Mi PC se bloquea a menudo

Eliminar Malwares
22

Ok tranquilo @pepeantivirus no pasa nada.

Por aquí te esperamos con los resultados. De todas formas, sigue el tema el compañero @Facundo

Salu2.

1 me gusta
23

Buenas Facundo Te dejo los reports de Malwarebytes Anti-Rootkit, TDSKiller y Malwarebytes. El ordenador parece que va bien. No se ha vuelto a colgar.

Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2021.07.19.04
  rootkit: v2021.07.19.04

Windows 10 x64 NTFS (Safe Mode/Networking)
Internet Explorer 11.789.19041.0
pepe :: DESKTOP-SA6LKLM [administrator]

19/07/2021 19:25:45
mbar-log-2021-07-19 (19-25-45).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 250962
Time elapsed: 1 hour(s), 6 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 11.789.19041.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, F:\ DRIVE_FIXED
CPU speed: 2.592000 GHz
Memory total: 8480731136, free: 6935240704

=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
     07/10/2021 14:37:29
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\cng.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\WppRecorder.sys
\SystemRoot\system32\drivers\SleepStudyHelper.sys
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\system32\drivers\SgrmAgent.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\IntelTA.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\isapnp.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\ucx01000.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\evbda.sys
\SystemRoot\System32\drivers\pcmcia.sys
\SystemRoot\System32\drivers\pciide.sys
\SystemRoot\System32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\intelide.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\sdbus.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\vmbus.sys
\SystemRoot\System32\drivers\NDIS.SYS
\SystemRoot\System32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\hvsocket.sys
\SystemRoot\System32\drivers\vmbkmcl.sys
\SystemRoot\System32\drivers\winhv.sys
\SystemRoot\System32\drivers\vpci.sys
\SystemRoot\System32\drivers\bxvbda.sys
\SystemRoot\System32\drivers\nvraid.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\urscx01000.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorV.sys
\SystemRoot\System32\drivers\vsmraid.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\3ware.sys
\SystemRoot\System32\drivers\amdsata.sys
\SystemRoot\System32\drivers\amdxata.sys
\SystemRoot\System32\drivers\amdsbs.sys
\SystemRoot\System32\drivers\arcsas.sys
\SystemRoot\System32\drivers\ItSas35i.sys
\SystemRoot\System32\drivers\lsi_sas.sys
\SystemRoot\System32\drivers\lsi_sas2i.sys
\SystemRoot\System32\drivers\lsi_sas3i.sys
\SystemRoot\System32\drivers\lsi_sss.sys
\SystemRoot\System32\drivers\megasas.sys
\SystemRoot\System32\drivers\MegaSas2i.sys
\SystemRoot\System32\drivers\megasas35i.sys
\SystemRoot\System32\drivers\megasr.sys
\SystemRoot\System32\drivers\mvumis.sys
\SystemRoot\System32\drivers\nvstor.sys
\SystemRoot\System32\drivers\percsas2i.sys
\SystemRoot\System32\drivers\percsas3i.sys
\SystemRoot\System32\drivers\SiSRaid2.sys
\SystemRoot\System32\drivers\sisraid4.sys
\SystemRoot\System32\drivers\vstxraid.sys
\SystemRoot\System32\drivers\stexstor.sys
\SystemRoot\System32\drivers\cht4sx64.sys
\SystemRoot\System32\drivers\iaStorAVC.sys
\SystemRoot\System32\drivers\atapi.sys
\SystemRoot\System32\drivers\ataport.SYS
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\stornvme.sys
\SystemRoot\System32\drivers\ADP80XX.SYS
\SystemRoot\System32\drivers\HpSAMD.sys
\SystemRoot\System32\drivers\SmartSAMD.sys
\SystemRoot\System32\drivers\nvdimm.sys
\SystemRoot\System32\drivers\EhStorTcgDrv.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\storvsc.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\System32\drivers\vmstorfl.sys
\SystemRoot\System32\drivers\bttflt.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volume.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\System32\drivers\uaspstor.sys
\SystemRoot\System32\drivers\storufs.sys
\SystemRoot\System32\drivers\sdstor.sys
\SystemRoot\System32\drivers\scmbus.sys
\SystemRoot\System32\drivers\sbp2port.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\ramdisk.sys
\SystemRoot\System32\drivers\pmem.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iorate.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_65ab9a260dbf7467\BasicDisplay.sys
\SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_df49c4daa6251397\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\CimFS.SYS
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys
\SystemRoot\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys
\SystemRoot\System32\drivers\CAD.sys
\SystemRoot\system32\Drivers\RtsUer.sys
\SystemRoot\System32\drivers\iaLPSS2i_I2C.sys
\SystemRoot\system32\drivers\SpbCx.sys
\SystemRoot\System32\drivers\TeeDriverW8x64.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\acpipagr.sys
\SystemRoot\System32\drivers\tpm.sys
\SystemRoot\System32\drivers\AsRadioControl.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys
\SystemRoot\System32\drivers\vmulti.sys
\SystemRoot\System32\drivers\mshidkmdf.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\hidi2c.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\system32\DRIVERS\AsusSGDrv.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\drivers\dump_storahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\drivers\condrv.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\6767364A.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2017.10.25.11
  rootkit: v2017.10.14.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffa8892cef2060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffa8892cef18d0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffa8892cef2060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffa8892cced040, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffa8892cce9e10, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffa8892cce8050, DeviceName: \Device\00000037\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 82DD2459

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1024000
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1026048  Numsec = 407470889
    Partition is not bootable
    Partition file system is NTFS

    Partition 2 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 408498176  Numsec = 1101824
    Partition is not bootable
    Partition file system is NTFS

    Partition 3 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 409602048  Numsec = 1543917568
    Partition is not bootable
    Partition file system is NTFS

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
File "C:\Windows\System32\KERNELBASE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\apphelp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\psapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\user32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\win32u.dll" is sparse (flags = 32768)
File "C:\Windows\System32\gdi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\GDI32FULL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MSVCP_WIN.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ucrtbase.dll" is sparse (flags = 32768)
File "C:\Windows\System32\advapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msvcrt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sechost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rpcrt4.dll" is sparse (flags = 32768)
File "C:\Windows\System32\imm32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\shell32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ole32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\combase.dll" is sparse (flags = 32768)
File "C:\Windows\System32\shlwapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wintrust.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ws2_32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\imagehlp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\version.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\userenv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mpr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\comdlg32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netutils.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SHCore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\oleaut32.dll" is sparse (flags = 32768)
File "C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.19041.844_none_89e26e970b35ab92\comctl32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wininet.dll" is sparse (flags = 32768)
File "C:\Windows\System32\IPHLPAPI.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\winmm.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winspool.drv" is sparse (flags = 32768)
File "C:\Windows\System32\sfc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sfc_os.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cryptsp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rsaenh.dll" is sparse (flags = 32768)
File "C:\Windows\System32\bcrypt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CRYPTBASE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BCRYPTPRIMITIVES.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\crypt32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msasn1.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wkscli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cscapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\uxtheme.dll" is sparse (flags = 32768)
File "C:\Windows\System32\iertutil.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sspicli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.STORAGE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wldp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\profapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\KERNEL.APPCORE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\clbcatq.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ONDEMANDCONNROUTEHELPER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\winhttp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mswsock.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nsi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\urlmon.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msctf.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dnsapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ntmarta.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cfgmgr32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\TEXTINPUTFRAMEWORK.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\COREMESSAGING.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\COREUICOMPONENTS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WinTypes.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wtsapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winsta.dll" is sparse (flags = 32768)
File "C:\Windows\System32\propsys.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.STATEREPOSITORYPS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.FILEEXPLORER.COMMON.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\coml2.dll" is sparse (flags = 32768)
File "C:\Windows\System32\linkinfo.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ntshrui.dll" is sparse (flags = 32768)
File "C:\Windows\System32\srvcli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\smss.exe" is sparse (flags = 32768)
File "C:\Windows\System32\csrss.exe" is sparse (flags = 32768)
File "C:\Windows\System32\wininit.exe" is sparse (flags = 32768)
File "C:\Windows\System32\services.exe" is sparse (flags = 32768)
File "C:\Windows\System32\lsass.exe" is sparse (flags = 32768)
File "C:\Windows\System32\winlogon.exe" is sparse (flags = 32768)
File "C:\Windows\System32\svchost.exe" is sparse (flags = 32768)
File "C:\Windows\System32\FONTDRVHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\dwm.exe" is sparse (flags = 32768)
File "C:\Windows\System32\sihost.exe" is sparse (flags = 32768)
File "C:\Windows\explorer.exe" is sparse (flags = 32768)
File "C:\Windows\SYSTEMAPPS\MICROSOFT.WINDOWS.STARTMENUEXPERIENCEHOST_CW5N1H2TXYEWY\STARTMENUEXPERIENCEHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\RUNTIMEBROKER.EXE" is sparse (flags = 32768)
File "C:\Windows\SYSTEMAPPS\MICROSOFT.WINDOWS.SEARCH_CW5N1H2TXYEWY\SEARCHAPP.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\dllhost.exe" is sparse (flags = 32768)
File "C:\Windows\HelpPane.exe" is sparse (flags = 32768)
File "C:\Windows\System32\APPLICATIONFRAMEHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\SYSTEMAPPS\MICROSOFTWINDOWS.CLIENT.CBS_CW5N1H2TXYEWY\InputApp\TEXTINPUTHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\oobe\USEROOBEBROKER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\SMARTSCREEN.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\TEXTSHAPING.DLL" is sparse (flags = 32768)
File "C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_11adecdf30011423\comctl32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWSCODECS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\THUMBCACHE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\POLICYMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MSVCP110_WIN.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\EXPLORERFRAME.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\edputil.dll" is sparse (flags = 32768)
File "C:\Windows\System32\APPRESOLVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\slc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\BCP47LANGS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\sppc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ONECORECOMMONPROXYSTUB.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ONECOREUAPCOMMONPROXYSTUB.DLL" is sparse (flags = 32768)
File "C:\Windows\SysWOW64\cmd.exe" is sparse (flags = 32768)
File "C:\Windows\System32\cmdext.dll" is sparse (flags = 32768)
File "C:\Windows\System32\conhost.exe" is sparse (flags = 32768)
File "C:\Windows\System32\credssp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\userinit.exe" is sparse (flags = 32768)
File "C:\Windows\System32\scecli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msv1_0.dll" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\appid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\AcpiDev.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\1394ohci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpiex.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\flpydisk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mspclock.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\asyncmac.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\amdk8.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpipagr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\isapnp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpitime.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ufx01000.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Ucx01000.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Acx01000.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mrxsmb20.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mpsdrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\afd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\storufs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BthA2dp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidi2c.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\afunix.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sdstor.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ahcache.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\amdppm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\alg.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\IPMIDrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\APPLOCKERFLTR.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\SECURITYHEALTHSERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wcnfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wcifs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\srv2.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\atapi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pciide.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fdc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bindflt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\PktMon.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bowser.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bthenum.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\HYPERVIDEO.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MICROSOFT.BLUETOOTH.LEGACY.LEENUMERATOR.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\portcfg.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BthMini.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bthport.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BTHUSB.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bttflt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BUTTONCONVERTER.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cng.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cdfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\clfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cdrom.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cldflt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mup.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\CmBatt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\condrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\CREDENTIALENROLLMENTMANAGER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dam.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dfsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\disk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\DiagSvcs\DIAGNOSTICSHUB.STANDARDCOLLECTOR.SERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dmvsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\drmkaud.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\serial.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dxgkrnl.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\tcpip.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\EHSTORCLASS.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\EHSTORTCGDRV.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\errdev.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ksthunk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fileinfo.sys" is sparse (flags = 32768)
File "C:\Windows\System32\FXSSVC.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vmstorfl.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ipfltdrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\FILETRACE.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fltMgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\FSDEPENDS.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\STORQOSFLT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fvevol.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndisuio.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MSGPIOCLX.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rasl2tp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mrxsmb.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\HdAudio.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hdaudbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidbatt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidbth.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\HIDINTERRUPT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidspi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidusb.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\http.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\HVSERVICE.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hwpolicy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hyperkbd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndproxy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\i8042prt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pacer.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\INDIRECTKMD.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\intelide.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\intelpep.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vdrvroot.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\UCMUCSICX.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\intelppm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\iorate.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\scfilter.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\msiscsi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\kbdclass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\kbdhid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ksecdd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ksecpkg.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\luafv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\msisadrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mstee.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MbbCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mmcss.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mskssrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wimmount.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\modem.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mspqm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\monitor.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mouclass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mouhid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\msquic.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mountmgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\VSSVC.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MSHIDKMDF.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mssmbios.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MTConfig.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\nwifi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\netbios.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\netvsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndis.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NDISIMPLATFORM.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndistapi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NDISVIRTUALBUS.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndiswan.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NETADAPTERCX.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\netbt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NPSVCTRIG.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\nsiproxy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\parport.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\partmgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pcw.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pdc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pcmcia.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\PEAuth.sys" is sparse (flags = 32768)
File "C:\Windows\System32\PERCEPTIONSIMULATION\PERCEPTIONSIMULATIONSERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\RDPVIDEOMINIPORT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\raspptp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\processr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ramdisk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rasacd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\agilevpn.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\raspppoe.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rassstp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rdbss.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rdpdr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sbp2port.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sdbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\SENSORDATASERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SerCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SpbCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\serenum.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SerCx2.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sermouse.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sfloppy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\SGRMBROKER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\Spectrum.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SPACEPORT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\spoolsv.exe" is sparse (flags = 32768)
File "C:\Windows\System32\sppsvc.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\srvnet.sys" is sparse (flags = 32768)
File "C:\Windows\System32\OpenSSH\SSH-AGENT.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\storahci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\stornvme.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\storvsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\tdx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\tpm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\TIERINGENGINESERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\SERVICING\TRUSTEDINSTALLER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\uaspstor.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Udecx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\UcmCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\udfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\umpass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbvideo.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\USBAUDIO.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbccgp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbuhci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbohci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbehci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbhub.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usb80236.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbser.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\vds.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\VERIFIEREXT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vhdmp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Vid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vhf.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vmbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\VMBusHID.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volmgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volmgrx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volsnap.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volume.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vsmraid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vwifibus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vwififlt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vwifimp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wacompen.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wanarp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\wbengine.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Wdf01000.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WdiWiFi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wfplwfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\winnat.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wmiacpi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\WmiApSrv.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ws2ifsl.sys" is sparse (flags = 32768)
File "C:\Windows\System32\SEARCHINDEXER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\NATURALAUTH.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\umpnpmgr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\AarSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rpcss.dll" is sparse (flags = 32768)
File "C:\Windows\System32\appinfo.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DISPBROKER.DESKTOP.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MESSAGINGSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MICROSOFT.BLUETOOTH.USERSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\appidsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\AUTOTIMESVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\smphost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\GRAPHICSPERFSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\psmsrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\APPREADINESS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.STATEREPOSITORY.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\AUDIOENDPOINTBUILDER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WALLETSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\APPXDEPLOYMENTSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BCASTDVRUSERSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\audiosrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wwansvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wlidsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wlansvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wcncsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wevtsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\AxInstSv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\RpcEpMap.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CDPUSERSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\dssvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\bdesvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CAPTURESERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BFE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\XBLAUTHMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\netman.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DEVICESETUPMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\cdpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\umpo.dll" is sparse (flags = 32768)
File "C:\Windows\System32\qmgr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CBDHSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ClipSVC.dll" is sparse (flags = 32768)
File "C:\Windows\System32\BTAGSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BTHAVCTPSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\vac.dll" is sparse (flags = 32768)
File "C:\Windows\System32\das.dll" is sparse (flags = 32768)
File "C:\Windows\System32\profsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\pnrpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CAPABILITYACCESSMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\certprop.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CONSENTUXCLIENT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\XBOXGIPSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TETHERINGSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\cryptsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DEFRAGSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DEVICEACCESS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.DEVICES.PICKER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DEVICESFLOWBROKER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\dhcpcore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DiagSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dot3svc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DIAGTRACK.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MICROSOFT.GRAPHICS.DISPLAY.DISPLAYENHANCEMENTSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.INTERNAL.MANAGEMENT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\dnsrslvr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WERCPLSUPPORT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\eapsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\efssvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\EMBEDDEDMODESVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ENTERPRISEAPPMGMTSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\FntCache.dll" is sparse (flags = 32768)
File "C:\Windows\System32\es.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sdrsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\srvsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\FRAMESERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\upnphost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\fhsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\gpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\hidserv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lltdsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ListSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\IKEEXT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\INSTALLSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\iphlpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\keyiso.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WsmSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wersvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wecsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wcmsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wkssvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\LICENSEMANAGERSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\lpasvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lmhsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ipnathlp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lsm.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WORKFOLDERSSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\LANGUAGEOVERLAYSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MIXEDREALITYRUNTIME.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MPSSVC.dll" is sparse (flags = 32768)
File "C:\Windows\System32\iscsiexe.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nsisvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nlasvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ngcsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NCBSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\netlogon.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NETPROFMSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\NETSETUPSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\icsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NGCCTNRSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\APHOSTSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\pcasvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\PHONESERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\PIMINDEXMAINTENANCE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\icsvcext.dll" is sparse (flags = 32768)
File "C:\Windows\System32\IPSECSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\PRINTWORKFLOWSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\PUSHTOINSTALL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\rasauto.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rasmans.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mprdim.dll" is sparse (flags = 32768)
File "C:\Windows\System32\RDXSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\RMapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\schedsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SCardSvr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\XBLGAMESAVE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SCDEVICEENUM.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SEMgrSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SENSORSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SessEnv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SHAREDREALITYSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.SHAREDPC.ACCOUNTMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SMSROUTERSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\StorSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sstpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ssdpsrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wiaservc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\svsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\swprv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sysmain.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SYSTEMEVENTSBROKERSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TabSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\termsrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\tapisrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\TIMEBROKERSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TOKENBROKER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MITIGATIONCLIENT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TZAUTOUPDATE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWSUDK.SHELLCOMMON.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\umrdp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\Unistore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\USERDATASERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\usermgr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\usosvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\vaultsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\w32time.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WAASMEDICSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wbiosrvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wiarpc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\WMIsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\FLIGHTSETTINGS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.MANAGEMENT.SERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WPCDESKTOPMONSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WPNSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WPNUSERSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wuaueng.dll" is sparse (flags = 32768)
File "C:\Windows\System32\XBOXNETAPISVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\rundll32.exe" is sparse (flags = 32768)
File "C:\Windows\SysWOW64\rundll32.exe" is sparse (flags = 32768)
Infected: C:\Program Files (x86)\Notepad++\uninstall.exe --> [Trojan.FakeNPP]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Notepad++ --> [Trojan.FakeNPP]
Scan finished
Creating System Restore point...
Could not create restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================
24 


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 10.0.9200 Windows 10 x64

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 11.789.19041.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, F:\ DRIVE_FIXED
CPU speed: 2.592000 GHz
Memory total: 8480731136, free: 6687797248

Downloaded database version: v2021.07.19.04
Downloaded database version: v2021.07.19.04
Downloaded database version: v2018.01.20.01
=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
     07/19/2021 19:25:39
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\cng.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\WppRecorder.sys
\SystemRoot\system32\drivers\SleepStudyHelper.sys
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\system32\drivers\SgrmAgent.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\IntelTA.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\isapnp.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\ucx01000.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\evbda.sys
\SystemRoot\System32\drivers\pcmcia.sys
\SystemRoot\System32\drivers\pciide.sys
\SystemRoot\System32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\intelide.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\sdbus.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\vmbus.sys
\SystemRoot\System32\drivers\NDIS.SYS
\SystemRoot\System32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\hvsocket.sys
\SystemRoot\System32\drivers\vmbkmcl.sys
\SystemRoot\System32\drivers\winhv.sys
\SystemRoot\System32\drivers\vpci.sys
\SystemRoot\System32\drivers\bxvbda.sys
\SystemRoot\System32\drivers\nvraid.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\urscx01000.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorV.sys
\SystemRoot\System32\drivers\vsmraid.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\3ware.sys
\SystemRoot\System32\drivers\amdsata.sys
\SystemRoot\System32\drivers\amdxata.sys
\SystemRoot\System32\drivers\amdsbs.sys
\SystemRoot\System32\drivers\arcsas.sys
\SystemRoot\System32\drivers\ItSas35i.sys
\SystemRoot\System32\drivers\lsi_sas.sys
\SystemRoot\System32\drivers\lsi_sas2i.sys
\SystemRoot\System32\drivers\lsi_sas3i.sys
\SystemRoot\System32\drivers\lsi_sss.sys
\SystemRoot\System32\drivers\megasas.sys
\SystemRoot\System32\drivers\MegaSas2i.sys
\SystemRoot\System32\drivers\megasas35i.sys
\SystemRoot\System32\drivers\megasr.sys
\SystemRoot\System32\drivers\mvumis.sys
\SystemRoot\System32\drivers\nvstor.sys
\SystemRoot\System32\drivers\percsas2i.sys
\SystemRoot\System32\drivers\percsas3i.sys
\SystemRoot\System32\drivers\SiSRaid2.sys
\SystemRoot\System32\drivers\sisraid4.sys
\SystemRoot\System32\drivers\vstxraid.sys
\SystemRoot\System32\drivers\stexstor.sys
\SystemRoot\System32\drivers\cht4sx64.sys
\SystemRoot\System32\drivers\iaStorAVC.sys
\SystemRoot\System32\drivers\atapi.sys
\SystemRoot\System32\drivers\ataport.SYS
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\stornvme.sys
\SystemRoot\System32\drivers\ADP80XX.SYS
\SystemRoot\System32\drivers\HpSAMD.sys
\SystemRoot\System32\drivers\SmartSAMD.sys
\SystemRoot\System32\drivers\nvdimm.sys
\SystemRoot\System32\drivers\EhStorTcgDrv.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\storvsc.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\System32\drivers\vmstorfl.sys
\SystemRoot\System32\drivers\bttflt.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volume.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\System32\drivers\uaspstor.sys
\SystemRoot\System32\drivers\storufs.sys
\SystemRoot\System32\drivers\sdstor.sys
\SystemRoot\System32\drivers\scmbus.sys
\SystemRoot\System32\drivers\sbp2port.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\ramdisk.sys
\SystemRoot\System32\drivers\pmem.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iorate.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_65ab9a260dbf7467\BasicDisplay.sys
\SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_df49c4daa6251397\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\CimFS.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afunix.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\drivers\vwififlt.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\System32\drivers\ndiscap.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys
\SystemRoot\System32\drivers\CAD.sys
\SystemRoot\system32\Drivers\RtsUer.sys
\SystemRoot\System32\drivers\iaLPSS2i_I2C.sys
\SystemRoot\system32\drivers\SpbCx.sys
\SystemRoot\System32\drivers\TeeDriverW8x64.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\drivers\rt640x64.sys
\SystemRoot\System32\drivers\rtwlane01.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\acpipagr.sys
\SystemRoot\System32\drivers\tpm.sys
\SystemRoot\System32\drivers\AsRadioControl.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys
\SystemRoot\System32\drivers\vmulti.sys
\SystemRoot\System32\drivers\mshidkmdf.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\hidi2c.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\system32\DRIVERS\AsusSGDrv.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\drivers\dump_storahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\drivers\ndisuio.sys
\SystemRoot\system32\drivers\msquic.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\drivers\usb80236.sys
\SystemRoot\System32\drivers\RNDISMP6.SYS
\SystemRoot\System32\drivers\condrv.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\4127B1C9.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2021.07.19.04
  rootkit: v2021.07.19.04

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffa38d07a5e060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffa38d07aeb910, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffa38d07a5e060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffa38d07816910, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffa38d0783da00, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffa38d07835050, DeviceName: \Device\00000037\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 82DD2459

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1024000
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1026048  Numsec = 407470889
    Partition is not bootable
    Partition file system is NTFS

    Partition 2 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 408498176  Numsec = 1101824
    Partition is not bootable
    Partition file system is NTFS

    Partition 3 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 409602048  Numsec = 1543917568
    Partition is not bootable
    Partition file system is NTFS

