.exe
19:51:03.0698 0x0e2c sppsvc - ok
19:51:03.0745 0x0e2c [ 212511EC49A75261D6F84D823DC218EB, A6F28E5A1040AA3279A255DF39BE3588D9A7845B80987DA5645B556FCE4C4D70 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
19:51:03.0823 0x0e2c srv2 - ok
19:51:03.0854 0x0e2c [ CC289D73E6FA28888797A097E86F3382, F2581793E36FFB8DEA6779E5588738BC08E648F347613E129B0003B443DB52AB ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:51:03.0901 0x0e2c srvnet - ok
19:51:03.0933 0x0e2c [ 84CC151A743103C9A947D506DBAE8809, BE7617C6BAB4207A3B608ABBE67BB61E93A41A5E5A1717D9DDCD7D63F7F182E3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:51:03.0979 0x0e2c SSDPSRV - ok
19:51:04.0026 0x0e2c [ 9FFECD197D09FF33B00D5E5B78A48146, 79C03E83B42E3C0402680B47A2493C3C506E2D212062859BD7C4EBACA46F3AD5 ] ssh-agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
19:51:04.0073 0x0e2c ssh-agent - ok
19:51:04.0105 0x0e2c [ 5778543F5A5201B9661AFDA420FF0AF6, 26AEBACD5C17F36DE6B6E893B2EFE0D0967813005F90A4ED95C72354152CC58B ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
19:51:04.0151 0x0e2c SstpSvc - ok
19:51:04.0355 0x0e2c [ EA9CA1320E0D78A60043E7B28E2B03B5, 6A208ED11EDFE90768DF243D09F6C10498A0110B71C675984A70DBEE8F0F3804 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
19:51:04.0605 0x0e2c StateRepository - ok
19:51:04.0636 0x0e2c [ 23F8A7C0D75AEA4440DB0A5F855DB1A1, 0EC2DE32DA3AFBC63EA84E76D1F0322382C273B3162885C7254F3960802B3B5E ] SteamStreamingMicrophone C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys
19:51:04.0651 0x0e2c SteamStreamingMicrophone - ok
19:51:04.0683 0x0e2c [ F23381E193DBC8D47B4C113DD57360CC, EE1EE0D1346328DA18D70988F01BD961437E95BE5AB82059A28CBCC7D4B23239 ] SteamStreamingSpeakers C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys
19:51:04.0698 0x0e2c SteamStreamingSpeakers - ok
19:51:04.0730 0x0e2c [ 8BC164974B677F0D4ABFCA42ADADD14E, DA6FA13FB28779F2A5D8BFF25659A3659BF5AF5EFE0432D0F4CF8BCAF20F0D96 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
19:51:04.0761 0x0e2c stexstor - ok
19:51:04.0792 0x0e2c [ E081B105344D048F365FDBC3A7583E97, 40F3547AD216FE89EDBEA5FB855E74B92E092039157C2CA78DDCE2CE0115084C ] stisvc C:\WINDOWS\System32\wiaservc.dll
19:51:04.0886 0x0e2c stisvc - ok
19:51:04.0917 0x0e2c [ C65FD20AFA49DA8776A2B94F39380E88, 2F42E0B40CF81A46F6F274569360E155061C31751980E9A8CBC7EB3E4B7B6544 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
19:51:04.0948 0x0e2c storahci - ok
19:51:04.0964 0x0e2c [ 8B2A9CF83531994775A1DA620AA234FB, DEEA990D633D621831D24A54E53AE6AE2F64AC3F983F411B436E48B6CAFFC3AD ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
19:51:04.0995 0x0e2c storflt - ok
19:51:05.0011 0x0e2c [ 1ADE6F0E1C8C673787C49AFCECF27C85, FC1F17D3E077C0E85D91D99DC27C840D0607EB8AEE0FA0A8E870E761547C33E2 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
19:51:05.0042 0x0e2c stornvme - ok
19:51:05.0073 0x0e2c [ 59D5626EC27D43039D76A6AA71CE5B01, A1D7EDE04A85129866560DB97E8F5F4F3A8E80B82ECB7BB347D1D1E84C4F32E0 ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
19:51:05.0089 0x0e2c storqosflt - ok
19:51:05.0151 0x0e2c [ EEF2BAEF16BD0741FEAD0AF89BAF19D2, B30E05E1F0FD254EB0DEC5D9F8C1307453C65FD48A1C1E1A17E73752C7580EA1 ] StorSvc C:\WINDOWS\system32\storsvc.dll
19:51:05.0245 0x0e2c StorSvc - ok
19:51:05.0276 0x0e2c [ A031D75433DFE22E0AE800CF2901E9C7, B9EF4F51911DEDDD7729FE88F3657FC63F3436004C7C9BFBD1C2233B6C10B6D4 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
19:51:05.0308 0x0e2c storufs - ok
19:51:05.0323 0x0e2c [ 868A36136BC87EB433CA0DC7394A8A3B, D4F04125A7A073798B35D6794C043FF8651C1AF126CE4B9AD122B3C4D7A14BF6 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
19:51:05.0355 0x0e2c storvsc - ok
19:51:05.0370 0x0e2c [ 763995562791AD56C4DCFD5B0746317B, F9E86B319309F7A5803CF5BCBCC76E5F13725884523A0A003EEB7006009C3940 ] svsvc C:\WINDOWS\system32\svsvc.dll
19:51:05.0417 0x0e2c svsvc - ok
19:51:05.0448 0x0e2c [ 8A9C14DE49EC3FC1CF4C906C6DD6EFC1, DD08E6F686696537783A90E6D1EC60F9FCF379E1FF9BADBFAD36E3841C8624D1 ] swenum C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_1c567926e5b29133\swenum.sys
19:51:05.0480 0x0e2c swenum - ok
19:51:05.0511 0x0e2c [ D3FFA2696BEBAAA9CE5C1AB5221D9B4B, 0674CB19E7ABD5782E1F78895B1576D6C32346F6283A4BC94049CA1A4E5250EF ] swprv C:\WINDOWS\System32\swprv.dll
19:51:05.0573 0x0e2c swprv - ok
19:51:05.0605 0x0e2c [ 97CC7EA622935A74AE4DDE7240B70100, E08AAAB39BE6FD541F22EAC1072E80ED0F96E7362271238A483F3D3A5AA82961 ] SynRMIHID C:\WINDOWS\System32\drivers\SynRMIHID.sys
19:51:05.0620 0x0e2c SynRMIHID - ok
19:51:05.0636 0x0e2c [ D2C18148D3C16CCED6E176C646C13EFD, 0F454E2421CEC26340A63E5223508A7E170AEA90C9D21BC3C01C66B8F6D8FF2E ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
19:51:05.0683 0x0e2c Synth3dVsc - ok
19:51:05.0730 0x0e2c [ FC9C10BE0307A332C16198DF823D4FBE, DC119DAD76920D7DE7215A187492BACDBB83BB64C4F171BE1A4C5A60131F2D4E ] SynTP C:\WINDOWS\System32\drivers\SynTP.sys
19:51:05.0776 0x0e2c SynTP - ok
19:51:05.0808 0x0e2c [ 6AB4F065ACB620FB1653450ABAD2C21B, 9AD9FE075B7D5A5E34F688120118E0767D1C2B1A6319A96B1D725E5513497461 ] SynTPEnhService C:\WINDOWS\System32\SynTPEnhService.exe
19:51:05.0855 0x0e2c SynTPEnhService - ok
19:51:05.0901 0x0e2c [ FC9C10BE0307A332C16198DF823D4FBE, DC119DAD76920D7DE7215A187492BACDBB83BB64C4F171BE1A4C5A60131F2D4E ] SynTPFilterHID C:\WINDOWS\System32\drivers\SynTP.sys
19:51:05.0948 0x0e2c SynTPFilterHID - ok
19:51:06.0011 0x0e2c [ 46CF46BB6F819E067AF42D30C62C2DB0, 259DD10BFADF27A57BEB74D360B70512389379635478C16FB72D1E6EB1190F3E ] SysMain C:\WINDOWS\system32\sysmain.dll
19:51:06.0105 0x0e2c SysMain - ok
19:51:06.0136 0x0e2c [ 5F7116BDAA8B1A1FF6B85B1485995291, FC444DB9345AC0051677205B8184701CAE9C1F6722A34093554C230AE733F5FB ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:51:06.0183 0x0e2c SystemEventsBroker - ok
19:51:06.0214 0x0e2c [ 3B6C505F4C8A5E2FDFA3DCE67E267066, DCC0EF76BE6145F0F3324AD5AB4DC376CC342D87B3D471234A61870E869E4543 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:51:06.0277 0x0e2c TabletInputService - ok
19:51:06.0308 0x0e2c [ 8113ED3FB551AB188B02CDA677A0DBEF, 061BE0DB97F8ABC200B15022CE9CC34EE06CACAF2B120D90C693FFBD87BF503E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:51:06.0355 0x0e2c TapiSrv - ok
