Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

kontrola logu na Keylogger / log je v 2 postoch

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
5manager5
Návštěvník
Návštěvník
Příspěvky: 202
Registrován: 10 led 2009 21:21

kontrola logu na Keylogger / log je v 2 postoch

#1 Příspěvek od 5manager5 »

Zdravím,

prosím o kontrolu logu na keylogger a podobné veci.

AdwareCleaner nenašiel nič a FRST log som robil až po ňom.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-01-2021
Ran by saullerist (administrator) on DESKTOP-3SMP07F (TOSHIBA Satellite L650) (08-01-2021 21:40:34)
Running from C:\Users\saullerist\Desktop
Loaded Profiles: saullerist
Platform: Windows 10 Home Version 2004 20279.1 (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\DSDFunctionKeyCtlService.exe <2>
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\dynabookSystemService.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\RMService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <55>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> ) C:\Windows\System32\AggregatorHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.20279.1_none_90c877b89342316e\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50010064 2020-11-03] (Google LLC -> )
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0348387B-4643-42E1-8829-2FEEBA6FAFAC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {06A812AE-5323-4342-B1EA-3DCF41D27001} - System32\Tasks\Agent Activation Runtime\S-1-5-21-1796023744-1759536030-3900380101-1002 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [32768 2020-12-10] (Microsoft Windows -> )
Task: {1047E825-BC15-4910-B698-64EB4CF7B260} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4DA3F32C-CAE5-4618-95EA-A8743FEAA28E} - System32\Tasks\Microsoft\Windows\Shell\UpdateAgentTask_RemoveFOD => C:\WINDOWS\System32\ShellUpdateAgentTask.exe
Task: {592B68C5-94FA-4030-B47C-09892DA378AE} - System32\Tasks\Microsoft\Windows\Shell\ThemesSyncedImageDownload => {79F8E185-4E45-4B74-8182-02AA430661E4} C:\Windows\System32\Themes.SsfDownload.ScheduledTask.dll [245760 2020-12-10] (Microsoft Windows -> Microsoft Corporation)
Task: {6F87B0C7-EEA0-4F38-868A-D06BDBFBBD8A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {742A9E60-5AC3-467A-A1F5-3A9C9F5C2CB8} - System32\Tasks\Microsoft\Windows\Shell\UpdateAgentTask_SetCBSEndOfLife => C:\WINDOWS\System32\ShellUpdateAgentTask.exe
Task: {769BEB31-15CD-4B22-9149-9850590EE438} - System32\Tasks\Microsoft\Windows\Shell\UpdateAgentTask_AcquireFOD => C:\WINDOWS\System32\ShellUpdateAgentTask.exe
Task: {798DF91D-F240-419A-96F9-BE1CAE57BDA9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81C5BC77-FD07-42F3-81C8-99D9DD879647} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {83CE6C76-3F28-489E-A7C6-794989F68298} - System32\Tasks\S-1-5-21-1796023744-1759536030-3900380101-1002\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe
Task: {87876812-554A-47E6-A1CC-48BCC1406F56} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UUS Failover Task => C:\WINDOWS\system32\failover.exe
Task: {B40F8511-B9B4-4F7B-9312-FC6DAA6B9F00} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-01] (Google Inc -> Google LLC)
Task: {B91219DC-34E0-47A2-B494-6279369FA6B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-01] (Google Inc -> Google LLC)
Task: {CB0B6B17-3C30-4A50-AC4A-0D3442972629} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CE4330EF-036E-4564-9532-A5CED048145E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DCB6B88A-7EDE-48DD-80A7-832385E1711A} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe
Task: {EFBE98E8-21EB-4BDB-BABF-3DCA57B3A10D} - System32\Tasks\Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup => C:\WINDOWS\system32\MdmDiagnosticsTool.exe [90112 2020-12-10] (Microsoft Windows -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 04 C:\WINDOWS\SysWOW64\nlansp_c.dll [84480 2020-12-10] (Microsoft Windows -> Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 04 C:\Windows\system32\nlansp_c.dll [126976 2020-12-10] (Microsoft Windows -> Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{5c6459f7-5caf-472f-850f-576031683b95}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{5c6459f7-5caf-472f-850f-576031683b95}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{6f775dc0-2278-405d-8f3d-3e457ae63af2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9dfcf0d8-e52f-4e05-8126-662ce4070db5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f8af2a01-6a97-4ec5-b189-b0d3323b1796}: [DhcpNameServer] 192.168.1.1 195.146.128.62
ManualProxies:

Edge:
======
DownloadDir: C:\Users\saullerist\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\saullerist\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-08]
Edge DownloadDir: C:\Users\saullerist\Downloads

FireFox:
========
FF DefaultProfile: axn99qis.default
FF ProfilePath: C:\Users\saullerist\AppData\Roaming\Mozilla\Firefox\Profiles\axn99qis.default [2020-10-06]
FF ProfilePath: C:\Users\saullerist\AppData\Roaming\Mozilla\Firefox\Profiles\jtgg6ln9.default-release [2021-01-08]
FF DownloadDir: C:\Users\saullerist\Desktop
FF Homepage: Mozilla\Firefox\Profiles\jtgg6ln9.default-release -> www.google.sk

Chrome:
=======
CHR HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\DSDFunctionKeyCtlService.exe [615768 2020-11-18] (Dynabook Inc. -> Dynabook Inc.)
S3 FrameServerMonitor; C:\WINDOWS\system32\FrameServerMonitor.dll [303104 2020-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 McpManagementService; C:\WINDOWS\System32\McpManagementService.dll [290816 2020-12-10] (Microsoft Windows -> Microsoft Corporation)
R2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\dynabookSystemService.exe [44767040 2020-11-18] (Dynabook Inc. -> Dynabook Inc.)
S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\TOSTABSYSSVC.exe [254792 2020-11-18] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\RMService.exe [446240 2020-11-18] (Dynabook Inc. -> Dynabook Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 a016bus; C:\WINDOWS\System32\drivers\a016bus.sys [109096 2008-01-18] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 a016mgmt; C:\WINDOWS\System32\drivers\a016mgmt.sys [130600 2008-01-18] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 a016obex; C:\WINDOWS\System32\drivers\a016obex.sys [125480 2008-01-18] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
R3 FwLnk; C:\WINDOWS\System32\drivers\FwLnk.sys [9216 2009-07-07] (Microsoft Windows Hardware Compatibility Publisher -> TOSHIBA Corporation)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 IntelPMT; C:\WINDOWS\System32\drivers\IntelPMT.sys [49472 2020-12-10] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-11-01] (Malwarebytes Corporation -> Malwarebytes)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [95008 2020-12-10] (Microsoft Windows -> Broadcom Inc)
S3 NDKPerf; C:\WINDOWS\System32\drivers\NDKPerf.sys [74016 2020-12-10] (Microsoft Windows -> )
S3 s0016bus; C:\WINDOWS\System32\drivers\s0016bus.sys [115240 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016mgmt; C:\WINDOWS\System32\drivers\s0016mgmt.sys [137256 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016obex; C:\WINDOWS\System32\drivers\s0016obex.sys [136744 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016unic; C:\WINDOWS\System32\drivers\s0016unic.sys [151592 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017bus; C:\WINDOWS\System32\drivers\s0017bus.sys [113704 2008-10-21] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017mgmt; C:\WINDOWS\System32\drivers\s0017mgmt.sys [133160 2008-10-21] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017obex; C:\WINDOWS\System32\drivers\s0017obex.sys [128552 2008-10-21] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017unic; C:\WINDOWS\System32\drivers\s0017unic.sys [145960 2008-10-21] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018bus; C:\WINDOWS\System32\drivers\s1018bus.sys [113704 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018mgmt; C:\WINDOWS\System32\drivers\s1018mgmt.sys [133160 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018obex; C:\WINDOWS\System32\drivers\s1018obex.sys [128552 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018unic; C:\WINDOWS\System32\drivers\s1018unic.sys [146472 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1029bus; C:\WINDOWS\System32\drivers\s1029bus.sys [116264 2009-05-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1029mgmt; C:\WINDOWS\System32\drivers\s1029mgmt.sys [139304 2009-05-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1029obex; C:\WINDOWS\System32\drivers\s1029obex.sys [135208 2009-05-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1029unic; C:\WINDOWS\System32\drivers\s1029unic.sys [151592 2009-05-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mgmt; C:\WINDOWS\System32\drivers\s1039mgmt.sys [141424 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039obex; C:\WINDOWS\System32\drivers\s1039obex.sys [137328 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039unic; C:\WINDOWS\System32\drivers\s1039unic.sys [158320 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s916bus; C:\WINDOWS\System32\drivers\s916bus.sys [108072 2007-11-02] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s916mgmt; C:\WINDOWS\System32\drivers\s916mgmt.sys [130088 2007-11-02] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s916obex; C:\WINDOWS\System32\drivers\s916obex.sys [124968 2007-11-02] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 se3ebus; C:\WINDOWS\System32\drivers\se3ebus.sys [107784 2007-04-10] (MCCI Corporation -> MCCI Corporation)
S3 se3emgmt; C:\WINDOWS\System32\drivers\se3emgmt.sys [126216 2007-04-10] (MCCI Corporation -> MCCI Corporation)
S3 se3eobex; C:\WINDOWS\System32\drivers\se3eobex.sys [123144 2007-04-10] (MCCI Corporation -> MCCI Corporation)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [47816 2020-07-21] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\TosSrvCtlDrv.sys [25832 2020-11-18] (Dynabook Inc. -> Dynabook Inc.)
