Jump to content
benrobertsonn

Potential Crypto Miner that I am unable to locate/remove

Recommended Posts

Hey,

I have run a performance diagnostic report on my PC after noticing issues with performance. Receiving the following warning.

image.png.0664d79d9efc7a7fd0bd9e7c5486f766.png

This seems to be widely linked to trojans/cryptominers. I have followed all the instructions on this page https://www.bleepingcomputer.com/virus-removal/remove-taskhostw.exe-and-windows-update-checker-miner#rt_options but no luck. No anti malware software seems to be picking this up. not showing in task manager or on process explorer.

Could you please help to get this removed from my system.

Scan logs attached. 

Thank you!

Ben

Malwarebytes logs.txt

Share this post


Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt

Share this post


Link to post
Share on other sites

Hi Nasdaq,

 

Problem is still persisting - High CPU load under taskhostw.exe which doesn't appear in task manager so I have no clue what this process is and whether its a trojan/miner 

 

File attached

Fixlog.txt

Share this post


Link to post
Share on other sites


Hi,

--RogueKiller--

  • Download & SAVE to your Desktop Download RogueKiller
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or above, right-click the program file and select "Run as Administrator"
  • Accept the user agreements.
  • Execute the scan and wait until it has finished.
  • If a Windows opens to explain what [PUM's] are, read about it.
  • Click the RoguKiller icon on your taksbar to return to the report.
  • Click open the Report
  • Click Export TXT button
  • Save the file as ReportRogue.txt
  • Click the Remove button to delete the items in RED  
  • Click Finish and close the program.
  • Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next.


=======

Read carefully and follow these steps.
TDSS

  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

  • If an infected file is detected, the default action will be Cure, click on Continue.

  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.

  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.


===

Share this post


Link to post
Share on other sites

Hi,

Rogue Report:

RogueKiller Anti-Malware V13.1.6.0 (x64) [Feb 25 2019] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.17134) 64 bits
Started in : Normal mode
User : Ben Robertson [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20190204_072850, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2019/03/03 23:13:05 (Duration : 00:03:46)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> Chrome Config
  [PUM.HomePage (Potentially Malicious)] homepage (C:\Users\Ben Robertson\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences) -- https://www.google.com/ -> Found
  [PUM.HomePage (Potentially Malicious)] session.startup_urls (C:\Users\Ben Robertson\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences) -- https://www.google.com/|https://www.google.com/ -> Found
 

TDSS Killer Report:

23:20:13.0338 10044  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:20:13.0338 10044  UEFI system
23:20:13.0741 10044  ============================================================
23:20:13.0741 10044  Current date / time: 2019/03/03 23:20:13.0741
23:20:13.0741 10044  SystemInfo:
23:20:13.0741 10044  
23:20:13.0741 10044  OS Version: 6.2.9200 ServicePack: 0.0
23:20:13.0741 10044  Product type: Workstation
23:20:13.0741 10044  ComputerName: DESKTOP-Q9EI05U
23:20:13.0741 10044  UserName: Ben Robertson
23:20:13.0741 10044  Windows directory: C:\WINDOWS
23:20:13.0741 10044  System windows directory: C:\WINDOWS
23:20:13.0741 10044  Running under WOW64
23:20:13.0741 10044  Processor architecture: Intel x64
23:20:13.0741 10044  Number of processors: 12
23:20:13.0741 10044  Page size: 0x1000
23:20:13.0741 10044  Boot type: Normal boot
23:20:13.0741 10044  ============================================================
23:20:13.0954 10044  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:20:13.0955 10044  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:20:13.0955 10044  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:20:13.0984 10044  ============================================================
23:20:13.0984 10044  \Device\Harddisk0\DR0:
23:20:13.0984 10044  GPT partitions:
23:20:13.0985 10044  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {94BA31CF-E095-468D-A66B-BD48C6FD6ED0}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800
23:20:13.0985 10044  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {80DAC2C0-6378-43E2-8F87-7A1C00E06C6E}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x31800
23:20:13.0985 10044  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {5E7547B1-DC61-4621-9693-0F7B1ED505D9}, Name: Microsoft reserved partition, StartLBA 0x12B800, BlocksNum 0x8000
23:20:13.0985 10044  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {AA2A7760-794E-43D0-920E-390D3716F491}, Name: Basic data partition, StartLBA 0x133800, BlocksNum 0x1D092000
23:20:13.0985 10044  MBR partitions:
23:20:13.0985 10044  \Device\Harddisk1\DR1:
23:20:13.0985 10044  MBR partitions:
23:20:13.0985 10044  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
23:20:13.0985 10044  \Device\Harddisk2\DR2:
23:20:14.0148 10044  MBR partitions:
23:20:14.0148 10044  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:20:14.0148 10044  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
23:20:14.0148 10044  ============================================================
23:20:14.0149 10044 😄 <-> \Device\Harddisk0\DR0\Partition4
23:20:14.0150 10044  F: <-> \Device\Harddisk2\DR2\Partition1
23:20:14.0151 10044  G: <-> \Device\Harddisk2\DR2\Partition2
23:20:14.0152 10044  H: <-> \Device\Harddisk1\DR1\Partition1
23:20:14.0152 10044  ============================================================
23:20:14.0152 10044  Initialize success
23:20:14.0152 10044  ============================================================
23:20:16.0957 5672  ============================================================
23:20:16.0957 5672  Scan started
23:20:16.0957 5672  Mode: Manual; 
23:20:16.0957 5672  ============================================================
23:20:17.0690 5672  ================ Scan system memory ========================
23:20:17.0690 5672  System memory - ok
23:20:17.0691 5672  ================ Scan services =============================
23:20:17.0714 5672  [ 4B45A2D37CCE3CC0F161B7C7286081A6 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
23:20:17.0716 5672  1394ohci - ok
23:20:17.0720 5672  [ F5E5BA493B7C497F1F769942E2EA4CE2 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
23:20:17.0721 5672  3ware - ok
23:20:17.0728 5672  [ CA51BB1B81F97E896E116C839B92D9D8 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
23:20:17.0731 5672  ACPI - ok
23:20:17.0734 5672  [ 75795E4B19BB3ED8D3C25A17CD15DC30 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
23:20:17.0735 5672  AcpiDev - ok
23:20:17.0738 5672  [ DDA0FC1400A24988A7D3E746AEDF2C0F ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
23:20:17.0739 5672  acpiex - ok
23:20:17.0742 5672  [ 1F2EC25DA23D1DF3ADA12FE5A26D321C ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
23:20:17.0742 5672  acpipagr - ok
23:20:17.0745 5672  [ 6AFFD57803BBB6FBCB483F983900A5C4 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
23:20:17.0746 5672  AcpiPmi - ok
23:20:17.0748 5672  [ 0FC8673FAFC7D78C1CDC000F892CAC64 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
23:20:17.0749 5672  acpitime - ok
23:20:17.0758 5672  [ 6D8D6F254E86C8FA0966690901457118 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
23:20:17.0761 5672  AdobeUpdateService - ok
23:20:17.0774 5672  [ A3D4CF2F3A433BE18CD4AD3E6665DC63 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
23:20:17.0778 5672  ADP80XX - ok
23:20:17.0787 5672  [ 4DCCC3E02A22ED4A4ADB11386F226071 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
23:20:17.0792 5672  AFD - ok
23:20:17.0795 5672  [ F267095A11A461BEF39FB180750BE801 ] afunix          C:\WINDOWS\system32\drivers\afunix.sys
23:20:17.0796 5672  afunix - ok
23:20:17.0819 5672  [ BCA0CD09E1CB3D3DB85BFC47A696384B ] AGMService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
23:20:17.0829 5672  AGMService - ok
23:20:17.0850 5672  [ 0EA519A5A74040D889C5AE0E1D1547E5 ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
23:20:17.0859 5672  AGSService - ok
23:20:17.0864 5672  [ 0CD0F0C62414217DE9EA7EC8D425277E ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
23:20:17.0867 5672  ahcache - ok
23:20:17.0869 5672  [ 2BF4DA8EC5F1A0D88D2DDE1E6821076B ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
23:20:17.0870 5672  AJRouter - ok
23:20:17.0873 5672  [ 9E9D78D1C179EB2E3E2282A1DC409D93 ] ALG             C:\WINDOWS\System32\alg.exe
23:20:17.0875 5672  ALG - ok
23:20:17.0877 5672  [ C5ED10B90AF0C4306DF603359B6E2E5C ] amdgpio2        C:\WINDOWS\System32\drivers\amdgpio2.sys
23:20:17.0878 5672  amdgpio2 - ok
23:20:17.0881 5672  [ A9EAD745C5BC22077DD01D51BD1F87A8 ] amdgpio3        C:\WINDOWS\System32\drivers\amdgpio3.sys
23:20:17.0881 5672  amdgpio3 - ok
23:20:17.0885 5672  [ 6DF48AD26E6285FB137F11328B64A376 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
23:20:17.0886 5672  AmdK8 - ok
23:20:17.0890 5672  [ 534D8A02188C2F78C90E6E79B1159259 ] amdkmcsp        C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys
23:20:17.0891 5672  amdkmcsp - ok
23:20:17.0894 5672  [ 56056F56968ED916D07A2CDC3D7B62F2 ] AMDPCIDev       C:\WINDOWS\System32\drivers\AMDPCIDev.sys
23:20:17.0894 5672  AMDPCIDev - ok
23:20:17.0898 5672  [ D8804032BCDE4077A6D8D431D12AC6CC ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
23:20:17.0899 5672  AmdPPM - ok
23:20:17.0903 5672  [ D1619CC3FC0F1E05DE633B9A5DF89461 ] amdpsp          C:\WINDOWS\system32\drivers\amdpsp.sys
23:20:17.0904 5672  amdpsp - ok
23:20:17.0907 5672  [ A88F5E24B65228FB25F2051B3408A0E4 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
23:20:17.0908 5672  amdsata - ok
23:20:17.0912 5672  [ AECD39E51DABC2BF045B2857F02FA2BD ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
23:20:17.0914 5672  amdsbs - ok
23:20:17.0917 5672  [ B4CC9943230CAEB05B46CC30C220E141 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
23:20:17.0918 5672  amdxata - ok
23:20:17.0922 5672  [ C3ECF8840E4EAF09A4F2AE0174D6F36A ] AppID           C:\WINDOWS\system32\drivers\appid.sys
23:20:17.0923 5672  AppID - ok
23:20:17.0926 5672  [ F1A04835C7FA75C8215961C1095D5EBF ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
23:20:17.0927 5672  AppIDSvc - ok
23:20:17.0930 5672  [ 48EA4B4CCC920D130529A1EF85388B6A ] Appinfo         C:\WINDOWS\System32\appinfo.dll
23:20:17.0932 5672  Appinfo - ok
23:20:17.0934 5672  [ 4E59668442D1A2479E17F2FB5F819A7B ] AppleKmdfFilter C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys
23:20:17.0935 5672  AppleKmdfFilter - ok
23:20:17.0938 5672  [ 0122ECE34AEEC95212A211C016270937 ] AppleLowerFilter C:\WINDOWS\System32\drivers\AppleLowerFilter.sys
23:20:17.0939 5672  AppleLowerFilter - ok
23:20:17.0941 5672  [ 769316CA5884FBBD02D45C28FE105922 ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
23:20:17.0942 5672  applockerfltr - ok
23:20:17.0946 5672  [ 78548DB096DA7BA26BAA318FE9B0CEC1 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
23:20:17.0947 5672  AppMgmt - ok
23:20:17.0955 5672  [ 636575088044E7271088BB8CFA382B45 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
23:20:17.0958 5672  AppReadiness - ok
23:20:17.0966 5672  [ 39C180F07B002F3EE652E259F16547B4 ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
23:20:17.0970 5672  AppVClient - ok
23:20:17.0973 5672  [ 5CD58F779237F533D5F30C294DA04C0E ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
23:20:17.0974 5672  AppvStrm - ok
23:20:17.0978 5672  [ A4354E3EF779E4CDC6C9D705FFBD3652 ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
23:20:17.0979 5672  AppvVemgr - ok
23:20:17.0983 5672  [ 467021D15ED33D9B8CD313C7631A89B6 ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
23:20:17.0984 5672  AppvVfs - ok
23:20:18.0006 5672  [ 93836D0C6561A7D88B673F5DC3F26CC3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
23:20:18.0018 5672  AppXSvc - ok
23:20:18.0023 5672  [ 013E057DF3D13A4462AD912D7732E7E0 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
23:20:18.0024 5672  arcsas - ok
23:20:18.0033 5672  [ BBF8F831C7720DD5135D8C4C8325187A ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
23:20:18.0039 5672  asComSvc - ok
23:20:18.0050 5672  [ 798DE15F187C1F013095BBBEB6FB6197 ] AsIO            C:\WINDOWS\syswow64\drivers\AsIO.sys
23:20:18.0051 5672  AsIO - ok
23:20:18.0057 5672  [ 44EDBC9E6F5823D2F529113C26368A9E ] AssignedAccessManagerSvc C:\WINDOWS\System32\assignedaccessmanagersvc.dll
23:20:18.0060 5672  AssignedAccessManagerSvc - ok
23:20:18.0072 5672  [ 37F7DD839A711B5706B1264F4D8D4BDC ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
23:20:18.0082 5672  AsSysCtrlService - ok
23:20:18.0085 5672  [ B25ACCD9BE5F5798E9DD8FFB04D7BE4C ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
23:20:18.0086 5672  AsyncMac - ok
23:20:18.0088 5672  [ 90AB4ED8EBD72A1C096A40CC35404B91 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
23:20:18.0089 5672  atapi - ok
23:20:18.0097 5672  [ 40037D813ADD64CF1486B8D278EBDC97 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
23:20:18.0100 5672  AudioEndpointBuilder - ok
23:20:18.0119 5672  [ E8809785AC2D25D668683CD87E9A3D09 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
23:20:18.0125 5672  Audiosrv - ok
23:20:18.0129 5672  [ D7BFD86F7A9ABE39351199869D093110 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
23:20:18.0130 5672  AxInstSV - ok
23:20:18.0137 5672  [ F10E4C9444A9FC6DCBAB2C42F6999FA1 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
23:20:18.0140 5672  b06bdrv - ok
23:20:18.0143 5672  [ 982FAA5686F67BFEF3E6094705C2621F ] bam             C:\WINDOWS\system32\drivers\bam.sys
23:20:18.0144 5672  bam - ok
23:20:18.0147 5672  [ FA4973E379E872C61D0CF4E39F807833 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
23:20:18.0147 5672  BasicDisplay - ok
23:20:18.0150 5672  [ F024B80EA0076A318598DAB795F9C3D0 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
23:20:18.0151 5672  BasicRender - ok
23:20:18.0163 5672  [ A40D67C74AB41F1CABA492B27AEACBBF ] BcastDVRUserService C:\WINDOWS\System32\BcastDVRUserService.dll
23:20:18.0168 5672  BcastDVRUserService - ok
23:20:18.0171 5672  [ 739D089777D2B66DBE7201E5EA4BA2D7 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
23:20:18.0172 5672  bcmfn2 - ok
23:20:18.0177 5672  [ E3C52508E764B710C6EC9C7E06E5966A ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
23:20:18.0179 5672  BDESVC - ok
23:20:18.0182 5672  [ 9B068DF7B7B3DDF768D06DFD69B49FD0 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
23:20:18.0182 5672  Beep - ok
23:20:18.0226 5672  [ 2B241C0DA8A1914B58C40433B224A11E ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
23:20:18.0248 5672  BEService - ok
23:20:18.0258 5672  [ 0B9B6D7A2F31FBD63301D19B1B08238E ] BFE             C:\WINDOWS\System32\bfe.dll
23:20:18.0261 5672  BFE - ok
23:20:18.0265 5672  [ AC46922A724F2C35BF945FBAA024643E ] bindflt         C:\WINDOWS\system32\drivers\bindflt.sys
23:20:18.0265 5672  bindflt - ok
23:20:18.0277 5672  [ 97F4C0B9741E06BAC6AD2D93ABCEAED8 ] BITS            C:\WINDOWS\System32\qmgr.dll
23:20:18.0284 5672  BITS - ok
23:20:18.0290 5672  [ 30D75769E23CCFBE13DB41FC54243BB1 ] BluetoothUserService C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll
23:20:18.0293 5672  BluetoothUserService - ok
23:20:18.0297 5672  [ 85B874696CC64AFE22DEAD2B87498621 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
23:20:18.0298 5672  bowser - ok
23:20:18.0306 5672  [ 8A607C17CF3D5A92B1D1185458E96755 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
23:20:18.0309 5672  BrokerInfrastructure - ok
23:20:18.0314 5672  [ DB109DA005B6FE2A350C5DD7CA768DFD ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
23:20:18.0315 5672  BrYNSvc - ok
23:20:18.0321 5672  [ D39550C1AA58659A24DCA705A4DE5A91 ] BTAGService     C:\WINDOWS\System32\BTAGService.dll
23:20:18.0323 5672  BTAGService - ok
23:20:18.0330 5672  [ 37E4B4109ECEC6083A14A4C3E3CCBED8 ] BthAvctpSvc     C:\WINDOWS\System32\BthAvctpSvc.dll
23:20:18.0332 5672  BthAvctpSvc - ok
23:20:18.0336 5672  [ 5512D026F23AA7C99B49A8A18FE8556F ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
23:20:18.0337 5672  BthHFEnum - ok
23:20:18.0340 5672  [ A0EC1D5C937995A2C5F1179538A8A6B4 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
23:20:18.0341 5672  BTHMODEM - ok
23:20:18.0345 5672  [ 45FDE7D6EBD8A3C524BCCB76F2FF6D41 ] bthserv         C:\WINDOWS\system32\bthserv.dll
23:20:18.0347 5672  bthserv - ok
23:20:18.0349 5672  [ E3786BEBB7E4003DE324A18069DDA081 ] bttflt          C:\WINDOWS\system32\drivers\bttflt.sys
23:20:18.0350 5672  bttflt - ok
23:20:18.0353 5672  [ 03C13BB635635B9152DBF49AA07B728C ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
23:20:18.0354 5672  buttonconverter - ok
23:20:18.0357 5672  [ 9983FF8D9834F2E67787F4BDC42A8E36 ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
23:20:18.0358 5672  CAD - ok
23:20:18.0362 5672  [ A2684F435B088FA5FC4DF7C0FEEBBD07 ] camsvc          C:\WINDOWS\system32\CapabilityAccessManager.dll
23:20:18.0364 5672  camsvc - ok
23:20:18.0367 5672  [ 407B33DE151A3DFCF564AC4270E44B1D ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
23:20:18.0368 5672  CapImg - ok
23:20:18.0371 5672  [ 1200CA82E0D59510F69B6839540A76AA ] CaptureService  C:\WINDOWS\System32\CaptureService.dll
23:20:18.0373 5672  CaptureService - ok
23:20:18.0376 5672  [ D7CFB8CA10EFD49764A25F3816028304 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
23:20:18.0377 5672  cdfs - ok
23:20:18.0384 5672  [ AF7AA61D08DC12FE9B6616C8CC484FD0 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
23:20:18.0387 5672  CDPSvc - ok
23:20:18.0393 5672  [ 9CCBB0E811E6790BA1C82D75491DF794 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
23:20:18.0395 5672  CDPUserSvc - ok
23:20:18.0399 5672  [ 6834DBBA2A1DBA5B9B6360D0B9A3CBB5 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
23:20:18.0400 5672  cdrom - ok
23:20:18.0404 5672  [ 6C6FAAB1BC8D63BF8CB6B5EFCEF4E351 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
23:20:18.0406 5672  CertPropSvc - ok
23:20:18.0410 5672  [ 4A08B239F92B319AD31E3916D27AD4B9 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
23:20:18.0412 5672  cht4iscsi - ok
23:20:18.0428 5672  [ C8EA9376E4D284F9DF24B27AC6E3AB85 ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
23:20:18.0434 5672  cht4vbd - ok
23:20:18.0438 5672  [ 3AA86DA04A561E8162C2DBBF92D12074 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
23:20:18.0439 5672  circlass - ok
23:20:18.0444 5672  [ 4C9CDDE070A9A005CC11CF17483720A4 ] CldFlt          C:\WINDOWS\system32\drivers\cldflt.sys
23:20:18.0446 5672  CldFlt - ok