19:51:06.0495 0x0e2c [ E9639DF8685BC2E681DEC79583F7D6B2, A8343E87D492B0761EE4C68150AA2510E45AD8053EA0818350D80458CE6A1B4C ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
19:51:06.0636 0x0e2c Tcpip - ok
19:51:06.0761 0x0e2c [ E9639DF8685BC2E681DEC79583F7D6B2, A8343E87D492B0761EE4C68150AA2510E45AD8053EA0818350D80458CE6A1B4C ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
19:51:06.0917 0x0e2c Tcpip6 - ok
19:51:06.0948 0x0e2c [ 6A6D4EE00469704BC0091AF5AC73C6DD, E2504FCFF084F8004BD5EA3735426D2DDEBF4372A7512EEFF4CB13076C77C213 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
19:51:06.0995 0x0e2c tcpipreg - ok
19:51:07.0027 0x0e2c [ 9AF99FB2DA176C88C68D886046C56B01, 8465D551BA060AAC7E178072899534F78BFCE35B69FA69CFACCEACCCB7BDAF4B ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
19:51:07.0058 0x0e2c tdx - ok
19:51:07.0073 0x0e2c [ BACB822DEC72FECEFC809449FD3C7CD3, 3F71D97CF24F74E315874DDB4BB2429B745F9E36E7EDFC0A37BCE8EB23947FA2 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
19:51:07.0105 0x0e2c terminpt - ok
19:51:07.0167 0x0e2c [ 4799CCD6211C8A105C7C8D9C688CCEEB, A34697EAB3534B0D25F311C7FC755BE18A42CB29908257120E811228A66B713C ] TermService C:\WINDOWS\System32\termsrv.dll
19:51:07.0261 0x0e2c TermService - ok
19:51:07.0292 0x0e2c [ 3B09BAB568BD4ED4B7A1998D47ECCF0C, E3668B4D57174032C36987AA97043E9F7D731E3E5D7A14EB10B5A18E339DCB09 ] Themes C:\WINDOWS\system32\themeservice.dll
19:51:07.0339 0x0e2c Themes - ok
19:51:07.0370 0x0e2c [ 00E0C9BF4808162AE2FC9E6C8BA50701, 7ABFD8534338904819797A8346C854100334ED79D3915A51B8CF1D3F9F335393 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
19:51:07.0417 0x0e2c TieringEngineService - ok
19:51:07.0448 0x0e2c [ AED022158618781B1816CEB14897E755, EC74A356E6AC9281AD99391C167B035AD7FFC84FB89C559DD9FD6DCB4917646A ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
19:51:07.0495 0x0e2c TimeBrokerSvc - ok
19:51:07.0573 0x0e2c [ D55B8A3689DD927D7EE75049B96E32DF, 3FC7CD64DE8D8D8AC1E34F403A397C114BD61F4626E422068D2DAB2724A6422E ] TokenBroker C:\WINDOWS\System32\TokenBroker.dll
19:51:07.0683 0x0e2c TokenBroker - ok
19:51:07.0714 0x0e2c [ E296DFDCF3B56B57E6D2C5B4945EB295, 731510AB07F6B5BD9F0A43863F0068A97B0F2D9BF5C6C474FBF9BC9211D2B556 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
19:51:07.0761 0x0e2c TPM - ok
19:51:07.0777 0x0e2c [ F47972C77B03F421BE57CFEEE384D98B, 8015327D5DE0E632276B5F6B079DBBFB453872175E463ECC4814E4AA9EB8138C ] TrkWks C:\WINDOWS\System32\trkwks.dll
19:51:07.0823 0x0e2c TrkWks - ok
19:51:07.0855 0x0e2c [ 0ABBA689E78D931613ADB942C43B2CF1, AC1AB44E7408B9477AE23E086E5E8D83351F86860656500A0C390EB40588AB20 ] TroubleshootingSvc C:\WINDOWS\system32\MitigationClient.dll
19:51:07.0917 0x0e2c TroubleshootingSvc - ok
19:51:07.0949 0x0e2c [ 90F45920F35A39DDFEA713B01E2F5731, 95AF07F6596A7397B147B9DD3F819D21E2C65BF97B1ACA6CD34A8755DA3669B1 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:51:07.0995 0x0e2c TrustedInstaller - ok
19:51:08.0027 0x0e2c [ 4D66CADB97981EE7390E95C5D59319F1, 0E0016522D5C4C0471A893ECD7E29F790DDB7895F4392BBE6142FBB17CE76407 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
19:51:08.0058 0x0e2c TsUsbFlt - ok
19:51:08.0074 0x0e2c [ 649B8BE7CF01E607B443FDDB55D912E5, DE38EEBBA4F3422FF74D8A2FCCF90CBB4B8DE51DEA3477F86AC5F29D1B537FE5 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:51:08.0120 0x0e2c TsUsbGD - ok
19:51:08.0136 0x0e2c [ A8D4B53D386487AB9CFCFD972764941C, 28A6372C64D1A274F3830E0EEAAF2CAB990D8AFD25511349C7BEB747ABC2172D ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys
19:51:08.0183 0x0e2c tsusbhub - ok
19:51:08.0199 0x0e2c [ E524022894A7499E3C06C147B0BA7FDF, BBA4A87B6EC7BAA4355CA7A99BCB228EFDA91E4FE8CDC8D1C15B68981250765B ] tunnel C:\WINDOWS\system32\drivers\tunnel.sys
19:51:08.0245 0x0e2c tunnel - ok
19:51:08.0261 0x0e2c [ 3DD3418273A3E097E9302C672E975D08, C0ED745B87B64D7DCC54380C7B82A70A8E7C66AC8C2C5871E9074A1C10374215 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
19:51:08.0324 0x0e2c tzautoupdate - ok
19:51:08.0339 0x0e2c [ 948B18AEBDBF85B5A022AE3DD44EF7ED, F45AF191367A4EA4CEE8C405A90AF191A70E81FE81B433528D293C8C04BFA72F ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
19:51:08.0370 0x0e2c UASPStor - ok
19:51:08.0402 0x0e2c [ 4CFC014F7268E18414D115D2915E7636, FE783E47F63494F15A13309DAB7F8E702E594ADC53E5E34CFD705EC065F31A10 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
19:51:08.0433 0x0e2c UcmCx0101 - ok
19:51:08.0464 0x0e2c [ C6ABD73AA3C86F3252E476FD34FC4D66, 98B1A2BD72021FD3CE338C253FFEC5DEBB333A265822663A17E85DD67E9790CE ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
19:51:08.0511 0x0e2c UcmTcpciCx0101 - ok
19:51:08.0527 0x0e2c [ A10EF89D243B4A011E4A7618319B5D57, A048B1C4E7695E6E24EF3B0641C89BB908EB7B3D0047602B54740A4DE339AF83 ] UcmUcsiAcpiClient C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys
19:51:08.0558 0x0e2c UcmUcsiAcpiClient - ok
19:51:08.0589 0x0e2c [ 777028ECD134FD8A094F4613475F099B, 52D24A96D10A455816AE3EF3CD2E563B3899DAB336E405D6AE31F3551C17C0C1 ] UcmUcsiCx0101 C:\WINDOWS\system32\Drivers\UcmUcsiCx.sys
19:51:08.0620 0x0e2c UcmUcsiCx0101 - ok
19:51:08.0652 0x0e2c [ D111694A8F376B645A9A24219B67C3B8, C272682D9D99F786C80A7339FDF79F1F826FC364B821F0DEB352690D91B237FE ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
19:51:08.0683 0x0e2c Ucx01000 - ok
19:51:08.0714 0x0e2c [ F920FF63AD376001D8946FA22A8B598D, F2F95F9352CC89CD2E68D9483A82A3F789627A0472DA9DFBCE0E2245B2055D11 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
19:51:08.0745 0x0e2c UdeCx - ok
19:51:08.0777 0x0e2c [ 0D3464F8E1D1CC638DCFBD935CBFDAEC, 16139D1C8CB34C69BAC27A0C8B7597C1AFABBB305216623CBEA601DDEA1A98B2 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
19:51:08.0824 0x0e2c udfs - ok
19:51:08.0870 0x0e2c [ B25FA421FC85C9A3F4AC81587B07A90E, EF3D1C17560DF9D9510A8D7CD639C18D3EBF13CD678440C81E6B3CF56BD1D1A4 ] UEFI C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_4fcaf0fc6eaf7533\UEFI.sys
19:51:08.0902 0x0e2c UEFI - ok
19:51:08.0917 0x0e2c [ A9250ADFC71B9CBEE5BAD97CEE0C1EF0, 35B45E0A506991902C02884485E32EF52C3AF5EAC9170D256BA6F2B027DC30CE ] UevAgentDriver C:\WINDOWS\system32\drivers\UevAgentDriver.sys