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
File "C:\Windows\System32\KERNELBASE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\psapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\user32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\win32u.dll" is sparse (flags = 32768)
File "C:\Windows\System32\gdi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\GDI32FULL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MSVCP_WIN.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ucrtbase.dll" is sparse (flags = 32768)
File "C:\Windows\System32\advapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msvcrt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sechost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rpcrt4.dll" is sparse (flags = 32768)
File "C:\Windows\System32\imm32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\shell32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ole32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\combase.dll" is sparse (flags = 32768)
File "C:\Windows\System32\shlwapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wintrust.dll" is sparse (flags = 32768)
File "C:\Windows\System32\version.dll" is sparse (flags = 32768)
File "C:\Windows\System32\imagehlp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ws2_32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\userenv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\comdlg32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mpr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SHCore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\oleaut32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netutils.dll" is sparse (flags = 32768)
File "C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.19041.1110_none_c0da534e38c01f4d\comctl32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wininet.dll" is sparse (flags = 32768)
File "C:\Windows\System32\IPHLPAPI.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\winmm.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winspool.drv" is sparse (flags = 32768)
File "C:\Windows\System32\sfc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sfc_os.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cryptsp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rsaenh.dll" is sparse (flags = 32768)
File "C:\Windows\System32\bcrypt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CRYPTBASE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BCRYPTPRIMITIVES.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\crypt32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msasn1.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wkscli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cscapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\uxtheme.dll" is sparse (flags = 32768)
File "C:\Windows\System32\iertutil.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sspicli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.STORAGE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wldp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\profapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\KERNEL.APPCORE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\clbcatq.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ONDEMANDCONNROUTEHELPER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\winhttp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mswsock.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nsi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winnsi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\urlmon.dll" is sparse (flags = 32768)
File "C:\Windows\System32\srvcli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dnsapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rasadhlp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\FWPUCLNT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\schannel.dll" is sparse (flags = 32768)
File "C:\Windows\System32\MSKEYPROTECT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ntasn1.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dpapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cryptnet.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ncrypt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NCRYPTSSLP.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\msctf.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dhcpcsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ntmarta.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cfgmgr32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\TEXTINPUTFRAMEWORK.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\COREMESSAGING.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\COREUICOMPONENTS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WinTypes.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wtsapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winsta.dll" is sparse (flags = 32768)
File "C:\Windows\System32\propsys.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.STATEREPOSITORYPS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.FILEEXPLORER.COMMON.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\coml2.dll" is sparse (flags = 32768)
File "C:\Windows\System32\linkinfo.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ntshrui.dll" is sparse (flags = 32768)
File "C:\Windows\System32\smss.exe" is sparse (flags = 32768)
File "C:\Windows\System32\csrss.exe" is sparse (flags = 32768)
File "C:\Windows\System32\wininit.exe" is sparse (flags = 32768)
File "C:\Windows\System32\services.exe" is sparse (flags = 32768)
File "C:\Windows\System32\lsass.exe" is sparse (flags = 32768)
File "C:\Windows\System32\winlogon.exe" is sparse (flags = 32768)
File "C:\Windows\System32\svchost.exe" is sparse (flags = 32768)
File "C:\Windows\System32\FONTDRVHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\dwm.exe" is sparse (flags = 32768)
File "C:\Windows\System32\sihost.exe" is sparse (flags = 32768)
File "C:\Windows\explorer.exe" is sparse (flags = 32768)
File "C:\Windows\SYSTEMAPPS\MICROSOFT.WINDOWS.STARTMENUEXPERIENCEHOST_CW5N1H2TXYEWY\STARTMENUEXPERIENCEHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\RUNTIMEBROKER.EXE" is sparse (flags = 32768)
File "C:\Windows\SYSTEMAPPS\MICROSOFT.WINDOWS.SEARCH_CW5N1H2TXYEWY\SEARCHAPP.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\dllhost.exe" is sparse (flags = 32768)
File "C:\Windows\HelpPane.exe" is sparse (flags = 32768)
File "C:\Windows\SYSTEMAPPS\MICROSOFTWINDOWS.CLIENT.CBS_CW5N1H2TXYEWY\InputApp\TEXTINPUTHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\APPLICATIONFRAMEHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\SYSTEMAPPS\SHELLEXPERIENCEHOST_CW5N1H2TXYEWY\SHELLEXPERIENCEHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\oobe\USEROOBEBROKER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\SMARTSCREEN.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\TEXTSHAPING.DLL" is sparse (flags = 32768)
File "C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984\comctl32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWSCODECS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\THUMBCACHE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\POLICYMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MSVCP110_WIN.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\EXPLORERFRAME.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\edputil.dll" is sparse (flags = 32768)
File "C:\Windows\System32\APPRESOLVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\slc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sppc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\BCP47LANGS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ONECORECOMMONPROXYSTUB.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ONECOREUAPCOMMONPROXYSTUB.DLL" is sparse (flags = 32768)
File "C:\Windows\SysWOW64\cmd.exe" is sparse (flags = 32768)
File "C:\Windows\System32\cmdext.dll" is sparse (flags = 32768)
File "C:\Windows\System32\conhost.exe" is sparse (flags = 32768)
File "C:\Windows\System32\credssp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\userinit.exe" is sparse (flags = 32768)
File "C:\Windows\System32\scecli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msv1_0.dll" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\appid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\AcpiDev.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\1394ohci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpiex.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\SECURITYHEALTHSERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\flpydisk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mspclock.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\asyncmac.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\amdk8.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpipagr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\isapnp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpitime.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ufx01000.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Ucx01000.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Acx01000.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mrxsmb20.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mpsdrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\afd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\storufs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BthA2dp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidi2c.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\afunix.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sdstor.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ahcache.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\amdppm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\alg.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\IPMIDrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\APPLOCKERFLTR.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wcnfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wcifs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\srv2.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\atapi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pciide.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fdc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bindflt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\PktMon.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bowser.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bthenum.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\HYPERVIDEO.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MICROSOFT.BLUETOOTH.LEGACY.LEENUMERATOR.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\portcfg.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BthMini.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bthport.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BTHUSB.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bttflt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BUTTONCONVERTER.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cng.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cdfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\clfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cdrom.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cldflt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mup.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\CmBatt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\condrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\CREDENTIALENROLLMENTMANAGER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dam.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dfsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\disk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\DiagSvcs\DIAGNOSTICSHUB.STANDARDCOLLECTOR.SERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dmvsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\drmkaud.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\serial.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dxgkrnl.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\tcpip.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\EHSTORCLASS.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\EHSTORTCGDRV.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\errdev.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ksthunk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fileinfo.sys" is sparse (flags = 32768)
File "C:\Windows\System32\FXSSVC.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vmstorfl.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ipfltdrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\FILETRACE.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fltMgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\FSDEPENDS.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\STORQOSFLT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fvevol.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndisuio.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MSGPIOCLX.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rasl2tp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mrxsmb.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\HdAudio.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hdaudbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidbatt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidbth.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\HIDINTERRUPT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidspi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidusb.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\http.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\HVSERVICE.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hwpolicy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hyperkbd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndproxy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\i8042prt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pacer.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\INDIRECTKMD.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\intelide.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\intelpep.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vdrvroot.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\UCMUCSICX.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\intelppm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\iorate.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\scfilter.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\msiscsi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\kbdclass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\kbdhid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ksecdd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ksecpkg.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\luafv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\msisadrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mstee.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MbbCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mmcss.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mskssrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wimmount.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\modem.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mspqm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\monitor.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mouclass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mouhid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\msquic.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mountmgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\VSSVC.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MSHIDKMDF.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mssmbios.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MTConfig.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\nwifi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\netbios.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\netvsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndis.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NDISIMPLATFORM.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndistapi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NDISVIRTUALBUS.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndiswan.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NETADAPTERCX.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\netbt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NPSVCTRIG.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\nsiproxy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\parport.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\partmgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pcw.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pdc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pcmcia.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\PEAuth.sys" is sparse (flags = 32768)
File "C:\Windows\System32\PERCEPTIONSIMULATION\PERCEPTIONSIMULATIONSERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\RDPVIDEOMINIPORT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\raspptp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\processr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ramdisk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rasacd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\agilevpn.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\raspppoe.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rassstp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rdbss.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rdpdr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sbp2port.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sdbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\SENSORDATASERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SerCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SpbCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\serenum.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SerCx2.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sermouse.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sfloppy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\SGRMBROKER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\Spectrum.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SPACEPORT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\spoolsv.exe" is sparse (flags = 32768)
File "C:\Windows\System32\sppsvc.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\srvnet.sys" is sparse (flags = 32768)
File "C:\Windows\System32\OpenSSH\SSH-AGENT.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\storahci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\stornvme.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\storvsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\tdx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\tpm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\TIERINGENGINESERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\SERVICING\TRUSTEDINSTALLER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\uaspstor.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Udecx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\UcmCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\udfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\umpass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbvideo.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\USBAUDIO.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbccgp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbuhci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbohci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbehci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbhub.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbprint.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usb80236.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbser.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\vds.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\VERIFIEREXT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vhdmp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Vid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vhf.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vmbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\VMBusHID.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volmgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volmgrx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volsnap.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volume.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vsmraid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vwifibus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vwififlt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vwifimp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wacompen.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wanarp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\wbengine.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Wdf01000.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WdiWiFi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wfplwfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\winnat.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wmiacpi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\WmiApSrv.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ws2ifsl.sys" is sparse (flags = 32768)
File "C:\Windows\System32\SEARCHINDEXER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\NATURALAUTH.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\umpnpmgr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\AarSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rpcss.dll" is sparse (flags = 32768)
File "C:\Windows\System32\appinfo.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DISPBROKER.DESKTOP.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MESSAGINGSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MICROSOFT.BLUETOOTH.USERSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\appidsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\AUTOTIMESVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\smphost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\GRAPHICSPERFSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\psmsrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\APPREADINESS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.STATEREPOSITORY.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\AUDIOENDPOINTBUILDER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WALLETSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\APPXDEPLOYMENTSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BCASTDVRUSERSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\audiosrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wwansvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wlidsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wlansvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wcncsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wevtsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\AxInstSv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\RpcEpMap.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CDPUSERSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\dssvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\bdesvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CAPTURESERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BFE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\XBLAUTHMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\netman.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DEVICESETUPMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\cdpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\umpo.dll" is sparse (flags = 32768)