23:20:18.0452 5672  [ DB26170CF6555B9AFF76CFA067ABCF90 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
23:20:18.0454 5672  CLFS - ok
23:20:18.0540 5672  [ F0132D012CC70F4B7F2C47E7B8B56F42 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
23:20:18.0578 5672  ClickToRunSvc - ok
23:20:18.0591 5672  [ 5BD85187D6A6A37D2A4563F33D7A76E4 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
23:20:18.0595 5672  ClipSVC - ok
23:20:18.0602 5672  [ 66CBF6F8FE6F436B315D7FEAF5D2BB40 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
23:20:18.0603 5672  CmBatt - ok
23:20:18.0611 5672  [ C87059D18F28CDDBD9188C1E32A05473 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
23:20:18.0616 5672  CNG - ok
23:20:18.0619 5672  [ 037DCC7A71938729CB12E8174E03031C ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
23:20:18.0620 5672  cnghwassist - ok
23:20:18.0627 5672  [ E40C99A3E0FFF49687F2187BF3E3050D ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys
23:20:18.0628 5672  CompositeBus - ok
23:20:18.0631 5672  COMSysApp - ok
23:20:18.0633 5672  [ 3799A9DFB162D9AAD6AC12CB8185FD19 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
23:20:18.0634 5672  condrv - ok
23:20:18.0643 5672  [ 0E3C710DF2D39FD88A67B844EC1BE81B ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
23:20:18.0647 5672  CoreMessagingRegistrar - ok
23:20:18.0655 5672  [ 6C6073B45D65887A6035F1A8D073274A ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
23:20:18.0657 5672  CryptSvc - ok
23:20:18.0662 5672  [ 3D4C5DCB65E56C3F961E1773A5728825 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
23:20:18.0665 5672  CSC - ok
23:20:18.0673 5672  [ E20EC7EA6EEF16B5780B459FBA86C521 ] CscService      C:\WINDOWS\System32\cscsvc.dll
23:20:18.0676 5672  CscService - ok
23:20:18.0680 5672  [ 8711386E9B04357F8F58166760759F3A ] dam             C:\WINDOWS\system32\drivers\dam.sys
23:20:18.0681 5672  dam - ok
23:20:18.0693 5672  [ 2383579559B1EB66C4FA2297119CEDD0 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
23:20:18.0698 5672  DcomLaunch - ok
23:20:18.0706 5672  [ C482918CE0D93CD50A1633866794B50A ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
23:20:18.0709 5672  defragsvc - ok
23:20:18.0714 5672  [ BF443F7BE4BBA1A2F345474D74953A42 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
23:20:18.0718 5672  DeviceAssociationService - ok
23:20:18.0722 5672  [ DBD6E8A5C358AAA3B4900EFD5CF94CC8 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
23:20:18.0724 5672  DeviceInstall - ok
23:20:18.0730 5672  [ 38D6ED38A46F815C24C5656E8A5AB083 ] DevicePickerUserSvc C:\WINDOWS\System32\Windows.Devices.Picker.dll
23:20:18.0734 5672  DevicePickerUserSvc - ok
23:20:18.0742 5672  [ 372BD821867225F32DE87A6B3FEC8A2E ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
23:20:18.0745 5672  DevicesFlowUserSvc - ok
23:20:18.0748 5672  [ C48C4D6B8D9C53F0399DEDA402A6FAE5 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
23:20:18.0750 5672  DevQueryBroker - ok
23:20:18.0753 5672  [ 8A1C10410FDA4287A76EC5A64371E221 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
23:20:18.0754 5672  Dfsc - ok
23:20:18.0759 5672  [ D6BD91642F17E3A675F41F06654B3367 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
23:20:18.0761 5672  Dhcp - ok
23:20:18.0765 5672  [ 1A468A999C05ACA23C8F5A52C996AEDA ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
23:20:18.0766 5672  diagnosticshub.standardcollector.service - ok
23:20:18.0770 5672  [ 6EC6BB6EF31C85FD72D14BE4A1BD1B03 ] diagsvc         C:\WINDOWS\system32\DiagSvc.dll
23:20:18.0772 5672  diagsvc - ok
23:20:18.0798 5672  [ 3D28F003EF36832F956B2B87F3950CD3 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
23:20:18.0809 5672  DiagTrack - ok
23:20:18.0813 5672  [ A79FCB89805FA9EA9F48B671A4591D4E ] Disk            C:\WINDOWS\system32\drivers\disk.sys
23:20:18.0814 5672  Disk - ok
23:20:18.0822 5672  [ EAA267FAABDBE6194985DC6A0AC96664 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
23:20:18.0828 5672  DmEnrollmentSvc - ok
23:20:18.0831 5672  [ F69D7A5D7EDEE16B85F08040836FB09C ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
23:20:18.0832 5672  dmvsc - ok
23:20:18.0834 5672  [ 8B3601E34BD1D693598F968D70361C37 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
23:20:18.0835 5672  dmwappushservice - ok
23:20:18.0840 5672  [ BA5A58540B04E0E5489D7004FAFC44BF ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
23:20:18.0842 5672  Dnscache - ok
23:20:18.0848 5672  [ C79E79CD4DE45EC0EC0ECB5C76D6CB11 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
23:20:18.0850 5672  dot3svc - ok
23:20:18.0855 5672  [ 5B1EF28DE7302A6BD5DF8459E2C598EF ] DPS             C:\WINDOWS\system32\dps.dll
23:20:18.0857 5672  DPS - ok
23:20:18.0860 5672  [ AD1BEFBF96C0273925EDC9282557D984 ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
23:20:18.0860 5672  drmkaud - ok
23:20:18.0865 5672  [ E7D1636EEA6F9A941573CA426F214054 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
23:20:18.0867 5672  DsmSvc - ok
23:20:18.0871 5672  [ 0DD6AB9BA3CE309E3500CCE381866DA3 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
23:20:18.0872 5672  DsSvc - ok
23:20:18.0877 5672  [ 09D2D1F30343682F6241B58C721D5FDF ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
23:20:18.0880 5672  DusmSvc - ok
23:20:18.0901 5672  [ 9DE01582E771304FC81538738CA5C7E0 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
23:20:18.0918 5672  DXGKrnl - ok
23:20:18.0922 5672  [ 41AE1D550365D449F2D8B4DD4D4049FF ] eamonm          C:\WINDOWS\system32\DRIVERS\eamonm.sys
23:20:18.0924 5672  eamonm - ok
23:20:18.0928 5672  [ 7E9A1608894297B133AF5EE18E404208 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
23:20:18.0929 5672  Eaphost - ok
23:20:18.0936 5672  [ EF0F571CA05EB64C15F5B84928387594 ] EasyAntiCheat   C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
23:20:18.0941 5672  EasyAntiCheat - ok
23:20:18.0965 5672  [ 75CA88887850A74DDAAAF92500B6D9B9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
23:20:18.0977 5672  ebdrv - ok
23:20:18.0981 5672  [ 27D552ED757DE60EC6E0077B80180A2E ] edevmon         C:\WINDOWS\system32\DRIVERS\edevmon.sys
23:20:18.0982 5672  edevmon - ok
23:20:18.0986 5672  [ 2B561CC1C21D613BB530DD0C1A5FDED7 ] eelam           C:\WINDOWS\system32\DRIVERS\eelam.sys
23:20:18.0986 5672  eelam - ok
23:20:18.0989 5672  [ 3DF3B76B19DA92A8ADC01FF38560282D ] EFS             C:\WINDOWS\System32\lsass.exe
23:20:18.0991 5672  EFS - ok
23:20:18.0994 5672  [ 6F5E4C5F655945E19CC2934164C36DFC ] ehdrv           C:\WINDOWS\system32\DRIVERS\ehdrv.sys
23:20:18.0996 5672  ehdrv - ok
23:20:18.0999 5672  [ 7E838D857FC55535710C316441459C38 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
23:20:19.0000 5672  EhStorClass - ok
23:20:19.0004 5672  [ 49023DD6F646B8C70AE1C105415F3E2B ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
23:20:19.0005 5672  EhStorTcgDrv - ok
23:20:19.0008 5672  [ B02D7C51B339959EF2438DD29D0C2D50 ] ekbdflt         C:\WINDOWS\system32\DRIVERS\ekbdflt.sys
23:20:19.0008 5672  ekbdflt - ok
23:20:19.0027 5672  [ 4B805F95C40896A7EAC6C483BD156731 ] ekrn            C:\Program Files\ESET\ESET Security\ekrn.exe
23:20:19.0036 5672  ekrn - ok
23:20:19.0041 5672  [ 80D5BD4804C587B21A121566549A63FB ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
23:20:19.0042 5672  embeddedmode - ok
23:20:19.0047 5672  [ 214697A8DFA6A8C4F41472BFA742A244 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
23:20:19.0050 5672  EntAppSvc - ok
23:20:19.0053 5672  [ EAC24CF67CB38A9C50E6CE9D136834C5 ] epfw            C:\WINDOWS\system32\DRIVERS\epfw.sys
23:20:19.0054 5672  epfw - ok
23:20:19.0057 5672  [ C0EF0049604461DC48726AF6B180EDA8 ] epfwwfp         C:\WINDOWS\system32\DRIVERS\epfwwfp.sys
23:20:19.0058 5672  epfwwfp - ok
23:20:19.0060 5672  [ 1DF19D7A941CB06F8EADF89FA0BF59AD ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
23:20:19.0061 5672  ErrDev - ok
23:20:19.0069 5672  [ 9B538A1E44E1D61FA80E80EA75A085FA ] EventSystem     C:\WINDOWS\system32\es.dll
23:20:19.0072 5672  EventSystem - ok
23:20:19.0076 5672  [ EED39B62D3A7997D0A18711957C9D43A ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
23:20:19.0079 5672  exfat - ok
23:20:19.0084 5672  [ BB0B0F010E44321C861749A91AEFFE64 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
23:20:19.0087 5672  fastfat - ok
23:20:19.0094 5672  [ BBD6407DA3DA4FC718710587E253C7BF ] Fax             C:\WINDOWS\system32\fxssvc.exe
23:20:19.0098 5672  Fax - ok
23:20:19.0100 5672  [ 6701B9973DE98578A491721B4BDE0926 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
23:20:19.0101 5672  fdc - ok
23:20:19.0104 5672  [ A2037943CCC079307A383C5543607CEF ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
23:20:19.0106 5672  fdPHost - ok
23:20:19.0108 5672  [ C11A1A9CF331B7AA2F04974EE262EC07 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
23:20:19.0109 5672  FDResPub - ok
23:20:19.0113 5672  [ 71CECDA2DCF81E0AD8C30440C77966E2 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
23:20:19.0114 5672  fhsvc - ok
23:20:19.0117 5672  [ 9BC7FE262AF52B341048234809AA7D91 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
23:20:19.0118 5672  FileCrypt - ok
23:20:19.0121 5672  [ 6702E71BDC30527842F86F1BF5B9F59E ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
23:20:19.0122 5672  FileInfo - ok
23:20:19.0125 5672  [ 01D83D284E6B37902DB3C4D4DB0649E0 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
23:20:19.0126 5672  Filetrace - ok
23:20:19.0128 5672  [ CE9CB1DB00B5007ABFFF0717E748E919 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
23:20:19.0129 5672  flpydisk - ok
23:20:19.0134 5672  [ C5374BA2CAE89DE7269EC61A969EF5D5 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
23:20:19.0137 5672  FltMgr - ok
23:20:19.0153 5672  [ 57061AB9B898F63F538B547C04B736E0 ] FontCache       C:\WINDOWS\system32\FntCache.dll
23:20:19.0160 5672  FontCache - ok
23:20:19.0164 5672  [ CE9456F925ADA70ED5A4158F103F9A26 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:20:19.0165 5672  FontCache3.0.0.0 - ok
23:20:19.0172 5672  [ B6BC6E6731FB1E02F0B3C73A87E1C35E ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
23:20:19.0176 5672  FrameServer - ok
23:20:19.0179 5672  [ 835F9C7193B6F9A796DE76897DC56968 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
23:20:19.0180 5672  FsDepends - ok
23:20:19.0182 5672  [ A01BA0506E07F316483E99D7AD9B6E75 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:20:19.0183 5672  Fs_Rec - ok
23:20:19.0191 5672  [ 73721B6013AA296F935755A2EC8A3574 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
23:20:19.0197 5672  fvevol - ok
23:20:19.0199 5672  [ FAA4DF336EC5BF0D4D1763A0929454CC ] gdrv            C:\Windows\gdrv.sys
23:20:19.0200 5672  gdrv - ok
23:20:19.0202 5672  [ 71DBED7FB264DB60341BC796EC2E8135 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
23:20:19.0203 5672  gencounter - ok
23:20:19.0206 5672  [ EA5EE5EF9765A9157B346DF671952F18 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
23:20:19.0207 5672  genericusbfn - ok
23:20:19.0218 5672  [ DC9DFE049A094464EC8664401B43B7DA ] GoogleChromeElevationService C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\elevation_service.exe
23:20:19.0223 5672  GoogleChromeElevationService - ok
23:20:19.0227 5672  [ 6BE6550F1A32796A11EBC58BBC72C44D ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
23:20:19.0229 5672  GPIOClx0101 - ok
23:20:19.0242 5672  [ 3FC2377994D9D63FC128B6C48B22B68F ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
23:20:19.0248 5672  gpsvc - ok
23:20:19.0251 5672  [ 508614CAC7BF8AEE4FB9002A413919B1 ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
23:20:19.0252 5672  GpuEnergyDrv - ok
23:20:19.0255 5672  [ 248739BB0F3A1156A2C0AF51F39A9EA2 ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
23:20:19.0256 5672  GraphicsPerfSvc - ok
23:20:19.0260 5672  [ 605CCC9CE1839BC5583017DF7CAE27A6 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:20:19.0260 5672  gupdate - ok
23:20:19.0263 5672  [ 605CCC9CE1839BC5583017DF7CAE27A6 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:20:19.0264 5672  gupdatem - ok
23:20:19.0267 5672  [ DED74127C7A2266715C0B8EA2EE75214 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
23:20:19.0268 5672  HDAudBus - ok
23:20:19.0271 5672  [ 95888B85956AF97320D1F5C354632957 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
23:20:19.0271 5672  HidBatt - ok
23:20:19.0275 5672  [ 104124D3EB9D10608F80D621FA1B4525 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
23:20:19.0276 5672  HidBth - ok
23:20:19.0278 5672  [ 6D767FEB02DF712F783BEEFF09E06431 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
23:20:19.0279 5672  hidi2c - ok
23:20:19.0282 5672  [ 542AB7A14235C5227A9307ACF1636F0B ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
23:20:19.0283 5672  hidinterrupt - ok
23:20:19.0285 5672  [ 1553DF41F4EE4F60B4BEEEC62264BE71 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
23:20:19.0286 5672  HidIr - ok
23:20:19.0289 5672  [ 3030F19C6A73367D6D5EEDD157F5D01A ] hidserv         C:\WINDOWS\system32\hidserv.dll
23:20:19.0290 5672  hidserv - ok
23:20:19.0293 5672  [ 6E3FB2047B8AE72E1B5F1C00A5F3E475 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
23:20:19.0293 5672  HidUsb - ok
23:20:19.0298 5672  [ 621B1FFB2E4E4745484EA01B013BF1D2 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
23:20:19.0299 5672  HpSAMD - ok
23:20:19.0308 5672  [ 87B74C28D0A841D920B05184554C41BB ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
23:20:19.0312 5672  HTTP - ok
23:20:19.0316 5672  [ 9E1F3BA540DB9F4942A3F50A92E5754F ] hvcrash         C:\WINDOWS\System32\drivers\hvcrash.sys
23:20:19.0317 5672  hvcrash - ok
23:20:19.0319 5672  [ EBFCD9B6431859F529CE9BB66E723D37 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
23:20:19.0321 5672  HvHost - ok
23:20:19.0324 5672  [ C3D52DA1DD280253A4575A0AF7BF1BD8 ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
23:20:19.0324 5672  hvservice - ok
23:20:19.0327 5672  [ B149905CD7451160B6BFA2191A3F6182 ] HwNClx0101      C:\WINDOWS\system32\Drivers\mshwnclx.sys
23:20:19.0328 5672  HwNClx0101 - ok
23:20:19.0331 5672  [ FE36689912DEC37D45B7A6C6414046FE ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
23:20:19.0332 5672  hwpolicy - ok
23:20:19.0334 5672  [ A1133368F47D514D73DD7FB4C4FD2B75 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
23:20:19.0335 5672  hyperkbd - ok
23:20:19.0339 5672  [ B68252C53556FFB52CCE18FF30FACA99 ] HyperVideo      C:\WINDOWS\System32\drivers\HyperVideo.sys
23:20:19.0340 5672  HyperVideo - ok
23:20:19.0343 5672  [ DA179667B8CEC22E4ECBBF4210DC0E35 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
23:20:19.0344 5672  i8042prt - ok
23:20:19.0346 5672  [ B5EC43755E62591197DE5CBBDAA9FEB7 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
23:20:19.0347 5672  iagpio - ok
23:20:19.0350 5672  [ D8CA23F9C5FEF44296FDE1E005C06EC0 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
23:20:19.0351 5672  iai2c - ok
23:20:19.0356 5672  [ 7B769C9D19C013F94874C4B15D59A005 ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
23:20:19.0357 5672  iaLPSS2i_GPIO2 - ok
23:20:19.0360 5672  [ E0F1B3A2A70FABE3BE1C9140BB55E607 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
23:20:19.0361 5672  iaLPSS2i_GPIO2_BXT_P - ok
23:20:19.0364 5672  [ 89A869BCC0588A3009ECB875B09ECD39 ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
23:20:19.0365 5672  iaLPSS2i_I2C - ok
23:20:19.0369 5672  [ 2E693DF3C02A0859DB8DE25772751100 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
23:20:19.0371 5672  iaLPSS2i_I2C_BXT_P - ok
23:20:19.0373 5672  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
23:20:19.0374 5672  iaLPSSi_GPIO - ok
23:20:19.0377 5672  [ EB82A11613326691508D9ED9A4FE29E7 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
23:20:19.0378 5672  iaLPSSi_I2C - ok
23:20:19.0387 5672  [ 26405FA714257E449581DE5D6E6200E6 ] iaStorAVC       C:\WINDOWS\system32\drivers\iaStorAVC.sys
23:20:19.0391 5672  iaStorAVC - ok
23:20:19.0397 5672  [ 11AC0355FE52CC8813EE6864DE7531E4 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