R0 TVALZ_O; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46088 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-11-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-11-20] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-11-20] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-08 21:40 - 2021-01-08 21:42 - 000018053 _____ C:\Users\saullerist\Desktop\FRST.txt
2021-01-08 21:39 - 2021-01-08 21:41 - 000000000 ____D C:\FRST
2021-01-08 21:33 - 2021-01-08 21:34 - 000000000 ____D C:\AdwCleaner
2021-01-08 21:32 - 2021-01-08 21:32 - 008447152 _____ (Malwarebytes) C:\Users\saullerist\Desktop\AdwCleaner.exe
2021-01-08 21:28 - 2021-01-08 21:28 - 002282496 _____ (Farbar) C:\Users\saullerist\Desktop\FRST64.exe
2021-01-08 21:28 - 2021-01-08 21:28 - 002086424 _____ (Malwarebytes) C:\Users\saullerist\Desktop\MBSetup.exe
2021-01-08 10:57 - 2021-01-08 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0
2021-01-08 10:56 - 2021-01-08 10:57 - 000000000 ____D C:\Program Files\LibreOffice
2021-01-07 11:49 - 2021-01-07 11:49 - 000000000 ___HD C:\$WINDOWS.~BT
2021-01-07 11:05 - 2021-01-07 11:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-07 09:24 - 2021-01-07 11:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-05 19:03 - 2021-01-05 19:03 - 000000000 ____D C:\Users\saullerist\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-05 19:01 - 2021-01-05 19:01 - 000000000 ____D C:\Users\saullerist\AppData\Local\Steam
2021-01-05 18:58 - 2021-01-08 19:09 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-05 18:58 - 2021-01-05 18:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-12-18 13:04 - 2020-12-18 13:04 - 000000000 ____D C:\ProgramData\ATI
2020-12-18 13:02 - 2020-12-18 13:02 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-12-18 12:58 - 2020-12-18 12:58 - 000000020 ___SH C:\Users\saullerist\ntuser.ini
2020-12-18 12:55 - 2021-01-03 15:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-18 12:55 - 2020-12-20 09:53 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-18 12:55 - 2020-12-18 12:55 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-18 12:55 - 2020-12-18 12:55 - 000003384 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-18 12:55 - 2020-12-18 12:55 - 000003280 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-18 12:55 - 2020-12-18 12:55 - 000003160 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-18 12:55 - 2020-12-18 12:55 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-12-18 12:55 - 2020-12-18 12:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-1796023744-1759536030-3900380101-1002
2020-12-18 12:55 - 2020-12-18 12:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2020-12-18 12:54 - 2020-12-18 12:55 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2020-12-18 12:54 - 2020-12-18 12:55 - 000011433 _____ C:\WINDOWS\diagerr.xml
2020-12-18 12:47 - 2021-01-03 15:06 - 008957458 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-18 12:38 - 2020-12-18 12:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2020-12-18 12:37 - 2020-12-18 12:58 - 000000000 ____D C:\Users\saullerist
2020-12-18 12:37 - 2020-12-18 12:37 - 000000000 ____D C:\Program Files\ATI Technologies
2020-12-18 12:37 - 2020-12-18 12:36 - 000000000 ____D C:\Users\saullerist\AppData\Roaming\ATI
2020-12-18 12:37 - 2020-12-18 12:36 - 000000000 ____D C:\Users\saullerist\AppData\Local\ATI
2020-12-18 12:36 - 2020-12-18 12:36 - 000000000 ____D C:\Users\Default\AppData\Roaming\ATI
2020-12-18 12:36 - 2020-12-18 12:36 - 000000000 ____D C:\Users\Default\AppData\Local\ATI
2020-12-18 12:36 - 2020-12-18 12:36 - 000000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2020-12-18 12:36 - 2020-12-18 12:36 - 000000000 ____D C:\Users\Default User\AppData\Local\ATI
2020-12-18 12:30 - 2020-12-18 12:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-18 12:30 - 2020-12-18 12:31 - 000644656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-18 11:49 - 2020-12-18 12:29 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-12-18 11:44 - 2020-12-18 11:49 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-12-18 11:33 - 2020-06-29 00:16 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2020-12-18 11:33 - 2020-06-20 14:28 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2020-12-18 11:28 - 2020-12-18 11:28 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-12-18 11:28 - 2020-12-18 11:28 - 000000000 ____D C:\Program Files\MSBuild
2020-12-18 11:28 - 2020-12-18 11:28 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-12-18 11:28 - 2020-12-18 11:28 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-12-18 11:00 - 2020-12-18 11:00 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-12-16 20:41 - 2021-01-07 11:50 - 000000000 ___DC C:\WINDOWS\Panther
2020-12-15 13:18 - 2020-12-18 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-12-15 13:18 - 2020-12-15 13:18 - 000000000 ____D C:\Program Files\Google
2020-12-10 13:39 - 2020-12-10 13:39 - 000020303 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-12-10 13:39 - 2020-12-10 13:39 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2020-12-10 13:39 - 2020-12-10 13:39 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2020-12-10 13:39 - 2020-12-10 13:39 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-12-10 13:39 - 2020-12-10 13:39 - 000000000 ____D C:\WINDOWS\addins
2020-12-10 13:39 - 2020-12-10 13:39 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2020-12-10 13:39 - 2020-12-10 13:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-12-10 13:39 - 2020-12-10 13:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-12-10 13:39 - 2020-12-10 08:10 - 000023461 _____ C:\WINDOWS\Core.xml
2020-12-10 13:38 - 2020-12-10 13:38 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2020-12-10 13:38 - 2020-12-10 13:38 - 000000000 ____D C:\ProgramData\ssh
2020-12-10 13:38 - 2020-11-16 17:13 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2020-12-10 13:37 - 2020-12-10 13:37 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2020-12-10 13:37 - 2020-12-10 13:37 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2020-12-10 13:37 - 2020-12-10 13:37 - 000000000 ____D C:\WINDOWS\OCR
2020-12-10 13:36 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2020-12-10 13:36 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2020-12-10 13:36 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2020-12-10 13:36 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2020-12-10 13:36 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2020-12-10 13:36 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2020-12-10 13:36 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\system32\winrm
2020-12-10 13:36 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\system32\WCN
2020-12-10 13:36 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\system32\slmgr
2020-12-10 13:36 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\system32\sk
2020-12-10 13:36 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2020-12-10 13:36 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\system32\0409
2020-12-10 13:36 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\DigitalLocker
2020-12-10 08:33 - 2020-12-10 08:33 - 000000000 _SHDL C:\Users\Default User
2020-12-10 08:33 - 2020-12-10 08:33 - 000000000 _SHDL C:\Users\All Users
2020-12-10 08:19 - 2020-12-18 11:46 - 000000000 ____D C:\WINDOWS\Setup
2020-12-10 08:15 - 2021-01-08 21:32 - 000000000 ___RD C:\Program Files (x86)
2020-12-10 08:15 - 2021-01-08 18:35 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-10 08:15 - 2021-01-07 22:40 - 000000000 ____D C:\WINDOWS\SystemTemp
2020-12-10 08:15 - 2021-01-06 11:43 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-10 08:15 - 2020-12-30 15:21 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-10 08:15 - 2020-12-28 09:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-10 08:15 - 2020-12-20 09:53 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-12-10 08:15 - 2020-12-19 13:20 - 000000000 ____D C:\WINDOWS\appcompat
2020-12-10 08:15 - 2020-12-18 13:16 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-12-10 08:15 - 2020-12-18 12:59 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-10 08:15 - 2020-12-18 12:56 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-10 08:15 - 2020-12-18 12:55 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 08:15 - 2020-12-18 12:30 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-12-10 08:15 - 2020-12-18 12:30 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-12-10 08:15 - 2020-12-18 12:29 - 000000000 ____D C:\WINDOWS\system32\spool
2020-12-10 08:15 - 2020-12-18 12:29 - 000000000 ____D C:\WINDOWS\ServiceState
2020-12-10 08:15 - 2020-12-18 12:29 - 000000000 ____D C:\WINDOWS\Registration
2020-12-10 08:15 - 2020-12-18 12:29 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-12-10 08:15 - 2020-12-18 11:57 - 000000000 ____D C:\ProgramData\USOPrivate
2020-12-10 08:15 - 2020-12-18 11:54 - 000000000 __RHD C:\Users\Public\Libraries
2020-12-10 08:15 - 2020-12-18 11:50 - 000000000 ____D C:\WINDOWS\Resources
2020-12-10 08:15 - 2020-12-18 11:50 - 000000000 ____D C:\WINDOWS\Help
2020-12-10 08:15 - 2020-12-18 11:38 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-10 08:15 - 2020-12-18 11:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-10 08:15 - 2020-12-10 13:39 - 000000000 ____D C:\WINDOWS\SystemApps
2020-12-10 08:15 - 2020-12-10 13:39 - 000000000 ____D C:\WINDOWS\system32\setup
2020-12-10 08:15 - 2020-12-10 13:39 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-12-10 08:15 - 2020-12-10 13:39 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-12-10 08:15 - 2020-12-10 13:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ___SD C:\WINDOWS\system32\dsc