File "C:\Windows\System32\qmgr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CBDHSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ClipSVC.dll" is sparse (flags = 32768)
File "C:\Windows\System32\BTAGSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BTHAVCTPSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\vac.dll" is sparse (flags = 32768)
File "C:\Windows\System32\das.dll" is sparse (flags = 32768)
File "C:\Windows\System32\profsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\pnrpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CAPABILITYACCESSMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\certprop.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CONSENTUXCLIENT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\XBOXGIPSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TETHERINGSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\cryptsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DEFRAGSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DEVICEACCESS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.DEVICES.PICKER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DEVICESFLOWBROKER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\dhcpcore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DiagSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dot3svc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DIAGTRACK.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MICROSOFT.GRAPHICS.DISPLAY.DISPLAYENHANCEMENTSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.INTERNAL.MANAGEMENT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\dnsrslvr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WERCPLSUPPORT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\eapsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\efssvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\EMBEDDEDMODESVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ENTERPRISEAPPMGMTSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\FntCache.dll" is sparse (flags = 32768)
File "C:\Windows\System32\es.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sdrsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\srvsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\FRAMESERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\upnphost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\fhsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\gpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\hidserv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lltdsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ListSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\IKEEXT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\INSTALLSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\iphlpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\keyiso.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wscsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WsmSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wersvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wecsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wcmsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wkssvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\LICENSEMANAGERSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\lpasvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lmhsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ipnathlp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lsm.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WORKFOLDERSSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\LANGUAGEOVERLAYSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MIXEDREALITYRUNTIME.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MPSSVC.dll" is sparse (flags = 32768)
File "C:\Windows\System32\iscsiexe.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nsisvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nlasvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ngcsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NCBSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\netlogon.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NETPROFMSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\NETSETUPSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\icsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NGCCTNRSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\APHOSTSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\pcasvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\PHONESERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\PIMINDEXMAINTENANCE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\icsvcext.dll" is sparse (flags = 32768)
File "C:\Windows\System32\IPSECSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\PRINTWORKFLOWSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\PUSHTOINSTALL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\rasauto.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rasmans.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mprdim.dll" is sparse (flags = 32768)
File "C:\Windows\System32\RDXSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\RMapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\schedsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SCardSvr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\XBLGAMESAVE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SCDEVICEENUM.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SEMgrSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SENSORSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SessEnv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SHAREDREALITYSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.SHAREDPC.ACCOUNTMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SMSROUTERSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\StorSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sstpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ssdpsrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wiaservc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\svsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\swprv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sysmain.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SYSTEMEVENTSBROKERSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TabSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\termsrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\tapisrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\TIMEBROKERSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TOKENBROKER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MITIGATIONCLIENT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TZAUTOUPDATE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWSUDK.SHELLCOMMON.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\umrdp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\Unistore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\USERDATASERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\usermgr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\usosvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\vaultsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\w32time.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WAASMEDICSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wbiosrvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wiarpc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\WMIsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\FLIGHTSETTINGS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.MANAGEMENT.SERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WPCDESKTOPMONSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WPNSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WPNUSERSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wuaueng.dll" is sparse (flags = 32768)
File "C:\Windows\System32\XBOXNETAPISVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ie4uinit.exe" is sparse (flags = 32768)
File "C:\Windows\System32\rundll32.exe" is sparse (flags = 32768)
File "C:\Windows\SysWOW64\rundll32.exe" is sparse (flags = 32768)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-1026048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-2-408498176-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-3-409602048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
25 
20:49:41.0594 0x0b5c  TDSS rootkit removing tool 3.1.0.28 Apr  9 2019 21:11:46
20:49:47.0071 0x0b5c  ============================================================
20:49:47.0071 0x0b5c  Current date / time: 2021/07/19 20:49:47.0071
20:49:47.0071 0x0b5c  SystemInfo:
20:49:47.0071 0x0b5c  
20:49:47.0071 0x0b5c  OS Version: 10.0.19043 ServicePack: 0.0
20:49:47.0071 0x0b5c  Product type: Workstation
20:49:47.0071 0x0b5c  ComputerName: DESKTOP-SA6LKLM
20:49:47.0071 0x0b5c  UserName: pepe
20:49:47.0071 0x0b5c  Windows directory: C:\WINDOWS
20:49:47.0071 0x0b5c  System windows directory: C:\WINDOWS
20:49:47.0071 0x0b5c  Running under WOW64
20:49:47.0071 0x0b5c  Processor architecture: Intel x64
20:49:47.0071 0x0b5c  Number of processors: 4
20:49:47.0071 0x0b5c  Page size: 0x1000
20:49:47.0071 0x0b5c  Boot type: Safe boot with network
20:49:47.0071 0x0b5c  CodeIntegrityOptions = 0x00000001
20:49:47.0071 0x0b5c  ============================================================
20:49:47.0446 0x0b5c  KLMD registered as C:\WINDOWS\system32\drivers\89034019.sys
20:49:47.0446 0x0b5c  KLMD ARK init status: drvProperties = 0xF0F02, osBuild = 19043.0, osProperties = 0x1D
20:49:47.0539 0x0b5c  System UUID: {9D3ACB07-422A-F8E1-77B5-0DFFE931B0EF}
20:49:47.0696 0x0b5c  !crdlk
20:49:47.0930 0x0b5c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
20:49:47.0945 0x0b5c  ============================================================
20:49:47.0945 0x0b5c  \Device\Harddisk0\DR0:
20:49:47.0945 0x0b5c  MBR partitions:
20:49:47.0945 0x0b5c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
20:49:47.0945 0x0b5c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x18498329
20:49:47.0945 0x0b5c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x186A0800, BlocksNum 0x5C065000
20:49:47.0945 0x0b5c  ============================================================
20:49:47.0977 0x0b5c  C: <-> \Device\Harddisk0\DR0\Partition2
20:49:48.0024 0x0b5c  F: <-> \Device\Harddisk0\DR0\Partition3
20:49:48.0024 0x0b5c  ============================================================
20:49:48.0024 0x0b5c  Initialize success
20:49:48.0024 0x0b5c  ============================================================
20:49:53.0975 0x0f20  ============================================================
20:49:53.0975 0x0f20  Scan started
20:49:53.0975 0x0f20  Mode: Manual; 
20:49:53.0975 0x0f20  ============================================================
20:49:53.0975 0x0f20  KSN ping started
20:49:54.0053 0x0f20  KSN ping finished: false
20:50:02.0223 0x0f20  ================ Scan BIOS =================================
20:50:02.0223 0x0f20  BIOS info: vendor = American Megatrends Inc., version = X556UJ.206, releaseDate = 09/10/2015
20:50:02.0223 0x0f20  Base board info: manufacturer = ASUSTeK COMPUTER INC., product = X556UJ, version = 1.0       
20:50:04.0223 0x0f20  [ 5AD05A487C3BDF6AAAE2A7B0B3294DFE, 816C5BBF7B7A5E05C95A5E43E6224CB845C2976966E399F861F0C52C5E7511D1 ] BIOS
20:50:04.0223 0x0f20  BIOS - ok
20:50:04.0223 0x0f20  ================ Scan system memory ========================
20:50:04.0223 0x0f20  System memory - ok
20:50:04.0223 0x0f20  ================ Scan services =============================
20:50:04.0442 0x0f20  1394ohci - ok
20:50:04.0473 0x0f20  [ F447C275ED7FBE018ED2C0F3DF07BC23, 80648296CF6B1BF31536674D0E1F2973ECDBD1933811AFCD818AADAA3DCC1A65 ] 3fbaaaf5        C:\WINDOWS\system32\Drivers\3fbaaaf5.sys
20:50:04.0473 0x0f20  3fbaaaf5 - ok
20:50:04.0520 0x0f20  3ware - ok
20:50:04.0551 0x0f20  AarSvc - ok
20:50:04.0629 0x0f20  ACPI - ok
20:50:04.0645 0x0f20  AcpiDev - ok
20:50:04.0645 0x0f20  acpiex - ok
20:50:04.0645 0x0f20  acpipagr - ok
20:50:04.0676 0x0f20  [ 33B5ED555018128792AFFCDC9AF7AFD2, 1E7C5FADA2486EE31289A4BEFB70AEA173190671C64995441651903CF31E5033 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
20:50:04.0676 0x0f20  AcpiPmi - ok
20:50:04.0676 0x0f20  acpitime - ok
20:50:04.0676 0x0f20  Acx01000 - ok
20:50:04.0754 0x0f20  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
20:50:04.0754 0x0f20  Adobe LM Service - ok
20:50:04.0848 0x0f20  [ 431B9F2E0D4145164D572671395B4B31, 5D336098251ED4E50D3EAB55A37CD9486F0479893A2D9B5FB849D1486FA63FAD ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:50:04.0848 0x0f20  AdobeARMservice - ok
20:50:04.0848 0x0f20  ADP80XX - ok
20:50:04.0879 0x0f20  AFD - ok
20:50:04.0879 0x0f20  afunix - ok
20:50:04.0879 0x0f20  ahcache - ok
20:50:04.0910 0x0f20  [ 526FE18DB976D9A1AE19FBC53FA690B1, 4E2623243A9BB61F7211E591C24EDB70B07974A7FA21E3F14C683F27E975777F ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
20:50:04.0910 0x0f20  AJRouter - ok
20:50:04.0926 0x0f20  ALG - ok
20:50:04.0941 0x0f20  amdgpio2 - ok
20:50:04.0941 0x0f20  amdi2c - ok
20:50:04.0957 0x0f20  AmdK8 - ok
20:50:04.0957 0x0f20  AmdPPM - ok
20:50:04.0957 0x0f20  amdsata - ok
20:50:04.0957 0x0f20  amdsbs - ok
20:50:04.0957 0x0f20  amdxata - ok
20:50:04.0973 0x0f20  AppID - ok
20:50:04.0988 0x0f20  AppIDSvc - ok
20:50:05.0004 0x0f20  Appinfo - ok
20:50:05.0020 0x0f20  applockerfltr - ok
20:50:05.0051 0x0f20  AppReadiness - ok
20:50:05.0051 0x0f20  AppXSvc - ok
20:50:05.0066 0x0f20  arcsas - ok
20:50:05.0098 0x0f20  [ 5FADDD04C9791FC24F8B282B34C1F5E0, ECA198C2585F0AE7657F193F659F2D70C817473046397825E9ABD4ECA86D9926 ] AsusSGDrv       C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys
20:50:05.0098 0x0f20  AsusSGDrv - ok
20:50:05.0098 0x0f20  AsyncMac - ok
20:50:05.0113 0x0f20  atapi - ok
20:50:05.0113 0x0f20  AudioEndpointBuilder - ok
20:50:05.0113 0x0f20  Audiosrv - ok
20:50:05.0145 0x0f20  autotimesvc - ok
20:50:05.0176 0x0f20  AxInstSV - ok
20:50:05.0191 0x0f20  b06bdrv - ok
20:50:05.0223 0x0f20  [ 26E2320D24C66EB72B36EB71EBEF2558, 7D06B6499FE915480DF4DAD658281C8B85F7AD71F49B089A270AE0B45713F2E9 ] bam             C:\WINDOWS\system32\drivers\bam.sys
20:50:05.0223 0x0f20  bam - ok
20:50:05.0285 0x0f20  BasicDisplay - ok
20:50:05.0316 0x0f20  BasicRender - ok
20:50:05.0348 0x0f20  BcastDVRUserService - ok
20:50:05.0410 0x0f20  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
20:50:05.0410 0x0f20  bcmfn2 - ok
20:50:05.0426 0x0f20  BDESVC - ok
20:50:05.0457 0x0f20  [ 4280B427B81EB8C265F3206E2298761E, 121AF03BBE6ECC1622C2540805A30AE9555EB5D5FE25B55939C045ECE7FC37EB ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:50:05.0457 0x0f20  Beep - ok
20:50:05.0488 0x0f20  BFE - ok
20:50:05.0488 0x0f20  bindflt - ok
20:50:05.0504 0x0f20  BITS - ok
20:50:05.0535 0x0f20  BluetoothUserService - ok
20:50:05.0566 0x0f20  [ 73686FE0B2E0469F89FD2075BE724704, 4BC5BBA7ACB5BDA77251B82B9CF16C6A9EBBCC29760860A0F37ABDDF9288143F ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
20:50:05.0582 0x0f20  Bonjour Service - ok
20:50:05.0582 0x0f20  bowser - ok
20:50:05.0613 0x0f20  BrokerInfrastructure - ok
20:50:05.0629 0x0f20  BTAGService - ok
20:50:05.0644 0x0f20  BthA2dp - ok
20:50:05.0644 0x0f20  BthAvctpSvc - ok
20:50:05.0660 0x0f20  BthEnum - ok
20:50:05.0676 0x0f20  [ 54A6088904238C4C023A3A3B73BD0F6D, E1139629752B748A0B0A7C22F4E1DB18D93439B239AF258D3148377B275A3B51 ] BthHFAud        C:\WINDOWS\System32\drivers\BthHfAud.sys
20:50:05.0676 0x0f20  BthHFAud - ok
20:50:05.0723 0x0f20  [ 7AE44E94C6B1DF488AA309824DEAD643, 91C72C54142A0D4E5A5F33268850CEB8315AA30C2F0B74A9FFA962887ABAC797 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
20:50:05.0723 0x0f20  BthHFEnum - ok
20:50:05.0769 0x0f20  BthLEEnum - ok
20:50:05.0769 0x0f20  BthMini - ok
20:50:05.0801 0x0f20  [ 11D609CC74F0EB1DF6C0171331CDE9A1, 9412DC92F16C0B8A937D6FB1AD83D7169F4EC0F08FAE0E2B244346428CE99EE1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
20:50:05.0801 0x0f20  BTHMODEM - ok
20:50:05.0848 0x0f20  [ 3AB6DD0A13F9AA1BC6A71E942CC45770, C39E471BD757CA12635F283FFC4407989447739D36830E81E8DD3E63E363B3D7 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
20:50:05.0848 0x0f20  BthPan - ok
20:50:05.0848 0x0f20  BTHPORT - ok
20:50:05.0894 0x0f20  [ D293AC628357F2F75B8579087F732970, 1E536D8863D695944214D55E9B0B4BFE04F705DB7ECA18A0CF8B37AAF4893B1E ] bthserv         C:\WINDOWS\system32\bthserv.dll
20:50:05.0894 0x0f20  bthserv - ok
20:50:05.0894 0x0f20  BTHUSB - ok
20:50:05.0926 0x0f20  bttflt - ok
20:50:05.0941 0x0f20  buttonconverter - ok
20:50:05.0972 0x0f20  [ E7690568D2A5FA3D4E6D28B42358A122, CDBD820B6D383EC0A8151EA4300435C2BAD085EC55DB185C5E16CAF961443888 ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
20:50:05.0972 0x0f20  CAD - ok
20:50:06.0019 0x0f20  camsvc - ok
20:50:06.0035 0x0f20  CaptureService - ok
20:50:06.0051 0x0f20  cbdhsvc - ok
20:50:06.0066 0x0f20  cdfs - ok
20:50:06.0082 0x0f20  CDPSvc - ok
20:50:06.0097 0x0f20  CDPUserSvc - ok
20:50:06.0129 0x0f20  cdrom - ok
20:50:06.0144 0x0f20  CertPropSvc - ok
20:50:06.0144 0x0f20  cht4iscsi - ok
20:50:06.0160 0x0f20  cht4vbd - ok
20:50:06.0160 0x0f20  CimFS - ok
20:50:06.0191 0x0f20  [ 115CC1E142CE29C9006D59943108DF47, 564FA08C5BEC6DAF1A83C80C9139A6E1AA7E05D251DB3BA379B57C9FDAE83E1B ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
20:50:06.0191 0x0f20  circlass - ok
20:50:06.0207 0x0f20  CldFlt - ok
20:50:06.0222 0x0f20  CLFS - ok
20:50:06.0238 0x0f20  ClipSVC - ok
20:50:06.0238 0x0f20  CmBatt - ok
20:50:06.0269 0x0f20  CNG - ok
20:50:06.0285 0x0f20  [ A46B4D1484227900F7615FE2A569D828, A06B8002E7A708890222C777DDF8B67FED7015C0943C1FC4F9036E9F9DC14494 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
20:50:06.0301 0x0f20  cnghwassist - ok
20:50:06.0332 0x0f20  [ 99392FDADF3CE5EB47403E5A52866E6F, 63CEF51971EB85D9823CE9A95F1ED9907D20525ED8E32230068CC36E9082A8C3 ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys
20:50:06.0332 0x0f20  CompositeBus - ok
20:50:06.0332 0x0f20  COMSysApp - ok
20:50:06.0363 0x0f20  condrv - ok
20:50:06.0379 0x0f20  ConsentUxUserSvc - ok
20:50:06.0394 0x0f20  CoreMessagingRegistrar - ok
20:50:06.0457 0x0f20  [ E7F640743A8FFD1C41809B604ED01E12, D96A35F109E3CB01AC2C71D5B71225854853F211B076BC3218D499D80B29C210 ] cphs            C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHeciSvc.exe
20:50:06.0472 0x0f20  cphs - ok
20:50:06.0504 0x0f20  [ 3576075C251DDFCE2C105BCA5F173C71, E21FA07D21261E2583645969941DFEDCE1C4EAE690262161BFA0073697AB8D4A ] cplspcon        C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHDCPSvc.exe
20:50:06.0519 0x0f20  cplspcon - ok
20:50:06.0550 0x0f20  CredentialEnrollmentManagerUserSvc - ok
20:50:06.0550 0x0f20  CredentialEnrollmentManagerUserSvc_281a1 - ok
20:50:06.0582 0x0f20  CryptSvc - ok
20:50:06.0597 0x0f20  dam - ok
20:50:06.0613 0x0f20  DcomLaunch - ok
20:50:06.0644 0x0f20  defragsvc - ok
20:50:06.0675 0x0f20  DeviceAssociationBrokerSvc - ok
20:50:06.0722 0x0f20  DeviceAssociationService - ok
20:50:06.0738 0x0f20  DeviceInstall - ok
20:50:06.0754 0x0f20  DevicePickerUserSvc - ok
20:50:06.0800 0x0f20  DevicesFlowUserSvc - ok
20:50:06.0847 0x0f20  [ F8BE99B9EA9B110F7CB3F46BA844C1FF, EABF953864C0AE4FB6426C0B7E92DD81EE4A8852081F9D2EA02B61D4C8DB6188 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
20:50:06.0863 0x0f20  DevQueryBroker - ok
20:50:06.0879 0x0f20  Dfsc - ok
20:50:06.0879 0x0f20  Dhcp - ok
20:50:06.0925 0x0f20  diagnosticshub.standardcollector.service - ok
20:50:06.0941 0x0f20  diagsvc - ok
20:50:06.0957 0x0f20  DiagTrack - ok
20:50:07.0113 0x0f20  [ BEFAFF2DB70CD9E10E27C32E9C43B279, D89B43EBCD05662327D5851BDF1A8CB4C6E5FA7C6BD1241C230F50057BD35189 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
20:50:07.0128 0x0f20  DigitalWave.Update.Service - ok
20:50:07.0144 0x0f20  disk - ok
20:50:07.0175 0x0f20  DispBrokerDesktopSvc - ok
20:50:07.0191 0x0f20  DisplayEnhancementService - ok
20:50:07.0191 0x0f20  DmEnrollmentSvc - ok
20:50:07.0222 0x0f20  dmvsc - ok
20:50:07.0238 0x0f20  [ 2E8A026D6680C301ADF6D4B301A4CE8B, 2FDB34E2A61457308B0FEC938A2D6351F63D02BB67DC87FE4F2534E0048C8E89 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
20:50:07.0238 0x0f20  dmwappushservice - ok
20:50:07.0269 0x0f20  Dnscache - ok
20:50:07.0285 0x0f20  dot3svc - ok
20:50:07.0300 0x0f20  [ 9E65C33CB7FB50453F7F4407070EAF53, A8707BD19D584DAECA39990A2E791194140AFCA4FCE31F23CC7E931DF8C17361 ] DPS             C:\WINDOWS\system32\dps.dll
20:50:07.0316 0x0f20  DPS - ok
20:50:07.0347 0x0f20  [ 225C4E9280B2AE38DCAA5E2FEFC437C2, DB52CEE6D99478B9858F41C440DE2856CC7A5A7E95F7CA7C2F2EED266DB4BDB1 ] dptf_acpi       C:\WINDOWS\System32\drivers\dptf_acpi.sys
20:50:07.0347 0x0f20  dptf_acpi - ok
20:50:07.0378 0x0f20  [ 4DD17AA07FA0A75E79B47E5B7F18964D, 157983BEAD4C8F7218E46392F8672E7052C8E81CF842A9E82DAA8AE8CC4020C9 ] dptf_cpu        C:\WINDOWS\System32\drivers\dptf_cpu.sys
20:50:07.0378 0x0f20  dptf_cpu - ok
20:50:07.0425 0x0f20  drmkaud - ok
20:50:07.0457 0x0f20  DsmSvc - ok
20:50:07.0457 0x0f20  DsSvc - ok
20:50:07.0488 0x0f20  [ 81DF23EC4009D307479D5C169539CD67, 65AEE1E876CBE801A763F14930D15CF2E6A10697620B5903AA04BA30585A5676 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
20:50:07.0503 0x0f20  DusmSvc - ok
20:50:07.0519 0x0f20  DXGKrnl - ok
20:50:07.0535 0x0f20  Eaphost - ok
20:50:07.0550 0x0f20  ebdrv - ok
20:50:07.0660 0x0f20  [ D21437C262283650E8349AFA573AC03A, 9C256D462F0640855E1AB3D2C658CB4EDD7E061EB2782FD03481196D5ED93DB5 ] edgeupdate      C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
20:50:07.0660 0x0f20  edgeupdate - ok
20:50:07.0675 0x0f20  [ D21437C262283650E8349AFA573AC03A, 9C256D462F0640855E1AB3D2C658CB4EDD7E061EB2782FD03481196D5ED93DB5 ] edgeupdatem     C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
20:50:07.0675 0x0f20  edgeupdatem - ok
20:50:07.0691 0x0f20  EFS - ok
20:50:07.0706 0x0f20  EhStorClass - ok
20:50:07.0706 0x0f20  EhStorTcgDrv - ok
20:50:07.0753 0x0f20  embeddedmode - ok
20:50:07.0785 0x0f20  EntAppSvc - ok
20:50:07.0800 0x0f20  ErrDev - ok
20:50:07.0894 0x0f20  [ 49EDBE0603232013F7247413407F713E, D834CD05D759B0A0CCFDACF56819C3A6A51E8B61CF2B355472A43B87E31CD9FD ] esifsvc         C:\WINDOWS\SysWOW64\esif_uf.exe
20:50:07.0910 0x0f20  esifsvc - ok
20:50:07.0956 0x0f20  [ A63C10A6A6B09FED00046DDD313C2CC1, 7DEC320019698CE8122FD02F39127E003895E2351F7C35F3D73D97030C34CAB2 ] esif_lf         C:\WINDOWS\system32\DRIVERS\esif_lf.sys
20:50:07.0956 0x0f20  esif_lf - ok
20:50:07.0988 0x0f20  EventLog - ok
20:50:08.0019 0x0f20  EventSystem - ok
20:50:08.0035 0x0f20  exfat - ok
20:50:08.0050 0x0f20  fastfat - ok
20:50:08.0066 0x0f20  Fax - ok
20:50:08.0066 0x0f20  fdc - ok
20:50:08.0097 0x0f20  [ 0439B82F6034ADA3E71C0C9F169082BD, 0918728669077235B2F2DB7EE22CE819FA570D8A7A497BA5F11E76774EA75099 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
20:50:08.0097 0x0f20  fdPHost - ok
20:50:08.0128 0x0f20  [ AD64C91B3CC71226785DCE688842E5AB, 056E1091468D268E7970045AB329EB3DFF48BB6B22448046A14C309678847B6E ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
20:50:08.0128 0x0f20  FDResPub - ok
20:50:08.0159 0x0f20  fhsvc - ok
20:50:08.0191 0x0f20  [ 8E59D944EE4EFAED65A341A71297C4CD, CFFFD7007AB7FB04ECB44D0079BFE8EEB53AECC988135199C388AF425EBCF2AD ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
20:50:08.0191 0x0f20  FileCrypt - ok
20:50:08.0191 0x0f20  FileInfo - ok
20:50:08.0206 0x0f20  Filetrace - ok
20:50:08.0253 0x0f20  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:50:08.0253 0x0f20  FLEXnet Licensing Service - ok
20:50:08.0269 0x0f20  flpydisk - ok
20:50:08.0284 0x0f20  FltMgr - ok
20:50:08.0300 0x0f20  FontCache - ok
20:50:08.0316 0x0f20  FrameServer - ok
20:50:08.0347 0x0f20  FsDepends - ok
20:50:08.0347 0x0f20  Fs_Rec - ok
20:50:08.0347 0x0f20  fvevol - ok
20:50:08.0394 0x0f20  [ A1E06E4E8CB863C74DE428D4D6681185, DA46502C009FD4C847A547610DEE2684A5A583467BF76009BD46104AAE2F6B1B ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