23:20:19.0399 5672  iaStorV - ok
23:20:19.0406 5672  [ 62CD9FA7394BCDF7784CCEFC9D00C9AA ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
23:20:19.0407 5672  ibbus - ok
23:20:19.0412 5672  [ 964C20272DDC5D504B27050008B30860 ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
23:20:19.0416 5672  icssvc - ok
23:20:19.0425 5672  [ 37D673A961E21BFF0143AE43C3E41DAC ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
23:20:19.0429 5672  IKEEXT - ok
23:20:19.0432 5672  [ AA38C19A3D65E8228D822EB18037E19D ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
23:20:19.0433 5672  IndirectKmd - ok
23:20:19.0447 5672  [ 90A2488077F890EA85D2FB1BCABEFA0D ] InstallService  C:\WINDOWS\system32\InstallService.dll
23:20:19.0453 5672  InstallService - ok
23:20:19.0493 5672  [ 7EF86F8C880B7B3902E54B0E883A580D ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
23:20:19.0527 5672  IntcAzAudAddService - ok
23:20:19.0531 5672  [ F1B552F7ACDF6E3E4DDDB76118CAFDE3 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
23:20:19.0532 5672  intelide - ok
23:20:19.0536 5672  [ E6CC7C1E7CEDC81D6B15BF2CF4C99109 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
23:20:19.0537 5672  intelpep - ok
23:20:19.0541 5672  [ 2CEF9DEB97B2CA327175EE8AD5F195A1 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
23:20:19.0542 5672  intelppm - ok
23:20:19.0546 5672  [ 8F466DA27E6160934A695BCCEFB80AC3 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
23:20:19.0546 5672  iorate - ok
23:20:19.0549 5672  [ 44A9B60ECA9F6D760E0292E56127BCED ] ipadtst         C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys
23:20:19.0550 5672  ipadtst - ok
23:20:19.0551 5672  [ E59F589F4280E04ADBCFB9189F6A4750 ] ipadtst2        C:\Program Files (x86)\MSI\Super Charger\ipadtst2_64.sys
23:20:19.0552 5672  ipadtst2 - ok
23:20:19.0556 5672  [ FB72A49FAD5C343C8C38948F92D87BBF ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:20:19.0557 5672  IpFilterDriver - ok
23:20:19.0566 5672  [ 9064A49C03F1CED42EAC2B4636C87192 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
23:20:19.0569 5672  iphlpsvc - ok
23:20:19.0573 5672  [ 5C58142E0F1F8AA379748CC123BA7527 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
23:20:19.0574 5672  IPMIDRV - ok
23:20:19.0577 5672  [ 7408B83959A4B8271EF67FD06A6B366B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
23:20:19.0579 5672  IPNAT - ok
23:20:19.0581 5672  [ 7BEA2228C81FB6E1EADDD54D615B4C7E ] IPT             C:\WINDOWS\System32\drivers\ipt.sys
23:20:19.0582 5672  IPT - ok
23:20:19.0585 5672  [ AD0574F12AA812340BD39071FD30AD1E ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
23:20:19.0587 5672  IpxlatCfgSvc - ok
23:20:19.0590 5672  [ 030AE3773151CFA728C67E38416FAD8D ] irda            C:\WINDOWS\system32\drivers\irda.sys
23:20:19.0591 5672  irda - ok
23:20:19.0594 5672  [ 79D02DC54AB4F85D2C13A728A0E36193 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
23:20:19.0595 5672  IRENUM - ok
23:20:19.0597 5672  [ 6ADE9DCAF71DCD888320CA47DB8B05EF ] irmon           C:\WINDOWS\System32\irmon.dll
23:20:19.0599 5672  irmon - ok
23:20:19.0601 5672  [ 38A6EC08D0067DECF7B5BA4C871B846C ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
23:20:19.0602 5672  isapnp - ok
23:20:19.0606 5672  [ 5529131AAB75E07D9295B19E20C54DAE ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
23:20:19.0608 5672  iScsiPrt - ok
23:20:19.0611 5672  [ C35FD802C800F3CBB4FD426D5A542A22 ] ItSas35i        C:\WINDOWS\system32\drivers\ItSas35i.sys
23:20:19.0612 5672  ItSas35i - ok
23:20:19.0615 5672  [ 17F3B012B28F27E7B813A7B037A3D790 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
23:20:19.0615 5672  kbdclass - ok
23:20:19.0618 5672  [ 843B4BBD15DD0340C5C293CD419D4A76 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
23:20:19.0619 5672  kbdhid - ok
23:20:19.0622 5672  [ 5BBB86F3F1700E0ACE1DF10F0EF7B227 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
23:20:19.0622 5672  kdnic - ok
23:20:19.0625 5672  [ 3DF3B76B19DA92A8ADC01FF38560282D ] KeyIso          C:\WINDOWS\system32\lsass.exe
23:20:19.0626 5672  KeyIso - ok
23:20:19.0630 5672  [ 9E2603E22242B1482EB5184EBE6ED107 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
23:20:19.0632 5672  KSecDD - ok
23:20:19.0636 5672  [ 43C0423E16C823E22BA9E50DB06FB275 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
23:20:19.0638 5672  KSecPkg - ok
23:20:19.0640 5672  [ 10F2EBC1F1C4549C355781715DE47B66 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
23:20:19.0641 5672  ksthunk - ok
23:20:19.0647 5672  [ C4151271434A490707B4FD4E6AAE9EED ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
23:20:19.0650 5672  KtmRm - ok
23:20:19.0653 5672  [ 6844929518CA9936F28DA5FFDC2AF9D2 ] ladfGSS         C:\WINDOWS\system32\drivers\ladfGSS.sys
23:20:19.0653 5672  ladfGSS - ok
23:20:19.0658 5672  [ 081D030BC669BDEDC68B8FE81A67E6A7 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
23:20:19.0661 5672  LanmanServer - ok
23:20:19.0666 5672  [ 514E8BD07F42D95667F54777D57403D0 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:20:19.0669 5672  LanmanWorkstation - ok
23:20:19.0674 5672  [ C2A49E8EEE7C3D06ECA80847A42F65D5 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
23:20:19.0675 5672  lfsvc - ok
23:20:19.0678 5672  [ A6F294B38F3DFB67D6B6E1D1E60A402A ] LGBusEnum       C:\WINDOWS\system32\drivers\LGBusEnum.sys
23:20:19.0678 5672  LGBusEnum - ok
23:20:19.0681 5672  [ 2D7F1C02B94D6F0F3E10107E5EA8E141 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
23:20:19.0681 5672  LGCoreTemp - ok
23:20:19.0684 5672  [ 2A9F60E6531F42B31874618743037719 ] LGJoyXlCore     C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
23:20:19.0685 5672  LGJoyXlCore - ok
23:20:19.0688 5672  [ FA59A7421049F5852C1182345A4B8C4F ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys
23:20:19.0689 5672  LGVirHid - ok
23:20:19.0692 5672  [ DB8F10ED986BFE0A5B663A1D067F2CCC ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
23:20:19.0693 5672  LicenseManager - ok
23:20:19.0696 5672  [ 3CF979AFF0196DF3DF5E54DFC049EB1F ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
23:20:19.0697 5672  lltdio - ok
23:20:19.0701 5672  [ D6DD748EAC3BC540CFE65C73FE20C099 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
23:20:19.0704 5672  lltdsvc - ok
23:20:19.0706 5672  [ BD35F484DA59014D091736F8F10BFB42 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
23:20:19.0708 5672  lmhosts - ok
23:20:19.0711 5672  [ DB472E3377770B0D54BFFE8866081803 ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
23:20:19.0713 5672  LogiRegistryService - ok
23:20:19.0717 5672  [ 48380096385DB46E43D85CD92B9500DB ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
23:20:19.0718 5672  LSI_SAS - ok
23:20:19.0721 5672  [ F708223E5829510DF0D5AF209D11C8B8 ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
23:20:19.0723 5672  LSI_SAS2i - ok
23:20:19.0726 5672  [ B91BCC8F670F128A4BB826ACF2C2B9D5 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
23:20:19.0727 5672  LSI_SAS3i - ok
23:20:19.0730 5672  [ FA31CDF977CD31AF9AEAAA422966ACC1 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
23:20:19.0731 5672  LSI_SSS - ok
23:20:19.0738 5672  [ 52B6D805C60127F0456DF019775F5740 ] LSM             C:\WINDOWS\System32\lsm.dll
23:20:19.0741 5672  LSM - ok
23:20:19.0745 5672  [ E86400D7B6E095E89CF63667D94D3F50 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
23:20:19.0746 5672  luafv - ok
23:20:19.0750 5672  [ 07514F5635999D7DDB5F3A62B5C5AEB3 ] LxpSvc          C:\WINDOWS\System32\LanguageOverlayServer.dll
23:20:19.0752 5672  LxpSvc - ok
23:20:19.0756 5672  [ 1CA48E995EE9BDAE7EE3601C792D8DA4 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
23:20:19.0758 5672  MapsBroker - ok
23:20:19.0764 5672  [ BD3D311802427608403C5E73A8D6137D ] mausbhost       C:\WINDOWS\System32\drivers\mausbhost.sys
23:20:19.0766 5672  mausbhost - ok
23:20:19.0769 5672  [ 61C2D9790943D8E3AD05AE35E4A313EF ] mausbip         C:\WINDOWS\System32\drivers\mausbip.sys
23:20:19.0770 5672  mausbip - ok
23:20:19.0774 5672  [ AC5EE6C2018136DC8A3CBC7E5FEF5647 ] MBAMChameleon   C:\WINDOWS\System32\Drivers\MbamChameleon.sys
23:20:19.0776 5672  MBAMChameleon - ok
23:20:19.0779 5672  [ 31E4AC0C3D3BAC32082304BD43560760 ] MbamElam        C:\WINDOWS\system32\DRIVERS\MbamElam.sys
23:20:19.0780 5672  MbamElam - ok
23:20:19.0821 5672  [ 4223C695C09CC3027B839803BB0359A1 ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
23:20:19.0856 5672  MBAMService - ok
23:20:19.0861 5672  [ 61BCE12529E96E6F0335A2A8DEB83C61 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
23:20:19.0862 5672  megasas - ok
23:20:19.0865 5672  [ CA22763F12783A9C81C512ED747CECDD ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
23:20:19.0865 5672  megasas2i - ok
23:20:19.0868 5672  [ FDB06D857FC43D654547BBB31D039DB4 ] megasas35i      C:\WINDOWS\system32\drivers\megasas35i.sys
23:20:19.0869 5672  megasas35i - ok
23:20:19.0876 5672  [ 230361AF74DDB91705284E024A22DF4F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
23:20:19.0879 5672  megasr - ok
23:20:19.0882 5672  [ 69259AFDF347B5F4AF06E900C4A1F62E ] MessagingService C:\WINDOWS\System32\MessagingService.dll
23:20:19.0884 5672  MessagingService - ok
23:20:19.0893 5672  [ A8931C3820D5F392D89176E0628E766E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
23:20:19.0896 5672  mlx4_bus - ok
23:20:19.0899 5672  [ 133BE679CF8962E52A7E927C25F41EF3 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
23:20:19.0900 5672  MMCSS - ok
23:20:19.0903 5672  [ CA25F2D78FDD0D36E3F3071B4B317BD4 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
23:20:19.0905 5672  Modem - ok
23:20:19.0907 5672  [ 13142B3B30F633F407D5256B2FFCCEF0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
23:20:19.0908 5672  monitor - ok
23:20:19.0911 5672  [ 66C9CCC6A100ACF7A4514BD3091CE566 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
23:20:19.0912 5672  mouclass - ok
23:20:19.0914 5672  [ 6BE61DAF4CDC0E13940096EAC4A9F490 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
23:20:19.0915 5672  mouhid - ok
23:20:19.0918 5672  [ 2CFB54C638F75E39FBB22723401A8A56 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
23:20:19.0921 5672  mountmgr - ok
23:20:19.0926 5672  [ BC7C041E5AB2D7F157731456188BFCF5 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
23:20:19.0927 5672  mpsdrv - ok
23:20:19.0935 5672  [ 2042BE5441CB1F4BB4CCBCD18B36752E ] mpssvc          C:\WINDOWS\system32\mpssvc.dll
23:20:19.0940 5672  mpssvc - ok
23:20:19.0944 5672  [ C12373EC998C6F17C0FE2D6C3CBB9C04 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
23:20:19.0945 5672  MRxDAV - ok
23:20:19.0953 5672  [ 6C321DB795F5EF5FF870737177825FC9 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:20:19.0955 5672  mrxsmb - ok
23:20:19.0960 5672  [ F3764391962FB1D11B52649B0B8716CC ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
23:20:19.0961 5672  mrxsmb20 - ok
23:20:19.0964 5672  [ F14DE177087F9E990EDE95ACE1F94662 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
23:20:19.0965 5672  MsBridge - ok
23:20:19.0969 5672  [ 9A94F32C1DC90A7E5A35D0F820A8FB1D ] MSDTC           C:\WINDOWS\System32\msdtc.exe
23:20:19.0972 5672  MSDTC - ok
23:20:19.0977 5672  [ 128E1D8C23F690DF1DD7AFDB214DB6ED ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
23:20:19.0977 5672  Msfs - ok
23:20:19.0980 5672  [ 5A5ABA987943317300A4E55A5C5EB8C4 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
23:20:19.0981 5672  msgpiowin32 - ok
23:20:19.0984 5672  [ D727DEA75E316C80793C7098225D3F56 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
23:20:19.0985 5672  mshidkmdf - ok
23:20:19.0989 5672  [ E12A703CE10B068727499276340D5296 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
23:20:19.0990 5672  mshidumdf - ok
23:20:19.0993 5672  [ 01749F4A138938C29D3F164AB91EB0CF ] MSIREGISTER_MR  C:\MSI\MSIRegister\MSIRegisterService.exe
23:20:19.0994 5672  MSIREGISTER_MR - ok
23:20:19.0996 5672  [ 8E42D6B92CB4567467E29F58F2E31715 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
23:20:19.0997 5672  msisadrv - ok
23:20:20.0001 5672  [ C9930B9F2ABF42C732202813951A9A26 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
23:20:20.0003 5672  MSiSCSI - ok
23:20:20.0005 5672  msiserver - ok
23:20:20.0009 5672  [ FCE9BC566F645CD6B9AD2007C8628FA2 ] MSI_SuperCharger C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
23:20:20.0010 5672  MSI_SuperCharger - ok
23:20:20.0013 5672  [ 2F3B9A23F8DEE9C3AD58CB3D966D83DD ] MSKSSRV         C:\WINDOWS\System32\drivers\MSKSSRV.sys
23:20:20.0014 5672  MSKSSRV - ok
23:20:20.0017 5672  [ AECFFBE104D428E8A74BCABF5B3B9912 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
23:20:20.0019 5672  MsLldp - ok
23:20:20.0021 5672  [ 83364A92271339D8042C9DD5FD938A84 ] MSPCLOCK        C:\WINDOWS\System32\drivers\MSPCLOCK.sys
23:20:20.0022 5672  MSPCLOCK - ok
23:20:20.0025 5672  [ AE5A4B89CDFF544B6481970BFD48A056 ] MSPQM           C:\WINDOWS\System32\drivers\MSPQM.sys
23:20:20.0025 5672  MSPQM - ok
23:20:20.0031 5672  [ 63794CE6137D70D2E8468E147A89BD76 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
23:20:20.0034 5672  MsRPC - ok
23:20:20.0040 5672  [ 0EB202DFD0BBEBDA54159D0E37CA1A35 ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
23:20:20.0042 5672  MsSecFlt - ok
23:20:20.0044 5672  [ 4566CB65F176CE5CD8FCA487D2E3A64B ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
23:20:20.0045 5672  mssmbios - ok
23:20:20.0048 5672  [ 8A11E03B32840C0B73C14D16794F1A8A ] MSTEE           C:\WINDOWS\System32\drivers\MSTEE.sys
23:20:20.0049 5672  MSTEE - ok
23:20:20.0051 5672  [ 794285C4F166B8108292E63FEA3C41E3 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
23:20:20.0052 5672  MTConfig - ok
23:20:20.0056 5672  [ EEB9D3E90B83546864211D63C1A0A74A ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
23:20:20.0057 5672  Mup - ok
23:20:20.0060 5672  [ 69CECA6726FAD321F5643B16A1FF3934 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
23:20:20.0061 5672  mvumis - ok
23:20:20.0069 5672  [ 84E984CE780DDAFDC1460C0DDBDE0DF3 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
23:20:20.0071 5672  NativeWifiP - ok
23:20:20.0080 5672  [ B281FAC1C60FE21ED3F635ECF673A981 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
23:20:20.0084 5672  NaturalAuthentication - ok
23:20:20.0088 5672  [ 6FEC83EDC4A3D1E99039CA1D96AD720D ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
23:20:20.0091 5672  NcaSvc - ok
23:20:20.0096 5672  [ C3D3E2DFBD52C48EA787604F49060A5C ] NcbService      C:\WINDOWS\System32\ncbservice.dll
23:20:20.0099 5672  NcbService - ok
23:20:20.0102 5672  [ 9AB04C4C14B32D127DB6E7D3DF79FF26 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
23:20:20.0105 5672  NcdAutoSetup - ok
23:20:20.0108 5672  [ AB9EB3CADF4D415B598487397476A23A ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
23:20:20.0109 5672  ndfltr - ok
23:20:20.0119 5672  [ 8012D36F21968B8CBACEAE696D87B4C0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
23:20:20.0127 5672  NDIS - ok
23:20:20.0130 5672  [ AF73B18F3096B165A6F4417C5ED36B01 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
23:20:20.0131 5672  NdisCap - ok
23:20:20.0135 5672  [ 1A9B1F5B8B131CE461A01C9424E149D7 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
23:20:20.0136 5672  NdisImPlatform - ok
23:20:20.0139 5672  [ 4C8BBD7EE829CE9BFB8E21134AC477E0 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:20:20.0140 5672  NdisTapi - ok
23:20:20.0143 5672  [ 76DB7B344F90A29A16CB6B7C67B87CF6 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
23:20:20.0143 5672  Ndisuio - ok
23:20:20.0146 5672  [ A76D79B71300EB3FEDD3D12D4C6F1D76 ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
23:20:20.0147 5672  NdisVirtualBus - ok
23:20:20.0151 5672  [ 407FC276F4E21FC9BF40D8F78E9D96AE ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
23:20:20.0152 5672  NdisWan - ok
23:20:20.0156 5672  [ 407FC276F4E21FC9BF40D8F78E9D96AE ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:20:20.0157 5672  ndiswanlegacy - ok