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\system32\MUI
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\system32\Com
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\IME
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ____D C:\WINDOWS\BrowserCore
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ____D C:\Program Files\Windows NT
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ____D C:\Program Files\Common Files\System
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ____D C:\Program Files (x86)\Windows NT
2020-12-10 08:15 - 2020-12-10 13:36 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 __SHD C:\Program Files\Windows Sidebar
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 ____D C:\WINDOWS\Web
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 ____D C:\WINDOWS\system32\winevt
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 ____D C:\WINDOWS\system32\ras
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 ____D C:\WINDOWS\SKB
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 ____D C:\WINDOWS\schemas
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 ____D C:\WINDOWS\security
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 ____D C:\WINDOWS\Provisioning
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 ____D C:\WINDOWS\PLA
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 ____D C:\WINDOWS\Media
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 ____D C:\WINDOWS\InputMethod
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 ____D C:\WINDOWS\IdentityCRL
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 ____D C:\WINDOWS\Globalization
2020-12-10 08:15 - 2020-12-10 08:33 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ___SD C:\WINDOWS\system32\Nui
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\WUModels
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\WaaS
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\Vss
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\tracing
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\TAPI
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\Keywords
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\IME
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\icsxml
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\ias
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\DriverState
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\downlevel
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\DDFs
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\System
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SchCache
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\rescache
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\Performance
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\ModemLogs
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\L2Schemas
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\Cursors
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\Containers
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\Branding
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\ProgramData\USOShared
2020-12-10 08:15 - 2020-12-10 08:15 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2020-12-10 08:15 - 2020-12-10 08:12 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2020-12-10 08:15 - 2020-12-10 08:12 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2020-12-10 08:15 - 2020-12-10 08:12 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2020-12-10 08:15 - 2020-12-10 08:12 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2020-12-10 08:15 - 2020-12-10 08:12 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2020-12-10 08:15 - 2020-12-10 08:12 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2020-12-10 08:15 - 2020-12-10 08:12 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2020-12-10 08:15 - 2020-12-10 08:12 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2020-12-10 08:13 - 2021-01-08 10:50 - 000000000 ____D C:\WINDOWS\INF
2020-12-10 08:10 - 2020-12-10 13:39 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-12-10 08:10 - 2020-12-10 13:39 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-12-10 08:10 - 2020-12-10 13:39 - 000316640 _____ C:\WINDOWS\WMSysPr9.prx
2020-12-10 08:10 - 2020-12-10 13:39 - 000200704 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\system32\l3codecp.acm
2020-12-10 08:10 - 2020-12-10 13:39 - 000192512 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\SysWOW64\l3codecp.acm
2020-12-10 08:10 - 2020-12-10 13:39 - 000118784 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2020-12-10 08:10 - 2020-12-10 13:39 - 000114688 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\system32\l3codeca.acm
2020-12-10 08:10 - 2020-12-10 13:39 - 000070656 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\SysWOW64\l3codeca.acm
2020-12-10 08:10 - 2020-12-10 08:10 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2020-12-10 08:10 - 2020-12-10 08:10 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2020-12-10 08:10 - 2020-12-10 08:10 - 000010429 _____ C:\WINDOWS\system32\ScavengeSpace.xml
2020-12-10 08:10 - 2020-12-10 08:10 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2020-12-10 08:10 - 2020-12-10 08:10 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2020-12-10 08:10 - 2020-12-10 08:10 - 000002349 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2020-12-10 08:10 - 2020-12-10 08:10 - 000001649 _____ C:\WINDOWS\SysWOW64\WindowsCodecsRaw.txt
2020-12-10 08:10 - 2020-12-10 08:10 - 000001649 _____ C:\WINDOWS\system32\WindowsCodecsRaw.txt
2020-12-10 08:10 - 2020-12-10 08:10 - 000001105 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-10 08:10 - 2020-12-10 08:10 - 000001105 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-10 08:10 - 2020-12-10 08:10 - 000000112 _____ C:\WINDOWS\SysWOW64\MixedRealityRuntime.json
2020-12-10 08:10 - 2020-12-10 08:10 - 000000112 _____ C:\WINDOWS\system32\MixedRealityRuntime.json
2020-12-10 08:09 - 2020-12-10 08:09 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 003408896 _____ C:\WINDOWS\system32\rdpnanoTransport.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 002764800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-10 08:09 - 2020-12-10 08:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-10 08:09 - 2020-12-10 08:09 - 001945888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-12-10 08:09 - 2020-12-10 08:09 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000839680 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ir41_32original.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Bubbles.scr
2020-12-10 08:09 - 2020-12-10 08:09 - 000774144 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000746496 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ir50_32original.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2020-12-10 08:09 - 2020-12-10 08:09 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000678112 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\winsqlite3.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2020-12-10 08:09 - 2020-12-10 08:09 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2020-12-10 08:09 - 2020-12-10 08:09 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2020-12-10 08:09 - 2020-12-10 08:09 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2020-12-10 08:09 - 2020-12-10 08:09 - 000386560 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe
2020-12-10 08:09 - 2020-12-10 08:09 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hdwwiz.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000352544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2020-12-10 08:09 - 2020-12-10 08:09 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2020-12-10 08:09 - 2020-12-10 08:09 - 000338432 _____ (Intel Corporation.) C:\WINDOWS\SysWOW64\ir41_qcxoriginal.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000327968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2020-12-10 08:09 - 2020-12-10 08:09 - 000302080 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000282912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSNP.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2020-12-10 08:09 - 2020-12-10 08:09 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssText3d.scr
2020-12-10 08:09 - 2020-12-10 08:09 - 000251168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000238880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\desk.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000214816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSNP.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000211938 _____ C:\WINDOWS\SysWOW64\lcphrase.tbl
2020-12-10 08:09 - 2020-12-10 08:09 - 000211938 _____ C:\WINDOWS\system32\lcphrase.tbl
2020-12-10 08:09 - 2020-12-10 08:09 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000205088 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000200192 _____ (Intel Corporation.) C:\WINDOWS\SysWOW64\ir50_qcoriginal.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000197632 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\ir32_32original.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000197632 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iac25_32.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000196608 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000195618 _____ C:\WINDOWS\system32\C_10002.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\desk.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000183808 _____ (Intel Corporation.) C:\WINDOWS\SysWOW64\ir50_qcxoriginal.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000177698 _____ C:\WINDOWS\system32\C_10003.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Ribbons.scr