20:50:08.0394 0x0f20  gencounter - ok
20:50:08.0456 0x0f20  genericusbfn - ok
20:50:08.0566 0x0f20  [ CEB710B82636DAAF38D9352E08C001A3, 15C34D5FCAD7826D8077E195FD8E06C7BD7E3AA45FEEB5B306702A0D22EB3E10 ] GoogleChromeElevationService C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\elevation_service.exe
20:50:08.0597 0x0f20  GoogleChromeElevationService - ok
20:50:08.0612 0x0f20  GPIOClx0101 - ok
20:50:08.0644 0x0f20  gpsvc - ok
20:50:08.0659 0x0f20  [ 8C06046B6A8C1ACDAEA15682058FDFB4, 3E0CC301249B7D8D5BEB932F4DFD1EAB8037679EC153772F63B430713903B0AC ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
20:50:08.0659 0x0f20  GpuEnergyDrv - ok
20:50:08.0722 0x0f20  GraphicsPerfSvc - ok
20:50:08.0737 0x0f20  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:50:08.0753 0x0f20  gupdate - ok
20:50:08.0753 0x0f20  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:50:08.0753 0x0f20  gupdatem - ok
20:50:08.0769 0x0f20  HdAudAddService - ok
20:50:08.0800 0x0f20  HDAudBus - ok
20:50:08.0831 0x0f20  [ 43A139D3274C0A4213965ACEF973691F, 0BDE75566F12F9875088CEEEB79B95F21D92B921C513EE163330CBB890F9D145 ] hddrsrv         C:\Program Files (x86)\HDD Regenerator\hrsrv.exe
20:50:08.0831 0x0f20  hddrsrv - ok
20:50:08.0862 0x0f20  HidBatt - ok
20:50:08.0878 0x0f20  HidBth - ok
20:50:08.0894 0x0f20  hidi2c - ok
20:50:08.0894 0x0f20  hidinterrupt - ok
20:50:08.0925 0x0f20  [ 6B46E3061EC0523CB46ED28060FCD946, 6089305AF73CC584963865482448CD5CA4252EC9BD3E72AF16D45E4F95C3EBF2 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
20:50:08.0925 0x0f20  HidIr - ok
20:50:08.0956 0x0f20  hidserv - ok
20:50:08.0956 0x0f20  hidspi - ok
20:50:08.0972 0x0f20  [ 2866EE966A0D19307E247A22BE110522, F11B8F5A3344AF5B48C411F5547E1589987C6A63CF2DFCAC80044B98AF4BDD63 ] HIDSwitch       C:\WINDOWS\System32\drivers\AsRadioControl.sys
20:50:08.0972 0x0f20  HIDSwitch - ok
20:50:09.0003 0x0f20  HidUsb - ok
20:50:09.0019 0x0f20  HpSAMD - ok
20:50:09.0019 0x0f20  HTTP - ok
20:50:09.0050 0x0f20  [ 849A66D34BC2DAD0044FAC2FEE1AF956, A5F6858AA556D9180C303EA3ED02EB6D6D8EB55A100B3918654281A01198D8E8 ] hvcrash         C:\WINDOWS\System32\drivers\hvcrash.sys
20:50:09.0050 0x0f20  hvcrash - ok
20:50:09.0081 0x0f20  [ 855F55BB462B7D8B6BC31A94A592DF3D, 776C772E69CF9D81D8511201813DD79F2106DC7D2547B4FA700432AE9B73C202 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
20:50:09.0081 0x0f20  HvHost - ok
20:50:09.0112 0x0f20  hvservice - ok
20:50:09.0128 0x0f20  [ 5DC7DFED5FEDD923B874B51D0C6752BB, 69714A8B74EB02282572B34E156051FFC10693B816905CE18A8C6C8CCB95B846 ] HwNClx0101      C:\WINDOWS\system32\Drivers\mshwnclx.sys
20:50:09.0128 0x0f20  HwNClx0101 - ok
20:50:09.0144 0x0f20  hwpolicy - ok
20:50:09.0144 0x0f20  hyperkbd - ok
20:50:09.0144 0x0f20  HyperVideo - ok
20:50:09.0144 0x0f20  i8042prt - ok
20:50:09.0159 0x0f20  iagpio - ok
20:50:09.0159 0x0f20  iai2c - ok
20:50:09.0159 0x0f20  iaLPSS2i_GPIO2 - ok
20:50:09.0175 0x0f20  iaLPSS2i_GPIO2_BXT_P - ok
20:50:09.0175 0x0f20  iaLPSS2i_GPIO2_CNL - ok
20:50:09.0175 0x0f20  iaLPSS2i_GPIO2_GLK - ok
20:50:09.0175 0x0f20  iaLPSS2i_I2C - ok
20:50:09.0190 0x0f20  iaLPSS2i_I2C_BXT_P - ok
20:50:09.0190 0x0f20  iaLPSS2i_I2C_CNL - ok
20:50:09.0190 0x0f20  iaLPSS2i_I2C_GLK - ok
20:50:09.0190 0x0f20  iaLPSSi_GPIO - ok
20:50:09.0190 0x0f20  iaLPSSi_I2C - ok
20:50:09.0206 0x0f20  iaStorAVC - ok
20:50:09.0206 0x0f20  iaStorV - ok
20:50:09.0206 0x0f20  ibbus - ok
20:50:09.0237 0x0f20  icssvc - ok
20:50:09.0706 0x0f20  [ FC3D524D96A84D28497A4FEC4E2AEC42, F4A01312244114071F01AD1CBDA68C9D006547AB52B34EF2F7D2FE1DFEB4520C ] igfx            C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igdkmd64.sys
20:50:10.0159 0x0f20  igfx - ok
20:50:10.0206 0x0f20  [ 1138664D39E0AFE51DFC8F4B178F4F5C, 10A8A12B7B05D797E3A9A0E9A33E97147D5ED3D3302ED32D0EB7E67D8EA96C62 ] igfxCUIService2.0.0.0 C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxCUIService.exe
20:50:10.0206 0x0f20  igfxCUIService2.0.0.0 - ok
20:50:10.0237 0x0f20  IKEEXT - ok
20:50:10.0253 0x0f20  IndirectKmd - ok
20:50:10.0268 0x0f20  InstallService - ok
20:50:10.0393 0x0f20  [ AFCB27F3F1CB2AA58DE2058B730BA21E, 05AA20CE4BF3DD66E64C6FD2CEA6B39C838251C488FE1F4860118B168144172F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:50:10.0471 0x0f20  IntcAzAudAddService - ok
20:50:10.0534 0x0f20  [ 380EDC712EF93AB5AAAD6F8EF7808679, 733709D6AAD2222A38A909102E0CF7525F4AB9C7E4AE7A9533C6A668B1552AF9 ] IntcDAud        C:\WINDOWS\System32\DriverStore\FileRepository\intcdaud.inf_amd64_0d54ec4feb82b9c1\IntcDAud.sys
20:50:10.0534 0x0f20  IntcDAud - ok
20:50:10.0565 0x0f20  intelide - ok
20:50:10.0596 0x0f20  intelpep - ok
20:50:10.0628 0x0f20  [ AECBF5BE2F9A2A50B978E0BF31041A81, A62F436C66DEFEB438A7891857DFB830995714A7E4FE4BDCA6B4EB1606BD2101 ] intelpmax       C:\WINDOWS\System32\drivers\intelpmax.sys
20:50:10.0628 0x0f20  intelpmax - ok
20:50:10.0659 0x0f20  intelppm - ok
20:50:10.0675 0x0f20  iorate - ok
20:50:10.0675 0x0f20  IpFilterDriver - ok
20:50:10.0690 0x0f20  iphlpsvc - ok
20:50:10.0706 0x0f20  IPMIDRV - ok
20:50:10.0737 0x0f20  [ F63572DF4295C78B3F7036AEDA878176, B71EB3CC4EC95BC9A3FA217736C6C36C756935714D7E16E34C05D913B829CB9C ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
20:50:10.0737 0x0f20  IPNAT - ok
20:50:10.0768 0x0f20  [ B5B6D1F86E40E785D6650DB923DB6BEA, 7A2D92A2274E0379B5FA6351D18E2F0DD55960BB783EA3528FE9E303E1A4256D ] IPT             C:\WINDOWS\System32\drivers\ipt.sys
20:50:10.0768 0x0f20  IPT - ok
20:50:10.0784 0x0f20  [ 77494E26B28465D2A09B9455F8A3B34E, B778D4BC71A5F5CF687175CA53AC342E4740156D4B96E6E96D918BD46C2C1459 ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
20:50:10.0784 0x0f20  IpxlatCfgSvc - ok
20:50:10.0799 0x0f20  isapnp - ok
20:50:10.0831 0x0f20  iScsiPrt - ok
20:50:10.0862 0x0f20  ItSas35i - ok
20:50:10.0862 0x0f20  kbdclass - ok
20:50:10.0862 0x0f20  kbdhid - ok
20:50:10.0862 0x0f20  kdnic - ok
20:50:10.0878 0x0f20  KeyIso - ok
20:50:10.0940 0x0f20  [ 58F379760B519E358F7C46FF4D7FB49E, 5DF3317D507D8E56D7434167CA81E01826970736387524F240D8A2484307AC31 ] klupd_3fbaaaf5a_arkmon_58F37976 C:\KVRT2020_Data\Temp\58F379760B519E358F7C46FF4D7FB49E\klupd_3fbaaaf5a_arkmon.sys
20:50:10.0956 0x0f20  klupd_3fbaaaf5a_arkmon_58F37976 - ok
20:50:10.0956 0x0f20  KSecDD - ok
20:50:10.0971 0x0f20  KSecPkg - ok
20:50:10.0971 0x0f20  ksthunk - ok
20:50:11.0003 0x0f20  [ DAE67BD7EC6ED569438F5CA38BFBB458, 672CA98525D6DD799A01A3BC3A62AB7B4544D62ECEB3615FAC05BFB97B389D23 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
20:50:11.0018 0x0f20  KtmRm - ok
20:50:11.0049 0x0f20  LanmanServer - ok
20:50:11.0065 0x0f20  LanmanWorkstation - ok
20:50:11.0128 0x0f20  [ A997488F4EDAAD59C748CF9FB1D9DAC0, A0B145041F984DD4E0A6F8D0E9C8363DA6F2DA7460E140F028C320CEAC03759C ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
20:50:11.0128 0x0f20  lfsvc - ok
20:50:11.0174 0x0f20  LicenseManager - ok
20:50:11.0206 0x0f20  [ 78779BD92081CB27967E77561683AFBE, 05EC91E194336D1BB1EE323E70FAC54F6DC0CEF53FD4925F394399531A37A0DD ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
20:50:11.0206 0x0f20  lltdio - ok
20:50:11.0221 0x0f20  lltdsvc - ok
20:50:11.0237 0x0f20  lmhosts - ok
20:50:11.0252 0x0f20  LSI_SAS - ok
20:50:11.0268 0x0f20  LSI_SAS2i - ok
20:50:11.0268 0x0f20  LSI_SAS3i - ok
20:50:11.0268 0x0f20  LSI_SSS - ok
20:50:11.0284 0x0f20  LSM - ok
20:50:11.0299 0x0f20  luafv - ok
20:50:11.0331 0x0f20  LxpSvc - ok
20:50:11.0377 0x0f20  [ AE03D8F1B7863268EAED2FE0105ED75F, F5172A1A3E24FC5271FCB0118861EA0EC33AA8ABB01AE9CAD50E2F032B92486C ] MapsBroker      C:\WINDOWS\System32\moshost.dll
20:50:11.0377 0x0f20  MapsBroker - ok
20:50:11.0393 0x0f20  mausbhost - ok
20:50:11.0393 0x0f20  mausbip - ok
20:50:11.0440 0x0f20  [ BF46AFE0CC03D9A5883E74438170B841, 43309A4DBCF15F09AB3066E96C498785C4F41DBCA8467B0385FCA467AE370980 ] MbamElam        C:\WINDOWS\system32\DRIVERS\MbamElam.sys
20:50:11.0440 0x0f20  MbamElam - ok
20:50:11.0674 0x0f20  [ FB25AE35C2F43CB6E3A1C03712DD30E9, 73DEC3F28C660223736C825B2EDEB42991B0631DFC98E34F31B8BA2D9019DB49 ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
20:50:11.0784 0x0f20  MBAMService - ok
20:50:11.0815 0x0f20  [ 0B17A8F4956ABD5FA1A0851B59FF960E, 1B62082ACA96EF78A61AFDB33EF77260292C5D08E5E35B56F7F8F0A3A837ED9B ] MBAMSwissArmy   C:\WINDOWS\System32\Drivers\mbamswissarmy.sys
20:50:11.0815 0x0f20  MBAMSwissArmy - ok
20:50:11.0830 0x0f20  MbbCx - ok
20:50:11.0846 0x0f20  megasas - ok
20:50:11.0846 0x0f20  megasas2i - ok
20:50:11.0862 0x0f20  megasas35i - ok
20:50:11.0862 0x0f20  megasr - ok
20:50:11.0893 0x0f20  [ F593D1CD9C4FFC8D0087E75C18587A30, 29C7FD01E6200E09206957BC65243F95437385BC386E68C3DCF9696EC360723C ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
20:50:11.0893 0x0f20  MEIx64 - ok
20:50:11.0909 0x0f20  MessagingService - ok
20:50:12.0049 0x0f20  [ 1FDCF3C97FE80943C23BFEC9F8D6BCDF, 646BB6496565C1D0C59192E53905E180789F634B64B3A0E197E67F88A526B4C0 ] MicrosoftEdgeElevationService C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.70\elevation_service.exe
20:50:12.0080 0x0f20  MicrosoftEdgeElevationService - ok
20:50:12.0143 0x0f20  [ B74FFC6301B3312A9F59E04E487BC72A, 76F71824E80D10EB71BEDE5EE3A64CAD7CAC3DDFBB6670D1537E6B75FF0217E9 ] Microsoft_Bluetooth_AvrcpTransport C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys
20:50:12.0159 0x0f20  Microsoft_Bluetooth_AvrcpTransport - ok
20:50:12.0174 0x0f20  MixedRealityOpenXRSvc - ok
20:50:12.0205 0x0f20  mlx4_bus - ok
20:50:12.0221 0x0f20  MMCSS - ok
20:50:12.0237 0x0f20  Modem - ok
20:50:12.0237 0x0f20  monitor - ok
20:50:12.0252 0x0f20  mouclass - ok
20:50:12.0252 0x0f20  mouhid - ok
20:50:12.0252 0x0f20  mountmgr - ok
20:50:12.0284 0x0f20  [ 198BDD455A94A093B00D1BDF64D77E92, 645309E4C87765C95C8278A59CC2A460D3A4257469A796CA2DFC8A2BC5059A1C ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:50:12.0299 0x0f20  MozillaMaintenance - ok
20:50:12.0377 0x0f20  MpKsla93abb8a - ok
20:50:12.0377 0x0f20  mpsdrv - ok
20:50:12.0408 0x0f20  mpssvc - ok
20:50:12.0440 0x0f20  [ 186251D6489F7470616862DD15644177, CC06B99F3F67A90E0B5FC3B2FD7A0DBB23B0D766DDCC94FF6C72B1C2C6C913DF ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
20:50:12.0455 0x0f20  MRxDAV - ok
20:50:12.0471 0x0f20  mrxsmb - ok
20:50:12.0471 0x0f20  mrxsmb20 - ok
20:50:12.0518 0x0f20  [ E587396A4C8151ABBF13A96C4465DE31, A3AA5D51E34657479CFCDC3DBB7821B7255F7CB57D5686B7F709A7953AD537EB ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
20:50:12.0518 0x0f20  MsBridge - ok
20:50:12.0549 0x0f20  [ 2EF846AC66E181BE820B513DBC15B5D2, EDFE71025C352D0DABEC7B9506C5945BB0EC11F8DB540DB8CB1116C2EA1648A8 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
20:50:12.0549 0x0f20  MSDTC - ok
20:50:12.0549 0x0f20  Msfs - ok
20:50:12.0596 0x0f20  [ 6092FD060EC4132A799BDAD61845DDB7, B45F9D3A71FC8A73AED3C5B8CF6F14A25EBDD3D4D47C9F39FFCD75C7D22F4A9E ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
20:50:12.0596 0x0f20  msgpiowin32 - ok
20:50:12.0612 0x0f20  mshidkmdf - ok
20:50:12.0643 0x0f20  [ 9E90FE6DF363D2427A5C773120E7B27D, 1FDB7E28CCAF757603C4B754E1AC9C470E5E60E85DE067375902F108F5E34608 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
20:50:12.0643 0x0f20  mshidumdf - ok
20:50:12.0643 0x0f20  msisadrv - ok
20:50:12.0658 0x0f20  MSiSCSI - ok
20:50:12.0658 0x0f20  msiserver - ok
20:50:12.0674 0x0f20  MSKSSRV - ok
20:50:12.0705 0x0f20  [ 9FB5040C8CEAE4C32B7884ECBBCAFDAF, 0EC3E53C5B1B202440DE22A5BF7E1EBE9AF5BBB6BA69DB9D018A6D8EC97B477E ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
20:50:12.0705 0x0f20  MsLldp - ok
20:50:12.0705 0x0f20  MSPCLOCK - ok
20:50:12.0705 0x0f20  MSPQM - ok
20:50:12.0737 0x0f20  MsQuic - ok
20:50:12.0737 0x0f20  MsRPC - ok
20:50:12.0752 0x0f20  mssmbios - ok
20:50:12.0752 0x0f20  MSTEE - ok
20:50:12.0752 0x0f20  MTConfig - ok
20:50:12.0768 0x0f20  Mup - ok
20:50:12.0768 0x0f20  mvumis - ok
20:50:12.0783 0x0f20  NativeWifiP - ok
20:50:12.0815 0x0f20  NaturalAuthentication - ok
20:50:12.0830 0x0f20  [ D47A20839608B8213065D7AFC8C42195, 7B0187BE9705ED2F925616C13B3744BAC0A9C96B21BE503D96BC9EE7EE125B33 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
20:50:12.0830 0x0f20  NcaSvc - ok
20:50:12.0893 0x0f20  NcbService - ok
20:50:12.0908 0x0f20  [ 8C938E851CDF2CE30BBEA14555B61820, F853F526C811893BD40B1124BAEC543099381E7BF091729B6A6665DF3CE10B94 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
20:50:12.0924 0x0f20  NcdAutoSetup - ok
20:50:12.0924 0x0f20  ndfltr - ok
20:50:12.0924 0x0f20  NDIS - ok
20:50:12.0955 0x0f20  [ 6BEC0929C7A7BF2A7C44F585ECC7DAEB, 5F6395268CBD26A4B90960479040C114B2C8A3F24C188C2D5F62D6AB43A637D1 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
20:50:12.0955 0x0f20  NdisCap - ok
20:50:12.0971 0x0f20  NdisImPlatform - ok
20:50:12.0971 0x0f20  NdisTapi - ok
20:50:12.0971 0x0f20  Ndisuio - ok
20:50:12.0986 0x0f20  NdisVirtualBus - ok
20:50:12.0986 0x0f20  NdisWan - ok
20:50:12.0986 0x0f20  ndiswanlegacy - ok
20:50:13.0018 0x0f20  [ 33CDAEDC7CBE8339A8324CEC2461BFB4, DAAEACDB4506D2BDDED61957D92FB4983E11D9CE6E7B25119B4CBFB431C945F4 ] NDKPing         C:\WINDOWS\system32\drivers\NDKPing.sys
20:50:13.0018 0x0f20  NDKPing - ok
20:50:13.0018 0x0f20  ndproxy - ok
20:50:13.0049 0x0f20  [ 77621E74FD79B267071A0D12C643A48A, 8228B7D1237A0FFABCCC150B299EA494C8F0CB4CCB51AB0DBFF08CBAA9EFC4BB ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
20:50:13.0065 0x0f20  Ndu - ok
20:50:13.0096 0x0f20  NetAdapterCx - ok
20:50:13.0096 0x0f20  NetBIOS - ok
20:50:13.0096 0x0f20  NetBT - ok
20:50:13.0096 0x0f20  Netlogon - ok
20:50:13.0127 0x0f20  Netman - ok
20:50:13.0143 0x0f20  netprofm - ok
20:50:13.0143 0x0f20  NetSetupSvc - ok
20:50:13.0252 0x0f20  [ B9D455C60292DF5FCB064834CA5802AA, 75DCE4E5FA08CCEAF4D3D30FE8E26903FCDD14CC852E820F63B40F374C706DBD ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:50:13.0361 0x0f20  NetTcpPortSharing - ok
20:50:13.0393 0x0f20  netvsc - ok
20:50:13.0408 0x0f20  NgcCtnrSvc - ok
20:50:13.0424 0x0f20  NgcSvc - ok
20:50:13.0439 0x0f20  NlaSvc - ok
20:50:13.0439 0x0f20  Npfs - ok
20:50:13.0455 0x0f20  npsvctrig - ok
20:50:13.0471 0x0f20  nsi - ok
20:50:13.0471 0x0f20  nsiproxy - ok
20:50:13.0471 0x0f20  Ntfs - ok
20:50:13.0471 0x0f20  Null - ok
20:50:13.0486 0x0f20  nvdimm - ok
20:50:13.0939 0x0f20  [ EF49AC0CC9A9C8D3714A053FA7AD62F3, 7103736FDEFFEF44DD5B4533F04BE27E0335C13B143A4D02DF01D9B224ED4E8B ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvlddmkm.sys
20:50:14.0346 0x0f20  nvlddmkm - ok
20:50:14.0392 0x0f20  nvraid - ok
20:50:14.0392 0x0f20  nvstor - ok
20:50:14.0424 0x0f20  OneSyncSvc - ok
20:50:14.0455 0x0f20  p2pimsvc - ok
20:50:14.0486 0x0f20  [ DA97CD5815EC123BC88382C08D465B9E, 46F5EA2E3D590FB10E14BC811612B6EF87C805B359A652D2C6BFE4840D5D6AA2 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
20:50:14.0486 0x0f20  p2psvc - ok
20:50:14.0502 0x0f20  Parport - ok
20:50:14.0502 0x0f20  partmgr - ok
20:50:14.0517 0x0f20  PcaSvc - ok
20:50:14.0549 0x0f20  pci - ok
20:50:14.0549 0x0f20  pciide - ok
20:50:14.0549 0x0f20  pcmcia - ok
20:50:14.0549 0x0f20  pcw - ok
20:50:14.0564 0x0f20  pdc - ok
20:50:14.0564 0x0f20  PEAUTH - ok
20:50:14.0627 0x0f20  perceptionsimulation - ok
20:50:14.0627 0x0f20  percsas2i - ok
20:50:14.0627 0x0f20  percsas3i - ok
20:50:14.0705 0x0f20  [ 2FC7CFCEDBF7E038351C7CEB1036D2E1, 41D7DA706F0CF613DF768B6795CD09C5C1035F9F101051FB58F5042EB4352DB6 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
20:50:14.0720 0x0f20  PerfHost - ok
20:50:14.0752 0x0f20  PhoneSvc - ok
20:50:14.0767 0x0f20  PimIndexMaintenanceSvc - ok
20:50:14.0814 0x0f20  PktMon - ok
20:50:14.0861 0x0f20  [ 9E431A5D697432DD6F4DB48C9A185104, 44C16E194258C9143A45F4022F9C5DE229E217D6FF7F944F105FE631BE9EF4A7 ] pla             C:\WINDOWS\system32\pla.dll
20:50:14.0892 0x0f20  pla - ok
20:50:14.0924 0x0f20  PlugPlay - ok
20:50:14.0955 0x0f20  pmem - ok
20:50:14.0970 0x0f20  [ 2769F200292C0F941A10BD60C33EA4A6, B8345C32585C45E6248D7194B1071F2B8617718E7C9B270AAF44C132D029DB4C ] PNPMEM          C:\WINDOWS\System32\drivers\pnpmem.sys
20:50:14.0970 0x0f20  PNPMEM - ok
20:50:15.0002 0x0f20  [ 658AE979148B53945444D485703A0111, 11C072E99563250CB8FA57D3027EE64A209FCCD66C740DDF491CB3C42E1BE3A0 ] pnpnptool       C:\WINDOWS\system32\Drivers\pnpnptool.sys
20:50:15.0002 0x0f20  pnpnptool - ok
20:50:15.0033 0x0f20  [ 6AAAC8AD69AEFBE5FE04738B687EE85E, 83427082298E2FC021D5D39A43DB4A5783D95213F2CA8D3A997DB6C815BD9CB2 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
20:50:15.0048 0x0f20  PNRPAutoReg - ok
20:50:15.0048 0x0f20  PNRPsvc - ok
20:50:15.0080 0x0f20  [ EC378D865C1CF4A9AA96348599238AD5, 26211B2452CE2B71F5EB28688B4F0B60DE55FBD447DAA8920A1C3C16BCB11A3E ] pnusbd          C:\WINDOWS\system32\Drivers\pnusbd.sys
20:50:15.0080 0x0f20  pnusbd - ok
20:50:15.0111 0x0f20  [ 6FDC12417B425BAB647BEAD5CD6D1220, AB5B52F2AB55805C086DEB6291C511FC3FD4F341F1B1FD061E83A9B68808E4BD ] pnusbvirtualhubwssrv C:\WINDOWS\system32\pnusbvirtualhubwssrv.exe
20:50:15.0127 0x0f20  pnusbvirtualhubwssrv - ok
20:50:15.0158 0x0f20  PolicyAgent - ok
20:50:15.0158 0x0f20  portcfg - ok
20:50:15.0173 0x0f20  Power - ok
20:50:15.0189 0x0f20  PptpMiniport - ok
20:50:15.0314 0x0f20  [ 207791C6CF332C53C72BB2E66AB13C6E, 1F067D862ECE38294B8ACDFEC0F50A82F1E4B1B5A6ACDB7A8F5EC6D0B7D9C3A5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:50:15.0377 0x0f20  PrintNotify - ok
20:50:15.0423 0x0f20  PrintWorkflowUserSvc - ok
20:50:15.0455 0x0f20  Processor - ok
20:50:15.0455 0x0f20  ProfSvc - ok
20:50:15.0470 0x0f20  Psched - ok
20:50:15.0502 0x0f20  PushToInstall - ok
20:50:15.0533 0x0f20  [ 2F3808790D517E5E5E6ABF7177875C02, BE1A79A6498697EB86FC29638324A853197B49BC06AE3EB1130793F710926998 ] QWAVE           C:\WINDOWS\system32\qwave.dll
20:50:15.0548 0x0f20  QWAVE - ok
20:50:15.0580 0x0f20  [ CE51A9A997D2830C6C64A36D7F8D8879, 706D683CAF92C259C121222446D34ED43F6E8872407C3615E2ED118ACD24D21D ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
20:50:15.0580 0x0f20  QWAVEdrv - ok
20:50:15.0595 0x0f20  Ramdisk - ok
20:50:15.0611 0x0f20  RasAcd - ok
20:50:15.0611 0x0f20  RasAgileVpn - ok
20:50:15.0611 0x0f20  RasAuto - ok
20:50:15.0611 0x0f20  Rasl2tp - ok
20:50:15.0626 0x0f20  RasMan - ok
20:50:15.0642 0x0f20  RasPppoe - ok
20:50:15.0642 0x0f20  RasSstp - ok
20:50:15.0642 0x0f20  rdbss - ok
20:50:15.0673 0x0f20  [ B7BAD23CA994EFF8EA11261626326004, 056495FB4A54984CE9D28D7B45550990D4A4B0736669F0F69138BEF51A695EFA ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
20:50:15.0673 0x0f20  rdpbus - ok
20:50:15.0689 0x0f20  RDPDR - ok
20:50:15.0705 0x0f20  RdpVideoMiniport - ok
20:50:15.0736 0x0f20  [ B4A6F3BFB5A07DAF4E18C14A6337A226, F906865E349390D24A3DCBC563154BBB9F307B97361832BE93BC9D44A9F3B486 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
20:50:15.0751 0x0f20  rdyboost - ok
20:50:15.0767 0x0f20  ReFS - ok
20:50:15.0783 0x0f20  ReFSv1 - ok
20:50:15.0798 0x0f20  RemoteAccess - ok
20:50:15.0830 0x0f20  [ 58B3C0A2B0C130838588EF519ADCE495, 60360DD8EA1802C8F95EB93531FF9666BE1148253E6A1BD706D4CA98955C0F6E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
20:50:15.0845 0x0f20  RemoteRegistry - ok
20:50:15.0876 0x0f20  RetailDemo - ok
20:50:15.0908 0x0f20  [ D2EE9CCE0187C616E50D61EB30ECA262, 825C918D22FC8DBF3EE9BDB41D121A0AC3CCBFFBA147E2B26F0197552E0675DE ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
20:50:15.0908 0x0f20  RFCOMM - ok
20:50:15.0939 0x0f20  [ 4DD0EFE49F0C020DAFEAE6F5F231362C, DF04978AF6CD34C8251B3DDE381CD77518684DCB1D2B16BD2DAFEE63AC9D5858 ] rhproxy         C:\WINDOWS\System32\drivers\rhproxy.sys
20:50:15.0939 0x0f20  rhproxy - ok
20:50:16.0033 0x0f20  [ C7463D0A8E63A2C2F89E03F98E9EE63F, A1520FAF11CAD2F5785C90F80D1C641AC5B5F8A49216D287D67A4BFF99D8F989 ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
20:50:16.0048 0x0f20  RichVideo64 - ok
20:50:16.0079 0x0f20  RmSvc - ok
20:50:16.0095 0x0f20  RpcEptMapper - ok
20:50:16.0126 0x0f20  [ D45676C47616B9ABBFAEC97DD3B240A8, E13985D667F66B7A0082356F23270F61A57B8C2DD211B1E09D66D7970D7B4D6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:50:16.0126 0x0f20  RpcLocator - ok
20:50:16.0158 0x0f20  RpcSs - ok
20:50:16.0189 0x0f20  [ EABD30C39742A79913B595A5B6F809D4, 9067160F566220A2B21FEEE181729A796A3F3EECF75FFB75815BE5CCC7BBA64F ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
20:50:16.0189 0x0f20  rspndr - ok
20:50:16.0220 0x0f20  rt640x64 - ok
20:50:16.0251 0x0f20  [ 071F3F3ABBA1AC01476DE5C315CD1AB7, 1C87A3371870729CF4CADAE6F659B8751DA7D65F96D657219B6798C677AC266D ] RtkBtFilter     C:\WINDOWS\System32\drivers\RtkBtfilter.sys
20:50:16.0251 0x0f20  RtkBtFilter - ok
20:50:16.0267 0x0f20  [ C775E284F00D8F727BA4B5FC3A6B4036, 5EE2D867C170F27F017916D1DAE904D0C7A57745F5030271C1D1DCF92CD90953 ] RtkBtManServ    C:\WINDOWS\RtkBtManServ.exe
20:50:16.0283 0x0f20  RtkBtManServ - ok
20:50:16.0298 0x0f20  [ B483E22E200D5428E675B07266A72F84, EE69424C758C312FFEAF1DAF6B8E625DDFD3B35BAEBF31A36943E318F45D0EE8 ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
20:50:16.0314 0x0f20  RTSUER - ok
20:50:16.0517 0x0f20  [ D54D644454F0EA860FFBA0EDF9B3951E, 9EBA55A4A00534F9BFC98AE3F9F7C36247CB2904514DC572FE8014A6F1ED56A1 ] RTWlanE01       C:\WINDOWS\System32\drivers\rtwlane01.sys
20:50:16.0642 0x0f20  RTWlanE01 - ok
20:50:16.0689 0x0f20  [ 5914CC0C1E99A3C1711BDB1E224526D1, 54BB8636F27282B396D487B3FEA8BD73F2F6FE6DA4DE8D718EE498F75A6A5DCE ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
20:50:16.0689 0x0f20  s3cap - ok
20:50:16.0704 0x0f20  SamSs - ok
20:50:16.0720 0x0f20  sbp2port - ok
20:50:16.0751 0x0f20  SCardSvr - ok
20:50:16.0767 0x0f20  ScDeviceEnum - ok
20:50:16.0767 0x0f20  scfilter - ok
20:50:16.0798 0x0f20  Schedule - ok
20:50:16.0814 0x0f20  scmbus - ok
20:50:16.0829 0x0f20  SCPolicySvc - ok
20:50:16.0845 0x0f20  sdbus - ok
20:50:16.0876 0x0f20  [ 3200667DB433F0A2032FAF4DC02E2089, 5E940CA63AD21CEA08C334AC61D985BAFDBA7DCB2D388F355B5C72EFA3E23E0A ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
20:50:16.0876 0x0f20  SDFRd - ok
20:50:16.0907 0x0f20  SDRSVC - ok
20:50:16.0907 0x0f20  sdstor - ok
20:50:16.0923 0x0f20  [ 016706A76857F914C99D2472B1E79BF9, 39A114EB591E243E0429DA7279413F046626DE7B52E057DDBCD26A0A1BF327FB ] seclogon        C:\WINDOWS\system32\seclogon.dll
20:50:16.0923 0x0f20  seclogon - ok
20:50:16.0954 0x0f20  SecurityHealthService - ok
20:50:16.0970 0x0f20  SEMgrSvc - ok
20:50:17.0001 0x0f20  [ 1EA7972A4C7163FF1D3EFE9988404D4E, 56A94B1617815C1E8A79D832B0F0CBA683C3080105CC4C87DBB9B8EAB4CD2690 ] SENS            C:\WINDOWS\System32\sens.dll
20:50:17.0001 0x0f20  SENS - ok
20:50:17.0048 0x0f20  SensorDataService - ok
20:50:17.0079 0x0f20  SensorService - ok
20:50:17.0111 0x0f20  [ 0BCFFAD6F3B180DD60C941B01768F733, A0B73C1BF636F14504B69606999287B6FE148C958A4F6E31E9022FF129A048E0 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
20:50:17.0111 0x0f20  SensrSvc - ok
20:50:17.0126 0x0f20  SerCx - ok
20:50:17.0126 0x0f20  SerCx2 - ok
20:50:17.0142 0x0f20  Serenum - ok
20:50:17.0142 0x0f20  Serial - ok
20:50:17.0142 0x0f20  sermouse - ok
20:50:17.0173 0x0f20  SessionEnv - ok
20:50:17.0173 0x0f20  sfloppy - ok
20:50:17.0298 0x0f20  [ C05648C2BE6176BE557D9C7F02916388, C65D8FEDDCD9A52B04F42C64DAD2A499BF51246D36042E8DC09DD04C4C0B7BEE ] SgrmAgent       C:\WINDOWS\system32\drivers\SgrmAgent.sys
20:50:17.0298 0x0f20  SgrmAgent - ok
20:50:17.0329 0x0f20  SgrmBroker - ok
20:50:17.0329 0x0f20  SharedAccess - ok
20:50:17.0407 0x0f20  SharedRealitySvc - ok
20:50:17.0439 0x0f20  [ BE44F2B19C4F61FED874C7FE26DF92AA, 07888C7575A1D7D46AE375B1CE6C13665CCEE0F0672EA8FDE71B955B5BC0EA70 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:50:17.0454 0x0f20  ShellHWDetection - ok
20:50:17.0470 0x0f20  shpamsvc - ok
20:50:17.0485 0x0f20  SiSRaid2 - ok
20:50:17.0485 0x0f20  SiSRaid4 - ok
20:50:17.0485 0x0f20  SmartSAMD - ok
20:50:17.0517 0x0f20  smphost - ok
20:50:17.0532 0x0f20  SmsRouter - ok
20:50:17.0548 0x0f20  [ 1971BBC71602B928CF9257759E3C05E8, 9D665698FF26ED333AD385B4B7A6C0F2B6806371D278E281FA4188002A5317E8 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
20:50:17.0564 0x0f20  SNMPTRAP - ok