23:20:20.0160 5672  [ 934E4A5CFD9CB891CD338052FA3467C6 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
23:20:20.0161 5672  ndproxy - ok
23:20:20.0164 5672  [ 0E3B0F3645D1BAE79397C66FE8AF6402 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
23:20:20.0165 5672  Ndu - ok
23:20:20.0169 5672  [ A704515CF3038668E9E2CA66E31A0700 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
23:20:20.0171 5672  NetAdapterCx - ok
23:20:20.0174 5672  [ DD09E3115DF2CDB36FED21E67149EB91 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
23:20:20.0174 5672  NetBIOS - ok
23:20:20.0180 5672  [ A6C01E478CD9ED26F6FB7ABCF9A2C773 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
23:20:20.0182 5672  NetBT - ok
23:20:20.0185 5672  [ 3DF3B76B19DA92A8ADC01FF38560282D ] Netlogon        C:\WINDOWS\system32\lsass.exe
23:20:20.0187 5672  Netlogon - ok
23:20:20.0191 5672  [ C3D07481FDD607F9B66B2CF1D8E26EF0 ] Netman          C:\WINDOWS\System32\netman.dll
23:20:20.0194 5672  Netman - ok
23:20:20.0200 5672  [ 4F97291FCDFAE922B9128161C9FD4C97 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
23:20:20.0203 5672  netprofm - ok
23:20:20.0209 5672  [ C8B1AF912319FEF251288BDD27E9576D ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
23:20:20.0212 5672  NetSetupSvc - ok
23:20:20.0217 5672  [ 7EC8B56348F9298BCCA7A745C7F70E2C ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:20:20.0220 5672  NetTcpPortSharing - ok
23:20:20.0224 5672  [ DA8548D75434CE421BF921BAAC0916D9 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
23:20:20.0226 5672  netvsc - ok
23:20:20.0233 5672  [ 162A571ABAF9546339EE0BB482FF6AE7 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
23:20:20.0237 5672  NgcCtnrSvc - ok
23:20:20.0246 5672  [ CA8AD24C34F990C93846D4D9DDDC9E58 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
23:20:20.0250 5672  NgcSvc - ok
23:20:20.0256 5672  [ BF69FF80C3975B1D1E9428A689A16CB1 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
23:20:20.0259 5672  NlaSvc - ok
23:20:20.0262 5672  [ 7190932DB00BE83B57C01B5EAC4D746B ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
23:20:20.0263 5672  Npfs - ok
23:20:20.0265 5672  [ 218DB396170D77BB94F69B526CC51B8F ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
23:20:20.0266 5672  npsvctrig - ok
23:20:20.0269 5672  [ 457DAC0D0978F5391E0742ADCB4C2E28 ] nsi             C:\WINDOWS\system32\nsisvc.dll
23:20:20.0271 5672  nsi - ok
23:20:20.0274 5672  [ A4952889D7C5804F17ABB9F454A371C2 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
23:20:20.0275 5672  nsiproxy - ok
23:20:20.0293 5672  [ C535BBBD3C87D5C56686E56B2DFBD420 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
23:20:20.0307 5672  Ntfs - ok
23:20:20.0311 5672  [ C029E5408EEE26C3B4E5BA5D29738DB8 ] Null            C:\WINDOWS\system32\drivers\Null.sys
23:20:20.0311 5672  Null - ok
23:20:20.0315 5672  [ 189E5FCB96ABFEA84239A16062256EE4 ] nvdimm          C:\WINDOWS\System32\drivers\nvdimm.sys
23:20:20.0316 5672  nvdimm - ok
23:20:20.0321 5672  [ 0A4C96A706AAD735FFE0F98C408242A8 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
23:20:20.0322 5672  NVHDA - ok
23:20:20.0444 5672  [ BBA4AD780E62B8A8CB4E383DFDB6CC3C ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5db32447b43ce666\nvlddmkm.sys
23:20:20.0513 5672  nvlddmkm - ok
23:20:20.0521 5672  [ 1F50ED95984009BF3634D6BD1A16FA5B ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
23:20:20.0522 5672  nvraid - ok
23:20:20.0526 5672  [ D6C14906B78F235461EEF96A886830D4 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
23:20:20.0527 5672  nvstor - ok
23:20:20.0536 5672  [ FA8017E0195172669AF1DF96DE4A49AF ] NvTelemetryContainer C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
23:20:20.0542 5672  NvTelemetryContainer - ok
23:20:20.0545 5672  nvvad_WaveExtensible - ok
23:20:20.0547 5672  nvvhci - ok
23:20:20.0552 5672  [ 9DBC464AB85AA48C9760C6C2E591E2D3 ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
23:20:20.0555 5672  OneSyncSvc - ok
23:20:20.0572 5672  [ 0D2D4ED9EDF877FA03AA1740F8F9B634 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
23:20:20.0580 5672  Origin Client Service - ok
23:20:20.0601 5672  [ 9AA17ABF09B5088A8DF91B4AC716348B ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
23:20:20.0611 5672  Origin Web Helper Service - ok
23:20:20.0617 5672  [ 6132BB8CAD91A7DA4DDB19A2B835BD3C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:20:20.0618 5672  ose - ok
23:20:20.0622 5672  [ E0406C2951A24073AB920705A9CC9D59 ] osrss           C:\WINDOWS\system32\osrss.dll
23:20:20.0624 5672  osrss - ok
23:20:20.0629 5672  [ CD5ECD6470B6B235B73569A091150299 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
23:20:20.0632 5672  p2pimsvc - ok
23:20:20.0639 5672  [ CCD10679BA0D9EF549F80C458C2AD1C4 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
23:20:20.0642 5672  p2psvc - ok
23:20:20.0645 5672  [ 13B175715A4391E4E5D2AB2EBC8CDBB5 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
23:20:20.0646 5672  Parport - ok
23:20:20.0650 5672  [ 428B9FAFB0EE6EF66EAAB7B49A96487A ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
23:20:20.0652 5672  partmgr - ok
23:20:20.0659 5672  [ D0D8F07883CE4C96B41469071DA4E58B ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
23:20:20.0663 5672  PcaSvc - ok
23:20:20.0669 5672  [ 171FEE651F837DE6BC0831EB2EE6E667 ] pci             C:\WINDOWS\system32\drivers\pci.sys
23:20:20.0671 5672  pci - ok
23:20:20.0674 5672  [ C447CDA030A3415711E4E940D2E9B399 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
23:20:20.0675 5672  pciide - ok
23:20:20.0678 5672  [ 753174DF234EA8BBF732986D5F78FCE7 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
23:20:20.0679 5672  pcmcia - ok
23:20:20.0682 5672  [ 1D05B6DE437515281CD91A16C16529E6 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
23:20:20.0684 5672  pcw - ok
23:20:20.0687 5672  [ F5F1A092463D6E46E71CC709A65403D1 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
23:20:20.0689 5672  pdc - ok
23:20:20.0697 5672  [ 42B12A76D3C98AE69C97727E3BEC7D8A ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
23:20:20.0703 5672  PEAUTH - ok
23:20:20.0719 5672  [ 05A0A1AC00A8653B49F94381872D47E7 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
23:20:20.0727 5672  PeerDistSvc - ok
23:20:20.0731 5672  [ CD9BA1C279BE0E92E971C2B45A7F3D9B ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
23:20:20.0732 5672  percsas2i - ok
23:20:20.0735 5672  [ 6D5EA79E82A48B181E18C2C39416E8C8 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
23:20:20.0736 5672  percsas3i - ok
23:20:20.0746 5672  [ 185100798FBD23C849DC1C00ED43D99D ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
23:20:20.0751 5672  PerfHost - ok
23:20:20.0764 5672  [ 7ECA879200FAB0A7EAA2E4F17239666D ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
23:20:20.0768 5672  PhoneSvc - ok
23:20:20.0773 5672  [ 807ED476A62E79935315342BD3FAA046 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
23:20:20.0775 5672  PimIndexMaintenanceSvc - ok
23:20:20.0788 5672  [ 4E614DBE28B5857F70DEBCC804629E67 ] pla             C:\WINDOWS\system32\pla.dll
23:20:20.0795 5672  pla - ok
23:20:20.0799 5672  [ DBD6E8A5C358AAA3B4900EFD5CF94CC8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
23:20:20.0801 5672  PlugPlay - ok
23:20:20.0805 5672  [ E8BE4041A69023B6A4D1096EE8436347 ] pmem            C:\WINDOWS\System32\drivers\pmem.sys
23:20:20.0806 5672  pmem - ok
23:20:20.0809 5672  [ 99ECEDA6B2E1FDB6892FBD5AED1E5D99 ] PNPMEM          C:\WINDOWS\System32\drivers\pnpmem.sys
23:20:20.0810 5672  PNPMEM - ok
23:20:20.0813 5672  [ 75690F495CEDBEF3D5989828AEEAE832 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
23:20:20.0815 5672  PNRPAutoReg - ok
23:20:20.0820 5672  [ CD5ECD6470B6B235B73569A091150299 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
23:20:20.0823 5672  PNRPsvc - ok
23:20:20.0829 5672  [ 9744ADAF8DD679D64A33D828FABA39E1 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
23:20:20.0832 5672  PolicyAgent - ok
23:20:20.0837 5672  [ F39D3876C731BB01BFE8F574188837C8 ] Power           C:\WINDOWS\system32\umpo.dll
23:20:20.0840 5672  Power - ok
23:20:20.0843 5672  [ 1FB09FD846D5030B82EB345E9970A105 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
23:20:20.0844 5672  PptpMiniport - ok
23:20:20.0871 5672  [ AD62FCEC1CB8ECD7C0E3DFD2FA79FDE4 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
23:20:20.0884 5672  PrintNotify - ok
23:20:20.0889 5672  [ A60202AE474E2173ED91118DD73ADAAD ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
23:20:20.0891 5672  PrintWorkflowUserSvc - ok
23:20:20.0896 5672  [ E0E55CDA29C80A9520FCFC78D7F8A73D ] Processor       C:\WINDOWS\System32\drivers\processr.sys
23:20:20.0897 5672  Processor - ok
23:20:20.0903 5672  [ F96AA93B40D4670016DAF8C8F0D1BCB5 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
23:20:20.0907 5672  ProfSvc - ok
23:20:20.0911 5672  [ E4BF8BE7B3711BCBBC95EE983C0236F4 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
23:20:20.0912 5672  Psched - ok
23:20:20.0917 5672  [ 114C1662EBF3C52B0FF52EAB1D9787BB ] PushToInstall   C:\WINDOWS\system32\PushToInstall.dll
23:20:20.0919 5672  PushToInstall - ok
23:20:20.0925 5672  [ 8AB5F41584C98047ABEF490FC1E31F7E ] QWAVE           C:\WINDOWS\system32\qwave.dll
23:20:20.0927 5672  QWAVE - ok
23:20:20.0931 5672  [ 00F72861538B6C4E925A21BAE397A49D ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
23:20:20.0932 5672  QWAVEdrv - ok
23:20:20.0935 5672  [ 0FFABEB2D06CD74DDE0BCA510EEAEEBC ] Ramdisk         C:\WINDOWS\system32\DRIVERS\ramdisk.sys
23:20:20.0936 5672  Ramdisk - ok
23:20:20.0938 5672  [ B834761352403111D0113284D8736025 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:20:20.0939 5672  RasAcd - ok
23:20:20.0943 5672  [ FA99CE309B66586A0AA6EF9CFF7BC467 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
23:20:20.0943 5672  RasAgileVpn - ok
23:20:20.0947 5672  [ C7CCE345D0010B3B9AC5067578436BFE ] RasAuto         C:\WINDOWS\System32\rasauto.dll
23:20:20.0949 5672  RasAuto - ok
23:20:20.0953 5672  [ 775ED7E51B58CF9EB415A1DBA540DACF ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
23:20:20.0954 5672  Rasl2tp - ok
23:20:20.0963 5672  [ 6208EAF6A9D17E867401D08BAB2FE47D ] RasMan          C:\WINDOWS\System32\rasmans.dll
23:20:20.0968 5672  RasMan - ok
23:20:20.0972 5672  [ E2433A620ABF4083157944E4692C500D ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:20:20.0973 5672  RasPppoe - ok
23:20:20.0976 5672  [ EE5D1D51FA74ECCE57CF2DB8F6A417D8 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
23:20:20.0977 5672  RasSstp - ok
23:20:20.0983 5672  [ 9CDA1BF8C836AFEBAD96288037157124 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:20:20.0985 5672  rdbss - ok
23:20:20.0989 5672  [ 206AB796793FDBD518B82E2F308A7176 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
23:20:20.0990 5672  rdpbus - ok
23:20:20.0994 5672  [ 3DE4216324BE32FC3AF7667AE2406EE5 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
23:20:20.0995 5672  RDPDR - ok
23:20:21.0002 5672  [ 0600DF60EF88FD10663EC84709E5E245 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
23:20:21.0003 5672  RdpVideoMiniport - ok
23:20:21.0008 5672  [ 65652EFAAF4A8A59E60A2D7BE15317E8 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
23:20:21.0010 5672  rdyboost - ok
23:20:21.0025 5672  [ 71CE42AB00F72493B1D8D159C551C0E7 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
23:20:21.0032 5672  ReFS - ok
23:20:21.0041 5672  [ 4FD5928665993430F517F937F7CD96EF ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
23:20:21.0045 5672  ReFSv1 - ok
23:20:21.0052 5672  [ 980F60634FAF9C58FC468AF9AA609D68 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
23:20:21.0055 5672  RemoteAccess - ok
23:20:21.0060 5672  [ 106E630F1B2A8BF2BBD4508D9B166406 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
23:20:21.0062 5672  RemoteRegistry - ok
23:20:21.0070 5672  [ 53BE6D9C36A9CB95A1568C24D44A8A34 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
23:20:21.0074 5672  RetailDemo - ok
23:20:21.0079 5672  [ 3D4F4CCE0364CD3F1B539D2630686F24 ] rhproxy         C:\WINDOWS\System32\drivers\rhproxy.sys
23:20:21.0080 5672  rhproxy - ok
23:20:21.0085 5672  [ 7414B6F0E0B9BD9A215F93A385BFEBF1 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
23:20:21.0087 5672  RmSvc - ok
23:20:21.0091 5672  [ 3CD63AE6A9A1DE4CD5831AE15221C861 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
23:20:21.0093 5672  RpcEptMapper - ok
23:20:21.0096 5672  [ 19EC4D05E01FE350B3494CEA122D64EB ] RpcLocator      C:\WINDOWS\system32\locator.exe
23:20:21.0097 5672  RpcLocator - ok
23:20:21.0108 5672  [ 2383579559B1EB66C4FA2297119CEDD0 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
23:20:21.0114 5672  RpcSs - ok
23:20:21.0117 5672  [ FFFB16EF6E0B8B5F7F19B425923E7D12 ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
23:20:21.0119 5672  rspndr - ok
23:20:21.0129 5672  [ 67454B99C2CD787C6927BF00B7D49B05 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
23:20:21.0133 5672  rt640x64 - ok
23:20:21.0137 5672  [ E98661C24F2A1A0A0DD087DDB748C16A ] rzendpt         C:\WINDOWS\System32\drivers\rzendpt.sys
23:20:21.0138 5672  rzendpt - ok
23:20:21.0142 5672  [ A55C8B924448EE8ED93796A46363AD23 ] rzudd           C:\WINDOWS\System32\drivers\rzudd.sys
23:20:21.0143 5672  rzudd - ok
23:20:21.0146 5672  [ A2939E69027B97105014434BFBFF7195 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
23:20:21.0147 5672  s3cap - ok
23:20:21.0150 5672  [ 3DF3B76B19DA92A8ADC01FF38560282D ] SamSs           C:\WINDOWS\system32\lsass.exe
23:20:21.0152 5672  SamSs - ok
23:20:21.0156 5672  [ 04C51BBD8C9F54E5F2C5D831B03B11E3 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
23:20:21.0157 5672  sbp2port - ok
23:20:21.0162 5672  [ 2BB468B175EAC4B566954B79142CC73B ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
23:20:21.0165 5672  SCardSvr - ok
23:20:21.0169 5672  [ 1B1FB3D8403E621F2B9201EF414E21D9 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
23:20:21.0172 5672  ScDeviceEnum - ok
23:20:21.0175 5672  [ 0070C2DC6563C48EDA63A282748F3FCD ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
23:20:21.0176 5672  scfilter - ok
23:20:21.0185 5672  [ 0C333E26CFF25C53FCBAB58F4ED74685 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
23:20:21.0190 5672  Schedule - ok
23:20:21.0194 5672  [ A61C34A8B6BA61E61C612CAD636C369F ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
23:20:21.0195 5672  scmbus - ok
23:20:21.0200 5672  [ 6C6FAAB1BC8D63BF8CB6B5EFCEF4E351 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
23:20:21.0201 5672  SCPolicySvc - ok
23:20:21.0206 5672  [ 495273177E87B0C34D7E431E9254FA23 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
23:20:21.0208 5672  sdbus - ok
23:20:21.0211 5672  [ 9EF09DE84CE20B787C02395394AC2A7E ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
23:20:21.0212 5672  SDFRd - ok
23:20:21.0216 5672  [ 01607A2FAB0068450A06C90AF755D57E ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
23:20:21.0218 5672  SDRSVC - ok
23:20:21.0222 5672  [ F80D6C03FEA2F7DEE14023B7229DA8C2 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
23:20:21.0223 5672  sdstor - ok
23:20:21.0226 5672  [ 5514DB4DAC7A99CA9F9EF697951BF2F0 ] seclogon        C:\WINDOWS\system32\seclogon.dll
23:20:21.0228 5672  seclogon - ok
23:20:21.0237 5672  [ 0F67F777705C6DC33FFE0FF459762957 ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
23:20:21.0241 5672  SecurityHealthService - ok
23:20:21.0246 5672  [ B2EFA82B9FC55620802F59646DD52B5F ] sedsvc          C:\Program Files\rempl\sedsvc.exe
23:20:21.0248 5672  sedsvc - ok
23:20:21.0260 5672  [ 7D7ED932B6417D8687D1D972989B310B ] SEMgrSvc        C:\WINDOWS\system32\SEMgrSvc.dll
23:20:21.0266 5672  SEMgrSvc - ok
23:20:21.0270 5672  [ CA614C9FBC8307AB1DC937F3393899E2 ] SENS            C:\WINDOWS\System32\sens.dll
23:20:21.0273 5672  SENS - ok
23:20:21.0276 5672  Sense - ok