2020-12-10 08:09 - 2020-12-10 08:09 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Mystify.scr
2020-12-10 08:09 - 2020-12-10 08:09 - 000173602 _____ C:\WINDOWS\system32\C_10008.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000162850 _____ C:\WINDOWS\system32\C_10001.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000160544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000160032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Kswdmcap.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000146944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ivfsrc.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000145622 _____ C:\WINDOWS\SysWOW64\devmgmt.msc
2020-12-10 08:09 - 2020-12-10 08:09 - 000145519 _____ C:\WINDOWS\SysWOW64\perfmon.msc
2020-12-10 08:09 - 2020-12-10 08:09 - 000145519 _____ C:\WINDOWS\system32\perfmon.msc
2020-12-10 08:09 - 2020-12-10 08:09 - 000145127 _____ C:\WINDOWS\SysWOW64\eventvwr.msc
2020-12-10 08:09 - 2020-12-10 08:09 - 000145127 _____ C:\WINDOWS\system32\eventvwr.msc
2020-12-10 08:09 - 2020-12-10 08:09 - 000144909 _____ C:\WINDOWS\SysWOW64\fsmgmt.msc
2020-12-10 08:09 - 2020-12-10 08:09 - 000143872 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000135456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Mpeg2Data.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000135168 _____ C:\WINDOWS\system32\ResBParser.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000131360 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisrndr.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000131360 _____ (Microsoft Corporation) C:\WINDOWS\system32\kstvtune.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000127264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSTPager.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000127264 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdaplgin.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\telephon.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000124118 _____ C:\WINDOWS\SysWOW64\comexp.msc
2020-12-10 08:09 - 2020-12-10 08:09 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\remotesp.tsp
2020-12-10 08:09 - 2020-12-10 08:09 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\joy.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000121632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Kswdmcap.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000120320 _____ (Intel Corporation.) C:\WINDOWS\SysWOW64\ir41_qcoriginal.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000115109 _____ C:\WINDOWS\SysWOW64\WF.msc
2020-12-10 08:09 - 2020-12-10 08:09 - 000113256 _____ C:\WINDOWS\SysWOW64\compmgmt.msc
2020-12-10 08:09 - 2020-12-10 08:09 - 000113256 _____ C:\WINDOWS\system32\compmgmt.msc
2020-12-10 08:09 - 2020-12-10 08:09 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2020-12-10 08:09 - 2020-12-10 08:09 - 000110880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSDvbNP.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2020-12-10 08:09 - 2020-12-10 08:09 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\telephon.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-12-10 08:09 - 2020-12-10 08:09 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2020-12-10 08:09 - 2020-12-10 08:09 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqlsrv32.rll
2020-12-10 08:09 - 2020-12-10 08:09 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\joy.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000096544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kstvtune.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000094496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksxbar.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqlsrv32.rll
2020-12-10 08:09 - 2020-12-10 08:09 - 000093702 _____ C:\WINDOWS\SysWOW64\SubRange.uce
2020-12-10 08:09 - 2020-12-10 08:09 - 000093702 _____ C:\WINDOWS\system32\SubRange.uce
2020-12-10 08:09 - 2020-12-10 08:09 - 000092746 _____ C:\WINDOWS\SysWOW64\services.msc
2020-12-10 08:09 - 2020-12-10 08:09 - 000092746 _____ C:\WINDOWS\system32\services.msc
2020-12-10 08:09 - 2020-12-10 08:09 - 000092448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Mpeg2Data.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000090912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisrndr.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000090704 _____ C:\WINDOWS\system32\gatherNetworkInfo.vbs
2020-12-10 08:09 - 2020-12-10 08:09 - 000089888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bdaplgin.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remotesp.tsp
2020-12-10 08:09 - 2020-12-10 08:09 - 000086528 _____ (Radius Inc.) C:\WINDOWS\SysWOW64\iccvid.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000086016 _____ C:\WINDOWS\system32\BWContextHandler.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000084768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSTPager.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\g711codc.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-12-10 08:09 - 2020-12-10 08:09 - 000074016 _____ C:\WINDOWS\system32\Drivers\NDKPerf.sys
2020-12-10 08:09 - 2020-12-10 08:09 - 000071968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSDvbNP.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000069920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbisurf.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000068608 _____ (Twain Working Group) C:\WINDOWS\twain_32.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_875.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_870.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_500.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_21027.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_21025.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20924.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20905.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20880.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20871.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20838.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20833.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20424.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20423.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20420.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20297.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20290.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20285.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20284.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20280.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20278.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20277.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20273.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20269.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20108.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20107.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20106.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_20105.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_1149.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_1148.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_1147.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_1146.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_1145.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_1144.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_1143.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_1142.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_1141.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_1140.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_1047.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_1026.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_10082.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_10081.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_10079.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_10029.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_10021.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_10017.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_10010.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_10007.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_10006.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_10005.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_10004.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_10000.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000066082 _____ C:\WINDOWS\system32\C_037.NLS
2020-12-10 08:09 - 2020-12-10 08:09 - 000065024 _____ C:\WINDOWS\SysWOW64\sstpcfg.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000063081 _____ C:\WINDOWS\SysWOW64\certlm.msc
2020-12-10 08:09 - 2020-12-10 08:09 - 000063081 _____ C:\WINDOWS\system32\certlm.msc
2020-12-10 08:09 - 2020-12-10 08:09 - 000063070 _____ C:\WINDOWS\SysWOW64\certmgr.msc
2020-12-10 08:09 - 2020-12-10 08:09 - 000063070 _____ C:\WINDOWS\system32\certmgr.msc
2020-12-10 08:09 - 2020-12-10 08:09 - 000061728 _____ C:\WINDOWS\system32\HvSocket.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000061728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vidcap.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000061440 _____ C:\WINDOWS\system32\SpectrumSyncClient.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\irprops.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidphone.tsp