19:51:08.0949 0x0e2c UevAgentDriver - ok
19:51:09.0011 0x0e2c [ 00EFFBF5C5E25799A2E5B49CAFDE86F4, EBB1CE157D405F9C681B0013C96997F1659C55040C96638C5C525A3C412DF377 ] UevAgentService C:\WINDOWS\system32\AgentService.exe
19:51:09.0105 0x0e2c UevAgentService - ok
19:51:09.0152 0x0e2c [ 87D5D59B6AAC3ACCB6875D9666825C8E, 31B4ACDAB0B2E8CDB8C94D4F1C7939E6DA1A5495BD1751772B0C4D329B3E1DC0 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
19:51:09.0183 0x0e2c Ufx01000 - ok
19:51:09.0214 0x0e2c [ A872BEA2A958430B9BABE0F5A6259E5A, FB2BA7E4B01F88F5802819F153FBC52B3A417F5B832D94945628F7B08A8D3E5E ] UfxChipidea C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_624eef84faf426d6\UfxChipidea.sys
19:51:09.0245 0x0e2c UfxChipidea - ok
19:51:09.0277 0x0e2c [ 86AD2D2C5AF22D8D13617F512EDA35B9, E021FC587F5CD82F5CBF1B4FD73FE57E50D480317BB4B21637A96D51B097081E ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
19:51:09.0308 0x0e2c ufxsynopsys - ok
19:51:09.0355 0x0e2c [ 6E08E87B46D3227C5AEC05AFD881ED83, D746C6E18AF1C2505F578A882D240E916EA59559F4A6F7591CECDAED160BDAB7 ] umbus C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_e566af5dd9858a0e\umbus.sys
19:51:09.0386 0x0e2c umbus - ok
19:51:09.0417 0x0e2c [ 63C55C0E80F83D63EEB3BF6810DD8387, 72F104ADAC4A5E3137B429F752F72B947D95A246D7F7CA7F53426FFE944F0308 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
19:51:09.0449 0x0e2c UmPass - ok
19:51:09.0480 0x0e2c [ FCA2E3BB6694E23437AD13B7441153E0, F87B2C3BFE080020837D422FA76E7F6808395D1E286EE6AF140E4701429BFB33 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
19:51:09.0542 0x0e2c UmRdpService - ok
19:51:09.0605 0x0e2c [ CBD797C153711690954BCF807FA3F257, 59262DB1A4751C475E0491122A67DA273144192F3237B7B2A38A71268A75934C ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
19:51:09.0714 0x0e2c UnistoreSvc - ok
19:51:09.0761 0x0e2c [ 0B8D7BF45B74D5E04625130E5E5947D1, E72420BA4E1D05BB4776D53A315F5C410ADD8F1AB9790E87AAB05C09BD60CE84 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:51:09.0824 0x0e2c upnphost - ok
19:51:09.0855 0x0e2c [ 9DCE4606E15FA465DE1AC453F46A85E6, 788C5B0FB8B7B7E041B3EB31C8FE5A909FA64E18EA609564CAFCB1BD52C98D86 ] UrsChipidea C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_86da23c455846f41\urschipidea.sys
19:51:09.0871 0x0e2c UrsChipidea - ok
19:51:09.0902 0x0e2c [ A7BE0A24B7F11060394A3BFAE21C783F, 159E8ED944B7C3243AFC07BD85A36F9DA7DE6FBE66C2F3DA75D25C531663075B ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
19:51:09.0917 0x0e2c UrsCx01000 - ok
19:51:09.0949 0x0e2c [ F1DE82278E0A027980B598BD70CECD6A, F70027BBFBF71CCF06B733A64946F4526DA28C2DC7934BB9BC9C3DAAB0A8135B ] UrsSynopsys C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_7302ce5d1420ed71\urssynopsys.sys
19:51:09.0964 0x0e2c UrsSynopsys - ok
19:51:09.0996 0x0e2c [ 562ECA2DE937200112EBB2C64367760B, C05C121FD042AF6EE69267B35D4919A0037F3DCF281B51D09ECC04BB4CEB09A9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:51:10.0042 0x0e2c usbaudio - ok
19:51:10.0074 0x0e2c [ 61DFCE1DAB6503BC75032102F150D692, C55F112C42FD7A1ECB03D33C8D8E14AF69F9A7A4312BBBA031E9C5B1EC712FB5 ] usbaudio2 C:\WINDOWS\System32\drivers\usbaudio2.sys
19:51:10.0121 0x0e2c usbaudio2 - ok
19:51:10.0152 0x0e2c [ C0D4CF042ED378CF1E5E26EE1B4D9168, 004F9C17B034FE51A679DB6B4C0B5978024FCAB2848522DCB826D76006F6A741 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
19:51:10.0183 0x0e2c usbccgp - ok
19:51:10.0199 0x0e2c [ 4A2A90FC52DD031BD5135BF2B6F95CDD, D15010BCC02CF48C63612F32E0F166311D713F2103B58224B87E1583AA25630C ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
19:51:10.0246 0x0e2c usbcir - ok
19:51:10.0261 0x0e2c [ A1EFF2E07889DB46C82520238D8225EF, 092B52141612B6643A744DF11BD45EEA846130B4251BA75E7016231B5DF45D11 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
19:51:10.0292 0x0e2c usbehci - ok
19:51:10.0339 0x0e2c [ F6656FC6BA03CD046F5F82D968F02CC0, 7D1605BE823DC0DC1EA9D330455BF18ED4A4AF993508EB2C38A7C137CCF643A5 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
19:51:10.0386 0x0e2c usbhub - ok
19:51:10.0433 0x0e2c [ 44CB7E1A792E70E35EA9AAB48BC0F614, C45AA7C3D562FC12D003C52CDBAF8798CA35F01078CBB1354432727891480C76 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
19:51:10.0480 0x0e2c USBHUB3 - ok
19:51:10.0511 0x0e2c [ A6FF43DEE42EF4B160976D8A3BCA2143, 3C06B624B3498DE9D9C7B5A139838E11179C413B2AFB5FCC04864AD190711A57 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
19:51:10.0542 0x0e2c usbohci - ok
19:51:10.0558 0x0e2c [ 11724C8F4354F87EC7F96CBCBD18A612, 0807A61EF7D56D5E208957F189D4A75E86DFB6A33FCBEEE46CCB93BB3602332A ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
19:51:10.0605 0x0e2c usbprint - ok
19:51:10.0621 0x0e2c [ 8172D604CD15280B4E1FEBE6557EF958, 1932C51C3FBB4690D00B5C2B7998CAC08A93173E563AFEC822085A55F545B44E ] usbscan C:\WINDOWS\System32\drivers\usbscan.sys
19:51:10.0652 0x0e2c usbscan - ok
19:51:10.0683 0x0e2c [ 55CFD737A673108074914ED21F44CC0D, 4BB52E2C4DE005865BF5D1C31F2E25DAE4CB53B14A1EFF23589FA4E620DE50DF ] usbser C:\WINDOWS\System32\drivers\usbser.sys
19:51:10.0714 0x0e2c usbser - ok
19:51:10.0746 0x0e2c [ D575E148B38E2226E1DA27D0206B1006, D171BF1DF8E3DCB1C5E84F29142BF738382E2B457E48FC5A295A401F07E7FA7C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:51:10.0777 0x0e2c USBSTOR - ok
19:51:10.0792 0x0e2c [ 194091B0D8079A66B64A017B3E3965C1, FE83A1B7A4CA5D37AED4552A41AC4DE618275AC6B0A438604F05ABA3B4D8178E ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
19:51:10.0824 0x0e2c usbuhci - ok
19:51:10.0871 0x0e2c [ B494E4862DC4BC53C58053A38DFC03A9, 73CB92A591D0BED5DDB1D9CDFFAE248CCAD27A5D58F84F30EF739A206839391C ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
19:51:10.0902 0x0e2c usbvideo - ok
19:51:10.0949 0x0e2c [ FE2D1A0B8601CEF7A517D347D0006A77, E3522BB7E0B4EB76E5473A5A398B70B7247CFDD433136EAA31B8414DED3D9607 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:51:10.0996 0x0e2c USBXHCI - ok
19:51:11.0074 0x0e2c [ 055E28C4ABEAF286F93DFA6D1BBE2F9D, D3E96259BAFC11814CF4E868A6E45C62A13E63218E6A38EEDD9F89E1E8672A11 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
19:51:11.0183 0x0e2c UserDataSvc - ok