23:20:21.0288 5672  [ 46AEFFC68BEAF89805B95CC6F9529C2E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
23:20:21.0294 5672  SensorDataService - ok
23:20:21.0303 5672  [ 2B81117E9C3E20BBAA2CB5467D000F77 ] SensorService   C:\WINDOWS\system32\SensorService.dll
23:20:21.0308 5672  SensorService - ok
23:20:21.0312 5672  [ D093B7A8E73850F0D5FDA3AB37D7A267 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
23:20:21.0315 5672  SensrSvc - ok
23:20:21.0318 5672  [ C5CF2941AA9E417B3A224601255C002E ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
23:20:21.0319 5672  SerCx - ok
23:20:21.0324 5672  [ B9C113BD9FCA4F3E23F03708A7DA07CC ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
23:20:21.0325 5672  SerCx2 - ok
23:20:21.0328 5672  [ 1845736FA47A1DFBBB642FE21095B4E0 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
23:20:21.0329 5672  Serenum - ok
23:20:21.0332 5672  [ F1BABF50469041797ED9928C31318832 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
23:20:21.0333 5672  Serial - ok
23:20:21.0336 5672  [ 340116988930B07629A2D0C2B380A365 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
23:20:21.0337 5672  sermouse - ok
23:20:21.0347 5672  [ 87340BC77470B34F11A9E558B591DB08 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
23:20:21.0351 5672  SessionEnv - ok
23:20:21.0354 5672  [ 77FF0A5BA023D8E8C82EACCD54EA5C78 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
23:20:21.0355 5672  sfloppy - ok
23:20:21.0358 5672  [ 1941F5CA54C469E16957587FD56ED842 ] SgrmAgent       C:\WINDOWS\system32\drivers\SgrmAgent.sys
23:20:21.0359 5672  SgrmAgent - ok
23:20:21.0363 5672  [ D3170A3F3A9626597EEE1888686E3EA6 ] SgrmBroker      C:\WINDOWS\system32\SgrmBroker.exe
23:20:21.0366 5672  SgrmBroker - ok
23:20:21.0374 5672  [ AC1D97F89F2EC7E334A406603A686973 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
23:20:21.0377 5672  SharedAccess - ok
23:20:21.0386 5672  [ 7C5348D398340B5C2A77543FA966C0D3 ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
23:20:21.0390 5672  SharedRealitySvc - ok
23:20:21.0398 5672  [ 63B104867F70F0D81125C37989146960 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:20:21.0403 5672  ShellHWDetection - ok
23:20:21.0408 5672  [ F6D90D09D2BCFA2B5E492BFECA40EDE4 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
23:20:21.0411 5672  shpamsvc - ok
23:20:21.0414 5672  [ 1443CF919C2A3207CE7724E0A31686A2 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
23:20:21.0415 5672  SiSRaid2 - ok
23:20:21.0419 5672  [ C0B1EAD6CC127CAE4E84EBF54105B3B8 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
23:20:21.0419 5672  SiSRaid4 - ok
23:20:21.0424 5672  [ 7DDE76ABF8C7E92252343340FFC9C0D8 ] smbdirect       C:\WINDOWS\system32\DRIVERS\smbdirect.sys
23:20:21.0425 5672  smbdirect - ok
23:20:21.0429 5672  [ B7C6144293CFAD2DEDCD022C44735DC2 ] smphost         C:\WINDOWS\System32\smphost.dll
23:20:21.0431 5672  smphost - ok
23:20:21.0439 5672  [ A3BEF2736E902B9DCA68554F4E10E08C ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
23:20:21.0443 5672  SmsRouter - ok
23:20:21.0450 5672  [ 577EC13EB5215325E9B9FC51FB56A974 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
23:20:21.0452 5672  SNMPTRAP - ok
23:20:21.0458 5672  [ 2A4B36D0154FB019C54DFD6184CEC5FE ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
23:20:21.0462 5672  spaceport - ok
23:20:21.0466 5672  [ FE1776E587227120DC04EAEC45473245 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
23:20:21.0467 5672  SpatialGraphFilter - ok
23:20:21.0471 5672  [ D05EB2BB52EC6B665D1631EC33241B80 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
23:20:21.0472 5672  SpbCx - ok
23:20:21.0481 5672  [ 52A4B8C04C345434C974B9A949521BAE ] spectrum        C:\WINDOWS\system32\spectrum.exe
23:20:21.0486 5672  spectrum - ok
23:20:21.0496 5672  [ C05A19A38D7D203B738771FD1854656F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
23:20:21.0502 5672  Spooler - ok
23:20:21.0531 5672  [ FBE0E6FBAB4C18B4D3D8FEC86CD03D37 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
23:20:21.0549 5672  sppsvc - ok
23:20:21.0558 5672  [ A7739D2DFAB2352C82CB00A98DECE5E4 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
23:20:21.0561 5672  srv2 - ok
23:20:21.0566 5672  [ 02BB0B43BF6A640FCAFCCEDBDD275EE8 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
23:20:21.0567 5672  srvnet - ok
23:20:21.0573 5672  [ 1AEA66706573E8CCD6038369FE37F237 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
23:20:21.0576 5672  SSDPSRV - ok
23:20:21.0583 5672  [ 5EE518DFADC18573E681BB78833E93FA ] ssh-agent       C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
23:20:21.0585 5672  ssh-agent - ok
23:20:21.0590 5672  [ C7DF51E24DD853E7E2D3C0BCDCE57D6C ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
23:20:21.0593 5672  SstpSvc - ok
23:20:21.0625 5672  [ B9E4174DFBDCA9979A92D17C2E67890E ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
23:20:21.0644 5672  StateRepository - ok
23:20:21.0659 5672  [ DFD37B0AF31043629F6D8AB38AF0831E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:20:21.0665 5672  Steam Client Service - ok
23:20:21.0669 5672  [ DA82903F26AE12034CC5229F61098948 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
23:20:21.0670 5672  stexstor - ok
23:20:21.0673 5672  [ 306FF12041780273C371794F4CBCB055 ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
23:20:21.0674 5672  StillCam - ok
23:20:21.0682 5672  [ EB2C25A3700309F3F67D9334CF33A36C ] stisvc          C:\WINDOWS\System32\wiaservc.dll
23:20:21.0686 5672  stisvc - ok
23:20:21.0691 5672  [ F2D1983C7BEF5E3AB8978A7796C59A75 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
23:20:21.0692 5672  storahci - ok
23:20:21.0695 5672  [ 76C9E2AA3400C22FC7091AD2F2999F95 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
23:20:21.0696 5672  storflt - ok
23:20:21.0700 5672  [ 701078F20919BD635EA25F691880F651 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
23:20:21.0701 5672  stornvme - ok
23:20:21.0705 5672  [ 16CEC85543981EE1D01978C210462993 ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
23:20:21.0707 5672  storqosflt - ok
23:20:21.0715 5672  [ 40293BDDCDE6B23269067B3B5F406CFA ] StorSvc         C:\WINDOWS\system32\storsvc.dll
23:20:21.0721 5672  StorSvc - ok
23:20:21.0724 5672  [ 25D7B79F80F3C2CD97D797C14D470165 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
23:20:21.0725 5672  storufs - ok
23:20:21.0728 5672  [ 1FC7B7BE58A29DF27F5E6F6C2F061FA3 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
23:20:21.0729 5672  storvsc - ok
23:20:21.0732 5672  [ 0B154B033AD7F9215DED11E0CFC80A25 ] svsvc           C:\WINDOWS\system32\svsvc.dll
23:20:21.0735 5672  svsvc - ok
23:20:21.0742 5672  [ 54255DF324C621A97220EBFA832237D2 ] swenum          C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys
23:20:21.0743 5672  swenum - ok
23:20:21.0749 5672  [ B3C113C9B784A4D296C7A7BA515F74BF ] swprv           C:\WINDOWS\System32\swprv.dll
23:20:21.0753 5672  swprv - ok
23:20:21.0756 5672  [ A2A42A570524C975259E3B81C4D80DCA ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
23:20:21.0757 5672  Synth3dVsc - ok
23:20:21.0768 5672  [ A8D839012996A00F3071116C529FF5D5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
23:20:21.0774 5672  SysMain - ok
23:20:21.0779 5672  [ 93851A044CE51AB4D6A92ED783B3DDE7 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
23:20:21.0783 5672  SystemEventsBroker - ok
23:20:21.0788 5672  [ CE9975A9E0DFBEFECECE218D2674C1CD ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
23:20:21.0791 5672  TabletInputService - ok
23:20:21.0796 5672  [ E38C7C4D57B1438F70A1B913870E8665 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
23:20:21.0799 5672  TapiSrv - ok
23:20:21.0819 5672  [ 8439FEFCF998F4354F70B757ED184447 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
23:20:21.0835 5672  Tcpip - ok
23:20:21.0854 5672  [ 8439FEFCF998F4354F70B757ED184447 ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
23:20:21.0863 5672  Tcpip6 - ok
23:20:21.0870 5672  [ 085F8A5F09E64CC27309AF160EF4F9BA ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
23:20:21.0871 5672  tcpipreg - ok
23:20:21.0876 5672  [ 16071C42E21CE3378FA449322FB9AB1D ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
23:20:21.0877 5672  tdx - ok
23:20:21.0881 5672  [ B2C4D7CB291293CAC636748E695D111E ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
23:20:21.0881 5672  terminpt - ok
23:20:21.0892 5672  [ 10ADC3589E50B1ED8452C86E0CBE8248 ] TermService     C:\WINDOWS\System32\termsrv.dll
23:20:21.0898 5672  TermService - ok
23:20:21.0902 5672  [ 1A0A0F6A139148AFDC4622046D4B3CBD ] Themes          C:\WINDOWS\system32\themeservice.dll
23:20:21.0904 5672  Themes - ok
23:20:21.0910 5672  [ 811910E891A6DB4A864AE119EB71218C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
23:20:21.0913 5672  TieringEngineService - ok
23:20:21.0917 5672  [ 8BF5E2FD72E939CF68D617E273034793 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
23:20:21.0920 5672  TimeBrokerSvc - ok
23:20:21.0931 5672  [ 6F79E6887403138878D8C9CE855170F9 ] TokenBroker     C:\WINDOWS\System32\TokenBroker.dll
23:20:21.0938 5672  TokenBroker - ok
23:20:21.0943 5672  [ 330F5AA122A302F0244D918B9C92C9D1 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
23:20:21.0945 5672  TPM - ok
23:20:21.0949 5672  [ A5C0F857C38278A90E953A24E1701196 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
23:20:21.0952 5672  TrkWks - ok
23:20:21.0956 5672  [ 4578046C54A954C917BB393B70BA0AEB ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
23:20:21.0957 5672  TrustedInstaller - ok
23:20:21.0962 5672  [ 0D721F40C179EC5737C15E551F22C69B ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
23:20:21.0964 5672  TsUsbFlt - ok
23:20:21.0967 5672  [ DE1296871208D1F13B7AC57C4B1FA46C ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
23:20:21.0968 5672  TsUsbGD - ok
23:20:21.0972 5672  [ 3A84A09CBC42148A0C7D00B3E82517F1 ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
23:20:21.0973 5672  tsusbhub - ok
23:20:21.0977 5672  [ BC938ABBF586272BD4063CA51F09149F ] tunnel          C:\WINDOWS\system32\drivers\tunnel.sys
23:20:21.0978 5672  tunnel - ok
23:20:21.0982 5672  [ 7F7686C491FD783D42BF70DF8FCC4461 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
23:20:21.0985 5672  tzautoupdate - ok
23:20:21.0988 5672  [ BDFACE024EFF2398214797143AD76C87 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
23:20:21.0989 5672  UASPStor - ok
23:20:21.0993 5672  [ 00C4396DE1CD3502884BB2E2B6D6861C ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
23:20:21.0994 5672  UcmCx0101 - ok
23:20:21.0998 5672  [ ED9CBD1541C8AFDAA9B8255A384E2B53 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
23:20:21.0999 5672  UcmTcpciCx0101 - ok
23:20:22.0003 5672  [ F58F1BC6A6972437CE18516F8ACCEB9F ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
23:20:22.0004 5672  UcmUcsi - ok
23:20:22.0009 5672  [ 017FB9532F54B28EFC1E37A91DB9ECC5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
23:20:22.0010 5672  Ucx01000 - ok
23:20:22.0013 5672  [ 12E2B6B642360E66396502B62B048694 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
23:20:22.0014 5672  UdeCx - ok
23:20:22.0020 5672  [ 1E5947946B186A411261DB872D287B49 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
23:20:22.0021 5672  udfs - ok
23:20:22.0025 5672  [ D30AF38971B6670C222250AC2CBB6227 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
23:20:22.0026 5672  UEFI - ok
23:20:22.0029 5672  [ AD58EA78772B8163CFDE9BF671B6F8F1 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
23:20:22.0030 5672  UevAgentDriver - ok
23:20:22.0041 5672  [ F7E36C20DB953DFF4FDDB817904C0E48 ] UevAgentService C:\WINDOWS\system32\AgentService.exe
23:20:22.0045 5672  UevAgentService - ok
23:20:22.0051 5672  [ 588B9212DEE84F5192C09A147AA5C316 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
23:20:22.0053 5672  Ufx01000 - ok
23:20:22.0056 5672  [ 78B5C069C9AA1463ACC833FD7E2A3BD5 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
23:20:22.0058 5672  UfxChipidea - ok
23:20:22.0062 5672  [ 533BF4F456A1C6E7581E8C0A4EC59300 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
23:20:22.0063 5672  ufxsynopsys - ok
23:20:22.0071 5672  [ 360FEE6F687D98EFFE46A5433FE6182E ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
23:20:22.0071 5672  umbus - ok
23:20:22.0074 5672  [ F6F1A9D91F684AA02951B96EE8127DAE ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
23:20:22.0075 5672  UmPass - ok
23:20:22.0081 5672  [ 0D806415E1F86E7C1C192261C247EF0D ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
23:20:22.0084 5672  UmRdpService - ok
23:20:22.0097 5672  [ EAEC69961D9D8B39FEA44D56F7FB259D ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
23:20:22.0104 5672  UnistoreSvc - ok
23:20:22.0110 5672  [ 2362D5C18120FAB9CE5BD1F73EE33758 ] upnphost        C:\WINDOWS\System32\upnphost.dll
23:20:22.0114 5672  upnphost - ok
23:20:22.0118 5672  [ 49A5E1B43C59DC0E363AD9C2D7D10BE4 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
23:20:22.0119 5672  UrsChipidea - ok
23:20:22.0124 5672  [ 53F1DA2D92D1D8CE4BB9D33E58D7DF01 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
23:20:22.0125 5672  UrsCx01000 - ok
23:20:22.0131 5672  [ 09518A324B95BBC0B472BD5A472CB916 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
23:20:22.0132 5672  UrsSynopsys - ok
23:20:22.0138 5672  [ C7AD46F101A681B0F4D7F15534A5FF04 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
23:20:22.0139 5672  usbaudio - ok
23:20:22.0144 5672  [ B7211393225AB05324C52BA47B31FEB4 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
23:20:22.0145 5672  usbccgp - ok
23:20:22.0149 5672  [ 250D21958EE5F45CD13FE6BE3788EE70 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
23:20:22.0150 5672  usbcir - ok
23:20:22.0154 5672  [ 4269DE1EB8029D55B3BB3A8A330FCF90 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
23:20:22.0155 5672  usbehci - ok
23:20:22.0162 5672  [ D67AABAE0C9EBAC9BBA2E20E0AF52EF1 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
23:20:22.0164 5672  usbhub - ok
23:20:22.0172 5672  [ 95A5A70091854B99C09A4231E5050C65 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
23:20:22.0175 5672  USBHUB3 - ok
23:20:22.0179 5672  [ A547E7B1B3FB2228259AA85AC7E82698 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
23:20:22.0180 5672  usbohci - ok
23:20:22.0183 5672  [ 692C0BA4109C8F78392A299369F51129 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
23:20:22.0184 5672  usbprint - ok
23:20:22.0187 5672  [ 45A9E57185B79420EFEA5A4AED655809 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
23:20:22.0188 5672  usbser - ok
23:20:22.0192 5672  [ CEF7527514EC49EBE0C760D784643EF0 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
23:20:22.0193 5672  USBSTOR - ok
23:20:22.0197 5672  [ A4124036C4FD2B94C6157C4588EEB4E3 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
23:20:22.0197 5672  usbuhci - ok
23:20:22.0204 5672  [ 9F4CCFCD4B4C6008C940510E43D54AEC ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
23:20:22.0206 5672  USBXHCI - ok
23:20:22.0219 5672  [ CE0E3BA8FC974BEE5BE20E4F43A1C583 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
23:20:22.0226 5672  UserDataSvc - ok
23:20:22.0237 5672  [ B8D1D74FEF1F190BA4DA7E7A72D5D9CE ] UserManager     C:\WINDOWS\System32\usermgr.dll
23:20:22.0242 5672  UserManager - ok
23:20:22.0256 5672  [ C07A5BC1CD6C8C2ED474B9DCED6E785C ] UsoSvc          C:\WINDOWS\system32\usocore.dll
23:20:22.0263 5672  UsoSvc - ok
23:20:22.0269 5672  [ 3E283D06357616CD4117CC15BDB7C4C3 ] VacSvc          C:\WINDOWS\System32\vac.dll
23:20:22.0273 5672  VacSvc - ok
23:20:22.0276 5672  [ 3DF3B76B19DA92A8ADC01FF38560282D ] VaultSvc        C:\WINDOWS\system32\lsass.exe
23:20:22.0278 5672  VaultSvc - ok
23:20:22.0281 5672  [ 8DCB7E5A9497C030484E5AD9E541B85C ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
23:20:22.0282 5672  vdrvroot - ok
23:20:22.0290 5672  [ 4940B49502323905B66039D0D1AB4613 ] vds             C:\WINDOWS\System32\vds.exe
23:20:22.0295 5672  vds - ok