20:50:17.0595 0x0f20  [ 27B7D9E872939EBB34C30343F991893D, 879AFDC8C50487ED0D3CB58C70A206E185F94BE75C25C31C387F3F08740771F9 ] spaceparser     C:\WINDOWS\system32\drivers\spaceparser.sys
20:50:17.0595 0x0f20  spaceparser - ok
20:50:17.0610 0x0f20  spaceport - ok
20:50:17.0642 0x0f20  [ AB3BDEC793187CEDF1229AC98BB7DEDF, D2EA0C5FC534C89310207AA26A8816B30FEEF3F2708A067D8BB93D3CFF9C3936 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
20:50:17.0657 0x0f20  SpatialGraphFilter - ok
20:50:17.0657 0x0f20  SpbCx - ok
20:50:17.0673 0x0f20  spectrum - ok
20:50:17.0688 0x0f20  Spooler - ok
20:50:17.0704 0x0f20  sppsvc - ok
20:50:17.0704 0x0f20  srv2 - ok
20:50:17.0720 0x0f20  srvnet - ok
20:50:17.0735 0x0f20  SSDPSRV - ok
20:50:17.0798 0x0f20  ssh-agent - ok
20:50:17.0813 0x0f20  SstpSvc - ok
20:50:17.0829 0x0f20  StateRepository - ok
20:50:17.0845 0x0f20  stexstor - ok
20:50:17.0876 0x0f20  stisvc - ok
20:50:17.0876 0x0f20  storahci - ok
20:50:17.0907 0x0f20  storflt - ok
20:50:17.0938 0x0f20  stornvme - ok
20:50:17.0938 0x0f20  storqosflt - ok
20:50:17.0938 0x0f20  StorSvc - ok
20:50:17.0954 0x0f20  storufs - ok
20:50:17.0954 0x0f20  storvsc - ok
20:50:17.0954 0x0f20  svsvc - ok
20:50:18.0001 0x0f20  swenum - ok
20:50:18.0063 0x0f20  swprv - ok
20:50:18.0079 0x0f20  Synth3dVsc - ok
20:50:18.0110 0x0f20  SysMain - ok
20:50:18.0126 0x0f20  SystemEventsBroker - ok
20:50:18.0142 0x0f20  TabletInputService - ok
20:50:18.0157 0x0f20  TapiSrv - ok
20:50:18.0173 0x0f20  Tcpip - ok
20:50:18.0173 0x0f20  Tcpip6 - ok
20:50:18.0188 0x0f20  [ 57BE670CF1D93717B628271B404D658A, EDD4C58EDAB985C87D6101D9CA5620146EE2BB8A1B899C635DD4CD36541DD46E ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
20:50:18.0188 0x0f20  tcpipreg - ok
20:50:18.0188 0x0f20  tdx - ok
20:50:18.0563 0x0f20  [ B018B8F4B5127972A99E9E317D8E79EB, F8D2C6D88870C1967C3BF5B90CC66C055273F7A91469292CE25EBCA0AD2942BA ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
20:50:18.0860 0x0f20  TeamViewer - ok
20:50:18.0891 0x0f20  Telemetry - ok
20:50:18.0907 0x0f20  [ C225B94F2B27AC97C3E66C0550AEA249, 6F88375DD12A648B77BB6EB4BE527FF6678EE76A2059DB5B4CC971CDB31D0DB8 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
20:50:18.0907 0x0f20  terminpt - ok
20:50:18.0938 0x0f20  TermService - ok
20:50:18.0969 0x0f20  [ 8EC4197962A0349DFFBDC11586099DB8, 8DD5348A4983C376F63E6B209227D4D02300555F8C80A0E0DB2EA16074ABC334 ] Themes          C:\WINDOWS\system32\themeservice.dll
20:50:18.0969 0x0f20  Themes - ok
20:50:19.0001 0x0f20  TieringEngineService - ok
20:50:19.0032 0x0f20  TimeBrokerSvc - ok
20:50:19.0048 0x0f20  TokenBroker - ok
20:50:19.0079 0x0f20  TPM - ok
20:50:19.0110 0x0f20  [ 62636F77E0C51D59F043D9197C897AD4, F121E79E0A15ED6E362D7DEF72F9C1D2D5CC50BBEC3541DFAB91691BC3AFB191 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
20:50:19.0126 0x0f20  TrkWks - ok
20:50:19.0157 0x0f20  TroubleshootingSvc - ok
20:50:19.0219 0x0f20  TrustedInstaller - ok
20:50:19.0251 0x0f20  [ F613A8618CC19DD96D1E0C81C5DCB7D1, AD6DE675AC033BE6BF75FF6303EAED4B5C672689D3AEC6DB94816D60E19B7030 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
20:50:19.0251 0x0f20  TsUsbFlt - ok
20:50:19.0282 0x0f20  [ BF1D6924E7949102DA6F14F7EFE8D2D5, EA6AE80568B8FEB5EAE213EC8222AD72FFD99D80321D7F2A52C1B42A88F583AD ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
20:50:19.0282 0x0f20  TsUsbGD - ok
20:50:19.0297 0x0f20  [ 6244FD1056BF170E38245B4B9042BFDF, C32908B3C5800CD52EF9BDD26C77B8162831CFD19DBF1D399941B17FB909AD94 ] tunnel          C:\WINDOWS\system32\drivers\tunnel.sys
20:50:19.0313 0x0f20  tunnel - ok
20:50:19.0329 0x0f20  tzautoupdate - ok
20:50:19.0344 0x0f20  UASPStor - ok
20:50:19.0344 0x0f20  UcmCx0101 - ok
20:50:19.0391 0x0f20  [ 229B33B8499F4F2AAB1F3B590423611F, E70A2D9EEEF0C6894A0DB7990CFF6ECE3B8F389FD30B7B1949FCBDD3300B6148 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
20:50:19.0391 0x0f20  UcmTcpciCx0101 - ok
20:50:19.0422 0x0f20  [ 7FDC3A6FD8547468CE554C8821640103, 3626760AEE42EE36E047DA6899A81E0646DFBA344A234270EAE5D635F049BE37 ] UcmUcsiAcpiClient C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys
20:50:19.0438 0x0f20  UcmUcsiAcpiClient - ok
20:50:19.0438 0x0f20  UcmUcsiCx0101 - ok
20:50:19.0454 0x0f20  Ucx01000 - ok
20:50:19.0454 0x0f20  UdeCx - ok
20:50:19.0454 0x0f20  udfs - ok
20:50:19.0485 0x0f20  UdkUserSvc - ok
20:50:19.0516 0x0f20  UEFI - ok
20:50:19.0532 0x0f20  Ufx01000 - ok
20:50:19.0532 0x0f20  UfxChipidea - ok
20:50:19.0563 0x0f20  ufxsynopsys - ok
20:50:19.0641 0x0f20  [ 931255341ADB0480D8C8CB1A2ED82FDA, C7664DF416694E3545F2B4BCB82A36614DA1B18618FD3EF70474BC0E785B5CD3 ] uhssvc          C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
20:50:19.0641 0x0f20  uhssvc - ok
20:50:19.0641 0x0f20  umbus - ok
20:50:19.0641 0x0f20  UmPass - ok
20:50:19.0657 0x0f20  UmRdpService - ok
20:50:19.0672 0x0f20  UnistoreSvc - ok
20:50:19.0704 0x0f20  upnphost - ok
20:50:19.0719 0x0f20  [ 5C33B91675BE0C9693358C1AAA723D20, A5BB54ABBB0F7B13ACCA0997F567A81395688C6D68EB87F67F688737DC16918F ] UrsChipidea     C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys
20:50:19.0719 0x0f20  UrsChipidea - ok
20:50:19.0751 0x0f20  [ ADFAB87405AE22290E24D0E8E6141AF1, BC0982BEFE4CABEA1E260C8A3266EA18A4CA158A07D1C5176890A04CC3B6A84A ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
20:50:19.0751 0x0f20  UrsCx01000 - ok
20:50:19.0782 0x0f20  [ BBDE7BF496327115DD744E7D4105C7BC, 5A8CC47603A1C9D58A30A5E897F1BCDC56199B08317B9FF319D469D6DD6CAAF0 ] UrsSynopsys     C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys
20:50:19.0782 0x0f20  UrsSynopsys - ok
20:50:19.0813 0x0f20  usbaudio - ok
20:50:19.0844 0x0f20  [ FB9F25ACEBCBAEABFE30CACCB17D4EE6, 7D38FA294DA179E5535E3E481746F07E2AE47CE57192C2D1C5B780B583FD9C6D ] usbaudio2       C:\WINDOWS\System32\drivers\usbaudio2.sys
20:50:19.0860 0x0f20  usbaudio2 - ok
20:50:19.0875 0x0f20  usbccgp - ok
20:50:19.0907 0x0f20  [ 11561FC5BAA2DEB5AC8B179B591A882E, 2AD595BF4ABC146D8F533981848FF8271E983038566937BEB48A6A8F09BC60FB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
20:50:19.0907 0x0f20  usbcir - ok
20:50:19.0938 0x0f20  usbehci - ok
20:50:19.0938 0x0f20  usbhub - ok
20:50:19.0969 0x0f20  USBHUB3 - ok
20:50:19.0969 0x0f20  usbohci - ok
20:50:19.0969 0x0f20  usbprint - ok
20:50:19.0969 0x0f20  usbrndis6 - ok
20:50:19.0985 0x0f20  usbser - ok
20:50:20.0000 0x0f20  USBSTOR - ok
20:50:20.0000 0x0f20  usbuhci - ok
20:50:20.0016 0x0f20  usbvideo - ok
20:50:20.0016 0x0f20  USBXHCI - ok
20:50:20.0047 0x0f20  UserDataSvc - ok
20:50:20.0079 0x0f20  UserManager - ok
20:50:20.0094 0x0f20  UsoSvc - ok
20:50:20.0094 0x0f20  VacSvc - ok
20:50:20.0110 0x0f20  VaultSvc - ok
20:50:20.0110 0x0f20  vdrvroot - ok
20:50:20.0125 0x0f20  vds - ok
20:50:20.0125 0x0f20  VerifierExt - ok
20:50:20.0141 0x0f20  vhdmp - ok
20:50:20.0141 0x0f20  vhf - ok
20:50:20.0141 0x0f20  Vid - ok
20:50:20.0172 0x0f20  [ B37F0BF662BB504F0A9C247F24C281AD, 6281D573D9AD9AA204778C3823737726E882B17657B23CF5458C012FF7990E52 ] VirtualRender
26 
C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys
20:50:20.0188 0x0f20  VirtualRender - ok
20:50:20.0204 0x0f20  vmbus - ok
20:50:20.0219 0x0f20  VMBusHID - ok
20:50:20.0235 0x0f20  [ E5BB075B6B5A1DA3C3F48CA5DFF54E77, E13E8F9523F51F976084561C9D0A843CAF550FA233521FF13FFE1C5634CA6472 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
20:50:20.0235 0x0f20  vmgid - ok
20:50:20.0266 0x0f20  vmicguestinterface - ok
20:50:20.0266 0x0f20  vmicheartbeat - ok
20:50:20.0266 0x0f20  vmickvpexchange - ok
20:50:20.0282 0x0f20  vmicrdv - ok
20:50:20.0282 0x0f20  vmicshutdown - ok
20:50:20.0282 0x0f20  vmictimesync - ok
20:50:20.0282 0x0f20  vmicvmsession - ok
20:50:20.0282 0x0f20  vmicvss - ok
20:50:20.0313 0x0f20  [ 347E25BBF78B2E9CC4F4205941591009, 34A92B9B03D43F0245AC3C91F35ABB9BEBFA6EC494ADC26643DFDB72A01C7C64 ] vmulti          C:\WINDOWS\System32\drivers\vmulti.sys
20:50:20.0313 0x0f20  vmulti - ok
20:50:20.0344 0x0f20  volmgr - ok
20:50:20.0344 0x0f20  volmgrx - ok
20:50:20.0360 0x0f20  volsnap - ok
20:50:20.0360 0x0f20  volume - ok
20:50:20.0407 0x0f20  [ A37A7788DABE4FF6E33FE50D7A33D8E8, 9E99D9D27BA3DFA6F89C77B9AD91BE495F15E4F612BB63B209157DFA13BCD7E0 ] vpci            C:\WINDOWS\system32\drivers\vpci.sys
20:50:20.0407 0x0f20  vpci - ok
20:50:20.0407 0x0f20  vsmraid - ok
20:50:20.0407 0x0f20  VSS - ok
20:50:20.0407 0x0f20  VSTXRAID - ok
20:50:20.0422 0x0f20  vwifibus - ok
20:50:20.0422 0x0f20  vwififlt - ok
20:50:20.0422 0x0f20  vwifimp - ok
20:50:20.0438 0x0f20  W32Time - ok
20:50:20.0485 0x0f20  WaaSMedicSvc - ok
20:50:20.0500 0x0f20  WacomPen - ok
20:50:20.0532 0x0f20  WalletService - ok
20:50:20.0547 0x0f20  wanarp - ok
20:50:20.0547 0x0f20  wanarpv6 - ok
20:50:20.0578 0x0f20  [ 8449398F11D49864117105679B539816, 8FD3B9C72066D6A983D062DE72EEF9769339EACBF4E0D303B9E12343C9D5DE6C ] WarpJITSvc      C:\WINDOWS\System32\Windows.WARP.JITService.dll
20:50:20.0578 0x0f20  WarpJITSvc - ok
20:50:20.0610 0x0f20  wbengine - ok
20:50:20.0610 0x0f20  WbioSrvc - ok
20:50:20.0625 0x0f20  wcifs - ok
20:50:20.0641 0x0f20  Wcmsvc - ok
20:50:20.0657 0x0f20  wcncsvc - ok
20:50:20.0657 0x0f20  wcnfs - ok
20:50:20.0688 0x0f20  WdBoot - ok
20:50:20.0703 0x0f20  [ CD1C4678B0F07D23612D5839398552C8, 8C7128CC40EEB931C3BD2C97A37890525E315657A871901EC637D67C00D19C36 ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
20:50:20.0703 0x0f20  WDC_SAM - ok
20:50:20.0813 0x0f20  Wdf01000 - ok
20:50:20.0828 0x0f20  WdFilter - ok
20:50:20.0844 0x0f20  [ BB37AF6E45E0F69222E057A74B4AFE1E, 4662064205BEC0DB7B10F1412E0A09A6E5E3B16DE443AEF7F79ACA3ACE24A51D ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
20:50:20.0860 0x0f20  WdiServiceHost - ok
20:50:20.0860 0x0f20  [ BB37AF6E45E0F69222E057A74B4AFE1E, 4662064205BEC0DB7B10F1412E0A09A6E5E3B16DE443AEF7F79ACA3ACE24A51D ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
20:50:20.0875 0x0f20  WdiSystemHost - ok
20:50:20.0891 0x0f20  wdiwifi - ok
20:50:20.0906 0x0f20  [ A6C92A5F2982EBB8788E0690C19048C4, 85C54A99DD43DC1FAC7FD2A31288CEC7501F795DE8FA86857790F4CCD5AF7C18 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
20:50:20.0906 0x0f20  WdmCompanionFilter - ok
20:50:20.0906 0x0f20  WdNisDrv - ok
20:50:21.0031 0x0f20  WdNisSvc - ok
20:50:21.0063 0x0f20  [ 4A81FA6E29A3909FC620EC8B7AE0C8FF, 89F67C978A7F58FF1E51CE6DE17FE8FAF64A52A2E96BD188E911517AF1949275 ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:50:21.0078 0x0f20  WebClient - ok
20:50:21.0110 0x0f20  Wecsvc - ok
20:50:21.0141 0x0f20  [ CBA85827716DE89106F8E4AD7430620C, EF2FEAD68FE003DAC52BC2098962F397DF80B7DCD79A8F45012A050C7C0E2DB1 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
20:50:21.0141 0x0f20  WEPHOSTSVC - ok
20:50:21.0156 0x0f20  wercplsupport - ok
20:50:21.0172 0x0f20  WerSvc - ok
20:50:21.0203 0x0f20  [ 39B758E2093B9FB42A086BF4BB1B8BEC, 473C61E7F4D734AE9C4BD2E111C6DCE595E9EF167C001CEDC35E53213F2987F6 ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
20:50:21.0235 0x0f20  WFDSConMgrSvc - ok
20:50:21.0250 0x0f20  WFPLWFS - ok
20:50:21.0250 0x0f20  WiaRpc - ok
20:50:21.0266 0x0f20  WIMMount - ok
20:50:21.0266 0x0f20  WinDefend - ok
20:50:21.0313 0x0f20  [ B434A84F46C70F4E67B70ED70F024B7F, 64EEB8093BA2590E83D83C5AF7C2A025B88AF5681143BCA83671104266FEEA99 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
20:50:21.0313 0x0f20  WindowsTrustedRT - ok
20:50:21.0360 0x0f20  [ 982774B74EE1419D641CEB66E394A4BA, 090C4CE6B76B3904B5AE73E4F1EEBCE619194C358874D7584537012F954C54BE ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
20:50:21.0360 0x0f20  WindowsTrustedRTProxy - ok
20:50:21.0375 0x0f20  WinHttpAutoProxySvc - ok
20:50:21.0406 0x0f20  WinMad - ok
20:50:21.0453 0x0f20  Winmgmt - ok
20:50:21.0469 0x0f20  WinNat - ok
20:50:21.0500 0x0f20  WinRM - ok
20:50:21.0531 0x0f20  [ 91D3DC62C6EDDB6554CE14C0E0B4290F, 6F8F89B350FC6BC0D23A50C593F02514854AB7D6CD234D8C8AD4B5DDDD586BA0 ] WINUSB          C:\WINDOWS\System32\drivers\WinUsb.sys
20:50:21.0531 0x0f20  WINUSB - ok
20:50:21.0531 0x0f20  WinVerbs - ok
20:50:21.0563 0x0f20  wisvc - ok
20:50:21.0594 0x0f20  WlanSvc - ok
20:50:21.0594 0x0f20  wlidsvc - ok
20:50:21.0609 0x0f20  wlpasvc - ok
20:50:21.0656 0x0f20  WManSvc - ok
20:50:21.0672 0x0f20  WmiAcpi - ok
20:50:21.0703 0x0f20  wmiApSrv - ok
20:50:21.0750 0x0f20  WMPNetworkSvc - ok
20:50:21.0781 0x0f20  Wof - ok
20:50:21.0797 0x0f20  workfolderssvc - ok
20:50:21.0797 0x0f20  WpcMonSvc - ok
20:50:21.0828 0x0f20  [ 02876C4F9F4EEC8AC30BBCFFE3447AB6, 0744CBBD9F2B867DF456E2B0E113897B654F07E1C96FCB32D4B4B57BE6A3BE81 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
20:50:21.0844 0x0f20  WPDBusEnum - ok
20:50:21.0875 0x0f20  [ 024924C9E79F51560B9133EEAB866BBF, F4D464BC02C7B96EF72AA9229A99A1AD32F56390F97972C33525EF0D85304261 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
20:50:21.0875 0x0f20  WpdUpFltr - ok
20:50:21.0906 0x0f20  WpnService - ok
20:50:21.0906 0x0f20  WpnUserService - ok
20:50:21.0922 0x0f20  ws2ifsl - ok
20:50:21.0922 0x0f20  wscsvc - ok
20:50:21.0922 0x0f20  WSearch - ok
20:50:21.0953 0x0f20  wuauserv - ok
20:50:21.0969 0x0f20  [ 7FC0072ECE3F5F860990EF4E10D3F8F4, 15444A3E540EAD214A674FF0EB99CD42899D6A1139E59D69DE1C2B6BA364A9E0 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
20:50:21.0984 0x0f20  WudfPf - ok
20:50:22.0016 0x0f20  [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
20:50:22.0016 0x0f20  WUDFRd - ok
20:50:22.0031 0x0f20  [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
20:50:22.0031 0x0f20  WUDFWpdFs - ok
20:50:22.0031 0x0f20  [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
20:50:22.0047 0x0f20  WUDFWpdMtp - ok
20:50:22.0094 0x0f20  WwanSvc - ok
20:50:22.0187 0x0f20  XblAuthManager - ok
20:50:22.0187 0x0f20  XblGameSave - ok
20:50:22.0203 0x0f20  xboxgip - ok
20:50:22.0219 0x0f20  XboxGipSvc - ok
20:50:22.0250 0x0f20  XboxNetApiSvc - ok
20:50:22.0266 0x0f20  xinputhid - ok
20:50:22.0266 0x0f20  ================ Scan global ===============================
20:50:22.0422 0x0f20  [ Global ] - ok
20:50:22.0422 0x0f20  ================ Scan MBR ==================================
20:50:22.0437 0x0f20  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:50:22.0609 0x0f20  \Device\Harddisk0\DR0 - ok
20:50:22.0609 0x0f20  ================ Scan VBR ==================================
20:50:22.0609 0x0f20  [ 564E0A443FFE0114D3FEB4A2D3B15404 ] \Device\Harddisk0\DR0\Partition1
20:50:22.0609 0x0f20  \Device\Harddisk0\DR0\Partition1 - ok
20:50:22.0625 0x0f20  [ 819780E891EBB81B31C0722F62A816E4 ] \Device\Harddisk0\DR0\Partition2
20:50:22.0625 0x0f20  \Device\Harddisk0\DR0\Partition2 - ok
20:50:22.0625 0x0f20  [ 041DDAA1C81074AA43A6CC9683D7CE2D ] \Device\Harddisk0\DR0\Partition3
20:50:22.0625 0x0f20  \Device\Harddisk0\DR0\Partition3 - ok
20:50:22.0625 0x0f20  ================ Scan generic autorun ======================
20:50:22.0656 0x0f20  [ 783C99AFD4C2AE6950FA5694389D2CFA, 570B37A7A3FFDAFCCECCC33CBC1968FEB857B73CA3CB4DFFEDC2E67E9ABD0878 ] C:\WINDOWS\system32\SecurityHealthSystray.exe
20:50:22.0672 0x0f20  SecurityHealth - ok
20:50:22.0750 0x0f20  [ 99BF09D43D2963F8EC0F830C4B6A6286, 0B7E0F7864C42E38AED4CA99AAD236A4B49CA7EF85BF089988A2A40F000C8680 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:50:22.0781 0x0f20  NvBackend - ok
20:50:22.0828 0x0f20  [ 70829D518C20A533767FC053012C7F6A, 09628C5576D8B1261EBDCF1B789A81E78918EF576351BF5E37895DEE4DBE107D ] C:\Program Files (x86)\HDD Regenerator\Shell.exe
20:50:22.0828 0x0f20  HDD Regenerator - ok
20:50:22.0922 0x0f20  [ 9181843825815CC78BAE19ABA5307BA7, 82A60908A4B85382BB80603EBE68F4ACAD40E5B23E4EB5061C12D77C8FD1EC60 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:50:22.0937 0x0f20  SunJavaUpdateSched - ok
20:50:23.0140 0x0f20  [ 1DBDDAB73801FBD561E7E58D30E9795B, 414835F0761DB3DCF674F35FDA88A4E9872E41A7302966175218EE648FD447C3 ] C:\Users\pepe\AppData\Roaming\GaomonTablet\GaomonTablet.exe
20:50:23.0172 0x0f20  GaomonTablet - ok
20:50:23.0234 0x0f20  OneDriveSetup - ok
20:50:23.0234 0x0f20  OneDriveSetup - ok
20:50:23.0468 0x0f20  [ 7701EF12D1D70F3444DE922F76B3D577, 0690611C58C3341698E2BCDAC0F23A141F8B1CCD27A9AD775280C9DCAF9DAE73 ] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe
20:50:23.0546 0x0f20  Adobe Reader Synchronizer - ok
20:50:23.0625 0x0f20  CCleaner Smart Cleaning - ok
20:50:23.0859 0x0f20  AV detected via SS2: Windows Defender, windowsdefender:// (  ), 0x61100 ( enabled : updated )
20:50:23.0921 0x0f20  Win FW state via NFP2: enabled ( trusted )
20:50:23.0921 0x0f20  ============================================================
20:50:23.0921 0x0f20  Scan finished
20:50:23.0921 0x0f20  ============================================================
20:50:23.0921 0x115c  Detected object count: 0
20:50:23.0921 0x115c  Actual detected object count: 0
23:14:19.0898 0x0dcc  ============================================================
23:14:19.0898 0x0dcc  Scan started
23:14:19.0898 0x0dcc  Mode: Manual; 
23:14:19.0898 0x0dcc  ============================================================
23:14:19.0898 0x0dcc  KSN ping started
23:14:19.0914 0x0dcc  KSN ping finished: false
23:14:22.0502 0x0dcc  ================ Scan BIOS =================================
23:14:22.0502 0x0dcc  Scan was interrupted by user!
23:14:22.0502 0x0dcc  AV detected via SS2: Windows Defender, windowsdefender:// (  ), 0x61100 ( enabled : updated )
23:14:22.0517 0x0dcc  Win FW state via NFP2: enabled ( trusted )
23:14:22.0517 0x0dcc  ============================================================
23:14:22.0517 0x0dcc  Scan finished
23:14:22.0517 0x0dcc  ============================================================
23:14:22.0517 0x11f4  Detected object count: 0
23:14:22.0517 0x11f4  Actual detected object count: 0
23:14:31.0254 0x1264  ============================================================
23:14:31.0254 0x1264  Scan started
23:14:31.0254 0x1264  Mode: Manual; 
23:14:31.0254 0x1264  ============================================================
23:14:31.0254 0x1264  KSN ping started
23:14:31.0254 0x1264  KSN ping finished: false
23:14:31.0582 0x1264  ================ Scan BIOS =================================
23:14:31.0582 0x1264  BIOS info: vendor = American Megatrends Inc., version = X556UJ.206, releaseDate = 09/10/2015
23:14:31.0582 0x1264  Base board info: manufacturer = ASUSTeK COMPUTER INC., product = X556UJ, version = 1.0       
23:14:33.0582 0x1264  [ 5AD05A487C3BDF6AAAE2A7B0B3294DFE, 816C5BBF7B7A5E05C95A5E43E6224CB845C2976966E399F861F0C52C5E7511D1 ] BIOS
23:14:33.0582 0x1264  BIOS - ok
23:14:33.0582 0x1264  ================ Scan system memory ========================
23:14:33.0582 0x1264  System memory - ok
23:14:33.0582 0x1264  ================ Scan services =============================
23:14:33.0738 0x1264  1394ohci - ok
23:14:33.0769 0x1264  [ F447C275ED7FBE018ED2C0F3DF07BC23, 80648296CF6B1BF31536674D0E1F2973ECDBD1933811AFCD818AADAA3DCC1A65 ] 3fbaaaf5        C:\WINDOWS\system32\Drivers\3fbaaaf5.sys
23:14:33.0769 0x1264  3fbaaaf5 - ok
23:14:33.0769 0x1264  3ware - ok
23:14:33.0800 0x1264  AarSvc - ok
23:14:33.0894 0x1264  ACPI - ok
23:14:33.0894 0x1264  AcpiDev - ok
23:14:33.0894 0x1264  acpiex - ok
23:14:33.0910 0x1264  acpipagr - ok
23:14:33.0941 0x1264  [ 33B5ED555018128792AFFCDC9AF7AFD2, 1E7C5FADA2486EE31289A4BEFB70AEA173190671C64995441651903CF31E5033 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
23:14:33.0941 0x1264  AcpiPmi - ok
23:14:33.0941 0x1264  acpitime - ok
23:14:33.0941 0x1264  Acx01000 - ok
23:14:34.0019 0x1264  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
23:14:34.0019 0x1264  Adobe LM Service - ok
23:14:34.0113 0x1264  [ 431B9F2E0D4145164D572671395B4B31, 5D336098251ED4E50D3EAB55A37CD9486F0479893A2D9B5FB849D1486FA63FAD ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:14:34.0113 0x1264  AdobeARMservice - ok
23:14:34.0113 0x1264  ADP80XX - ok
23:14:34.0128 0x1264  AFD - ok
23:14:34.0128 0x1264  afunix - ok
23:14:34.0144 0x1264  ahcache - ok
23:14:34.0175 0x1264  [ 526FE18DB976D9A1AE19FBC53FA690B1, 4E2623243A9BB61F7211E591C24EDB70B07974A7FA21E3F14C683F27E975777F ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
23:14:34.0175 0x1264  AJRouter - ok
23:14:34.0191 0x1264  ALG - ok
23:14:34.0191 0x1264  amdgpio2 - ok
23:14:34.0191 0x1264  amdi2c - ok
23:14:34.0207 0x1264  AmdK8 - ok
23:14:34.0222 0x1264  AmdPPM - ok
23:14:34.0222 0x1264  amdsata - ok
23:14:34.0222 0x1264  amdsbs - ok
23:14:34.0222 0x1264  amdxata - ok
23:14:34.0238 0x1264  AppID - ok
23:14:34.0253 0x1264  AppIDSvc - ok
23:14:34.0269 0x1264  Appinfo - ok
23:14:34.0285 0x1264  applockerfltr - ok
23:14:34.0300 0x1264  AppReadiness - ok
23:14:34.0316 0x1264  AppXSvc - ok
23:14:34.0316 0x1264  arcsas - ok
23:14:34.0363 0x1264  [ 5FADDD04C9791FC24F8B282B34C1F5E0, ECA198C2585F0AE7657F193F659F2D70C817473046397825E9ABD4ECA86D9926 ] AsusSGDrv       C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys
23:14:34.0363 0x1264  AsusSGDrv - ok
23:14:34.0363 0x1264  AsyncMac - ok
23:14:34.0378 0x1264  atapi - ok
23:14:34.0394 0x1264  AudioEndpointBuilder - ok
23:14:34.0394 0x1264  Audiosrv - ok
23:14:34.0425 0x1264  autotimesvc - ok
23:14:34.0456 0x1264  AxInstSV - ok
23:14:34.0456 0x1264  b06bdrv - ok
23:14:34.0488 0x1264  [ 26E2320D24C66EB72B36EB71EBEF2558, 7D06B6499FE915480DF4DAD658281C8B85F7AD71F49B089A270AE0B45713F2E9 ] bam             C:\WINDOWS\system32\drivers\bam.sys
23:14:34.0488 0x1264  bam - ok
23:14:34.0550 0x1264  BasicDisplay - ok
23:14:34.0566 0x1264  BasicRender - ok
23:14:34.0597 0x1264  BcastDVRUserService - ok
23:14:34.0660 0x1264  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
23:14:34.0660 0x1264  bcmfn2 - ok
23:14:34.0691 0x1264  BDESVC - ok
23:14:34.0722 0x1264  [ 4280B427B81EB8C265F3206E2298761E, 121AF03BBE6ECC1622C2540805A30AE9555EB5D5FE25B55939C045ECE7FC37EB ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
23:14:34.0722 0x1264  Beep - ok
23:14:34.0738 0x1264  BFE - ok
23:14:34.0738 0x1264  bindflt - ok
23:14:34.0753 0x1264  BITS - ok
23:14:34.0785 0x1264  BluetoothUserService - ok
23:14:34.0816 0x1264  [ 73686FE0B2E0469F89FD2075BE724704, 4BC5BBA7ACB5BDA77251B82B9CF16C6A9EBBCC29760860A0F37ABDDF9288143F ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
23:14:34.0831 0x1264  Bonjour Service - ok
23:14:34.0831 0x1264  bowser - ok
23:14:34.0863 0x1264  BrokerInfrastructure - ok
23:14:34.0878 0x1264  BTAGService - ok
23:14:34.0894 0x1264  BthA2dp - ok
23:14:34.0894 0x1264  BthAvctpSvc - ok
23:14:34.0909 0x1264  BthEnum - ok
23:14:34.0925 0x1264  [ 54A6088904238C4C023A3A3B73BD0F6D, E1139629752B748A0B0A7C22F4E1DB18D93439B239AF258D3148377B275A3B51 ] BthHFAud        C:\WINDOWS\System32\drivers\BthHfAud.sys
23:14:34.0925 0x1264  BthHFAud - ok
23:14:34.0972 0x1264  [ 7AE44E94C6B1DF488AA309824DEAD643, 91C72C54142A0D4E5A5F33268850CEB8315AA30C2F0B74A9FFA962887ABAC797 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
23:14:34.0972 0x1264  BthHFEnum - ok
23:14:35.0019 0x1264  BthLEEnum - ok
23:14:35.0019 0x1264  BthMini - ok
23:14:35.0050 0x1264  [ 11D609CC74F0EB1DF6C0171331CDE9A1, 9412DC92F16C0B8A937D6FB1AD83D7169F4EC0F08FAE0E2B244346428CE99EE1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
23:14:35.0050 0x1264  BTHMODEM - ok
23:14:35.0097 0x1264  [ 3AB6DD0A13F9AA1BC6A71E942CC45770, C39E471BD757CA12635F283FFC4407989447739D36830E81E8DD3E63E363B3D7 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
23:14:35.0097 0x1264  BthPan - ok
23:14:35.0097 0x1264  BTHPORT - ok
23:14:35.0144 0x1264  [ D293AC628357F2F75B8579087F732970, 1E536D8863D695944214D55E9B0B4BFE04F705DB7ECA18A0CF8B37AAF4893B1E ] bthserv         C:\WINDOWS\system32\bthserv.dll
23:14:35.0144 0x1264  bthserv - ok
23:14:35.0144 0x1264  BTHUSB - ok
23:14:35.0175 0x1264  bttflt - ok
23:14:35.0175 0x1264  buttonconverter - ok
23:14:35.0206 0x1264  [ E7690568D2A5FA3D4E6D28B42358A122, CDBD820B6D383EC0A8151EA4300435C2BAD085EC55DB185C5E16CAF961443888 ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
23:14:35.0206 0x1264  CAD - ok
23:14:35.0253 0x1264  camsvc - ok
23:14:35.0284 0x1264  CaptureService - ok
23:14:35.0300 0x1264  cbdhsvc - ok