19:51:11.0277 0x0e2c [ 22C9360B75E56B46C2A2FEED9721D551, 5C67ED0B782060E60ED9714B7B59656654F74041F344F7CBBC8F016657CAA8A0 ] UserManager C:\WINDOWS\System32\usermgr.dll
19:51:11.0386 0x0e2c UserManager - ok
19:51:11.0433 0x0e2c [ 0DDBD7B88DEA50516E398D67E0D1850A, FFD40437869D45317D8546DEE8850821F1F21435BE592E44611AF4B4CA755611 ] UsoSvc C:\WINDOWS\system32\usosvc.dll
19:51:11.0496 0x0e2c UsoSvc - ok
19:51:11.0542 0x0e2c [ DA482A04D8A194EF5041F0090A774A17, B8111D10F9E33264ACA11B1AA97263F9721163D1F71A23E68F80D4CAA50C4245 ] VacSvc C:\WINDOWS\System32\vac.dll
19:51:11.0589 0x0e2c VacSvc - ok
19:51:11.0605 0x0e2c [ 5373E4594A071FE6031AD481CD23E910, FEA3F1F82AC2109B5ABD187D7A8C1688D99DC356F9F40DC904AC0B524F28B428 ] VaultSvc C:\WINDOWS\system32\lsass.exe
19:51:11.0636 0x0e2c VaultSvc - ok
19:51:11.0652 0x0e2c [ F8B7332117B5D5944945FA9EDEB6E2FA, C419D3D50DE9B485F01278B044432CC1B326FD3A44CFBF3DF4E7780F483298AB ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
19:51:11.0683 0x0e2c vdrvroot - ok
19:51:11.0730 0x0e2c [ 774339D0AC38E93E136329C586749A9E, DFB0F5C163B45F769BE1F0DBF51254B67BFE191E37B049628A659381B445983A ] vds C:\WINDOWS\System32\vds.exe
19:51:11.0808 0x0e2c vds - ok
19:51:11.0839 0x0e2c [ 0DAEB3C122959420D6CC0EEBE4AAA301, B5CFC19968473A3618174E04B7B4EA9844A2C4E5B1BA91C88D96599EC85EB801 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
19:51:11.0871 0x0e2c VerifierExt - ok
19:51:11.0933 0x0e2c [ F6404F06FE8AF1F1C3D9A05D140A20D9, 52338EE4C304F26E32049F6770BDFB51D91C93D80FB510333BFD64776974CB60 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
19:51:11.0980 0x0e2c vhdmp - ok
19:51:12.0011 0x0e2c [ 7D2E55D69166E5ADD2E85E4D91B106EA, 37A58CE570C3B3F46F02B5582F335073107A417947A03335370BC4B760F3E193 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
19:51:12.0043 0x0e2c vhf - ok
19:51:12.0074 0x0e2c [ DE1BB09C09710E504D925E166A0C3BAF, AE345C9BB21BF1DBAB7F976C86E8F1B9915F4EFE58D97A19AD0234CE88BB25AF ] Vid C:\WINDOWS\System32\drivers\Vid.sys
19:51:12.0136 0x0e2c Vid - ok
19:51:12.0168 0x0e2c [ A633771179DBB2B3D0648F58B15BDC87, 970FCD0B1B5AAFACE46379578BB7F61CE9AEEFABB02526F70073BBF16788B5D2 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
19:51:12.0199 0x0e2c vmbus - ok
19:51:12.0230 0x0e2c [ 0D36DA7B9053AA928EBB0A791FA9AD98, D85A0613E5CF27C90A6248D4606DA61AC4F2A293F37A0814845619476EFFAF11 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
19:51:12.0246 0x0e2c VMBusHID - ok
19:51:12.0261 0x0e2c [ 32480E0760E0C3D21964CE3992001D5F, 135AE6162F52A314CB99F4A13DF78BE371280FAAC7EF85CD9B8D806460B7FA79 ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
19:51:12.0293 0x0e2c vmgid - ok
19:51:12.0324 0x0e2c [ C6F988A12AE96C5A553E69A19921D2B3, E5E13F6F07A0FC9FD7823BB3AA29226A7E132173E68D0E252D180AED28ED1F3C ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
19:51:12.0371 0x0e2c vmicguestinterface - ok
19:51:12.0386 0x0e2c [ C6F988A12AE96C5A553E69A19921D2B3, E5E13F6F07A0FC9FD7823BB3AA29226A7E132173E68D0E252D180AED28ED1F3C ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
19:51:12.0433 0x0e2c vmicheartbeat - ok
19:51:12.0449 0x0e2c [ C6F988A12AE96C5A553E69A19921D2B3, E5E13F6F07A0FC9FD7823BB3AA29226A7E132173E68D0E252D180AED28ED1F3C ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
19:51:12.0496 0x0e2c vmickvpexchange - ok
19:51:12.0527 0x0e2c [ E8D33D1EA66CF460A204007DFF2CC1D8, 40A57D316D6AEA01C3FD3C1E8CF0838F5047F05A885663F1F39316115F5E8FDC ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
19:51:12.0574 0x0e2c vmicrdv - ok
19:51:12.0605 0x0e2c [ C6F988A12AE96C5A553E69A19921D2B3, E5E13F6F07A0FC9FD7823BB3AA29226A7E132173E68D0E252D180AED28ED1F3C ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
19:51:12.0652 0x0e2c vmicshutdown - ok
19:51:12.0668 0x0e2c [ C6F988A12AE96C5A553E69A19921D2B3, E5E13F6F07A0FC9FD7823BB3AA29226A7E132173E68D0E252D180AED28ED1F3C ] vmictimesync C:\WINDOWS\System32\icsvc.dll
19:51:12.0714 0x0e2c vmictimesync - ok
19:51:12.0746 0x0e2c [ C6F988A12AE96C5A553E69A19921D2B3, E5E13F6F07A0FC9FD7823BB3AA29226A7E132173E68D0E252D180AED28ED1F3C ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
19:51:12.0777 0x0e2c vmicvmsession - ok
19:51:12.0808 0x0e2c [ E8D33D1EA66CF460A204007DFF2CC1D8, 40A57D316D6AEA01C3FD3C1E8CF0838F5047F05A885663F1F39316115F5E8FDC ] vmicvss C:\WINDOWS\System32\icsvcext.dll
19:51:12.0855 0x0e2c vmicvss - ok
19:51:12.0886 0x0e2c [ D34DF0FBC30CCA97CAC3ABCCC11D452B, 5EEFFCAC72F560337A9680E562E0C4D9E43C92F9067F6BB3C9AE6F8F8FB712AE ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
19:51:12.0902 0x0e2c volmgr - ok
19:51:12.0949 0x0e2c [ 1594BC85AE1FA9C8ECD069BAE21B968C, 26D222B3CC2DA1F1F3BE63B65C57B6DD254B141CA99D34DBD4A35E40209B2EB7 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
19:51:12.0980 0x0e2c volmgrx - ok
19:51:13.0011 0x0e2c [ 7764E62EF94DDA90E87309E739F6970E, 093805ECD89C4BAB5EA225786FCE80246F24D5B2DB5E3F04CA6C47F8AA78D327 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
19:51:13.0058 0x0e2c volsnap - ok
19:51:13.0089 0x0e2c [ 48AC7024857127BF09088853DB43FF93, 998E1134F40472DA39DD53FC9FA2EED9309606ACD34BBBF237E50C6DA11DE881 ] volume C:\WINDOWS\system32\drivers\volume.sys
19:51:13.0121 0x0e2c volume - ok
19:51:13.0136 0x0e2c [ CF1C674D2149ECCDF3C93EECA1EA2F61, 1F9CE82225402E4BD0A0E1167F039B805036FB87CD8D16A2DDE44A8A8FCD2045 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
19:51:13.0168 0x0e2c vpci - ok
19:51:13.0199 0x0e2c [ 942B73A77ACB3099384A0754814EA9D9, 3FB26A47A3326B932254ACCCDA06C158BBF39C301051108084A7AC913DE03827 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
19:51:13.0230 0x0e2c vsmraid - ok
19:51:13.0308 0x0e2c [ 56EEED2715BE913919B95495B8DEF59E, D6A4F3A7E42D204B6050EC0C00C8F47326AF1274B7BD4F05EB9981A9C721B064 ] VSS C:\WINDOWS\system32\vssvc.exe
19:51:13.0418 0x0e2c VSS - ok
19:51:13.0449 0x0e2c [ A6CEC1A878536F3D5C82CFDF6E4CFCB9, A569744957E492042994C6F1312C8F4EC2F20A559BD8938A6A09C15230DEBBDC ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
19:51:13.0496 0x0e2c VSTXRAID - ok
19:51:13.0511 0x0e2c [ C347534CE40DB6D4878447302129BC73, 511747AD4C6FF8C2B568CD8AAEF1E49D67DABFCD8D639786F683DA338E8DD837 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
19:51:13.0543 0x0e2c vwifibus - ok