23:20:22.0300 5672  [ 5C25C1A89650C95D15F7988D71487B08 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
23:20:22.0302 5672  VerifierExt - ok
23:20:22.0311 5672  [ 621BC9225307C834A0DCE2842052A6B8 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
23:20:22.0314 5672  vhdmp - ok
23:20:22.0317 5672  [ EDCD732D7845A2B21B91C7D0CE96DA10 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
23:20:22.0318 5672  vhf - ok
23:20:22.0322 5672  [ AD63BC4A11A4FD436ED23208BB8D1A9C ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
23:20:22.0323 5672  vmbus - ok
23:20:22.0327 5672  [ E2D57FB1A62F0BB7F70570806A09CE2B ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
23:20:22.0328 5672  VMBusHID - ok
23:20:22.0331 5672  [ 7D778F1E82EBA9F5A4DD392CFD3C4224 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
23:20:22.0332 5672  vmgid - ok
23:20:22.0337 5672  [ E4F5E83951810583FE8C2423772171DF ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
23:20:22.0339 5672  vmicguestinterface - ok
23:20:22.0344 5672  [ E4F5E83951810583FE8C2423772171DF ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
23:20:22.0346 5672  vmicheartbeat - ok
23:20:22.0350 5672  [ E4F5E83951810583FE8C2423772171DF ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
23:20:22.0352 5672  vmickvpexchange - ok
23:20:22.0358 5672  [ DB7FB1DA7E1564EACBADD436191309C5 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
23:20:22.0360 5672  vmicrdv - ok
23:20:22.0366 5672  [ E4F5E83951810583FE8C2423772171DF ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
23:20:22.0367 5672  vmicshutdown - ok
23:20:22.0372 5672  [ E4F5E83951810583FE8C2423772171DF ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
23:20:22.0374 5672  vmictimesync - ok
23:20:22.0378 5672  [ E4F5E83951810583FE8C2423772171DF ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
23:20:22.0380 5672  vmicvmsession - ok
23:20:22.0386 5672  [ DB7FB1DA7E1564EACBADD436191309C5 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
23:20:22.0388 5672  vmicvss - ok
23:20:22.0392 5672  [ 708410755721F94FC8939673893C2E2B ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
23:20:22.0393 5672  volmgr - ok
23:20:22.0399 5672  [ 1514506CA7462A64DC38C48108DDBB45 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
23:20:22.0401 5672  volmgrx - ok
23:20:22.0407 5672  [ F0EE4E6028CCA58BEA9A04E7BEAB7DB4 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
23:20:22.0410 5672  volsnap - ok
23:20:22.0414 5672  [ 77FD1607F2C371ABD241EC7699C58884 ] volume          C:\WINDOWS\system32\drivers\volume.sys
23:20:22.0414 5672  volume - ok
23:20:22.0418 5672  [ A8E3A6BA6A1B4D1DFEC5E8D5CFF786DF ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
23:20:22.0419 5672  vpci - ok
23:20:22.0423 5672  [ ED0B3436E1DE601C6C8EB86789AC8BAB ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
23:20:22.0424 5672  vsmraid - ok
23:20:22.0438 5672  [ C7053D974A35EAB81F153FF33C883613 ] VSS             C:\WINDOWS\system32\vssvc.exe
23:20:22.0445 5672  VSS - ok
23:20:22.0451 5672  [ 3D706FBED35DF3B17809C6714F31F9B0 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
23:20:22.0453 5672  VSTXRAID - ok
23:20:22.0456 5672  [ 0B11DBB8173AD374D67893D54EBEE9F3 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
23:20:22.0457 5672  vwifibus - ok
23:20:22.0461 5672  [ 95540F74893235C189409C98643D7A77 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
23:20:22.0462 5672  vwififlt - ok
23:20:22.0470 5672  [ 4F904ADE8BECDFB48CBA3F44FC0676A1 ] W32Time         C:\WINDOWS\system32\w32time.dll
23:20:22.0474 5672  W32Time - ok
23:20:22.0482 5672  [ 5655B10A9217F1C48A3654A326CA4936 ] WaaSMedicSvc    C:\WINDOWS\System32\WaaSMedicSvc.dll
23:20:22.0484 5672  WaaSMedicSvc - ok
23:20:22.0488 5672  [ 87A01F65BD16C9FCCDD1B65F56CB93B0 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
23:20:22.0489 5672  WacomPen - ok
23:20:22.0495 5672  [ 25FAB8A2CFFA21FDB472AB3AE6C17A57 ] WalletService   C:\WINDOWS\system32\WalletService.dll
23:20:22.0499 5672  WalletService - ok
23:20:22.0503 5672  [ 78284C8CA31F9DC0B572F34CCA29A360 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:20:22.0505 5672  wanarp - ok
23:20:22.0508 5672  [ 78284C8CA31F9DC0B572F34CCA29A360 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:20:22.0509 5672  wanarpv6 - ok
23:20:22.0512 5672  [ 395447583F42FD840520EE87AE439D74 ] WarpJITSvc      C:\WINDOWS\System32\Windows.WARP.JITService.dll
23:20:22.0514 5672  WarpJITSvc - ok
23:20:22.0528 5672  [ 7FDA8043417BF4C30E12BD2704565DA6 ] wbengine        C:\WINDOWS\system32\wbengine.exe
23:20:22.0536 5672  wbengine - ok
23:20:22.0547 5672  [ 960FA25C6CAA9082A4DE0A2C81628287 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
23:20:22.0552 5672  WbioSrvc - ok
23:20:22.0557 5672  [ 8A304D6CDC067922448CBA1EBB9FFCA8 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
23:20:22.0558 5672  wcifs - ok
23:20:22.0569 5672  [ E5822CB7C69F41B1B321F2583A85A268 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
23:20:22.0574 5672  Wcmsvc - ok
23:20:22.0582 5672  [ B797B163EDCA46B5244F4E083BE7A7E7 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
23:20:22.0586 5672  wcncsvc - ok
23:20:22.0590 5672  [ 8E899F2D39BBE4BD49A1E36C3E8A1E5F ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
23:20:22.0590 5672  wcnfs - ok
23:20:22.0594 5672  [ 9BD1C97BAED4B916C95D4E107B3D9812 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
23:20:22.0595 5672  WdBoot - ok
23:20:22.0605 5672  [ 152926023B401D1F5F8852929572F5C3 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
23:20:22.0611 5672  Wdf01000 - ok
23:20:22.0617 5672  [ D25D9930BFD78A09B8FD4A7504C6F57A ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
23:20:22.0619 5672  WdFilter - ok
23:20:22.0623 5672  [ 067D1A81B4708CA97523709FDF57B728 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
23:20:22.0626 5672  WdiServiceHost - ok
23:20:22.0629 5672  [ 067D1A81B4708CA97523709FDF57B728 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
23:20:22.0631 5672  WdiSystemHost - ok
23:20:22.0640 5672  [ 7CF63F36E6271E9647CE3C44F95DD613 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
23:20:22.0644 5672  wdiwifi - ok
23:20:22.0648 5672  [ EAF4FB729E94561EE31BDE5BEF869C65 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
23:20:22.0648 5672  WdmCompanionFilter - ok
23:20:22.0653 5672  [ 54E97FEADEEFF973797EB878DC0D2850 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
23:20:22.0654 5672  WdNisDrv - ok
23:20:22.0657 5672  WdNisSvc - ok
23:20:22.0663 5672  [ BDCC510E85F7AF152E2DFF030A526EA2 ] WebClient       C:\WINDOWS\System32\webclnt.dll
23:20:22.0666 5672  WebClient - ok
23:20:22.0671 5672  [ 506F0A1CCABF4428733CF854BCBB6832 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
23:20:22.0674 5672  Wecsvc - ok
23:20:22.0678 5672  [ D8D727E8311C86B2A993A9006A453BAC ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
23:20:22.0680 5672  WEPHOSTSVC - ok
23:20:22.0684 5672  [ 30B4568D058E17500E7BF88AECEDF3F1 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
23:20:22.0687 5672  wercplsupport - ok
23:20:22.0691 5672  [ 5DDB06B07A60E7AEA69837931373C159 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
23:20:22.0694 5672  WerSvc - ok
23:20:22.0703 5672  [ 690537B9569F770ED81CE9C19FD7358A ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
23:20:22.0707 5672  WFDSConMgrSvc - ok
23:20:22.0712 5672  [ EB0B154F12F78DE232F38EF61BCDEEA2 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
23:20:22.0714 5672  WFPLWFS - ok
23:20:22.0718 5672  [ 752F5931696914DF2EC0B27275C38458 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
23:20:22.0721 5672  WiaRpc - ok
23:20:22.0724 5672  [ 3AE28A996C9EB8A6F2AC12BC55035126 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
23:20:22.0725 5672  WIMMount - ok
23:20:22.0727 5672  WinDefend - ok
23:20:22.0736 5672  [ 2BB82BABE32D41F430D290239ABC0E87 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
23:20:22.0737 5672  WindowsTrustedRT - ok
23:20:22.0741 5672  [ 5F0EDDA201630E132C2251BC9DA85023 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
23:20:22.0742 5672  WindowsTrustedRTProxy - ok
23:20:22.0753 5672  [ 06184931C0094EEB1D7A68C0C66ED01B ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
23:20:22.0759 5672  WinHttpAutoProxySvc - ok
23:20:22.0764 5672  [ 762D8D839C44C5A0BE0449AA84034522 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
23:20:22.0766 5672  WinMad - ok
23:20:22.0773 5672  [ 72D83880FEF0C788C5F305F330744208 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
23:20:22.0774 5672  Winmgmt - ok
23:20:22.0779 5672  [ C5AE3E1B653FD1F8072BE67D2BA28160 ] WinNat          C:\WINDOWS\system32\drivers\winnat.sys
23:20:22.0781 5672  WinNat - ok
23:20:22.0800 5672  [ C57185CC62AA13E4F5A989D904CC9A16 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
23:20:22.0811 5672  WinRM - ok
23:20:22.0819 5672  [ 6FA3D810FE082001B16ADE19829F1E8E ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
23:20:22.0821 5672  WINUSB - ok
23:20:22.0824 5672  [ D2D6DB37E06608A5AF5B68D8E677B219 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
23:20:22.0825 5672  WinVerbs - ok
23:20:22.0835 5672  [ 08BEB7851B4B8AA07325C23A657233F1 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
23:20:22.0838 5672  wisvc - ok
23:20:22.0858 5672  [ 0C700D63A0321073C30D2BED9FDB0F27 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
23:20:22.0869 5672  WlanSvc - ok
23:20:22.0890 5672  [ FA620D7AAAD49F636BC3DE2269830A72 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
23:20:22.0900 5672  wlidsvc - ok
23:20:22.0913 5672  [ 1E2CBF80A663B6A662F68460DD4A5AC1 ] wlpasvc         C:\WINDOWS\System32\lpasvc.dll
23:20:22.0919 5672  wlpasvc - ok
23:20:22.0923 5672  [ EAEF2A087812BB7110C744446AB731D5 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
23:20:22.0924 5672  WmiAcpi - ok
23:20:22.0931 5672  [ ABAC310F5E01CBA9B33AE694F99D0977 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
23:20:22.0932 5672  wmiApSrv - ok
23:20:22.0935 5672  WMPNetworkSvc - ok
23:20:22.0941 5672  [ E122AD60BF4D7E4B28CCBABF33B28C1F ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
23:20:22.0942 5672  Wof - ok
23:20:22.0962 5672  [ 0D3303BDBC591ECF113601D7853A1AA7 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
23:20:22.0972 5672  workfolderssvc - ok
23:20:22.0987 5672  [ 58DA02D34C964C00AF9140C07CCFF8F0 ] WpcMonSvc       C:\WINDOWS\System32\WpcDesktopMonSvc.dll
23:20:22.0994 5672  WpcMonSvc - ok
23:20:22.0999 5672  [ 7412ECE8BD5590881FA9780B68BD70C5 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
23:20:23.0002 5672  WPDBusEnum - ok
23:20:23.0005 5672  [ 15C1131EA0216F799C86B03EDAE0BE45 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
23:20:23.0006 5672  WpdUpFltr - ok
23:20:23.0012 5672  [ 096969606BB5C4822AB020081EA07FC5 ] WpnService      C:\WINDOWS\system32\WpnService.dll
23:20:23.0016 5672  WpnService - ok
23:20:23.0020 5672  [ 8B694BC50D2D2B98311283CFE5B40EE6 ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
23:20:23.0023 5672  WpnUserService - ok
23:20:23.0026 5672  [ C1C2E769FCD3B00A59FF876FB2AD4336 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
23:20:23.0027 5672  ws2ifsl - ok
23:20:23.0032 5672  [ DCB549367EB94CD8AFAA28E3F77F6493 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
23:20:23.0036 5672  wscsvc - ok
23:20:23.0039 5672  [ A3317B8C6765C18F3BD9FE9DD352B05D ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
23:20:23.0040 5672  WSDPrintDevice - ok
23:20:23.0044 5672  [ 3C15A5AC47B1CA4D9A9F8680E224996F ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
23:20:23.0045 5672  WSDScan - ok
23:20:23.0049 5672  WSearch - ok
23:20:23.0073 5672  [ F097CE3EAEF42CCBC9A4FEA9B17BD4A6 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
23:20:23.0084 5672  wuauserv - ok
23:20:23.0089 5672  [ 813DC18CC654CFB1875074139B0FEFD3 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
23:20:23.0090 5672  WudfPf - ok
23:20:23.0095 5672  [ FB64BAD6DEDB27EA39B03685AC0A8EB4 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
23:20:23.0098 5672  WUDFRd - ok
23:20:23.0102 5672  [ FB64BAD6DEDB27EA39B03685AC0A8EB4 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:20:23.0104 5672  WUDFWpdFs - ok
23:20:23.0108 5672  [ FB64BAD6DEDB27EA39B03685AC0A8EB4 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:20:23.0109 5672  WUDFWpdMtp - ok
23:20:23.0123 5672  [ 5F2074E76546A85B0D6D79CA7024AA3E ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
23:20:23.0130 5672  WwanSvc - ok
23:20:23.0135 5672  [ 51D3A1E2285E2E931A553281BBA10E81 ] xbgm            C:\WINDOWS\system32\xbgmsvc.exe
23:20:23.0138 5672  xbgm - ok
23:20:23.0149 5672  [ DB952AD196A9548CF5235A71E5197F3F ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
23:20:23.0156 5672  XblAuthManager - ok
23:20:23.0170 5672  [ 8C0DD7BFFF5A81AEC26AD720057F5451 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
23:20:23.0177 5672  XblGameSave - ok
23:20:23.0182 5672  [ 93352403D9E6B71C275996690672488F ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
23:20:23.0184 5672  xboxgip - ok
23:20:23.0188 5672  [ C7FEC5C0377E5598BA919B29731CA45F ] XboxGipSvc      C:\WINDOWS\System32\XboxGipSvc.dll
23:20:23.0191 5672  XboxGipSvc - ok
23:20:23.0203 5672  [ 3A94BD93CD2D9C34725D924230B502A5 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
23:20:23.0208 5672  XboxNetApiSvc - ok
23:20:23.0213 5672  [ CE1F78B5C1F14F74242008B2B3153FA2 ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
23:20:23.0213 5672  xinputhid - ok
23:20:23.0219 5672  ZAM - ok
23:20:23.0224 5672  [ 21E13F2CB269DEFEAE5E1D09887D47BB ] ZAM_Guard       C:\WINDOWS\System32\drivers\zamguard64.sys
23:20:23.0225 5672  ZAM_Guard - ok
23:20:23.0226 5672  ================ Scan global ===============================
23:20:23.0229 5672  [ 44D259E3B8F950D123CBE21893CEF1AB ] C:\WINDOWS\system32\basesrv.dll
23:20:23.0233 5672  [ 1C346B5D7E5336246604A9FCFCB092BC ] C:\WINDOWS\system32\winsrv.dll
23:20:23.0237 5672  [ FE8D1AB6D6711BE791A01C17EDEBD0D6 ] C:\WINDOWS\system32\sxssrv.dll
23:20:23.0245 5672  [ 2FC61B2CF84792516D543CA94139A92C ] C:\WINDOWS\system32\services.exe
23:20:23.0252 5672  [Global] - ok
23:20:23.0252 5672  ================ Scan MBR ==================================
23:20:23.0254 5672  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:20:23.0258 5672  \Device\Harddisk0\DR0 - ok
23:20:23.0259 5672  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
23:20:23.0262 5672  \Device\Harddisk1\DR1 - ok
23:20:23.0264 5672  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
23:20:23.0343 5672  \Device\Harddisk2\DR2 - ok
23:20:23.0343 5672  ================ Scan VBR ==================================
23:20:23.0345 5672  [ B8CC78C05A65D2C4FF13F7ABF0F8D7A0 ] \Device\Harddisk0\DR0\Partition1
23:20:23.0346 5672  \Device\Harddisk0\DR0\Partition1 - ok
23:20:23.0348 5672  [ E937ADB73F7A6538EC0A35AA5B34AA6B ] \Device\Harddisk0\DR0\Partition2
23:20:23.0348 5672  \Device\Harddisk0\DR0\Partition2 - ok
23:20:23.0351 5672  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
23:20:23.0351 5672  \Device\Harddisk0\DR0\Partition3 - ok
23:20:23.0354 5672  [ B5C5A3C054E76F345D3354D3274B4BE1 ] \Device\Harddisk0\DR0\Partition4
23:20:23.0355 5672  \Device\Harddisk0\DR0\Partition4 - ok
23:20:23.0356 5672  [ 4192316267F6DFA78DCA9F9C0BE2ECDD ] \Device\Harddisk1\DR1\Partition1
23:20:23.0357 5672  \Device\Harddisk1\DR1\Partition1 - ok
23:20:23.0359 5672  [ AAB3BDF70FD908FBF5F3064CB74593A4 ] \Device\Harddisk2\DR2\Partition1
23:20:23.0361 5672  \Device\Harddisk2\DR2\Partition1 - ok
23:20:23.0363 5672  [ C5F8EFD23AEA0EABA8B2DCC2E7764C6F ] \Device\Harddisk2\DR2\Partition2
23:20:23.0364 5672  \Device\Harddisk2\DR2\Partition2 - ok
23:20:23.0364 5672  ============================================================
23:20:23.0364 5672  Scan finished
23:20:23.0364 5672  ============================================================
23:20:23.0372 9152  Detected object count: 0
23:20:23.0372 9152  Actual detected object count: 0