23:14:35.0300 0x1264  cdfs - ok
23:14:35.0331 0x1264  CDPSvc - ok
23:14:35.0347 0x1264  CDPUserSvc - ok
23:14:35.0378 0x1264  cdrom - ok
23:14:35.0394 0x1264  CertPropSvc - ok
23:14:35.0394 0x1264  cht4iscsi - ok
23:14:35.0394 0x1264  cht4vbd - ok
23:14:35.0394 0x1264  CimFS - ok
23:14:35.0425 0x1264  [ 115CC1E142CE29C9006D59943108DF47, 564FA08C5BEC6DAF1A83C80C9139A6E1AA7E05D251DB3BA379B57C9FDAE83E1B ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
23:14:35.0425 0x1264  circlass - ok
23:14:35.0441 0x1264  CldFlt - ok
23:14:35.0456 0x1264  CLFS - ok
23:14:35.0472 0x1264  ClipSVC - ok
23:14:35.0487 0x1264  CmBatt - ok
23:14:35.0503 0x1264  CNG - ok
23:14:35.0534 0x1264  [ A46B4D1484227900F7615FE2A569D828, A06B8002E7A708890222C777DDF8B67FED7015C0943C1FC4F9036E9F9DC14494 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
23:14:35.0534 0x1264  cnghwassist - ok
23:14:35.0566 0x1264  [ 99392FDADF3CE5EB47403E5A52866E6F, 63CEF51971EB85D9823CE9A95F1ED9907D20525ED8E32230068CC36E9082A8C3 ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys
23:14:35.0566 0x1264  CompositeBus - ok
23:14:35.0581 0x1264  COMSysApp - ok
23:14:35.0597 0x1264  condrv - ok
23:14:35.0612 0x1264  ConsentUxUserSvc - ok
23:14:35.0644 0x1264  CoreMessagingRegistrar - ok
23:14:35.0706 0x1264  [ E7F640743A8FFD1C41809B604ED01E12, D96A35F109E3CB01AC2C71D5B71225854853F211B076BC3218D499D80B29C210 ] cphs            C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHeciSvc.exe
23:14:35.0706 0x1264  cphs - ok
23:14:35.0753 0x1264  [ 3576075C251DDFCE2C105BCA5F173C71, E21FA07D21261E2583645969941DFEDCE1C4EAE690262161BFA0073697AB8D4A ] cplspcon        C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHDCPSvc.exe
23:14:35.0753 0x1264  cplspcon - ok
23:14:35.0784 0x1264  CredentialEnrollmentManagerUserSvc - ok
23:14:35.0800 0x1264  CredentialEnrollmentManagerUserSvc_281a1 - ok
23:14:35.0831 0x1264  CryptSvc - ok
23:14:35.0847 0x1264  dam - ok
23:14:35.0862 0x1264  DcomLaunch - ok
23:14:35.0878 0x1264  defragsvc - ok
23:14:35.0909 0x1264  DeviceAssociationBrokerSvc - ok
23:14:35.0956 0x1264  DeviceAssociationService - ok
23:14:35.0972 0x1264  DeviceInstall - ok
23:14:36.0003 0x1264  DevicePickerUserSvc - ok
23:14:36.0034 0x1264  DevicesFlowUserSvc - ok
23:14:36.0097 0x1264  [ F8BE99B9EA9B110F7CB3F46BA844C1FF, EABF953864C0AE4FB6426C0B7E92DD81EE4A8852081F9D2EA02B61D4C8DB6188 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
23:14:36.0097 0x1264  DevQueryBroker - ok
23:14:36.0112 0x1264  Dfsc - ok
23:14:36.0128 0x1264  Dhcp - ok
23:14:36.0159 0x1264  diagnosticshub.standardcollector.service - ok
23:14:36.0175 0x1264  diagsvc - ok
23:14:36.0190 0x1264  DiagTrack - ok
23:14:36.0315 0x1264  [ BEFAFF2DB70CD9E10E27C32E9C43B279, D89B43EBCD05662327D5851BDF1A8CB4C6E5FA7C6BD1241C230F50057BD35189 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
23:14:36.0315 0x1264  DigitalWave.Update.Service - ok
23:14:36.0347 0x1264  disk - ok
23:14:36.0362 0x1264  DispBrokerDesktopSvc - ok
23:14:36.0378 0x1264  DisplayEnhancementService - ok
23:14:36.0394 0x1264  DmEnrollmentSvc - ok
23:14:36.0409 0x1264  dmvsc - ok
23:14:36.0440 0x1264  [ 2E8A026D6680C301ADF6D4B301A4CE8B, 2FDB34E2A61457308B0FEC938A2D6351F63D02BB67DC87FE4F2534E0048C8E89 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
23:14:36.0440 0x1264  dmwappushservice - ok
23:14:36.0456 0x1264  Dnscache - ok
23:14:36.0472 0x1264  dot3svc - ok
23:14:36.0503 0x1264  [ 9E65C33CB7FB50453F7F4407070EAF53, A8707BD19D584DAECA39990A2E791194140AFCA4FCE31F23CC7E931DF8C17361 ] DPS             C:\WINDOWS\system32\dps.dll
23:14:36.0503 0x1264  DPS - ok
23:14:36.0534 0x1264  [ 225C4E9280B2AE38DCAA5E2FEFC437C2, DB52CEE6D99478B9858F41C440DE2856CC7A5A7E95F7CA7C2F2EED266DB4BDB1 ] dptf_acpi       C:\WINDOWS\System32\drivers\dptf_acpi.sys
23:14:36.0534 0x1264  dptf_acpi - ok
23:14:36.0581 0x1264  [ 4DD17AA07FA0A75E79B47E5B7F18964D, 157983BEAD4C8F7218E46392F8672E7052C8E81CF842A9E82DAA8AE8CC4020C9 ] dptf_cpu        C:\WINDOWS\System32\drivers\dptf_cpu.sys
23:14:36.0581 0x1264  dptf_cpu - ok
23:14:36.0612 0x1264  drmkaud - ok
23:14:36.0643 0x1264  DsmSvc - ok
23:14:36.0659 0x1264  DsSvc - ok
23:14:36.0690 0x1264  [ 81DF23EC4009D307479D5C169539CD67, 65AEE1E876CBE801A763F14930D15CF2E6A10697620B5903AA04BA30585A5676 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
23:14:36.0690 0x1264  DusmSvc - ok
23:14:36.0722 0x1264  DXGKrnl - ok
23:14:36.0722 0x1264  Eaphost - ok
23:14:36.0737 0x1264  ebdrv - ok
23:14:36.0847 0x1264  [ D21437C262283650E8349AFA573AC03A, 9C256D462F0640855E1AB3D2C658CB4EDD7E061EB2782FD03481196D5ED93DB5 ] edgeupdate      C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
23:14:36.0862 0x1264  edgeupdate - ok
23:14:36.0862 0x1264  [ D21437C262283650E8349AFA573AC03A, 9C256D462F0640855E1AB3D2C658CB4EDD7E061EB2782FD03481196D5ED93DB5 ] edgeupdatem     C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
23:14:36.0862 0x1264  edgeupdatem - ok
23:14:36.0893 0x1264  EFS - ok
23:14:36.0909 0x1264  EhStorClass - ok
23:14:36.0909 0x1264  EhStorTcgDrv - ok
23:14:36.0956 0x1264  embeddedmode - ok
23:14:36.0987 0x1264  EntAppSvc - ok
23:14:36.0987 0x1264  ErrDev - ok
23:14:37.0081 0x1264  [ 49EDBE0603232013F7247413407F713E, D834CD05D759B0A0CCFDACF56819C3A6A51E8B61CF2B355472A43B87E31CD9FD ] esifsvc         C:\WINDOWS\SysWOW64\esif_uf.exe
23:14:37.0096 0x1264  esifsvc - ok
23:14:37.0128 0x1264  [ A63C10A6A6B09FED00046DDD313C2CC1, 7DEC320019698CE8122FD02F39127E003895E2351F7C35F3D73D97030C34CAB2 ] esif_lf         C:\WINDOWS\system32\DRIVERS\esif_lf.sys
23:14:37.0128 0x1264  esif_lf - ok
23:14:37.0159 0x1264  EventLog - ok
23:14:37.0190 0x1264  EventSystem - ok
23:14:37.0206 0x1264  exfat - ok
23:14:37.0221 0x1264  fastfat - ok
23:14:37.0237 0x1264  Fax - ok
23:14:37.0237 0x1264  fdc - ok
23:14:37.0268 0x1264  [ 0439B82F6034ADA3E71C0C9F169082BD, 0918728669077235B2F2DB7EE22CE819FA570D8A7A497BA5F11E76774EA75099 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
23:14:37.0268 0x1264  fdPHost - ok
23:14:37.0300 0x1264  [ AD64C91B3CC71226785DCE688842E5AB, 056E1091468D268E7970045AB329EB3DFF48BB6B22448046A14C309678847B6E ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
23:14:37.0300 0x1264  FDResPub - ok
23:14:37.0331 0x1264  fhsvc - ok
23:14:37.0362 0x1264  [ 8E59D944EE4EFAED65A341A71297C4CD, CFFFD7007AB7FB04ECB44D0079BFE8EEB53AECC988135199C388AF425EBCF2AD ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
23:14:37.0362 0x1264  FileCrypt - ok
23:14:37.0362 0x1264  FileInfo - ok
23:14:37.0378 0x1264  Filetrace - ok
23:14:37.0425 0x1264  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:14:37.0425 0x1264  FLEXnet Licensing Service - ok
23:14:37.0425 0x1264  flpydisk - ok
23:14:37.0425 0x1264  FltMgr - ok
23:14:37.0456 0x1264  FontCache - ok
23:14:37.0487 0x1264  FrameServer - ok
23:14:37.0503 0x1264  FsDepends - ok
23:14:37.0503 0x1264  Fs_Rec - ok
23:14:37.0518 0x1264  fvevol - ok
23:14:37.0549 0x1264  [ A1E06E4E8CB863C74DE428D4D6681185, DA46502C009FD4C847A547610DEE2684A5A583467BF76009BD46104AAE2F6B1B ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
23:14:37.0549 0x1264  gencounter - ok
23:14:37.0596 0x1264  genericusbfn - ok
23:14:37.0721 0x1264  [ CEB710B82636DAAF38D9352E08C001A3, 15C34D5FCAD7826D8077E195FD8E06C7BD7E3AA45FEEB5B306702A0D22EB3E10 ] GoogleChromeElevationService C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\elevation_service.exe
23:14:37.0743 0x1264  GoogleChromeElevationService - ok
23:14:37.0743 0x1264  GPIOClx0101 - ok
23:14:37.0759 0x1264  gpsvc - ok
23:14:37.0790 0x1264  [ 8C06046B6A8C1ACDAEA15682058FDFB4, 3E0CC301249B7D8D5BEB932F4DFD1EAB8037679EC153772F63B430713903B0AC ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
23:14:37.0790 0x1264  GpuEnergyDrv - ok
23:14:37.0837 0x1264  GraphicsPerfSvc - ok
23:14:37.0868 0x1264  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:14:37.0868 0x1264  gupdate - ok
23:14:37.0884 0x1264  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:14:37.0884 0x1264  gupdatem - ok
23:14:37.0899 0x1264  HdAudAddService - ok
23:14:37.0915 0x1264  HDAudBus - ok
23:14:37.0962 0x1264  [ 43A139D3274C0A4213965ACEF973691F, 0BDE75566F12F9875088CEEEB79B95F21D92B921C513EE163330CBB890F9D145 ] hddrsrv         C:\Program Files (x86)\HDD Regenerator\hrsrv.exe
23:14:37.0962 0x1264  hddrsrv - ok
23:14:37.0993 0x1264  HidBatt - ok
23:14:38.0009 0x1264  HidBth - ok
23:14:38.0009 0x1264  hidi2c - ok
23:14:38.0009 0x1264  hidinterrupt - ok
23:14:38.0055 0x1264  [ 6B46E3061EC0523CB46ED28060FCD946, 6089305AF73CC584963865482448CD5CA4252EC9BD3E72AF16D45E4F95C3EBF2 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
23:14:38.0055 0x1264  HidIr - ok
23:14:38.0071 0x1264  hidserv - ok
23:14:38.0087 0x1264  hidspi - ok
23:14:38.0102 0x1264  [ 2866EE966A0D19307E247A22BE110522, F11B8F5A3344AF5B48C411F5547E1589987C6A63CF2DFCAC80044B98AF4BDD63 ] HIDSwitch       C:\WINDOWS\System32\drivers\AsRadioControl.sys
23:14:38.0102 0x1264  HIDSwitch - ok
23:14:38.0118 0x1264  HidUsb - ok
23:14:38.0133 0x1264  HpSAMD - ok
23:14:38.0133 0x1264  HTTP - ok
23:14:38.0165 0x1264  [ 849A66D34BC2DAD0044FAC2FEE1AF956, A5F6858AA556D9180C303EA3ED02EB6D6D8EB55A100B3918654281A01198D8E8 ] hvcrash         C:\WINDOWS\System32\drivers\hvcrash.sys
23:14:38.0165 0x1264  hvcrash - ok
23:14:38.0196 0x1264  [ 855F55BB462B7D8B6BC31A94A592DF3D, 776C772E69CF9D81D8511201813DD79F2106DC7D2547B4FA700432AE9B73C202 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
23:14:38.0196 0x1264  HvHost - ok
23:14:38.0227 0x1264  hvservice - ok
23:14:38.0258 0x1264  [ 5DC7DFED5FEDD923B874B51D0C6752BB, 69714A8B74EB02282572B34E156051FFC10693B816905CE18A8C6C8CCB95B846 ] HwNClx0101      C:\WINDOWS\system32\Drivers\mshwnclx.sys
23:14:38.0258 0x1264  HwNClx0101 - ok
23:14:38.0274 0x1264  hwpolicy - ok
23:14:38.0274 0x1264  hyperkbd - ok
23:14:38.0274 0x1264  HyperVideo - ok
23:14:38.0274 0x1264  i8042prt - ok
23:14:38.0274 0x1264  iagpio - ok
23:14:38.0274 0x1264  iai2c - ok
23:14:38.0290 0x1264  iaLPSS2i_GPIO2 - ok
23:14:38.0305 0x1264  iaLPSS2i_GPIO2_BXT_P - ok
23:14:38.0305 0x1264  iaLPSS2i_GPIO2_CNL - ok
23:14:38.0305 0x1264  iaLPSS2i_GPIO2_GLK - ok
23:14:38.0305 0x1264  iaLPSS2i_I2C - ok
23:14:38.0305 0x1264  iaLPSS2i_I2C_BXT_P - ok
23:14:38.0305 0x1264  iaLPSS2i_I2C_CNL - ok
23:14:38.0321 0x1264  iaLPSS2i_I2C_GLK - ok
23:14:38.0321 0x1264  iaLPSSi_GPIO - ok
23:14:38.0321 0x1264  iaLPSSi_I2C - ok
23:14:38.0321 0x1264  iaStorAVC - ok
23:14:38.0321 0x1264  iaStorV - ok
23:14:38.0337 0x1264  ibbus - ok
23:14:38.0352 0x1264  icssvc - ok
23:14:38.0852 0x1264  [ FC3D524D96A84D28497A4FEC4E2AEC42, F4A01312244114071F01AD1CBDA68C9D006547AB52B34EF2F7D2FE1DFEB4520C ] igfx            C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igdkmd64.sys
23:14:39.0118 0x1264  igfx - ok
23:14:39.0180 0x1264  [ 1138664D39E0AFE51DFC8F4B178F4F5C, 10A8A12B7B05D797E3A9A0E9A33E97147D5ED3D3302ED32D0EB7E67D8EA96C62 ] igfxCUIService2.0.0.0 C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxCUIService.exe
23:14:39.0180 0x1264  igfxCUIService2.0.0.0 - ok
23:14:39.0211 0x1264  IKEEXT - ok
23:14:39.0227 0x1264  IndirectKmd - ok
23:14:39.0243 0x1264  InstallService - ok
23:14:39.0368 0x1264  [ AFCB27F3F1CB2AA58DE2058B730BA21E, 05AA20CE4BF3DD66E64C6FD2CEA6B39C838251C488FE1F4860118B168144172F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
23:14:39.0430 0x1264  IntcAzAudAddService - ok
23:14:39.0493 0x1264  [ 380EDC712EF93AB5AAAD6F8EF7808679, 733709D6AAD2222A38A909102E0CF7525F4AB9C7E4AE7A9533C6A668B1552AF9 ] IntcDAud        C:\WINDOWS\System32\DriverStore\FileRepository\intcdaud.inf_amd64_0d54ec4feb82b9c1\IntcDAud.sys
23:14:39.0508 0x1264  IntcDAud - ok
23:14:39.0524 0x1264  intelide - ok
23:14:39.0555 0x1264  intelpep - ok
23:14:39.0586 0x1264  [ AECBF5BE2F9A2A50B978E0BF31041A81, A62F436C66DEFEB438A7891857DFB830995714A7E4FE4BDCA6B4EB1606BD2101 ] intelpmax       C:\WINDOWS\System32\drivers\intelpmax.sys
23:14:39.0586 0x1264  intelpmax - ok
23:14:39.0618 0x1264  intelppm - ok
23:14:39.0633 0x1264  iorate - ok
23:14:39.0633 0x1264  IpFilterDriver - ok
23:14:39.0649 0x1264  iphlpsvc - ok
23:14:39.0664 0x1264  IPMIDRV - ok
23:14:39.0696 0x1264  [ F63572DF4295C78B3F7036AEDA878176, B71EB3CC4EC95BC9A3FA217736C6C36C756935714D7E16E34C05D913B829CB9C ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
23:14:39.0696 0x1264  IPNAT - ok
23:14:39.0711 0x1264  [ B5B6D1F86E40E785D6650DB923DB6BEA, 7A2D92A2274E0379B5FA6351D18E2F0DD55960BB783EA3528FE9E303E1A4256D ] IPT             C:\WINDOWS\System32\drivers\ipt.sys
23:14:39.0711 0x1264  IPT - ok
23:14:39.0727 0x1264  [ 77494E26B28465D2A09B9455F8A3B34E, B778D4BC71A5F5CF687175CA53AC342E4740156D4B96E6E96D918BD46C2C1459 ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
23:14:39.0742 0x1264  IpxlatCfgSvc - ok
23:14:39.0758 0x1264  isapnp - ok
23:14:39.0789 0x1264  iScsiPrt - ok
23:14:39.0821 0x1264  ItSas35i - ok
23:14:39.0821 0x1264  kbdclass - ok
23:14:39.0821 0x1264  kbdhid - ok
23:14:39.0821 0x1264  kdnic - ok
23:14:39.0836 0x1264  KeyIso - ok
23:14:39.0899 0x1264  [ 58F379760B519E358F7C46FF4D7FB49E, 5DF3317D507D8E56D7434167CA81E01826970736387524F240D8A2484307AC31 ] klupd_3fbaaaf5a_arkmon_58F37976 C:\KVRT2020_Data\Temp\58F379760B519E358F7C46FF4D7FB49E\klupd_3fbaaaf5a_arkmon.sys
23:14:39.0914 0x1264  klupd_3fbaaaf5a_arkmon_58F37976 - ok
23:14:39.0914 0x1264  KSecDD - ok
23:14:39.0930 0x1264  KSecPkg - ok
23:14:39.0930 0x1264  ksthunk - ok
23:14:39.0961 0x1264  [ DAE67BD7EC6ED569438F5CA38BFBB458, 672CA98525D6DD799A01A3BC3A62AB7B4544D62ECEB3615FAC05BFB97B389D23 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
23:14:39.0977 0x1264  KtmRm - ok
23:14:39.0992 0x1264  LanmanServer - ok
23:14:40.0024 0x1264  LanmanWorkstation - ok
23:14:40.0071 0x1264  [ A997488F4EDAAD59C748CF9FB1D9DAC0, A0B145041F984DD4E0A6F8D0E9C8363DA6F2DA7460E140F028C320CEAC03759C ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
23:14:40.0071 0x1264  lfsvc - ok
23:14:40.0117 0x1264  LicenseManager - ok
23:14:40.0164 0x1264  [ 78779BD92081CB27967E77561683AFBE, 05EC91E194336D1BB1EE323E70FAC54F6DC0CEF53FD4925F394399531A37A0DD ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
23:14:40.0164 0x1264  lltdio - ok
23:14:40.0227 0x1264  lltdsvc - ok
23:14:40.0258 0x1264  lmhosts - ok
23:14:40.0289 0x1264  LSI_SAS - ok
23:14:40.0289 0x1264  LSI_SAS2i - ok
23:14:40.0320 0x1264  LSI_SAS3i - ok
23:14:40.0336 0x1264  LSI_SSS - ok
23:14:40.0399 0x1264  LSM - ok
23:14:40.0414 0x1264  luafv - ok
23:14:40.0477 0x1264  LxpSvc - ok
23:14:40.0524 0x1264  [ AE03D8F1B7863268EAED2FE0105ED75F, F5172A1A3E24FC5271FCB0118861EA0EC33AA8ABB01AE9CAD50E2F032B92486C ] MapsBroker      C:\WINDOWS\System32\moshost.dll
23:14:40.0539 0x1264  MapsBroker - ok
23:14:40.0539 0x1264  mausbhost - ok
23:14:40.0539 0x1264  mausbip - ok
23:14:40.0586 0x1264  [ BF46AFE0CC03D9A5883E74438170B841, 43309A4DBCF15F09AB3066E96C498785C4F41DBCA8467B0385FCA467AE370980 ] MbamElam        C:\WINDOWS\system32\DRIVERS\MbamElam.sys
23:14:40.0586 0x1264  MbamElam - ok
23:14:40.0961 0x1264  [ FB25AE35C2F43CB6E3A1C03712DD30E9, 73DEC3F28C660223736C825B2EDEB42991B0631DFC98E34F31B8BA2D9019DB49 ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
23:14:41.0070 0x1264  MBAMService - ok
23:14:41.0102 0x1264  [ 0B17A8F4956ABD5FA1A0851B59FF960E, 1B62082ACA96EF78A61AFDB33EF77260292C5D08E5E35B56F7F8F0A3A837ED9B ] MBAMSwissArmy   C:\WINDOWS\System32\Drivers\mbamswissarmy.sys
23:14:41.0102 0x1264  MBAMSwissArmy - ok
23:14:41.0117 0x1264  MbbCx - ok
23:14:41.0133 0x1264  megasas - ok
23:14:41.0133 0x1264  megasas2i - ok
23:14:41.0133 0x1264  megasas35i - ok
23:14:41.0133 0x1264  megasr - ok
23:14:41.0164 0x1264  [ F593D1CD9C4FFC8D0087E75C18587A30, 29C7FD01E6200E09206957BC65243F95437385BC386E68C3DCF9696EC360723C ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
23:14:41.0180 0x1264  MEIx64 - ok
23:14:41.0195 0x1264  MessagingService - ok
23:14:41.0336 0x1264  [ 1FDCF3C97FE80943C23BFEC9F8D6BCDF, 646BB6496565C1D0C59192E53905E180789F634B64B3A0E197E67F88A526B4C0 ] MicrosoftEdgeElevationService C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.70\elevation_service.exe
23:14:41.0351 0x1264  MicrosoftEdgeElevationService - ok
23:14:41.0398 0x1264  [ B74FFC6301B3312A9F59E04E487BC72A, 76F71824E80D10EB71BEDE5EE3A64CAD7CAC3DDFBB6670D1537E6B75FF0217E9 ] Microsoft_Bluetooth_AvrcpTransport C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys
23:14:41.0398 0x1264  Microsoft_Bluetooth_AvrcpTransport - ok
23:14:41.0414 0x1264  MixedRealityOpenXRSvc - ok
23:14:41.0445 0x1264  mlx4_bus - ok
23:14:41.0461 0x1264  MMCSS - ok
23:14:41.0461 0x1264  Modem - ok
23:14:41.0476 0x1264  monitor - ok
23:14:41.0476 0x1264  mouclass - ok
23:14:41.0492 0x1264  mouhid - ok
23:14:41.0492 0x1264  mountmgr - ok
23:14:41.0523 0x1264  [ 198BDD455A94A093B00D1BDF64D77E92, 645309E4C87765C95C8278A59CC2A460D3A4257469A796CA2DFC8A2BC5059A1C ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:14:41.0523 0x1264  MozillaMaintenance - ok
23:14:41.0617 0x1264  MpKsla93abb8a - ok
23:14:41.0617 0x1264  mpsdrv - ok
23:14:41.0648 0x1264  mpssvc - ok
23:14:41.0680 0x1264  [ 186251D6489F7470616862DD15644177, CC06B99F3F67A90E0B5FC3B2FD7A0DBB23B0D766DDCC94FF6C72B1C2C6C913DF ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
23:14:41.0680 0x1264  MRxDAV - ok
23:14:41.0695 0x1264  mrxsmb - ok
23:14:41.0711 0x1264  mrxsmb20 - ok
23:14:41.0742 0x1264  [ E587396A4C8151ABBF13A96C4465DE31, A3AA5D51E34657479CFCDC3DBB7821B7255F7CB57D5686B7F709A7953AD537EB ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
23:14:41.0742 0x1264  MsBridge - ok
23:14:41.0773 0x1264  [ 2EF846AC66E181BE820B513DBC15B5D2, EDFE71025C352D0DABEC7B9506C5945BB0EC11F8DB540DB8CB1116C2EA1648A8 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
23:14:41.0773 0x1264  MSDTC - ok
23:14:41.0773 0x1264  Msfs - ok
23:14:41.0820 0x1264  [ 6092FD060EC4132A799BDAD61845DDB7, B45F9D3A71FC8A73AED3C5B8CF6F14A25EBDD3D4D47C9F39FFCD75C7D22F4A9E ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
23:14:41.0820 0x1264  msgpiowin32 - ok
23:14:41.0836 0x1264  mshidkmdf - ok
23:14:41.0867 0x1264  [ 9E90FE6DF363D2427A5C773120E7B27D, 1FDB7E28CCAF757603C4B754E1AC9C470E5E60E85DE067375902F108F5E34608 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
23:14:41.0867 0x1264  mshidumdf - ok
23:14:41.0867 0x1264  msisadrv - ok
23:14:41.0883 0x1264  MSiSCSI - ok
23:14:41.0883 0x1264  msiserver - ok
23:14:41.0898 0x1264  MSKSSRV - ok
23:14:41.0929 0x1264  [ 9FB5040C8CEAE4C32B7884ECBBCAFDAF, 0EC3E53C5B1B202440DE22A5BF7E1EBE9AF5BBB6BA69DB9D018A6D8EC97B477E ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
23:14:41.0929 0x1264  MsLldp - ok
23:14:41.0929 0x1264  MSPCLOCK - ok
23:14:41.0945 0x1264  MSPQM - ok
23:14:41.0961 0x1264  MsQuic - ok
23:14:41.0961 0x1264  MsRPC - ok
23:14:41.0976 0x1264  mssmbios - ok
23:14:41.0976 0x1264  MSTEE - ok
23:14:41.0976 0x1264  MTConfig - ok
23:14:41.0992 0x1264  Mup - ok
23:14:42.0008 0x1264  mvumis - ok
23:14:42.0023 0x1264  NativeWifiP - ok
23:14:42.0054 0x1264  NaturalAuthentication - ok
23:14:42.0070 0x1264  [ D47A20839608B8213065D7AFC8C42195, 7B0187BE9705ED2F925616C13B3744BAC0A9C96B21BE503D96BC9EE7EE125B33 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
23:14:42.0086 0x1264  NcaSvc - ok
23:14:42.0133 0x1264  NcbService - ok
23:14:42.0148 0x1264  [ 8C938E851CDF2CE30BBEA14555B61820, F853F526C811893BD40B1124BAEC543099381E7BF091729B6A6665DF3CE10B94 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
23:14:42.0164 0x1264  NcdAutoSetup - ok
23:14:42.0164 0x1264  ndfltr - ok
23:14:42.0164 0x1264  NDIS - ok
23:14:42.0195 0x1264  [ 6BEC0929C7A7BF2A7C44F585ECC7DAEB, 5F6395268CBD26A4B90960479040C114B2C8A3F24C188C2D5F62D6AB43A637D1 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
23:14:42.0195 0x1264  NdisCap - ok
23:14:42.0211 0x1264  NdisImPlatform - ok
23:14:42.0211 0x1264  NdisTapi - ok
23:14:42.0211 0x1264  Ndisuio - ok
23:14:42.0226 0x1264  NdisVirtualBus - ok
23:14:42.0242 0x1264  NdisWan - ok
23:14:42.0242 0x1264  ndiswanlegacy - ok
23:14:42.0273 0x1264  [ 33CDAEDC7CBE8339A8324CEC2461BFB4, DAAEACDB4506D2BDDED61957D92FB4983E11D9CE6E7B25119B4CBFB431C945F4 ] NDKPing         C:\WINDOWS\system32\drivers\NDKPing.sys
23:14:42.0273 0x1264  NDKPing - ok
23:14:42.0273 0x1264  ndproxy - ok
23:14:42.0320 0x1264  [ 77621E74FD79B267071A0D12C643A48A, 8228B7D1237A0FFABCCC150B299EA494C8F0CB4CCB51AB0DBFF08CBAA9EFC4BB ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
23:14:42.0320 0x1264  Ndu - ok
23:14:42.0351 0x1264  NetAdapterCx - ok
23:14:42.0351 0x1264  NetBIOS - ok
23:14:42.0351 0x1264  NetBT - ok
23:14:42.0367 0x1264  Netlogon - ok
23:14:42.0383 0x1264  Netman - ok
23:14:42.0398 0x1264  netprofm - ok
23:14:42.0414 0x1264  NetSetupSvc - ok
23:14:42.0507 0x1264  [ B9D455C60292DF5FCB064834CA5802AA, 75DCE4E5FA08CCEAF4D3D30FE8E26903FCDD14CC852E820F63B40F374C706DBD ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:14:42.0507 0x1264  NetTcpPortSharing - ok
23:14:42.0539 0x1264  netvsc - ok
23:14:42.0554 0x1264  NgcCtnrSvc - ok
23:14:42.0570 0x1264  NgcSvc - ok
23:14:42.0586 0x1264  NlaSvc - ok
23:14:42.0586 0x1264  Npfs - ok
23:14:42.0601 0x1264  npsvctrig - ok
23:14:42.0601 0x1264  nsi - ok
23:14:42.0601 0x1264  nsiproxy - ok
23:14:42.0617 0x1264  Ntfs - ok
23:14:42.0617 0x1264  Null - ok
23:14:42.0617 0x1264  nvdimm - ok
23:14:43.0085 0x1264  [ EF49AC0CC9A9C8D3714A053FA7AD62F3, 7103736FDEFFEF44DD5B4533F04BE27E0335C13B143A4D02DF01D9B224ED4E8B ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvlddmkm.sys
23:14:43.0304 0x1264  nvlddmkm - ok
23:14:43.0351 0x1264  nvraid - ok
23:14:43.0351 0x1264  nvstor - ok
23:14:43.0414 0x1264  OneSyncSvc - ok
23:14:43.0445 0x1264  p2pimsvc - ok
23:14:43.0476 0x1264  [ DA97CD5815EC123BC88382C08D465B9E, 46F5EA2E3D590FB10E14BC811612B6EF87C805B359A652D2C6BFE4840D5D6AA2 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
23:14:43.0492 0x1264  p2psvc - ok
23:14:43.0492 0x1264  Parport - ok
23:14:43.0492 0x1264  partmgr - ok
23:14:43.0507 0x1264  PcaSvc - ok
23:14:43.0538 0x1264  pci - ok
23:14:43.0538 0x1264  pciide - ok
23:14:43.0538 0x1264  pcmcia - ok
23:14:43.0538 0x1264  pcw - ok
23:14:43.0554 0x1264  pdc - ok
23:14:43.0554 0x1264  PEAUTH - ok
23:14:43.0617 0x1264  perceptionsimulation - ok
23:14:43.0617 0x1264  percsas2i - ok
23:14:43.0632 0x1264  percsas3i - ok
23:14:43.0695 0x1264  [ 2FC7CFCEDBF7E038351C7CEB1036D2E1, 41D7DA706F0CF613DF768B6795CD09C5C1035F9F101051FB58F5042EB4352DB6 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
23:14:43.0695 0x1264  PerfHost - ok
23:14:43.0742 0x1264  PhoneSvc - ok
23:14:43.0757 0x1264  PimIndexMaintenanceSvc - ok
23:14:43.0788 0x1264  PktMon - ok
23:14:43.0851 0x1264  [ 9E431A5D697432DD6F4DB48C9A185104, 44C16E194258C9143A45F4022F9C5DE229E217D6FF7F944F105FE631BE9EF4A7 ] pla             C:\WINDOWS\system32\pla.dll
23:14:43.0867 0x1264  pla - ok
23:14:43.0898 0x1264  PlugPlay - ok
23:14:43.0929 0x1264  pmem - ok
23:14:43.0945 0x1264  [ 2769F200292C0F941A10BD60C33EA4A6, B8345C32585C45E6248D7194B1071F2B8617718E7C9B270AAF44C132D029DB4C ] PNPMEM          C:\WINDOWS\System32\drivers\pnpmem.sys
23:14:43.0945 0x1264  PNPMEM - ok
23:14:43.0976 0x1264  [ 658AE979148B53945444D485703A0111, 11C072E99563250CB8FA57D3027EE64A209FCCD66C740DDF491CB3C42E1BE3A0 ] pnpnptool       C:\WINDOWS\system32\Drivers\pnpnptool.sys
23:14:43.0976 0x1264  pnpnptool - ok
23:14:44.0007 0x1264  [ 6AAAC8AD69AEFBE5FE04738B687EE85E, 83427082298E2FC021D5D39A43DB4A5783D95213F2CA8D3A997DB6C815BD9CB2 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
23:14:44.0007 0x1264  PNRPAutoReg - ok
23:14:44.0007 0x1264  PNRPsvc - ok
23:14:44.0038 0x1264  [ EC378D865C1CF4A9AA96348599238AD5, 26211B2452CE2B71F5EB28688B4F0B60DE55FBD447DAA8920A1C3C16BCB11A3E ] pnusbd          C:\WINDOWS\system32\Drivers\pnusbd.sys
23:14:44.0038 0x1264  pnusbd - ok
23:14:44.0070 0x1264  [ 6FDC12417B425BAB647BEAD5CD6D1220, AB5B52F2AB55805C086DEB6291C511FC3FD4F341F1B1FD061E83A9B68808E4BD ] pnusbvirtualhubwssrv C:\WINDOWS\system32\pnusbvirtualhubwssrv.exe
23:14:44.0085 0x1264  pnusbvirtualhubwssrv - ok
23:14:44.0116 0x1264  PolicyAgent - ok