19:51:13.0574 0x0e2c [ 489782EABA27384E116243E60EFFEEE7, 510E97FAE86E9B0162E74D93A5F4ECDDAA9EFC5534AD755327B1402BFC9EEDFB ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
19:51:13.0605 0x0e2c vwififlt - ok
19:51:13.0636 0x0e2c [ 085766D55201E4C5C431D2F008676F37, 2850F1258AE3E1FA14399F100965E5A6474197A44277E246DAA8D8F409A93ECC ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
19:51:13.0668 0x0e2c vwifimp - ok
19:51:13.0699 0x0e2c [ 600A2AF8A6358F31962DDFEDA8883049, 7E4D5F180C090D665C03299E04FF2CB88D95BEDD253EDE139E2DF7B80D25C1AA ] W32Time C:\WINDOWS\system32\w32time.dll
19:51:13.0777 0x0e2c W32Time - ok
19:51:13.0808 0x0e2c [ C74D042561FBD7DCEF5630F6AE562142, 35EC5EAA6B9191B9F239E40792E68103BC437A1C8BE3FCB805492F8623E3813E ] WaaSMedicSvc C:\WINDOWS\System32\WaaSMedicSvc.dll
19:51:13.0871 0x0e2c WaaSMedicSvc - ok
19:51:13.0886 0x0e2c [ 0F428BDADB31C63BEC85FE65577BD84B, D0467601837108726E499EC59F1F1B3E386C7C41ACE49288B3E52BEB8F57EE29 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
19:51:13.0933 0x0e2c WacomPen - ok
19:51:13.0965 0x0e2c [ 9CC317CC44E44AA0EB91E2E221F41582, B518B0725F6F83748D7DDB867D364221E5624E964C3B867F8CC22B4E97EB2B71 ] WalletService C:\WINDOWS\system32\WalletService.dll
19:51:14.0027 0x0e2c WalletService - ok
19:51:14.0043 0x0e2c [ 3AE20E182DB3711397912409544FE10D, 87F540CB3083344644AFCB981D3F1BCF47F2CEAFB376257152A33E9965DE48F0 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:51:14.0090 0x0e2c wanarp - ok
19:51:14.0105 0x0e2c [ 3AE20E182DB3711397912409544FE10D, 87F540CB3083344644AFCB981D3F1BCF47F2CEAFB376257152A33E9965DE48F0 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:51:14.0152 0x0e2c wanarpv6 - ok
19:51:14.0168 0x0e2c [ FA45D9FF48626207024305DADAD40AAB, 79B388312F9B143DA75F7972EEAD2627329C9ACB49DF07307102A4BC3A111FEB ] WarpJITSvc C:\WINDOWS\System32\Windows.WARP.JITService.dll
19:51:14.0215 0x0e2c WarpJITSvc - ok
19:51:14.0293 0x0e2c [ 3CE9117504EF2DCF8B267180F5DBBA0E, 7AFB429F799714F4BFFB9E081F7E5FF45C4DC2756518FC4453C31A95DA45A57E ] wbengine C:\WINDOWS\system32\wbengine.exe
19:51:14.0418 0x0e2c wbengine - ok
19:51:14.0480 0x0e2c [ E939CA954A1EDA2CA679743949E0C668, F1A0BD26D0CFC12F8ECE0E718DF5AC1516BAB59F605149194A4DFB856FA82406 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
19:51:14.0574 0x0e2c WbioSrvc - ok
19:51:14.0605 0x0e2c [ A81917DE3C9CB2E8FD8B2981961E117E, 0967DDC0619AE26197D96DFACCBF997D2B4F9CA33BCF828D53534A4581B7AD8A ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
19:51:14.0636 0x0e2c wcifs - ok
19:51:14.0699 0x0e2c [ FAF061E44ED7721E5B6F9817B7E1F7A8, 0B4724C4CDCD2BD6A4A27FD971AB3C951B623E4FCF2457867ADEAB8046C640D8 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
19:51:14.0793 0x0e2c Wcmsvc - ok
19:51:14.0824 0x0e2c [ 7CEAE2332C6036D25E01A2F61C16824C, 011F017A0A5081D07A2B5B6D012B1BDECBEAF73EF1BC7CC533ACBFC2E94C1EFD ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
19:51:14.0886 0x0e2c wcncsvc - ok
19:51:14.0918 0x0e2c [ B6F93B8B921662E81F9BA6A2AD014F86, EBEF2198FD97B405C9AB92F9FCD4478BF09B83BCF0B8C0BFEE76FA80AE4EB642 ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
19:51:14.0949 0x0e2c wcnfs - ok
19:51:14.0980 0x0e2c [ 940D6DBF479EE8E9295141A78A8EEB0E, 8CF8F5DC38962ED4FC9EE6325CB995452432F1691C67FB6EFDE723F2BEE8A28D ] WdBoot C:\WINDOWS\system32\drivers\wd\WdBoot.sys
19:51:14.0996 0x0e2c WdBoot - ok
19:51:15.0058 0x0e2c [ CB03F0100C62E6D60F70A54B1153D9E6, 081F3DB2793981C240F22C4D3BCD23EC0CD1A357CF0E8714C0E78E7CDA2731F6 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
19:51:15.0121 0x0e2c Wdf01000 - ok
19:51:15.0152 0x0e2c [ B16484A01B3F1C0380573DD6615D4DEC, 5E1309967C897A8E900629E02F9B4DE370D4CCD4C1E2FFDD86339263053AC71A ] WdFilter C:\WINDOWS\system32\drivers\wd\WdFilter.sys
19:51:15.0199 0x0e2c WdFilter - ok
19:51:15.0230 0x0e2c [ AA843CF3C016B79340C6FDACDA20D75D, 1BC8F5BBE7BCBB194406D74FD0EABE763F2F7BBBF6CBC81300355050AB44B675 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
19:51:15.0277 0x0e2c WdiServiceHost - ok
19:51:15.0293 0x0e2c [ AA843CF3C016B79340C6FDACDA20D75D, 1BC8F5BBE7BCBB194406D74FD0EABE763F2F7BBBF6CBC81300355050AB44B675 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
19:51:15.0340 0x0e2c WdiSystemHost - ok
19:51:15.0387 0x0e2c [ A09400A803B10A64422D8F9A6520D3A6, EE7A827E1F073CD6C8DD903DDFCB77DEDFB00629F789645378826EE95AFA7802 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
19:51:15.0465 0x0e2c wdiwifi - ok
19:51:15.0496 0x0e2c [ 35ED849BBAD731509E4E8D3A015CE5FA, 087494CA0B94BACB61B5EC7E5295FCB733EE47328A6A69D5942BF1324D50C499 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
19:51:15.0527 0x0e2c WdmCompanionFilter - ok
19:51:15.0543 0x0e2c [ 6D789C6D540000F19158A2A4711C06E0, F1680DCD193F5863D9319F6B1E6311BE2660987AB1169C9CA63CA43727112DF7 ] WdNisDrv C:\WINDOWS\system32\drivers\wd\WdNisDrv.sys
19:51:15.0574 0x0e2c WdNisDrv - ok
19:51:15.0683 0x0e2c [ A0DF3E9AAF3E0B8453CC3065A6B4F8E2, 8B0BBEFD3ECD78A89A912126732B21901A82F1A378451F9F1C12BDD075BBD5BD ] WdNisSvc C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe
19:51:15.0824 0x0e2c WdNisSvc - ok
19:51:15.0855 0x0e2c [ 96F813A401A00A1C0477C0738DE64E3A, CF869EC31169D18697FADF82DE1F3E30C99A5870686F0C9CAA7591B3832800AD ] WebClient C:\WINDOWS\System32\webclnt.dll
19:51:15.0918 0x0e2c WebClient - ok
19:51:15.0949 0x0e2c [ D3AEC72ADB0661DCFADDF28407A7D2C6, 1D1FCB5D6B7F645A9BD12B6EC0E5D29BB7C412D7B442D1CDBF81D2618A0DB8FF ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
19:51:15.0996 0x0e2c Wecsvc - ok
19:51:16.0027 0x0e2c [ FAF9800B056767E9F525C143C90F4F9E, 16F3DFA02E227B157A64141D95B6DFE4C8F57D017430BF2D9F3466403AFBB8EA ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
19:51:16.0074 0x0e2c WEPHOSTSVC - ok
19:51:16.0090 0x0e2c [ 9F06511B26CEA7B0A5911BA68E9F9089, 2E3B063985180AA8970B8E222A7C79348848BD305CFC1039DAE9F48B3E6F28AD ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
19:51:16.0152 0x0e2c wercplsupport - ok
19:51:16.0183 0x0e2c [ 22531E166056685CDDD67BA5A3662DF6, C3265F21CC2819C853FAE8CD038E0A1E8579A3EC8B35FA312AD27ED066D86A5F ] WerSvc C:\WINDOWS\System32\WerSvc.dll
19:51:16.0230 0x0e2c WerSvc - ok
19:51:16.0277 0x0e2c [ 5FB0717636A54C5C37082E79A6605902, 389B657CB93645CB2DEC3C576204EAAF284CD95956985E3278396D1D022972D7 ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll
19:51:16.0355 0x0e2c WFDSConMgrSvc - ok
19:51:16.0387 0x0e2c [ 691774522B340223EC70CB0ECD218FC9, DB1993E04D68357E727E32357CFF1415B21EBE9D7DCB04D9FB54FFE2F6A750A8 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
19:51:16.0418 0x0e2c WFPLWFS - ok
19:51:16.0449 0x0e2c [ 80E78DC57CAA8A8E52C7EA7E744E9A71, 90B7AF4E1E85686509F1E0DC40890703F765FC8312B6F6247C8184971779A70E ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
19:51:16.0496 0x0e2c WiaRpc - ok
19:51:16.0527 0x0e2c [ 5EFC1312EF40814D8F3AE9A6F8A21D8A, 8E93137FDEC76CD202242A6A2950286AF49345BAEA8F4E737BCAB133E447F38B ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
19:51:16.0543 0x0e2c WIMMount - ok
19:51:16.0574 0x0e2c [ D454A99D57B443CA7EDC229C9532B09C, FCFB070FE80F1A97DC45DEBE9CB12E0C78182A6C6700A4734577AE1735B39E1A ] WinDefend C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe
19:51:16.0605 0x0e2c WinDefend - ok
19:51:16.0652 0x0e2c [ 9FCCEAAF76F60F712C2DCEE6FC0B07A2, F4AE6C93FD8BE874ED6A5EC28DE4F74DC2ABA41010F0AEB248500FC0078F8606 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
19:51:16.0683 0x0e2c WindowsTrustedRT - ok
19:51:16.0715 0x0e2c [ C696815C9B8DD3F40454A949E30ECA0B, 85F15CA27389CC78701FBBCC974C3F8DF8D6F34CF3A717C9960D2621011C002C ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
19:51:16.0730 0x0e2c WindowsTrustedRTProxy - ok
19:51:16.0793 0x0e2c [ 47F6BDF5EA61507053EE2698116E74CA, BFF0846B3797A38D44B0FFAFDBFC4F822D56E519A0DA0090C443587F0FFF1971 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:51:16.0871 0x0e2c WinHttpAutoProxySvc - ok
19:51:16.0902 0x0e2c [ 9B3BD21B1FF32B20EE30FA4332D3AB6C, CDC5921946F9AD6EFBDFA09ECE90D4E4784BB77F0C5B170A3F1A6F7A29509ABD ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
19:51:16.0933 0x0e2c WinMad - ok
19:51:16.0965 0x0e2c [ B2000A125AE4F565D32364D3A2D5B3C5, BBF002AF622ECF0B468647FC9B3B68234A86B5937C70D0B0143488CD1BA89207 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:51:17.0012 0x0e2c Winmgmt - ok
19:51:17.0043 0x0e2c [ CB423A4BDA3F82893BDD4A660DB08D4A, 03FD6012C0F5EB5F39BA62DA145E121E1ED7A80D0F3E26F2924F6078554AAB28 ] WinNat C:\WINDOWS\system32\drivers\winnat.sys
19:51:17.0090 0x0e2c WinNat - ok
19:51:17.0121 0x0e2c [ 99737333A5493750CC4CBB8C2BD323BB, 8EA82295AB6C02F03E4A969C152FF0347D1561D191644998CA9E9F0039820715 ] WinQuic C:\WINDOWS\system32\drivers\winquic.sys
19:51:17.0152 0x0e2c WinQuic - ok
19:51:17.0277 0x0e2c [ CF0FDBC12BE18ADEA709F335C390C263, 890AA055DE3291A5DE31636F00C70473A8A1A184B77ECF27AAEFDCACA1647B90 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
19:51:17.0480 0x0e2c WinRM - ok
19:51:17.0543 0x0e2c [ 7C8733775E291E3211F918A30B425742, EF4DC11990E88B19C8BB565B8E67CE9A146D69A4779D859474BA1EFFAC993280 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
19:51:17.0574 0x0e2c WINUSB - ok
19:51:17.0590 0x0e2c [ D130D6ED19268A74D6587C0D134B59EB, CBF4BE2A0789B3DE473CBE8EBC90A559826D642B503CFD26D1CEA8AAB33433E3 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
19:51:17.0637 0x0e2c WinVerbs - ok
19:51:17.0684 0x0e2c [ 01EC79C5B9096A8262478D693DA67C56, 82C905F152CB5ABF68C5EA20998208F0A9260CDBC95E9868C6E278B63B6DFB70 ] wisvc C:\WINDOWS\system32\flightsettings.dll
19:51:17.0762 0x0e2c wisvc - ok
19:51:17.0887 0x0e2c [ 85ACCD30E60802CB3ED02C4E7784F2FB, 557EB91D7205F63B2026422346847F0480D25AA76DDA8046E04780D11DDF8CD1 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
19:51:18.0059 0x0e2c WlanSvc - ok
19:51:18.0168 0x0e2c [ 6803E9CDBD383C6EBEDE758A9E3A26ED, 1FC0037B3A47E19A42D727B454CBC33399ADF9DFB20A2F0A07265C7907BD5BA9 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
19:51:18.0324 0x0e2c wlidsvc - ok
19:51:18.0387 0x0e2c [ 06122A4C8860167431FB9D66CCC93D18, CBB2004CA69FA5B4069B75206D8A70EDFCDB57F955B8B07800EBA800E91ACBBB ] wlpasvc C:\WINDOWS\System32\lpasvc.dll
19:51:18.0496 0x0e2c wlpasvc - ok
19:51:18.0559 0x0e2c [ 665F60B8F11C102CCCD61AA21F75B99E, C454EA9D1E043D5A13DCCC7D221C9E62BD626C82F97C813B219997246360A927 ] WManSvc C:\WINDOWS\system32\Windows.Management.Service.dll
19:51:18.0652 0x0e2c WManSvc - ok
19:51:18.0684 0x0e2c [ B4ABE535AB99C02E3678AA1ED5EC56B2, FC9A55CD935488CC0826E0A28C4D2EAB52C87C88D15B4D542A70BD3EDB355966 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
19:51:18.0715 0x0e2c WmiAcpi - ok
19:51:18.0762 0x0e2c [ 55E21DFB7EC2394903E5CA62FDCA21E6, 55C2021F06D28696843672FF90E242C33C4CF6D30CDF0B2D9DCF07D8282CFC19 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:51:18.0809 0x0e2c wmiApSrv - ok
19:51:18.0824 0x0e2c WMPNetworkSvc - ok
19:51:18.0855 0x0e2c [ 154B0EB14C2BE06F162E37897DD2782F, EACEA5E6DAC43CDBD6A8B36FD8BF322354042FEB9B5CF31E9858674E3179C2C6 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
19:51:18.0887 0x0e2c Wof - ok
19:51:18.0996 0x0e2c [ BB9E424C8ED4E44D8D40BDE1769CD812, 14DCC08870D891799BA4A0A695C894E388A130E576C71F9AB26055DA083B647A ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
19:51:19.0121 0x0e2c workfolderssvc - ok
19:51:19.0215 0x0e2c [ 7245075F97A8E4113AE93061CBA913C8, ED6B375FFC50E27C4DB81DB12EE46256F19FDB25121B6FE202045DE3827AE8B1 ] WpcMonSvc C:\WINDOWS\System32\WpcDesktopMonSvc.dll
19:51:19.0371 0x0e2c WpcMonSvc - ok
19:51:19.0402 0x0e2c [ A43EF2A9B957EC0B74721E262BB571B3, 324DDCCEDD14FA34C33A8E46557B5A6678252D4F8A98A3B9A6D5B6C0DFE24A22 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
19:51:19.0449 0x0e2c WPDBusEnum - ok
19:51:19.0465 0x0e2c [ 58CD56BD6647BCAD784D9EB172D3132B, 7343D35C3883B44575BAFABD15EF057172393C3A952AD1E26C9F4636BDE0F254 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:51:19.0496 0x0e2c WpdUpFltr - ok
19:51:19.0527 0x0e2c [ BDA70C51546F93798D278B7F8277DDE5, 7EB6811643D72AB058A289A2AB74FA7669FBE5904607D2F7F0BB0FAEF6345637 ] WpnService C:\WINDOWS\system32\WpnService.dll
19:51:19.0590 0x0e2c WpnService - ok
19:51:19.0606 0x0e2c [ BB8BD3130F8F91C06EE0C71C5C2817A7, 5285D0A1C0B431199AEA64B6F28F53765A82E84F1BB02CA8A1AFDFDD3E60BEE8 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
19:51:19.0652 0x0e2c WpnUserService - ok
19:51:19.0684 0x0e2c [ F4754B705332FFB21375D11EDD0E063E, D9CDD8FD3D9EB4840A1AA34A3D3DADBF0DD18C56E0BC1E1973751AA594AA3AC3 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:51:19.0731 0x0e2c ws2ifsl - ok