Share this post


Link to post
Share on other sites

Hi,

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png or the 3 vertical dots located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset and clean up" > "Restore settings to their original defaults"
 
Restart Chrome.
<<<>>>

Any remaning islsues?

Share this post


Link to post
Share on other sites

Hi Nasdaq,

Thanks for this. It does seem to have helped. I have run multiple performance monitor diagnostic tests. Some came back free of errors but a few were still indicating taskhostw.exe was using a high cpu consumption so I believe there is still something wrong.

Share this post


Link to post
Share on other sites

Hi,

Scan for rootkits.....

Open Malwarebytes Anti-Malware.

On the Settings tab > Protection Scroll to and make sure the following are selected: Scroll to and make sure the following are selected:
Scan for Rootkits
Scan within Archives

Scroll further to Potential Threat Protection make sure the following are set as follows:

Potentially Unwanted Programs (PUP`s)        set as :- Always detect PUP`s (recommended)
Potentially Unwanted Modifications (PUM`s)  set as :- Always detect PUM`s (recommended)

Click on the Scan make sure Threat Scan is selected,

A Threat Scan will begin.

When the scan is complete if anything is found make sure that the first checkbox at the top is checked (that will automatically check all detected items), then click on the Quarantine Selected Tab

If asked to restart your computer to complete the removal, please do so

When complete click on Export Summary after deletion (bottom-left corner) and select Copy to Clipboard.

Wait for the prompt to restart the computer to appear, then click on Yes.

After the restart once you are back at your desktop, open MBAM once more to retrieve the log.

To get the log from Malwarebytes do the following:

Click on the Reports tab > from main interface.
Double click on the Scan log which shows the Date and time of the scan just performed.
Click Export > From export you have two options: > From export you have two options:
  Copy to Clipboard - if selected right click to your reply and select "Paste" log will be pasted to your reply
  Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
 
Use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply.
 

Share this post


Link to post
Share on other sites

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/12/19
Scan Time: 1:51 AM
Log File: 58031740-4469-11e9-8fb7-309c23695d23.json

-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.538
Update Package Version: 1.0.9646
License: Premium

-System Information-
OS: Windows 10 (Build 17134.590)
CPU: x64
File System: NTFS
User: DESKTOP-Q9EI05U\Ben Robertson

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 284673
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 1 min, 39 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Share this post


Link to post
Share on other sites

Hi,

Run the Farbar program.

Let it update.

Scan the compute and post fresh FRST.TXT and Addition.txt logs for my review.

Make sure the box to create an Addition.txt is checked.

Share this post


Link to post
Share on other sites


Hi,

Check for a Rootkit.

Open Malwarebytes Anti-Malware.

On the Settings tab > Protection Scroll to and make sure the following are selected: Scroll to and make sure the following are selected:
Scan for Rootkits
Scan within Archives

Scroll further to Potential Threat Protection make sure the following are set as follows:

Potentially Unwanted Programs (PUP`s)        set as :- Always detect PUP`s (recommended)
Potentially Unwanted Modifications (PUM`s)  set as :- Always detect PUM`s (recommended)

Click on the Scan make sure Threat Scan is selected,

A Threat Scan will begin.

When the scan is complete if anything is found make sure that the first checkbox at the top is checked (that will automatically check all detected items), then click on the Quarantine Selected Tab

If asked to restart your computer to complete the removal, please do so

When complete click on Export Summary after deletion (bottom-left corner) and select Copy to Clipboard.

Wait for the prompt to restart the computer to appear, then click on Yes.

After the restart once you are back at your desktop, open MBAM once more to retrieve the log.

To get the log from Malwarebytes do the following:

Click on the Reports tab > from main interface.
Double click on the Scan log which shows the Date and time of the scan just performed.
Click Export > From export you have two options: > From export you have two options:
  Copy to Clipboard - if selected right click to your reply and select "Paste" log will be pasted to your reply
  Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
 
Use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply.
===

If the problem is not solved.

Lets see what we can find in the Registry.

Run the Farbar program .exe as an Administrator.

In the Search text area, copy and paste the following:
taskhostw.exe
Once done, click on the Search Registry button and wait for FRST to finish the search
On completion, a log will open in Notepad. Copy and paste its content in your next reply
====

Share this post


Link to post
Share on other sites

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/21/19
Scan Time: 10:43 PM
Log File: d008eb20-4c2a-11e9-b3e5-309c23695d23.json

-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.538
Update Package Version: 1.0.9792
License: Premium

-System Information-
OS: Windows 10 (Build 17134.648)
CPU: x64
File System: NTFS
User: DESKTOP-Q9EI05U\Ben Robertson

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 283886
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 1 min, 24 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

 

Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Ben Robertson (21-03-2019 22:53:56)
Running from C:\Users\Ben Robertson\Desktop
Boot Mode: Normal

================== Search Registry: "taskhostw.exe" ===========


====== End of Search ======

Share this post


Link to post
Share on other sites

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

This does not look like an infection.

Check this article. Follow some of the recommendations.

https://answers.microsoft.com/en-us/windows/forum/windows_10-windows_install/taskhostwexe-on-windows-10/db876c06-0329-465a-bab0-35997a575d17

Let me know if the problem is solved?

Share this post


Link to post
Share on other sites

Hi Nasdaq,

I have done some investigating and this taskhostw.exe only seems to run when i am running the performance monitor diagnostics report.

So I'm not sure if its actually a threat or just a windows execution file that runs when I run the report.

Any ideas? I have tried the above suggestion

Share this post


Link to post
Share on other sites

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.