2020-12-10 08:09 - 2020-12-10 08:09 - 000060458 _____ C:\WINDOWS\SysWOW64\ideograf.uce
2020-12-10 08:09 - 2020-12-10 08:09 - 000060458 _____ C:\WINDOWS\system32\ideograf.uce
2020-12-10 08:09 - 2020-12-10 08:09 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000059680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksxbar.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000059554 _____ C:\WINDOWS\system32\srms.dat
2020-12-10 08:09 - 2020-12-10 08:09 - 000057344 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\g711codc.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000051712 _____ C:\WINDOWS\SysWOW64\CredProvCommonCore.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\more.com
2020-12-10 08:09 - 2020-12-10 08:09 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2020-12-10 08:09 - 2020-12-10 08:09 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\format.com
2020-12-10 08:09 - 2020-12-10 08:09 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\cliconfg.rll
2020-12-10 08:09 - 2020-12-10 08:09 - 000043808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbisurf.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000041587 _____ C:\WINDOWS\SysWOW64\azman.msc
2020-12-10 08:09 - 2020-12-10 08:09 - 000041587 _____ C:\WINDOWS\system32\azman.msc
2020-12-10 08:09 - 2020-12-10 08:09 - 000041472 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2020-12-10 08:09 - 2020-12-10 08:09 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2020-12-10 08:09 - 2020-12-10 08:09 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cliconfg.rll
2020-12-10 08:09 - 2020-12-10 08:09 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2020-12-10 08:09 - 2020-12-10 08:09 - 000033568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vidcap.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hidphone.tsp
2020-12-10 08:09 - 2020-12-10 08:09 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\irprops.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Firewall.cpl
2020-12-10 08:09 - 2020-12-10 08:09 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2020-12-10 08:09 - 2020-12-10 08:09 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\more.com
2020-12-10 08:09 - 2020-12-10 08:09 - 000024114 _____ C:\WINDOWS\SysWOW64\lcptr.tbl
2020-12-10 08:09 - 2020-12-10 08:09 - 000024114 _____ C:\WINDOWS\system32\lcptr.tbl
2020-12-10 08:09 - 2020-12-10 08:09 - 000024006 _____ C:\WINDOWS\SysWOW64\gb2312.uce
2020-12-10 08:09 - 2020-12-10 08:09 - 000024006 _____ C:\WINDOWS\system32\gb2312.uce
2020-12-10 08:09 - 2020-12-10 08:09 - 000022984 _____ C:\WINDOWS\SysWOW64\bopomofo.uce
2020-12-10 08:09 - 2020-12-10 08:09 - 000022984 _____ C:\WINDOWS\system32\bopomofo.uce
2020-12-10 08:09 - 2020-12-10 08:09 - 000021656 _____ C:\WINDOWS\system32\NetTrace.PLA.Diagnostics.xml
2020-12-10 08:09 - 2020-12-10 08:09 - 000020268 _____ C:\WINDOWS\system32\DeliveryOptimizationMIProv.mof
2020-12-10 08:09 - 2020-12-10 08:09 - 000019485 _____ C:\WINDOWS\SysWOW64\srms-apr.dat
2020-12-10 08:09 - 2020-12-10 08:09 - 000019485 _____ C:\WINDOWS\system32\srms-apr.dat
2020-12-10 08:09 - 2020-12-10 08:09 - 000019456 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000017935 _____ C:\WINDOWS\SysWOW64\EventViewer_EventDetails.xsl
2020-12-10 08:09 - 2020-12-10 08:09 - 000017935 _____ C:\WINDOWS\system32\EventViewer_EventDetails.xsl
2020-12-10 08:09 - 2020-12-10 08:09 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2020-12-10 08:09 - 2020-12-10 08:09 - 000016740 _____ C:\WINDOWS\SysWOW64\ShiftJIS.uce
2020-12-10 08:09 - 2020-12-10 08:09 - 000016740 _____ C:\WINDOWS\system32\ShiftJIS.uce
2020-12-10 08:09 - 2020-12-10 08:09 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\simpdata.tlb
2020-12-10 08:09 - 2020-12-10 08:09 - 000013824 _____ C:\WINDOWS\SysWOW64\prxyqry.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000012876 _____ C:\WINDOWS\SysWOW64\korean.uce
2020-12-10 08:09 - 2020-12-10 08:09 - 000012876 _____ C:\WINDOWS\system32\korean.uce
2020-12-10 08:09 - 2020-12-10 08:09 - 000012826 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-10 08:09 - 2020-12-10 08:09 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2020-12-10 08:09 - 2020-12-10 08:09 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdatsrc.tlb
2020-12-10 08:09 - 2020-12-10 08:09 - 000011292 _____ C:\WINDOWS\SysWOW64\srms-apr-v.dat
2020-12-10 08:09 - 2020-12-10 08:09 - 000011292 _____ C:\WINDOWS\system32\srms-apr-v.dat
2020-12-10 08:09 - 2020-12-10 08:09 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ir41_32.ax
2020-12-10 08:09 - 2020-12-10 08:09 - 000009432 _____ C:\WINDOWS\system32\ResPriUHMImageList
2020-12-10 08:09 - 2020-12-10 08:09 - 000009432 _____ C:\WINDOWS\system32\ResPriHMImageList
2020-12-10 08:09 - 2020-12-10 08:09 - 000009427 _____ C:\WINDOWS\system32\ResPriImageList
2020-12-10 08:09 - 2020-12-10 08:09 - 000009196 _____ C:\WINDOWS\system32\ResPriHMImageListLowCost
2020-12-10 08:09 - 2020-12-10 08:09 - 000008945 _____ C:\WINDOWS\system32\ResPriLMImageList
2020-12-10 08:09 - 2020-12-10 08:09 - 000008690 _____ C:\WINDOWS\system32\ResPriImageListLowCost
2020-12-10 08:09 - 2020-12-10 08:09 - 000008484 _____ C:\WINDOWS\SysWOW64\kanji_2.uce
2020-12-10 08:09 - 2020-12-10 08:09 - 000008484 _____ C:\WINDOWS\system32\kanji_2.uce
2020-12-10 08:09 - 2020-12-10 08:09 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\simpdata.tlb
2020-12-10 08:09 - 2020-12-10 08:09 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole32.tlb
2020-12-10 08:09 - 2020-12-10 08:09 - 000006948 _____ C:\WINDOWS\SysWOW64\kanji_1.uce
2020-12-10 08:09 - 2020-12-10 08:09 - 000006948 _____ C:\WINDOWS\system32\kanji_1.uce
2020-12-10 08:09 - 2020-12-10 08:09 - 000006656 _____ C:\WINDOWS\SysWOW64\nrtapi.dll
2020-12-10 08:09 - 2020-12-10 08:09 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdatsrc.tlb
2020-12-10 08:09 - 2020-12-10 08:09 - 000004453 _____ C:\WINDOWS\SysWOW64\odbcconf.rsp
2020-12-10 08:09 - 2020-12-10 08:09 - 000004014 _____ C:\WINDOWS\SysWOW64\xwizard.dtd
2020-12-10 08:09 - 2020-12-10 08:09 - 000004014 _____ C:\WINDOWS\system32\xwizard.dtd
2020-12-10 08:09 - 2020-12-10 08:09 - 000003666 _____ C:\WINDOWS\SysWOW64\sysprtj.sep
2020-12-10 08:09 - 2020-12-10 08:09 - 000003660 _____ C:\WINDOWS\system32\WwanFeatureTests.xml
2020-12-10 08:09 - 2020-12-10 08:09 - 000003317 _____ C:\WINDOWS\SysWOW64\sysprint.sep
2020-12-10 08:09 - 2020-12-10 08:09 - 000002404 _____ C:\WINDOWS\SysWOW64\WimBootCompress.ini
2020-12-10 08:09 - 2020-12-10 08:09 - 000002233 _____ C:\WINDOWS\SysWOW64\12520850.cpx
2020-12-10 08:09 - 2020-12-10 08:09 - 000002151 _____ C:\WINDOWS\SysWOW64\12520437.cpx
2020-12-10 08:09 - 2020-12-10 08:09 - 000002044 _____ C:\WINDOWS\system32\DeliveryOptimizationMIProvUninstall.mof
2020-12-10 08:09 - 2020-12-10 08:09 - 000001820 _____ C:\WINDOWS\SysWOW64\rasctrnm.h
2020-12-10 08:09 - 2020-12-10 08:09 - 000001673 _____ C:\WINDOWS\SysWOW64\tcpbidi.xml
2020-12-10 08:09 - 2020-12-10 08:09 - 000000714 _____ C:\WINDOWS\SysWOW64\RestartManager.mof
2020-12-10 08:09 - 2020-12-10 08:09 - 000000565 _____ C:\WINDOWS\SysWOW64\NdfEventView.xml
2020-12-10 08:09 - 2020-12-10 08:09 - 000000565 _____ C:\WINDOWS\system32\NdfEventView.xml
2020-12-10 08:09 - 2020-12-10 08:09 - 000000263 _____ C:\WINDOWS\system32\odbcconf.rsp
2020-12-10 08:09 - 2020-12-10 08:09 - 000000176 _____ C:\WINDOWS\SysWOW64\RestartManagerUninstall.mof
2020-12-10 08:09 - 2020-12-10 08:09 - 000000150 _____ C:\WINDOWS\SysWOW64\pcl.sep
2020-12-10 08:09 - 2020-12-10 08:09 - 000000051 _____ C:\WINDOWS\SysWOW64\pscript.sep
2020-12-10 08:08 - 2020-12-10 08:08 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 003602432 _____ C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.Analysis.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 003440660 _____ C:\WINDOWS\SysWOW64\Drivers\gm.dls
2020-12-10 08:08 - 2020-12-10 08:08 - 003170304 _____ C:\WINDOWS\SysWOW64\boot.sdi
2020-12-10 08:08 - 2020-12-10 08:08 - 003170304 _____ C:\WINDOWS\system32\boot.sdi
2020-12-10 08:08 - 2020-12-10 08:08 - 002470000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-10 08:08 - 2020-12-10 08:08 - 002142208 _____ C:\WINDOWS\system32\dwmscene.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 002030400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-10 08:08 - 2020-12-10 08:08 - 001989992 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 001989120 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 001528832 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 001263312 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000897584 _____ (SQLite Development Team) C:\WINDOWS\system32\winsqlite3.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000819512 _____ C:\WINDOWS\SysWOW64\locale.nls
2020-12-10 08:08 - 2020-12-10 08:08 - 000819512 _____ C:\WINDOWS\system32\locale.nls
2020-12-10 08:08 - 2020-12-10 08:08 - 000673088 _____ C:\WINDOWS\SysWOW64\mlang.dat
2020-12-10 08:08 - 2020-12-10 08:08 - 000673088 _____ C:\WINDOWS\system32\mlang.dat
2020-12-10 08:08 - 2020-12-10 08:08 - 000613016 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000461824 _____ C:\WINDOWS\SysWOW64\SettingSyncDownloadHelper.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-12-10 08:08 - 2020-12-10 08:08 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2020-12-10 08:08 - 2020-12-10 08:08 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hdwwiz.cpl