19:51:19.0762 0x0e2c [ 31320670CC3C89B2504FCAC12D42801E, 0B20A7911DC384A473CF49E22E57DDD445740E7593D91319B6426DE5053DB8A8 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
19:51:19.0809 0x0e2c wscsvc - ok
19:51:19.0824 0x0e2c WSearch - ok
19:51:19.0981 0x0e2c [ 0CF94063C7D16D8D24CFA1F59605D973, B30DEA625FD7D7E9966A39142D052747D5CCB12FBE9E1AA783BB4AE2764718E5 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
19:51:20.0184 0x0e2c wuauserv - ok
19:51:20.0231 0x0e2c [ 28F033782B14D59DDBCA1E2FAE674B8A, 409E9B4F53BEC370AEB7D104FE929CD1DBA60C2AC83A4823FA82C67CED2BEC32 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
19:51:20.0262 0x0e2c WudfPf - ok
19:51:20.0293 0x0e2c [ C339B551B1233A139AFD73C9DD8B50EC, 1921C9B41516E3028E707D03077EC59080BA88CA596508E14CC3A7A10910DDAC ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
19:51:20.0340 0x0e2c WUDFRd - ok
19:51:20.0434 0x0e2c [ 946FC3376717A04D27E2E7AEFEB70FD6, E31980FBC0529125AD12E3EDEE9D5ADD950988B78A92E78278125F2B155B7FFE ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
19:51:20.0559 0x0e2c WwanSvc - ok
19:51:20.0637 0x0e2c [ 5A185AD39FBA3409D7AD7DDCDA29DBA0, 18B67F1B06B8A0626B04721FC88C79875713072EF354F67DEA4090BAC77903B7 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
19:51:20.0731 0x0e2c XblAuthManager - ok
19:51:20.0793 0x0e2c [ FE4258DE4D72D261CAFEA34BB218669B, 5636F37842D2D985C8C08847A397F68509BEA564F31D8F30A3B745C737E46ED0 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
19:51:20.0918 0x0e2c XblGameSave - ok
19:51:20.0949 0x0e2c [ 4AE88F34EC064A630B015F43DE8E7D36, 902190E6ACB3E4D04EBE43BA7BEFD66AC22C7A6401C93B6462B732D1242916F6 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
19:51:20.0996 0x0e2c xboxgip - ok
19:51:21.0028 0x0e2c [ C7135FB498E924FD4F93A35B206D1256, 5B98528040BCBB9CC9BC1BEF54919C4435D4587A4A0CA5C9EF666E06C6CAA274 ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll
19:51:21.0074 0x0e2c XboxGipSvc - ok
19:51:21.0137 0x0e2c [ 5A495E793B14CCD532182BFEF1D06207, D8B54268281F49F868A422700F974F4456E435795279A02095E0A5567DF90D4D ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
19:51:21.0246 0x0e2c XboxNetApiSvc - ok
19:51:21.0262 0x0e2c [ 609C593072D907A0542A824722FDCD40, 8F19FBB89ED471B8E101AAA4002EBA5202055BA774D612599719C3EB8EC10400 ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
19:51:21.0309 0x0e2c xinputhid - ok
19:51:21.0324 0x0e2c ================ Scan global ===============================
19:51:21.0340 0x0e2c [ B21455B8FF82C98410E1ECDCDC50A67E, 2518696AA3CD15AA0C324A008A87680555911B73DC0DAB6BB5C25230B1F97FD9 ] C:\WINDOWS\system32\basesrv.dll
19:51:21.0356 0x0e2c [ 5D7E5826FF94D08CE87B197B0E99DDB4, FCA2A1651C8E8ED34E322BFE8D872A8FDE4C2CEC5545DD8EA2E2ADF7D13F3B2A ] C:\WINDOWS\system32\winsrv.dll
19:51:21.0387 0x0e2c [ 41993C8E7B59A1BF027895DF4B98618A, 931491CEC18F0AAC10154241556FDE1CB8FFCA5E41BBB2AA94C644E7C7510FCA ] C:\WINDOWS\system32\sxssrv.dll
19:51:21.0418 0x0e2c [ 2BD115A27B60B74BBEB31013519AC199, 1B6FFE1F5480675FC618B42247EF49A1C60CA99D2D53271B3472557E3BEA2E8A ] C:\WINDOWS\system32\services.exe
19:51:21.0449 0x0e2c [ Global ] - ok
19:51:21.0449 0x0e2c ================ Scan MBR ==================================
19:51:21.0465 0x0e2c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:51:21.0574 0x0e2c \Device\Harddisk0\DR0 - ok
19:51:21.0574 0x0e2c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:51:21.0668 0x0e2c \Device\Harddisk0\DR0 - ok
19:51:21.0684 0x0e2c ================ Scan VBR ==================================
19:51:21.0684 0x0e2c [ E8E2FDEBFEC70E73EC1252D734BD5E2F ] \Device\Harddisk0\DR0\Partition1
19:51:21.0684 0x0e2c \Device\Harddisk0\DR0\Partition1 - ok
19:51:21.0699 0x0e2c [ 885CE8CA09D7202C4A8F56018C6F981A ] \Device\Harddisk0\DR0\Partition2
19:51:21.0699 0x0e2c \Device\Harddisk0\DR0\Partition2 - ok
19:51:21.0715 0x0e2c [ 441797F0EEBC672000E6834F28E40796 ] \Device\Harddisk0\DR0\Partition3
19:51:21.0715 0x0e2c \Device\Harddisk0\DR0\Partition3 - ok
19:51:21.0731 0x0e2c [ 27EFAE6D7B7F28780AD279F9E085736F ] \Device\Harddisk0\DR0\Partition4
19:51:21.0731 0x0e2c \Device\Harddisk0\DR0\Partition4 - ok
19:51:21.0731 0x0e2c [ E8E2FDEBFEC70E73EC1252D734BD5E2F ] \Device\Harddisk0\DR0\Partition1
19:51:21.0731 0x0e2c \Device\Harddisk0\DR0\Partition1 - ok
19:51:21.0746 0x0e2c [ 885CE8CA09D7202C4A8F56018C6F981A ] \Device\Harddisk0\DR0\Partition2
19:51:21.0746 0x0e2c \Device\Harddisk0\DR0\Partition2 - ok
19:51:21.0762 0x0e2c [ 441797F0EEBC672000E6834F28E40796 ] \Device\Harddisk0\DR0\Partition3
19:51:21.0762 0x0e2c \Device\Harddisk0\DR0\Partition3 - ok
19:51:21.0778 0x0e2c [ 27EFAE6D7B7F28780AD279F9E085736F ] \Device\Harddisk0\DR0\Partition4
19:51:21.0778 0x0e2c \Device\Harddisk0\DR0\Partition4 - ok
19:51:21.0778 0x0e2c ================ Scan generic autorun ======================
19:51:21.0793 0x0e2c [ 6600341AFD77470FB3468B759FAB3897, 7F2FE5ED8FA26F044DBBB0DB6B633C8FEAA2C683880D5C3842A5927F85A2D3BE ] C:\WINDOWS\system32\SecurityHealthSystray.exe
19:51:21.0840 0x0e2c SecurityHealth - ok
19:51:21.0887 0x0e2c [ C24C6B5E7FB44011F278F38F599879D5, F0296DBB769CA8358F380C3A81BBBD2B668D1128039D5A0BEAE6530C4A4A5007 ] C:\WINDOWS\System32\RtkAudUService64.exe
19:51:21.0949 0x0e2c RtkAudUService - ok
19:51:22.0012 0x0e2c OneDriveSetup - ok
19:51:22.0012 0x0e2c OneDriveSetup - ok
19:51:22.0106 0x0e2c [ 4D3C818EDD6D46CE707F256932041C07, 642C9AD2B0F862567367FC7B8A463252B54F716B32A1F0B10A162C47A0536889 ] C:\Users\Me K\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:51:22.0215 0x0e2c OneDrive - ok
19:51:22.0215 0x0e2c Waiting for KSN requests completion. In queue: 309
19:51:23.0309 0x0e2c AV detected via SS2: Windows Defender, windowsdefender:// ( ), 0x60100 ( disabled : updated )
19:51:23.0309 0x0e2c AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.207 ), 0x61000 ( enabled : updated )
19:51:23.0324 0x0e2c Win FW state via NFP2: enabled ( trusted )
19:51:23.0637 0x0e2c ============================================================
19:51:23.0637 0x0e2c Scan finished
19:51:23.0637 0x0e2c ============================================================
19:51:23.0684 0x08fc Detected object count: 0
19:51:23.0684 0x08fc Actual detected object count: 0