23:14:44.0116 0x1264  portcfg - ok
23:14:44.0148 0x1264  Power - ok
23:14:44.0148 0x1264  PptpMiniport - ok
23:14:44.0288 0x1264  [ 207791C6CF332C53C72BB2E66AB13C6E, 1F067D862ECE38294B8ACDFEC0F50A82F1E4B1B5A6ACDB7A8F5EC6D0B7D9C3A5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
23:14:44.0335 0x1264  PrintNotify - ok
23:14:44.0382 0x1264  PrintWorkflowUserSvc - ok
23:14:44.0413 0x1264  Processor - ok
23:14:44.0413 0x1264  ProfSvc - ok
23:14:44.0429 0x1264  Psched - ok
23:14:44.0460 0x1264  PushToInstall - ok
23:14:44.0491 0x1264  [ 2F3808790D517E5E5E6ABF7177875C02, BE1A79A6498697EB86FC29638324A853197B49BC06AE3EB1130793F710926998 ] QWAVE           C:\WINDOWS\system32\qwave.dll
23:14:44.0491 0x1264  QWAVE - ok
23:14:44.0538 0x1264  [ CE51A9A997D2830C6C64A36D7F8D8879, 706D683CAF92C259C121222446D34ED43F6E8872407C3615E2ED118ACD24D21D ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
23:14:44.0538 0x1264  QWAVEdrv - ok
23:14:44.0538 0x1264  Ramdisk - ok
23:14:44.0554 0x1264  RasAcd - ok
23:14:44.0569 0x1264  RasAgileVpn - ok
23:14:44.0569 0x1264  RasAuto - ok
23:14:44.0569 0x1264  Rasl2tp - ok
23:14:44.0601 0x1264  RasMan - ok
23:14:44.0601 0x1264  RasPppoe - ok
23:14:44.0601 0x1264  RasSstp - ok
23:14:44.0601 0x1264  rdbss - ok
23:14:44.0632 0x1264  [ B7BAD23CA994EFF8EA11261626326004, 056495FB4A54984CE9D28D7B45550990D4A4B0736669F0F69138BEF51A695EFA ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
23:14:44.0632 0x1264  rdpbus - ok
23:14:44.0648 0x1264  RDPDR - ok
23:14:44.0663 0x1264  RdpVideoMiniport - ok
23:14:44.0710 0x1264  [ B4A6F3BFB5A07DAF4E18C14A6337A226, F906865E349390D24A3DCBC563154BBB9F307B97361832BE93BC9D44A9F3B486 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
23:14:44.0710 0x1264  rdyboost - ok
23:14:44.0726 0x1264  ReFS - ok
23:14:44.0757 0x1264  ReFSv1 - ok
23:14:44.0773 0x1264  RemoteAccess - ok
23:14:44.0819 0x1264  [ 58B3C0A2B0C130838588EF519ADCE495, 60360DD8EA1802C8F95EB93531FF9666BE1148253E6A1BD706D4CA98955C0F6E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
23:14:44.0819 0x1264  RemoteRegistry - ok
23:14:44.0851 0x1264  RetailDemo - ok
23:14:44.0882 0x1264  [ D2EE9CCE0187C616E50D61EB30ECA262, 825C918D22FC8DBF3EE9BDB41D121A0AC3CCBFFBA147E2B26F0197552E0675DE ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
23:14:44.0882 0x1264  RFCOMM - ok
23:14:44.0929 0x1264  [ 4DD0EFE49F0C020DAFEAE6F5F231362C, DF04978AF6CD34C8251B3DDE381CD77518684DCB1D2B16BD2DAFEE63AC9D5858 ] rhproxy         C:\WINDOWS\System32\drivers\rhproxy.sys
23:14:44.0929 0x1264  rhproxy - ok
23:14:45.0023 0x1264  [ C7463D0A8E63A2C2F89E03F98E9EE63F, A1520FAF11CAD2F5785C90F80D1C641AC5B5F8A49216D287D67A4BFF99D8F989 ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
23:14:45.0023 0x1264  RichVideo64 - ok
23:14:45.0069 0x1264  RmSvc - ok
23:14:45.0085 0x1264  RpcEptMapper - ok
23:14:45.0116 0x1264  [ D45676C47616B9ABBFAEC97DD3B240A8, E13985D667F66B7A0082356F23270F61A57B8C2DD211B1E09D66D7970D7B4D6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
23:14:45.0116 0x1264  RpcLocator - ok
23:14:45.0132 0x1264  RpcSs - ok
23:14:45.0163 0x1264  [ EABD30C39742A79913B595A5B6F809D4, 9067160F566220A2B21FEEE181729A796A3F3EECF75FFB75815BE5CCC7BBA64F ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
23:14:45.0163 0x1264  rspndr - ok
23:14:45.0194 0x1264  rt640x64 - ok
23:14:45.0226 0x1264  [ 071F3F3ABBA1AC01476DE5C315CD1AB7, 1C87A3371870729CF4CADAE6F659B8751DA7D65F96D657219B6798C677AC266D ] RtkBtFilter     C:\WINDOWS\System32\drivers\RtkBtfilter.sys
23:14:45.0241 0x1264  RtkBtFilter - ok
23:14:45.0257 0x1264  [ C775E284F00D8F727BA4B5FC3A6B4036, 5EE2D867C170F27F017916D1DAE904D0C7A57745F5030271C1D1DCF92CD90953 ] RtkBtManServ    C:\WINDOWS\RtkBtManServ.exe
23:14:45.0257 0x1264  RtkBtManServ - ok
23:14:45.0288 0x1264  [ B483E22E200D5428E675B07266A72F84, EE69424C758C312FFEAF1DAF6B8E625DDFD3B35BAEBF31A36943E318F45D0EE8 ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
23:14:45.0288 0x1264  RTSUER - ok
23:14:45.0507 0x1264  [ D54D644454F0EA860FFBA0EDF9B3951E, 9EBA55A4A00534F9BFC98AE3F9F7C36247CB2904514DC572FE8014A6F1ED56A1 ] RTWlanE01       C:\WINDOWS\System32\drivers\rtwlane01.sys
23:14:45.0600 0x1264  RTWlanE01 - ok
23:14:45.0632 0x1264  [ 5914CC0C1E99A3C1711BDB1E224526D1, 54BB8636F27282B396D487B3FEA8BD73F2F6FE6DA4DE8D718EE498F75A6A5DCE ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
23:14:45.0632 0x1264  s3cap - ok
23:14:45.0647 0x1264  SamSs - ok
23:14:45.0679 0x1264  sbp2port - ok
23:14:45.0694 0x1264  SCardSvr - ok
23:14:45.0710 0x1264  ScDeviceEnum - ok
23:14:45.0725 0x1264  scfilter - ok
23:14:45.0741 0x1264  Schedule - ok
23:14:45.0772 0x1264  scmbus - ok
23:14:45.0772 0x1264  SCPolicySvc - ok
23:14:45.0804 0x1264  sdbus - ok
23:14:45.0850 0x1264  [ 3200667DB433F0A2032FAF4DC02E2089, 5E940CA63AD21CEA08C334AC61D985BAFDBA7DCB2D388F355B5C72EFA3E23E0A ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
23:14:45.0850 0x1264  SDFRd - ok
23:14:45.0866 0x1264  SDRSVC - ok
23:14:45.0866 0x1264  sdstor - ok
23:14:45.0897 0x1264  [ 016706A76857F914C99D2472B1E79BF9, 39A114EB591E243E0429DA7279413F046626DE7B52E057DDBCD26A0A1BF327FB ] seclogon        C:\WINDOWS\system32\seclogon.dll
23:14:45.0897 0x1264  seclogon - ok
23:14:45.0929 0x1264  SecurityHealthService - ok
23:14:45.0944 0x1264  SEMgrSvc - ok
23:14:45.0960 0x1264  [ 1EA7972A4C7163FF1D3EFE9988404D4E, 56A94B1617815C1E8A79D832B0F0CBA683C3080105CC4C87DBB9B8EAB4CD2690 ] SENS            C:\WINDOWS\System32\sens.dll
23:14:45.0975 0x1264  SENS - ok
23:14:46.0022 0x1264  SensorDataService - ok
23:14:46.0038 0x1264  SensorService - ok
23:14:46.0085 0x1264  [ 0BCFFAD6F3B180DD60C941B01768F733, A0B73C1BF636F14504B69606999287B6FE148C958A4F6E31E9022FF129A048E0 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
23:14:46.0085 0x1264  SensrSvc - ok
23:14:46.0116 0x1264  SerCx - ok
23:14:46.0116 0x1264  SerCx2 - ok
23:14:46.0116 0x1264  Serenum - ok
23:14:46.0132 0x1264  Serial - ok
23:14:46.0132 0x1264  sermouse - ok
23:14:46.0147 0x1264  SessionEnv - ok
23:14:46.0147 0x1264  sfloppy - ok
23:14:46.0178 0x1264  [ C05648C2BE6176BE557D9C7F02916388, C65D8FEDDCD9A52B04F42C64DAD2A499BF51246D36042E8DC09DD04C4C0B7BEE ] SgrmAgent       C:\WINDOWS\system32\drivers\SgrmAgent.sys
23:14:46.0178 0x1264  SgrmAgent - ok
23:14:46.0210 0x1264  SgrmBroker - ok
23:14:46.0225 0x1264  SharedAccess - ok
23:14:46.0288 0x1264  SharedRealitySvc - ok
23:14:46.0335 0x1264  [ BE44F2B19C4F61FED874C7FE26DF92AA, 07888C7575A1D7D46AE375B1CE6C13665CCEE0F0672EA8FDE71B955B5BC0EA70 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:14:46.0335 0x1264  ShellHWDetection - ok
23:14:46.0350 0x1264  shpamsvc - ok
23:14:46.0366 0x1264  SiSRaid2 - ok
23:14:46.0382 0x1264  SiSRaid4 - ok
23:14:46.0382 0x1264  SmartSAMD - ok
23:14:46.0413 0x1264  smphost - ok
23:14:46.0428 0x1264  SmsRouter - ok
23:14:46.0444 0x1264  [ 1971BBC71602B928CF9257759E3C05E8, 9D665698FF26ED333AD385B4B7A6C0F2B6806371D278E281FA4188002A5317E8 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
23:14:46.0460 0x1264  SNMPTRAP - ok
23:14:46.0491 0x1264  [ 27B7D9E872939EBB34C30343F991893D, 879AFDC8C50487ED0D3CB58C70A206E185F94BE75C25C31C387F3F08740771F9 ] spaceparser     C:\WINDOWS\system32\drivers\spaceparser.sys
23:14:46.0491 0x1264  spaceparser - ok
23:14:46.0507 0x1264  spaceport - ok
23:14:46.0538 0x1264  [ AB3BDEC793187CEDF1229AC98BB7DEDF, D2EA0C5FC534C89310207AA26A8816B30FEEF3F2708A067D8BB93D3CFF9C3936 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
23:14:46.0538 0x1264  SpatialGraphFilter - ok
23:14:46.0538 0x1264  SpbCx - ok
23:14:46.0569 0x1264  spectrum - ok
23:14:46.0585 0x1264  Spooler - ok
23:14:46.0600 0x1264  sppsvc - ok
23:14:46.0600 0x1264  srv2 - ok
23:14:46.0616 0x1264  srvnet - ok
23:14:46.0616 0x1264  SSDPSRV - ok
23:14:46.0694 0x1264  ssh-agent - ok
23:14:46.0710 0x1264  SstpSvc - ok
23:14:46.0725 0x1264  StateRepository - ok
23:14:46.0741 0x1264  stexstor - ok
23:14:46.0756 0x1264  stisvc - ok
23:14:46.0756 0x1264  storahci - ok
23:14:46.0788 0x1264  storflt - ok
23:14:46.0819 0x1264  stornvme - ok
23:14:46.0819 0x1264  storqosflt - ok
23:14:46.0819 0x1264  StorSvc - ok
23:14:46.0835 0x1264  storufs - ok
23:14:46.0835 0x1264  storvsc - ok
23:14:46.0835 0x1264  svsvc - ok
23:14:46.0881 0x1264  swenum - ok
23:14:46.0913 0x1264  swprv - ok
23:14:46.0944 0x1264  Synth3dVsc - ok
23:14:46.0960 0x1264  SysMain - ok
23:14:46.0991 0x1264  SystemEventsBroker - ok
23:14:47.0006 0x1264  TabletInputService - ok
23:14:47.0006 0x1264  TapiSrv - ok
23:14:47.0022 0x1264  Tcpip - ok
23:14:47.0022 0x1264  Tcpip6 - ok
23:14:47.0053 0x1264  [ 57BE670CF1D93717B628271B404D658A, EDD4C58EDAB985C87D6101D9CA5620146EE2BB8A1B899C635DD4CD36541DD46E ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
23:14:47.0053 0x1264  tcpipreg - ok
23:14:47.0053 0x1264  tdx - ok
23:14:47.0428 0x1264  [ B018B8F4B5127972A99E9E317D8E79EB, F8D2C6D88870C1967C3BF5B90CC66C055273F7A91469292CE25EBCA0AD2942BA ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
23:14:47.0600 0x1264  TeamViewer - ok
23:14:47.0616 0x1264  Telemetry - ok
23:14:47.0647 0x1264  [ C225B94F2B27AC97C3E66C0550AEA249, 6F88375DD12A648B77BB6EB4BE527FF6678EE76A2059DB5B4CC971CDB31D0DB8 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
23:14:47.0647 0x1264  terminpt - ok
23:14:47.0663 0x1264  TermService - ok
23:14:47.0694 0x1264  [ 8EC4197962A0349DFFBDC11586099DB8, 8DD5348A4983C376F63E6B209227D4D02300555F8C80A0E0DB2EA16074ABC334 ] Themes          C:\WINDOWS\system32\themeservice.dll
23:14:47.0694 0x1264  Themes - ok
23:14:47.0725 0x1264  TieringEngineService - ok
23:14:47.0756 0x1264  TimeBrokerSvc - ok
23:14:47.0756 0x1264  TokenBroker - ok
23:14:47.0787 0x1264  TPM - ok
23:14:47.0819 0x1264  [ 62636F77E0C51D59F043D9197C897AD4, F121E79E0A15ED6E362D7DEF72F9C1D2D5CC50BBEC3541DFAB91691BC3AFB191 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
23:14:47.0834 0x1264  TrkWks - ok
23:14:47.0866 0x1264  TroubleshootingSvc - ok
23:14:47.0944 0x1264  TrustedInstaller - ok
23:14:47.0959 0x1264  [ F613A8618CC19DD96D1E0C81C5DCB7D1, AD6DE675AC033BE6BF75FF6303EAED4B5C672689D3AEC6DB94816D60E19B7030 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
23:14:47.0975 0x1264  TsUsbFlt - ok
23:14:48.0006 0x1264  [ BF1D6924E7949102DA6F14F7EFE8D2D5, EA6AE80568B8FEB5EAE213EC8222AD72FFD99D80321D7F2A52C1B42A88F583AD ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
23:14:48.0006 0x1264  TsUsbGD - ok
23:14:48.0022 0x1264  [ 6244FD1056BF170E38245B4B9042BFDF, C32908B3C5800CD52EF9BDD26C77B8162831CFD19DBF1D399941B17FB909AD94 ] tunnel          C:\WINDOWS\system32\drivers\tunnel.sys
23:14:48.0022 0x1264  tunnel - ok
23:14:48.0037 0x1264  tzautoupdate - ok
23:14:48.0053 0x1264  UASPStor - ok
23:14:48.0069 0x1264  UcmCx0101 - ok
23:14:48.0100 0x1264  [ 229B33B8499F4F2AAB1F3B590423611F, E70A2D9EEEF0C6894A0DB7990CFF6ECE3B8F389FD30B7B1949FCBDD3300B6148 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
23:14:48.0100 0x1264  UcmTcpciCx0101 - ok
23:14:48.0147 0x1264  [ 7FDC3A6FD8547468CE554C8821640103, 3626760AEE42EE36E047DA6899A81E0646DFBA344A234270EAE5D635F049BE37 ] UcmUcsiAcpiClient C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys
23:14:48.0147 0x1264  UcmUcsiAcpiClient - ok
23:14:48.0147 0x1264  UcmUcsiCx0101 - ok
23:14:48.0162 0x1264  Ucx01000 - ok
23:14:48.0162 0x1264  UdeCx - ok
23:14:48.0162 0x1264  udfs - ok
23:14:48.0194 0x1264  UdkUserSvc - ok
23:14:48.0225 0x1264  UEFI - ok
23:14:48.0241 0x1264  Ufx01000 - ok
23:14:48.0256 0x1264  UfxChipidea - ok
23:14:48.0272 0x1264  ufxsynopsys - ok
23:14:48.0350 0x1264  [ 931255341ADB0480D8C8CB1A2ED82FDA, C7664DF416694E3545F2B4BCB82A36614DA1B18618FD3EF70474BC0E785B5CD3 ] uhssvc          C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
23:14:48.0350 0x1264  uhssvc - ok
23:14:48.0350 0x1264  umbus - ok
23:14:48.0365 0x1264  UmPass - ok
23:14:48.0381 0x1264  UmRdpService - ok
23:14:48.0397 0x1264  UnistoreSvc - ok
23:14:48.0412 0x1264  upnphost - ok
23:14:48.0428 0x1264  [ 5C33B91675BE0C9693358C1AAA723D20, A5BB54ABBB0F7B13ACCA0997F567A81395688C6D68EB87F67F688737DC16918F ] UrsChipidea     C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys
23:14:48.0428 0x1264  UrsChipidea - ok
23:14:48.0459 0x1264  [ ADFAB87405AE22290E24D0E8E6141AF1, BC0982BEFE4CABEA1E260C8A3266EA18A4CA158A07D1C5176890A04CC3B6A84A ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
23:14:48.0459 0x1264  UrsCx01000 - ok
23:14:48.0506 0x1264  [ BBDE7BF496327115DD744E7D4105C7BC, 5A8CC47603A1C9D58A30A5E897F1BCDC56199B08317B9FF319D469D6DD6CAAF0 ] UrsSynopsys     C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys
23:14:48.0506 0x1264  UrsSynopsys - ok
23:14:48.0522 0x1264  usbaudio - ok
23:14:48.0569 0x1264  [ FB9F25ACEBCBAEABFE30CACCB17D4EE6, 7D38FA294DA179E5535E3E481746F07E2AE47CE57192C2D1C5B780B583FD9C6D ] usbaudio2       C:\WINDOWS\System32\drivers\usbaudio2.sys
23:14:48.0569 0x1264  usbaudio2 - ok
23:14:48.0584 0x1264  usbccgp - ok
23:14:48.0615 0x1264  [ 11561FC5BAA2DEB5AC8B179B591A882E, 2AD595BF4ABC146D8F533981848FF8271E983038566937BEB48A6A8F09BC60FB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
23:14:48.0615 0x1264  usbcir - ok
23:14:48.0647 0x1264  usbehci - ok
23:14:48.0647 0x1264  usbhub - ok
23:14:48.0678 0x1264  USBHUB3 - ok
23:14:48.0678 0x1264  usbohci - ok
23:14:48.0678 0x1264  usbprint - ok
23:14:48.0694 0x1264  usbrndis6 - ok
23:14:48.0709 0x1264  usbser - ok
23:14:48.0709 0x1264  USBSTOR - ok
23:14:48.0709 0x1264  usbuhci - ok
23:14:48.0740 0x1264  usbvideo - ok
23:14:48.0740 0x1264  USBXHCI - ok
23:14:48.0772 0x1264  UserDataSvc - ok
23:14:48.0787 0x1264  UserManager - ok
23:14:48.0803 0x1264  UsoSvc - ok
23:14:48.0850 0x1264  VacSvc - ok
23:14:48.0850 0x1264  VaultSvc - ok
23:14:48.0865 0x1264  vdrvroot - ok
23:14:48.0865 0x1264  vds - ok
23:14:48.0881 0x1264  VerifierExt - ok
23:14:48.0881 0x1264  vhdmp - ok
23:14:48.0881 0x1264  vhf - ok
23:14:48.0897 0x1264  Vid - ok
23:14:48.0928 0x1264  [ B37F0BF662BB504F0A9C247F24C281AD, 6281D573D9AD9AA204778C3823737726E882B17657B23CF5458C012FF7990E52 ] VirtualRender   C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys
23:14:48.0928 0x1264  VirtualRender - ok
23:14:48.0959 0x1264  vmbus - ok
23:14:48.0959 0x1264  VMBusHID - ok
23:14:48.0990 0x1264  [ E5BB075B6B5A1DA3C3F48CA5DFF54E77, E13E8F9523F51F976084561C9D0A843CAF550FA233521FF13FFE1C5634CA6472 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
23:14:48.0990 0x1264  vmgid - ok
23:14:49.0006 0x1264  vmicguestinterface - ok
23:14:49.0022 0x1264  vmicheartbeat - ok
23:14:49.0022 0x1264  vmickvpexchange - ok
23:14:49.0037 0x1264  vmicrdv - ok
23:14:49.0037 0x1264  vmicshutdown - ok
23:14:49.0037 0x1264  vmictimesync - ok
23:14:49.0037 0x1264  vmicvmsession - ok
23:14:49.0037 0x1264  vmicvss - ok
23:14:49.0068 0x1264  [ 347E25BBF78B2E9CC4F4205941591009, 34A92B9B03D43F0245AC3C91F35ABB9BEBFA6EC494ADC26643DFDB72A01C7C64 ] vmulti          C:\WINDOWS\System32\drivers\vmulti.sys
23:14:49.0068 0x1264  vmulti - ok
23:14:49.0100 0x1264  volmgr - ok
23:14:49.0100 0x1264  volmgrx - ok
23:14:49.0115 0x1264  volsnap - ok
23:14:49.0131 0x1264  volume - ok
23:14:49.0162 0x1264  [ A37A7788DABE4FF6E33FE50D7A33D8E8, 9E99D9D27BA3DFA6F89C77B9AD91BE495F15E4F612BB63B209157DFA13BCD7E0 ] vpci            C:\WINDOWS\system32\drivers\vpci.sys
23:14:49.0162 0x1264  vpci - ok
23:14:49.0162 0x1264  vsmraid - ok
23:14:49.0162 0x1264  VSS - ok
23:14:49.0178 0x1264  VSTXRAID - ok
23:14:49.0178 0x1264  vwifibus - ok
23:14:49.0178 0x1264  vwififlt - ok
23:14:49.0178 0x1264  vwifimp - ok
23:14:49.0209 0x1264  W32Time - ok
23:14:49.0256 0x1264  WaaSMedicSvc - ok
23:14:49.0256 0x1264  WacomPen - ok
23:14:49.0287 0x1264  WalletService - ok
23:14:49.0303 0x1264  wanarp - ok
23:14:49.0303 0x1264  wanarpv6 - ok
23:14:49.0334 0x1264  [ 8449398F11D49864117105679B539816, 8FD3B9C72066D6A983D062DE72EEF9769339EACBF4E0D303B9E12343C9D5DE6C ] WarpJITSvc      C:\WINDOWS\System32\Windows.WARP.JITService.dll
23:14:49.0350 0x1264  WarpJITSvc - ok
23:14:49.0365 0x1264  wbengine - ok
23:14:49.0381 0x1264  WbioSrvc - ok
23:14:49.0381 0x1264  wcifs - ok
23:14:49.0396 0x1264  Wcmsvc - ok
23:14:49.0412 0x1264  wcncsvc - ok
23:14:49.0428 0x1264  wcnfs - ok
23:14:49.0443 0x1264  WdBoot - ok
23:14:49.0475 0x1264  [ CD1C4678B0F07D23612D5839398552C8, 8C7128CC40EEB931C3BD2C97A37890525E315657A871901EC637D67C00D19C36 ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
23:14:49.0475 0x1264  WDC_SAM - ok
23:14:49.0490 0x1264  Wdf01000 - ok
23:14:49.0490 0x1264  WdFilter - ok
23:14:49.0521 0x1264  [ BB37AF6E45E0F69222E057A74B4AFE1E, 4662064205BEC0DB7B10F1412E0A09A6E5E3B16DE443AEF7F79ACA3ACE24A51D ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
23:14:49.0521 0x1264  WdiServiceHost - ok
23:14:49.0537 0x1264  [ BB37AF6E45E0F69222E057A74B4AFE1E, 4662064205BEC0DB7B10F1412E0A09A6E5E3B16DE443AEF7F79ACA3ACE24A51D ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
23:14:49.0537 0x1264  WdiSystemHost - ok
23:14:49.0553 0x1264  wdiwifi - ok
23:14:49.0584 0x1264  [ A6C92A5F2982EBB8788E0690C19048C4, 85C54A99DD43DC1FAC7FD2A31288CEC7501F795DE8FA86857790F4CCD5AF7C18 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
23:14:49.0584 0x1264  WdmCompanionFilter - ok
23:14:49.0600 0x1264  WdNisDrv - ok
23:14:49.0709 0x1264  WdNisSvc - ok
23:14:49.0756 0x1264  [ 4A81FA6E29A3909FC620EC8B7AE0C8FF, 89F67C978A7F58FF1E51CE6DE17FE8FAF64A52A2E96BD188E911517AF1949275 ] WebClient       C:\WINDOWS\System32\webclnt.dll
23:14:49.0756 0x1264  WebClient - ok
23:14:49.0787 0x1264  Wecsvc - ok
23:14:49.0818 0x1264  [ CBA85827716DE89106F8E4AD7430620C, EF2FEAD68FE003DAC52BC2098962F397DF80B7DCD79A8F45012A050C7C0E2DB1 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
23:14:49.0818 0x1264  WEPHOSTSVC - ok
23:14:49.0850 0x1264  wercplsupport - ok
23:14:49.0865 0x1264  WerSvc - ok
23:14:49.0912 0x1264  [ 39B758E2093B9FB42A086BF4BB1B8BEC, 473C61E7F4D734AE9C4BD2E111C6DCE595E9EF167C001CEDC35E53213F2987F6 ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
23:14:49.0912 0x1264  WFDSConMgrSvc - ok
23:14:49.0943 0x1264  WFPLWFS - ok
23:14:49.0943 0x1264  WiaRpc - ok
23:14:49.0959 0x1264  WIMMount - ok
23:14:49.0959 0x1264  WinDefend - ok
23:14:50.0006 0x1264  [ B434A84F46C70F4E67B70ED70F024B7F, 64EEB8093BA2590E83D83C5AF7C2A025B88AF5681143BCA83671104266FEEA99 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
23:14:50.0006 0x1264  WindowsTrustedRT - ok
23:14:50.0053 0x1264  [ 982774B74EE1419D641CEB66E394A4BA, 090C4CE6B76B3904B5AE73E4F1EEBCE619194C358874D7584537012F954C54BE ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
23:14:50.0053 0x1264  WindowsTrustedRTProxy - ok
23:14:50.0068 0x1264  WinHttpAutoProxySvc - ok
23:14:50.0099 0x1264  WinMad - ok
23:14:50.0146 0x1264  Winmgmt - ok
23:14:50.0162 0x1264  WinNat - ok
23:14:50.0240 0x1264  WinRM - ok
23:14:50.0287 0x1264  [ 91D3DC62C6EDDB6554CE14C0E0B4290F, 6F8F89B350FC6BC0D23A50C593F02514854AB7D6CD234D8C8AD4B5DDDD586BA0 ] WINUSB          C:\WINDOWS\System32\drivers\WinUsb.sys
23:14:50.0287 0x1264  WINUSB - ok
23:14:50.0287 0x1264  WinVerbs - ok
23:14:50.0318 0x1264  wisvc - ok
23:14:50.0334 0x1264  WlanSvc - ok
23:14:50.0349 0x1264  wlidsvc - ok
23:14:50.0365 0x1264  wlpasvc - ok
23:14:50.0396 0x1264  WManSvc - ok
23:14:50.0427 0x1264  WmiAcpi - ok
23:14:50.0443 0x1264  wmiApSrv - ok
23:14:50.0506 0x1264  WMPNetworkSvc - ok
23:14:50.0537 0x1264  Wof - ok
23:14:50.0537 0x1264  workfolderssvc - ok
23:14:50.0537 0x1264  WpcMonSvc - ok
23:14:50.0584 0x1264  [ 02876C4F9F4EEC8AC30BBCFFE3447AB6, 0744CBBD9F2B867DF456E2B0E113897B654F07E1C96FCB32D4B4B57BE6A3BE81 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
23:14:50.0584 0x1264  WPDBusEnum - ok
23:14:50.0615 0x1264  [ 024924C9E79F51560B9133EEAB866BBF, F4D464BC02C7B96EF72AA9229A99A1AD32F56390F97972C33525EF0D85304261 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
23:14:50.0631 0x1264  WpdUpFltr - ok
23:14:50.0662 0x1264  WpnService - ok
23:14:50.0662 0x1264  WpnUserService - ok
23:14:50.0662 0x1264  ws2ifsl - ok
23:14:50.0662 0x1264  wscsvc - ok
23:14:50.0677 0x1264  WSearch - ok
23:14:50.0693 0x1264  wuauserv - ok
23:14:50.0724 0x1264  [ 7FC0072ECE3F5F860990EF4E10D3F8F4, 15444A3E540EAD214A674FF0EB99CD42899D6A1139E59D69DE1C2B6BA364A9E0 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
23:14:50.0724 0x1264  WudfPf - ok
23:14:50.0756 0x1264  [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
23:14:50.0771 0x1264  WUDFRd - ok
23:14:50.0771 0x1264  [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
23:14:50.0771 0x1264  WUDFWpdFs - ok
23:14:50.0787 0x1264  [ 24B093F34B25076A2A6605DDAC8A629B, 64BEEA0C054C91AD2CEB9F6B9238A8ED3696FC20B8CC4753D88B8BC482D766C0 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
23:14:50.0787 0x1264  WUDFWpdMtp - ok
23:14:50.0834 0x1264  WwanSvc - ok
23:14:50.0865 0x1264  XblAuthManager - ok
23:14:50.0865 0x1264  XblGameSave - ok
23:14:50.0881 0x1264  xboxgip - ok
23:14:50.0912 0x1264  XboxGipSvc - ok
23:14:50.0927 0x1264  XboxNetApiSvc - ok
23:14:50.0943 0x1264  xinputhid - ok
23:14:50.0943 0x1264  ================ Scan global ===============================
23:14:51.0005 0x1264  [ Global ] - ok
23:14:51.0005 0x1264  ================ Scan MBR ==================================
23:14:51.0021 0x1264  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:14:51.0193 0x1264  \Device\Harddisk0\DR0 - ok
23:14:51.0193 0x1264  ================ Scan VBR ==================================
23:14:51.0193 0x1264  [ 564E0A443FFE0114D3FEB4A2D3B15404 ] \Device\Harddisk0\DR0\Partition1
23:14:51.0193 0x1264  \Device\Harddisk0\DR0\Partition1 - ok
23:14:51.0209 0x1264  [ 819780E891EBB81B31C0722F62A816E4 ] \Device\Harddisk0\DR0\Partition2
23:14:51.0209 0x1264  \Device\Harddisk0\DR0\Partition2 - ok
23:14:51.0209 0x1264  [ 041DDAA1C81074AA43A6CC9683D7CE2D ] \Device\Harddisk0\DR0\Partition3
23:14:51.0209 0x1264  \Device\Harddisk0\DR0\Partition3 - ok
23:14:51.0209 0x1264  ================ Scan generic autorun ======================
23:14:51.0240 0x1264  [ 783C99AFD4C2AE6950FA5694389D2CFA, 570B37A7A3FFDAFCCECCC33CBC1968FEB857B73CA3CB4DFFEDC2E67E9ABD0878 ] C:\WINDOWS\system32\SecurityHealthSystray.exe
23:14:51.0255 0x1264  SecurityHealth - ok
23:14:51.0334 0x1264  [ 99BF09D43D2963F8EC0F830C4B6A6286, 0B7E0F7864C42E38AED4CA99AAD236A4B49CA7EF85BF089988A2A40F000C8680 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
23:14:51.0349 0x1264  NvBackend - ok
23:14:51.0396 0x1264  [ 70829D518C20A533767FC053012C7F6A, 09628C5576D8B1261EBDCF1B789A81E78918EF576351BF5E37895DEE4DBE107D ] C:\Program Files (x86)\HDD Regenerator\Shell.exe
23:14:51.0396 0x1264  HDD Regenerator - ok
23:14:51.0490 0x1264  [ 9181843825815CC78BAE19ABA5307BA7, 82A60908A4B85382BB80603EBE68F4ACAD40E5B23E4EB5061C12D77C8FD1EC60 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
23:14:51.0505 0x1264  SunJavaUpdateSched - ok
23:14:51.0724 0x1264  [ 1DBDDAB73801FBD561E7E58D30E9795B, 414835F0761DB3DCF674F35FDA88A4E9872E41A7302966175218EE648FD447C3 ] C:\Users\pepe\AppData\Roaming\GaomonTablet\GaomonTablet.exe
23:14:51.0755 0x1264  GaomonTablet - ok
23:14:51.0818 0x1264  OneDriveSetup - ok
23:14:51.0818 0x1264  OneDriveSetup - ok
23:14:52.0036 0x1264  [ 7701EF12D1D70F3444DE922F76B3D577, 0690611C58C3341698E2BCDAC0F23A141F8B1CCD27A9AD775280C9DCAF9DAE73 ] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe
23:14:52.0115 0x1264  Adobe Reader Synchronizer - ok
23:14:52.0193 0x1264  CCleaner Smart Cleaning - ok
23:14:52.0193 0x1264  AV detected via SS2: Windows Defender, windowsdefender:// (  ), 0x61100 ( enabled : updated )
23:14:52.0193 0x1264  Win FW state via NFP2: enabled ( trusted )
23:14:52.0193 0x1264  ============================================================
23:14:52.0193 0x1264  Scan finished
23:14:52.0193 0x1264  ============================================================
23:14:52.0208 0x0778  Detected object count: 0
23:14:52.0208 0x0778  Actual detected object count: 0
27 
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 19/7/21
Hora del análisis: 23:43
Archivo de registro: 4ed1647a-e8da-11eb-b550-9c5c8e167a8c.json