2020-12-10 08:08 - 2020-12-10 08:08 - 000364544 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000345088 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000323584 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-12-10 08:08 - 2020-12-10 08:08 - 000294912 _____ C:\WINDOWS\system32\pnpdiag.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2020-12-10 08:08 - 2020-12-10 08:08 - 000262656 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2020-12-10 08:08 - 2020-12-10 08:08 - 000246048 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000233984 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000221184 _____ C:\WINDOWS\system32\AggregatorHost.exe
2020-12-10 08:08 - 2020-12-10 08:08 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv
2020-12-10 08:08 - 2020-12-10 08:08 - 000208896 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000204074 _____ C:\WINDOWS\SysWOW64\winrm.vbs
2020-12-10 08:08 - 2020-12-10 08:08 - 000204074 _____ C:\WINDOWS\system32\winrm.vbs
2020-12-10 08:08 - 2020-12-10 08:08 - 000196642 _____ C:\WINDOWS\system32\C_950.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000196642 _____ C:\WINDOWS\system32\C_949.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000196642 _____ C:\WINDOWS\system32\C_936.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000189986 _____ C:\WINDOWS\system32\C_1361.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000187938 _____ C:\WINDOWS\system32\C_20005.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000186402 _____ C:\WINDOWS\system32\C_20001.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000185378 _____ C:\WINDOWS\system32\C_20003.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000180770 _____ C:\WINDOWS\system32\C_20932.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000180258 _____ C:\WINDOWS\system32\C_20004.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000180258 _____ C:\WINDOWS\system32\C_20000.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000177698 _____ C:\WINDOWS\system32\C_20949.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000175104 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2020-12-10 08:08 - 2020-12-10 08:08 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2020-12-10 08:08 - 2020-12-10 08:08 - 000173602 _____ C:\WINDOWS\system32\C_20936.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000173602 _____ C:\WINDOWS\system32\C_20002.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl
2020-12-10 08:08 - 2020-12-10 08:08 - 000167640 _____ C:\WINDOWS\SysWOW64\chs_singlechar_pinyin.dat
2020-12-10 08:08 - 2020-12-10 08:08 - 000162850 _____ C:\WINDOWS\system32\C_932.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmview.ocx
2020-12-10 08:08 - 2020-12-10 08:08 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2020-12-10 08:08 - 2020-12-10 08:08 - 000147744 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2020-12-10 08:08 - 2020-12-10 08:08 - 000145622 _____ C:\WINDOWS\system32\devmgmt.msc
2020-12-10 08:08 - 2020-12-10 08:08 - 000145059 _____ C:\WINDOWS\SysWOW64\taskschd.msc
2020-12-10 08:08 - 2020-12-10 08:08 - 000145059 _____ C:\WINDOWS\system32\taskschd.msc
2020-12-10 08:08 - 2020-12-10 08:08 - 000144998 _____ C:\WINDOWS\SysWOW64\lusrmgr.msc
2020-12-10 08:08 - 2020-12-10 08:08 - 000144998 _____ C:\WINDOWS\system32\lusrmgr.msc
2020-12-10 08:08 - 2020-12-10 08:08 - 000144909 _____ C:\WINDOWS\system32\fsmgmt.msc
2020-12-10 08:08 - 2020-12-10 08:08 - 000144862 _____ C:\WINDOWS\SysWOW64\tpm.msc
2020-12-10 08:08 - 2020-12-10 08:08 - 000142904 _____ C:\WINDOWS\SysWOW64\slmgr.vbs
2020-12-10 08:08 - 2020-12-10 08:08 - 000142904 _____ C:\WINDOWS\system32\slmgr.vbs
2020-12-10 08:08 - 2020-12-10 08:08 - 000139810 _____ C:\WINDOWS\system32\C_20261.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000124118 _____ C:\WINDOWS\system32\comexp.msc
2020-12-10 08:08 - 2020-12-10 08:08 - 000122880 _____ C:\WINDOWS\system32\UpdatePolicyScenarioReliabilityAggregator.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-10 08:08 - 2020-12-10 08:08 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2020-12-10 08:08 - 2020-12-10 08:08 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysdm.cpl
2020-12-10 08:08 - 2020-12-10 08:08 - 000118272 _____ C:\WINDOWS\SysWOW64\WindowsDefaultHeatProcessor.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000115109 _____ C:\WINDOWS\system32\WF.msc
2020-12-10 08:08 - 2020-12-10 08:08 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmview.ocx
2020-12-10 08:08 - 2020-12-10 08:08 - 000110592 _____ C:\WINDOWS\system32\UpdateHeartbeatScan.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2020-12-10 08:08 - 2020-12-10 08:08 - 000094208 _____ C:\WINDOWS\system32\sstpcfg.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000094208 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-10 08:08 - 2020-12-10 08:08 - 000086016 _____ C:\WINDOWS\system32\printticketvalidation.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000086016 _____ C:\WINDOWS\system32\Drivers\UsbPmApi.sys
2020-12-10 08:08 - 2020-12-10 08:08 - 000086016 _____ C:\WINDOWS\system32\CredProvCommonCore.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000084948 _____ C:\WINDOWS\system32\DiskSnapshot.conf
2020-12-10 08:08 - 2020-12-10 08:08 - 000081870 _____ C:\WINDOWS\system32\normidna.nls
2020-12-10 08:08 - 2020-12-10 08:08 - 000079348 _____ C:\WINDOWS\system32\normnfkc.nls
2020-12-10 08:08 - 2020-12-10 08:08 - 000076288 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000073114 _____ C:\WINDOWS\system32\normnfkd.nls
2020-12-10 08:08 - 2020-12-10 08:08 - 000069632 _____ C:\WINDOWS\system32\UsbPmApi.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2020-12-10 08:08 - 2020-12-10 08:08 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000066594 _____ C:\WINDOWS\system32\C_874.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066594 _____ C:\WINDOWS\system32\C_869.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066594 _____ C:\WINDOWS\system32\C_866.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066594 _____ C:\WINDOWS\system32\C_865.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066594 _____ C:\WINDOWS\system32\C_864.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066594 _____ C:\WINDOWS\system32\C_863.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066594 _____ C:\WINDOWS\system32\C_862.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066594 _____ C:\WINDOWS\system32\C_861.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066594 _____ C:\WINDOWS\system32\C_860.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066594 _____ C:\WINDOWS\system32\C_858.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066594 _____ C:\WINDOWS\system32\C_857.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066594 _____ C:\WINDOWS\system32\C_855.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066594 _____ C:\WINDOWS\system32\C_852.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066594 _____ C:\WINDOWS\system32\C_850.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066594 _____ C:\WINDOWS\system32\C_775.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066594 _____ C:\WINDOWS\system32\C_737.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066594 _____ C:\WINDOWS\system32\C_720.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066594 _____ C:\WINDOWS\system32\C_437.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_708.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_28605.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\c_28603.nls
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_28599.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_28598.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_28597.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_28596.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_28595.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_28594.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_28593.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_28592.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_28591.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_21866.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_20866.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_20127.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_1258.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_1257.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_1256.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_1255.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_1254.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_1253.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_1252.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_1251.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000066082 _____ C:\WINDOWS\system32\C_1250.NLS
2020-12-10 08:08 - 2020-12-10 08:08 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\format.com
2020-12-10 08:08 - 2020-12-10 08:08 - 000061440 _____ C:\WINDOWS\SysWOW64\WwanPrfl.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000060124 _____ C:\WINDOWS\system32\tcpmon.ini
2020-12-10 08:08 - 2020-12-10 08:08 - 000057136 _____ C:\WINDOWS\system32\normnfc.nls
2020-12-10 08:08 - 2020-12-10 08:08 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000053248 _____ C:\WINDOWS\system32\usocoreps.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000053248 _____ C:\WINDOWS\system32\deploymentcsphelper.exe
2020-12-10 08:08 - 2020-12-10 08:08 - 000050442 _____ C:\WINDOWS\system32\normnfd.nls