struppigel · Jan 11, 2021

Congratulations, your system is fine.

Regarding Malwarebytes: There are some issues with it starting. I recommend that you uninstall it, and then install it again. Maybe the reset messed some things up here. If you need any help with MalwareBytes, post into their support forums.

You can delete the other tools we have used (FRST, tdsskiller) and the logs they created by dragging them to the recycle bin.

Regarding dotomi: You commonly get this adware/PUP onto your system via installers for legitimate applications that try to trick you into consenting to additional third-party software. That third-party software can be adware, toolbars, browser hijackers or in other ways unwanted.

The trick these installers often use is marked checkbox to install this additional software and then hiding the checkbox. E.g. it can be very small, greyed out, or you have scroll down to find it. Unless you opt-out by removing the checkmark on the checkbox, you will get the additional software. Or they provide a button to opt-out of the additional software but make it barely visible.

Make sure to pay close attention while installing software. Always use the custom install option, otherwise you might not get the opportunity to opt-out of additional software.

Do you have any remaining questions?

struppigel · Jan 15, 2021

This topic seems to be resolved. So I am closing it.

Search

Possible infection

blocTore

New Member

struppigel

Super Moderator

blocTore

New Member

struppigel

Super Moderator

blocTore

New Member

struppigel

Super Moderator

blocTore

New Member

struppigel

Super Moderator

struppigel

Super Moderator

Similar threads