-Información del software-
Versión: 4.4.3.125
Versión de los componentes: 1.0.1387
Versión del paquete de actualización: 1.0.43277
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 19043.1110)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-SA6LKLM\pepe

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 1261725
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 9 hr, 8 min, 27 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Gracias por todo

28

Parece que ha encontrado algo:

Infected: C:\Program Files (x86)\Notepad++\uninstall.exe --> [Trojan.FakeNPP]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Notepad++ --> [Trojan.FakeNPP]
29

Hola @pepeantivirus

Eso fue detectado por MBAM Anti-Rootkit? Mandalo a la cuarentena, y reinicia el equipo, y lo pruebas durante un tiempo y fijate si no se bloquea mas.

Saludos.

1 me gusta
30

Hola, buenas @pepeantivirus

¿Pudiste realizar algún avance?

Siguen ustedes.

Salu2.

31

Hola de nuevo. Después de varias jornadas funcionando bien, se volvió a colgar. Fue al enchufar el teléfono móvil y compartir la conexión a internet del móvil por USB. Ahora comparto la internet del móvil por wifi y de momento parece que va bien. Pero el otro día después de conectarlo por USB también se colgó con el wifi. Estos días no estoy usando demasiado el ordendor, por eso tardo en contestar. Gracias por vuestra atención!

1 me gusta
32

Hola, buenas @pepeantivirus

Ok. Entendido.

@Facundo, por favor sigue tú con el tema. Ya que eso era lo acordado. Y simplemente entré en el tema para dar un re-enfoque.

Siguen ustedes @Facundo y @pepeantivirus.

Salu2.

33

Hola y gracias de nuevo. El ordenador sigue teniendo problemas. Ayer se colgó. Salió una pantalla en negro y parecía completamente bloqueado. Lo deje. al cabo de unas horas se había recuperado y funcionaba bien. A veces se ‘para’ unos segundos, quince o veinte luego se recupera y al rato vuelve a colgarse más tiempo. Al final se bloque del todo y al después vuelve a recuperarse el solo. Malditos roedores…

34

De nada @pepeantivirus :+1:

¿Compañero @Facundo puedes seguir con el tema?

Gracias y Salu2.

35

Hola a todos.

Sepan disculpar, pero no voy a poder seguir con el tema, por problemas personales.

Saludos.

36

Hola, buenas a ambos.

Ok. Esperemos que no sea nada grave compañero @Facundo y que lo puedas solucionarlo pronto. Y que vuelvas a poder Colaborar por aquí.

Realiza los pasos que te pongo a continuación, sin cambiar el orden y síguelos al pie de la letra:

Conectas todos tus dispositivos externos (todos los discos duros externos que tengas, USB, etc).

0) Descarga Eset Online Scaner Manual de Uso y realizas un análisis del PC, lee detalladamente las instrucciones y realizas un Análisis Personalizado tal y como se indica en su manual. Me traes su reporte. (Ya sé que lo utilizaste en el pasado, pero al final no se pudo realizar correctamente dicho análisis, así que debemos de intentar repetirlo ahora que ya hemos eliminado algunas infecciones más).

1) Realizas un análisis con Dr Web CureIt siguiendo las instrucciones de su manual perfectamente explicadas. Eso sí, descarga Dr web Cure It de: https://www.infospyware.com/Software/click.php?id=41

:two: PRÓXIMA RESPUESTA

Pegas los reportes de Eset Online Scaner y Dr Web CureIt y comentas como va el PC.

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

  • No realices pasos/acciones que NOSOTROS no te hayamos indicado.
  • No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
  • No instales NADA (programas/software/complementos/extensiones del navegador…).
  • No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
  • No realices por tu cuenta otros procedimientos.
  • Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

:warning: Muy Importante :warning: Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

report
report703×272 3.73 KB

Salu2.

37

Hola de nuevo. Disculpas por mi ausencia. Dejo aqui los reports solicitados. Mil gracias

Report de Eset

20/09/2021 19:15:02
Archivos analizados: 440191
Archivos detectados: 1
Archivos desinfectados: 1
Tiempo total de análisis 02:45:29
Estado del análisis: Finalizado


C:\Users\pepe\Desktop\8iwd4t2\Photoshopes\Adobe Dreamweaver CS3 Español Portable.rar	BAT/HackTool.Crack.D aplicación potencialmente no segura	eliminado
F:\pepe\guitarra\videos-maestros\vroot-download.zip	varias detecciones,una variante de Android/Spy.Agent.BN Troyano,una variante de Android/DroidRooter.AG aplicación potencialmente no segura	eliminado

report de Dr Web CureIt

Total 381404422722 bytes in 1195723 files scanned (1779239 objects)
Total 1195560 files (1778911 objects) are clean
Total 166 files are infected
Total 0 files (1 object) is suspicious
Total 167 files are neutralized
Total 159 files are raised error condition
Scan time is 10:32:59.035
38

Hola, buenas @pepeantivirus.

Disculpado estas.

Disculpa que haya tardado en responder.

¿Cómo funciona hoy en día tu máquina?

Salu2.

39

Hola de nuevo. Ahora parece que está funcionando bien. Aunque no utilizo demasiado ultimamente. Mil gracias por todo

40

:+1: perfecto @pepeantivirus.

:one: Desinfectar el Ordenador de Malwares >> :white_check_mark:

:two: Comprobar/Estabilizar el sistema después de Eliminar Malwares >> No lo creo necesario en tu caso.

:three: Desfragmentar la unidad C: que es donde reside el sistema operativo, pues está un poco fragmentada y a lo largo del tiempo puede disminuir el rendimiento de esta. >> No lo creo necesario en tu caso.

:four: Fortificar un poco el sistema para prevenir futuras infecciones + una serie de buenas praxis en cuanto a un buen nivel de seguridad de vida digital >> :x:

Para tener el equipo fortificado razonablemente y prevenir futuras infecciones a nivel de usuario común, así como una serie de buenas praxis en cuanto a un buen nivel (aceptable) de seguridad de vida digital yo te recomendaría/te diría que hicieses lo siguiente:

  1. Mantén siempre que se pueda tu sistema operativo actualizado.

  2. Asegúrate de tener actualizados todos los programas/software que tengas en tu PC/dispositivos.

  3. Tener activado siempre el firewall de tu sistema operativo.

  4. Tener un antivirus/antimalware comercial de reputación y prestigio contrastados o bien uno gratuito.

  5. Utiliza contraseñas robustas, que tengan palabras poco conocidas. De una longitud de como mínimo 10 o más dígitos y que tengan (mayúsculas, minúsculas, números y símbolos especiales siempre que sea posible). Modifícalas, cámbialas cada ‘X’ tiempo, utiliza siempre que sea posible factor de doble autentificación y no utilices la misma, password para diferentes servicios.

  6. Siempre que conectes dispositivos externos en tu PC asegúrate que estén libres de malware. Para ello puedes realizar un análisis como el que te indiqué con Malwarebytes Anti-Malware, pero solo con dicho dispositivo que vayas a conectar o bien con un antivirus comercial de reputación y prestigio contrastados o bien uno gratuito, en última instancia.

  7. Vigilar mucho cuando instalas programas gratuitos descargados de fuentes no oficiales y aveces si son de fuentes oficiales también debes de vigilar. Pues se aprovechan de que el usuario instala dando todo el rato en Siguiente y deja marcadas/desmarcadas casillas las que harán que el instalador del programa instale malware de tipo Adware entre otros para lucrarse económicamente del quipo infectado.

  8. Cuando te conectes en redes wifi o similares públicas (hoteles, restaurantes, aeropuertos, etc). No utilices/te conectes a servicios/cuentas personales y si lo haces pues contratas una VPN de pago (nunca gratuita, ya que te llevaras sorpresas desagradables).

  9. Nunca jamás de los jamases descargues software o sistemas operativos de tipo comercial/de pago pirateado/crackeado para ahorrar dinero. Pues la gran mayoría de este software de pago crackeado y de forma gratuita trae como regalo fabulosos y maravillosos malwares.

  10. Desconfía siempre de cualquier comunicación no esperada, incluso si proceden de remitentes conocidos. Como por ejemplo: he recibido un correo de fulanito de tal que lo conozco, pero no lo esperaba y el email tiene un formato extraño, faltas de ortografía, dice algo muy genérico pero nada concreto, dice alguna cosas sin sentido o que no cuadra, adjunta ficheros sobretodo .rar o .zip. En estos casos contrasta siempre la información con la persona que te lo envía (el correo, comunicación). Pues los ciberdelincuentes siempre utilizarán todas las tácticas que puedan de ingeniería social para comprometer tu seguridad.

Respecto a los puntos citados anteriormente, simplemente quiero realizar un pequeño inciso en:

  1. Yo en tu caso al tener Windows 10 te recomendaría que la protección en tu máquina fuese Malwarebytes Premium + Windows Defender. MalwareBytes-AntiMalware en su versión de pago Premium. Pues la protección residente de malwarebytes con sus 4 módulos de protección es muy eficaz, estos son:

  • Web

  • Malware en general

  • Ransomware

  • Exploits >> te protegerá frente vulnerabilidades que hayan sido descubiertas, pero que no haya un parche disponible a instalar o que este sí que esté disponible pero en otros sistemas operativos/aplicaciones más actualizadas. También te protegerá frente a zero-day exploits o vulnerabilidades no conocidas/reportadas.

Ya me comentas como quieres seguir/proceder. De todas formas con Windows Defender + Firewall nativo de Windows 10 ya es una “protección de base mínima”, todo y que considero que es bastante vulnerable (en este caso deberías de vigilar un poco más “ir con pies de plomo”, pues no es suficiente y te podrías infectar con cierta más facilidad). Evidentemente, si a esto le sumas Malwarebytes pues mejor que mejor.

¿Actualmente que Antivirus Residente tenías en tu máquina? ¿Windows Defender si no recuerdo mal? Si quieres otras opciones aparte de Malwarebytes… me lo dices. Pero este, es de los mejores.

Ya me comentas como quieres proceder.

Salu2.

41

Gracias Marr0n Me quedaré con windows defender y malwarebites Un saludo

1 me gusta