2020-12-10 08:08 - 2020-12-10 08:08 - 000050176 _____ C:\WINDOWS\SysWOW64\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000047682 _____ C:\WINDOWS\SysWOW64\diskmgmt.msc
2020-12-10 08:08 - 2020-12-10 08:08 - 000047682 _____ C:\WINDOWS\system32\diskmgmt.msc
2020-12-10 08:08 - 2020-12-10 08:08 - 000045568 _____ (Microsoft) C:\WINDOWS\SysWOW64\oflc-nz.rs
2020-12-10 08:08 - 2020-12-10 08:08 - 000043520 _____ (Microsoft) C:\WINDOWS\SysWOW64\csrr.rs
2020-12-10 08:08 - 2020-12-10 08:08 - 000043131 _____ C:\WINDOWS\mib.bin
2020-12-10 08:08 - 2020-12-10 08:08 - 000041472 _____ (Microsoft) C:\WINDOWS\SysWOW64\fpb.rs
2020-12-10 08:08 - 2020-12-10 08:08 - 000040960 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000040960 _____ C:\WINDOWS\system32\prxyqry.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000040448 _____ C:\WINDOWS\SysWOW64\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000036864 _____ C:\WINDOWS\system32\umpodev.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000034816 _____ (Microsoft) C:\WINDOWS\SysWOW64\cero.rs
2020-12-10 08:08 - 2020-12-10 08:08 - 000033792 _____ (Microsoft) C:\WINDOWS\SysWOW64\esrb.rs
2020-12-10 08:08 - 2020-12-10 08:08 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrnsave.scr
2020-12-10 08:08 - 2020-12-10 08:08 - 000031232 _____ (Microsoft) C:\WINDOWS\SysWOW64\usk.rs
2020-12-10 08:08 - 2020-12-10 08:08 - 000030984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msgsm32.acm
2020-12-10 08:08 - 2020-12-10 08:08 - 000030720 _____ (Microsoft) C:\WINDOWS\SysWOW64\cob-au.rs
2020-12-10 08:08 - 2020-12-10 08:08 - 000030664 _____ C:\WINDOWS\system32\NarratorControlTemplates.xml
2020-12-10 08:08 - 2020-12-10 08:08 - 000029184 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfime.ime
2020-12-10 08:08 - 2020-12-10 08:08 - 000026344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imaadp32.acm
2020-12-10 08:08 - 2020-12-10 08:08 - 000026304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msadp32.acm
2020-12-10 08:08 - 2020-12-10 08:08 - 000024576 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000024576 _____ C:\WINDOWS\system32\nrtapi.dll
2020-12-10 08:08 - 2020-12-10 08:08 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2020-12-10 08:08 - 2020-12-10 08:08 - 000020992 _____ (Microsoft) C:\WINDOWS\SysWOW64\pegi-pt.rs
2020-12-10 08:08 - 2020-12-10 08:08 - 000020480 _____ (Microsoft) C:\WINDOWS\SysWOW64\pegi.rs
2020-12-10 08:08 - 2020-12-10 08:08 - 000019456 _____ (Microsoft) C:\WINDOWS\SysWOW64\grb.rs
2020-12-10 08:08 - 2020-12-10 08:08 - 000019104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msg711.acm
2020-12-10 08:08 - 2020-12-10 08:08 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb
2020-12-10 08:08 - 2020-12-10 08:08 - 000015360 _____ (Microsoft) C:\WINDOWS\SysWOW64\pcbp.rs
2020-12-10 08:08 - 2020-12-10 08:08 - 000015360 _____ (Microsoft) C:\WINDOWS\SysWOW64\djctq.rs
2020-12-10 08:08 - 2020-12-10 08:08 - 000013091 _____ C:\WINDOWS\system32\DevModeRunAsUserConfig.msc
2020-12-10 08:08 - 2020-12-10 08:08 - 000011776 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-10 08:08 - 2020-12-10 08:08 - 000009926 _____ C:\WINDOWS\SysWOW64\l_intl.nls
2020-12-10 08:08 - 2020-12-10 08:08 - 000009926 _____ C:\WINDOWS\system32\l_intl.nls
2020-12-10 08:08 - 2020-12-10 08:08 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfime.ime
2020-12-10 08:08 - 2020-12-10 08:08 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole32.tlb
2020-12-10 08:08 - 2020-12-10 08:08 - 000004675 _____ C:\WINDOWS\SysWOW64\wsmanconfig_schema.xml
2020-12-10 08:08 - 2020-12-10 08:08 - 000004675 _____ C:\WINDOWS\system32\wsmanconfig_schema.xml
2020-12-10 08:08 - 2020-12-10 08:08 - 000004608 _____ (Microsoft) C:\WINDOWS\SysWOW64\WEB.rs
2020-12-10 08:08 - 2020-12-10 08:08 - 000004148 _____ C:\WINDOWS\system32\psmodulediscoveryprovider.mof
2020-12-10 08:08 - 2020-12-10 08:08 - 000003944 _____ C:\WINDOWS\system32\DetailedReading-Default.xml
2020-12-10 08:08 - 2020-12-10 08:08 - 000003666 _____ C:\WINDOWS\system32\sysprtj.sep
2020-12-10 08:08 - 2020-12-10 08:08 - 000003317 _____ C:\WINDOWS\system32\sysprint.sep
2020-12-10 08:08 - 2020-12-10 08:08 - 000003164 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2020-12-10 08:08 - 2020-12-10 08:08 - 000002426 _____ C:\WINDOWS\SysWOW64\WsmTxt.xsl
2020-12-10 08:08 - 2020-12-10 08:08 - 000002426 _____ C:\WINDOWS\system32\WsmTxt.xsl
2020-12-10 08:08 - 2020-12-10 08:08 - 000002404 _____ C:\WINDOWS\system32\WimBootCompress.ini
2020-12-10 08:08 - 2020-12-10 08:08 - 000001820 _____ C:\WINDOWS\system32\rasctrnm.h
2020-12-10 08:08 - 2020-12-10 08:08 - 000001673 _____ C:\WINDOWS\system32\tcpbidi.xml
2020-12-10 08:08 - 2020-12-10 08:08 - 000001559 _____ C:\WINDOWS\SysWOW64\WsmPty.xsl
2020-12-10 08:08 - 2020-12-10 08:08 - 000001559 _____ C:\WINDOWS\system32\WsmPty.xsl
2020-12-10 08:08 - 2020-12-10 08:08 - 000000724 _____ C:\WINDOWS\system32\wpr.config.xml
2020-12-10 08:08 - 2020-12-10 08:08 - 000000714 _____ C:\WINDOWS\system32\RestartManager.mof
2020-12-10 08:08 - 2020-12-10 08:08 - 000000670 ___RH C:\WINDOWS\WindowsShell.Manifest
2020-12-10 08:08 - 2020-12-10 08:08 - 000000646 _____ C:\WINDOWS\SysWOW64\Drivers\gmreadme.txt
2020-12-10 08:08 - 2020-12-10 08:08 - 000000614 _____ C:\WINDOWS\system32\WdsUnattendTemplate.xml
2020-12-10 08:08 - 2020-12-10 08:08 - 000000176 _____ C:\WINDOWS\system32\RestartManagerUninstall.mof
2020-12-10 08:08 - 2020-12-10 08:08 - 000000150 _____ C:\WINDOWS\system32\pcl.sep
2020-12-10 08:08 - 2020-12-10 08:08 - 000000051 _____ C:\WINDOWS\system32\pscript.sep
2020-12-10 08:08 - 2020-12-10 08:08 - 000000033 _____ C:\WINDOWS\SysWOW64\winrm.cmd
2020-12-10 08:08 - 2020-12-10 08:08 - 000000033 _____ C:\WINDOWS\system32\winrm.cmd
2020-12-10 08:07 - 2020-12-10 08:07 - 004523520 _____ C:\WINDOWS\system32\Windows.UI.Input.Inking.Analysis.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-12-10 08:07 - 2020-12-10 08:07 - 003440660 _____ C:\WINDOWS\system32\Drivers\gm.dls
2020-12-10 08:07 - 2020-12-10 08:07 - 003414816 _____ (QLogic Corporation) C:\WINDOWS\system32\Drivers\evbda.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 002458888 ____R (The ICU Project) C:\WINDOWS\system32\icu.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 002136064 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 002101248 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 001942384 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 001849632 _____ (Chelsio Communications) C:\WINDOWS\system32\Drivers\cht4vx64.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 001222656 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtl8192se.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 001131296 _____ (PMC-Sierra) C:\WINDOWS\system32\Drivers\adp80xx.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 001127200 _____ (Mellanox) C:\WINDOWS\system32\Drivers\mlx4_bus.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000880416 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAVC.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000745552 _____ C:\WINDOWS\system32\DynamicLong.bin
2020-12-10 08:07 - 2020-12-10 08:07 - 000657336 _____ C:\WINDOWS\system32\TextShaping.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 000630784 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 000610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-12-10 08:07 - 2020-12-10 08:07 - 000571680 _____ (LSI Corporation, Inc.) C:\WINDOWS\system32\Drivers\megasr.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000554784 _____ (Mellanox) C:\WINDOWS\system32\Drivers\ibbus.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000529696 _____ (QLogic Corporation) C:\WINDOWS\system32\Drivers\bxvbda.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000515152 _____ C:\WINDOWS\system32\DynamicMedium.bin
2020-12-10 08:07 - 2020-12-10 08:07 - 000483328 _____ C:\WINDOWS\system32\ssdm.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 000407840 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorV.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000352256 _____ C:\WINDOWS\system32\HeatCore.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 000323152 _____ C:\WINDOWS\system32\DynamicShort.bin
2020-12-10 08:07 - 2020-12-10 08:07 - 000315680 _____ (Chelsio Communications) C:\WINDOWS\system32\Drivers\cht4sx64.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000301344 _____ (VIA Corporation) C:\WINDOWS\system32\Drivers\VSTXRAID.SYS
2020-12-10 08:07 - 2020-12-10 08:07 - 000294912 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv
2020-12-10 08:07 - 2020-12-10 08:07 - 000255264 _____ (AMD Technologies Inc.) C:\WINDOWS\system32\Drivers\amdsbs.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2020-12-10 08:07 - 2020-12-10 08:07 - 000246048 _____ C:\WINDOWS\system32\Drivers\Usb4HostRouter.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000229376 _____ C:\WINDOWS\system32\TpmTool.exe
2020-12-10 08:07 - 2020-12-10 08:07 - 000212992 _____ C:\WINDOWS\system32\IHDS.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 000205600 _____ (Microsemi Corportation) C:\WINDOWS\system32\Drivers\SmartSAMD.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000180224 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-10 08:07 - 2020-12-10 08:07 - 000177664 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_I2C_GLK.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000177152 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_I2C_CNL.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000175104 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_I2C_BXT_P.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000172832 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\ItSas35i.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000171520 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_I2C.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000167640 _____ C:\WINDOWS\system32\chs_singlechar_pinyin.dat
2020-12-10 08:07 - 2020-12-10 08:07 - 000162592 _____ (VIA Technologies Inc.,Ltd) C:\WINDOWS\system32\Drivers\vsmraid.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000162080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvstor.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000149056 _____ C:\WINDOWS\system32\LargeRoom.bin
2020-12-10 08:07 - 2020-12-10 08:07 - 000146208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvraid.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000144862 _____ C:\WINDOWS\system32\tpm.msc
2020-12-10 08:07 - 2020-12-10 08:07 - 000144673 _____ C:\WINDOWS\system32\WmiMgmt.msc
2020-12-10 08:07 - 2020-12-10 08:07 - 000143360 _____ C:\WINDOWS\system32\WindowsDefaultHeatProcessor.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 000142112 _____ (Mellanox) C:\WINDOWS\system32\Drivers\ndfltr.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000140064 _____ (Chelsio Communications) C:\WINDOWS\system32\Drivers\cht4dx64.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000138092 _____ C:\WINDOWS\system32\AverageRoom.bin
2020-12-10 08:07 - 2020-12-10 08:07 - 000133408 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\lsi_sas3i.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000127776 _____ (PMC-Sierra, Inc.) C:\WINDOWS\system32\Drivers\arcsas.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000121344 _____ (Qualcomm Atheros Co., Ltd.) C:\WINDOWS\system32\Drivers\L1C63x64.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000120096 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas2i.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000113152 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_I2C.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000112128 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_GPIO2_CNL.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000110036 _____ C:\WINDOWS\system32\MediumRoom.bin
2020-12-10 08:07 - 2020-12-10 08:07 - 000108320 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\AppleSSD.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000106496 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 000104736 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000103200 _____ (LSI) C:\WINDOWS\system32\Drivers\3ware.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000102400 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 000096256 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_GPIO2_GLK.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000095008 _____ (Broadcom Inc) C:\WINDOWS\system32\Drivers\megasas35i.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000093184 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_GPIO2_BXT_P.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000091136 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\iai2c.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000090112 _____ C:\WINDOWS\system32\WwanPrfl.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 000090112 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 000081920 ____R (Realtek) C:\WINDOWS\system32\Drivers\rteth.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000079360 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_GPIO2.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000079136 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdsata.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000077600 _____ (Silicon Integrated Systems) C:\WINDOWS\system32\Drivers\sisraid4.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000076576 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000069788 _____ C:\WINDOWS\system32\SmallRoom.bin
2020-12-10 08:07 - 2020-12-10 08:07 - 000069632 _____ C:\WINDOWS\system32\Microsoft.Bluetooth.Audio.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 000068896 _____ (Mellanox) C:\WINDOWS\system32\Drivers\winverbs.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000064288 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\percsas3i.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000062328 _____ (Microsoft Corporation) C:\WINDOWS\system32\msgsm32.acm
2020-12-10 08:07 - 2020-12-10 08:07 - 000061440 _____ C:\WINDOWS\system32\pospaymentsworker.exe
2020-12-10 08:07 - 2020-12-10 08:07 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrnsave.scr
2020-12-10 08:07 - 2020-12-10 08:07 - 000060192 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\Drivers\HpSAMD.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000059680 _____ (Marvell Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\mvumis.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000058192 _____ (Microsoft Corporation) C:\WINDOWS\system32\imaadp32.acm
2020-12-10 08:07 - 2020-12-10 08:07 - 000054560 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\percsas2i.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000053248 _____ C:\WINDOWS\system32\VhfUm.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 000053248 _____ (Microsoft) C:\WINDOWS\system32\oflc-nz.rs
2020-12-10 08:07 - 2020-12-10 08:07 - 000053248 _____ (Microsoft) C:\WINDOWS\system32\csrr.rs
2020-12-10 08:07 - 2020-12-10 08:07 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2020-12-10 08:07 - 2020-12-10 08:07 - 000049928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msadp32.acm
2020-12-10 08:07 - 2020-12-10 08:07 - 000049152 _____ (Microsoft) C:\WINDOWS\system32\fpb.rs
2020-12-10 08:07 - 2020-12-10 08:07 - 000046920 _____ C:\WINDOWS\system32\OutdoorAudioEnvironment.bin
2020-12-10 08:07 - 2020-12-10 08:07 - 000045568 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\amdi2c.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000045056 _____ (Microsoft) C:\WINDOWS\system32\cero.rs
2020-12-10 08:07 - 2020-12-10 08:07 - 000041664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msg711.acm
2020-12-10 08:07 - 2020-12-10 08:07 - 000040960 _____ (Microsoft) C:\WINDOWS\system32\usk.rs
2020-12-10 08:07 - 2020-12-10 08:07 - 000040960 _____ (Microsoft) C:\WINDOWS\system32\esrb.rs
2020-12-10 08:07 - 2020-12-10 08:07 - 000040960 _____ (Microsoft) C:\WINDOWS\system32\cob-au.rs
2020-12-10 08:07 - 2020-12-10 08:07 - 000040736 _____ (Silicon Integrated Systems Corp.) C:\WINDOWS\system32\Drivers\sisraid2.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000038128 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_GPIO.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000036864 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 000036352 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\iagpio.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000032768 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2020-12-10 08:07 - 2020-12-10 08:07 - 000032768 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-10 08:07 - 2020-12-10 08:07 - 000032032 _____ (Mellanox) C:\WINDOWS\system32\Drivers\winmad.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\pegi-pt.rs
2020-12-10 08:07 - 2020-12-10 08:07 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\pegi.rs
2020-12-10 08:07 - 2020-12-10 08:07 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\grb.rs
2020-12-10 08:07 - 2020-12-10 08:07 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2020-12-10 08:07 - 2020-12-10 08:07 - 000028672 _____ (Chelsio Communications) C:\WINDOWS\system32\Drivers\cht4vfx.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000026912 _____ (Promise Technology, Inc.) C:\WINDOWS\system32\Drivers\stexstor.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000024576 _____ (Microsoft) C:\WINDOWS\system32\pcbp.rs
2020-12-10 08:07 - 2020-12-10 08:07 - 000024576 _____ (Microsoft) C:\WINDOWS\system32\djctq.rs
2020-12-10 08:07 - 2020-12-10 08:07 - 000022816 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdxata.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000018432 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\amdgpio2.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000012288 _____ (Microsoft) C:\WINDOWS\system32\WEB.rs
2020-12-10 08:07 - 2020-12-10 08:07 - 000010576 _____ C:\WINDOWS\system32\TransformPPSToWlan.xslt
2020-12-10 08:07 - 2020-12-10 08:07 - 000009728 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\bcmfn2.sys
2020-12-10 08:07 - 2020-12-10 08:07 - 000008192 _____ C:\WINDOWS\system32\settings.dat
2020-12-10 08:07 - 2020-12-10 08:07 - 000003164 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2020-12-10 08:07 - 2020-12-10 08:07 - 000001688 _____ C:\WINDOWS\system32\TransformPPSToWlanCredentials.xslt
2020-12-10 08:07 - 2020-12-10 08:07 - 000001369 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-10 08:07 - 2020-12-10 08:07 - 000000646 _____ C:\WINDOWS\system32\Drivers\gmreadme.txt
2020-12-10 08:02 - 2021-01-03 15:01 - 078643200 _____ C:\WINDOWS\system32\config\SOFTWARE
2020-12-10 08:02 - 2021-01-03 15:01 - 017301504 _____ C:\WINDOWS\system32\config\SYSTEM
2020-12-10 08:02 - 2021-01-03 15:01 - 001310720 _____ C:\WINDOWS\system32\config\DEFAULT
2020-12-10 08:02 - 2021-01-03 15:01 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2020-12-10 08:02 - 2021-01-03 15:01 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY
2020-12-10 08:02 - 2021-01-03 15:01 - 000065536 _____ C:\WINDOWS\system32\config\SAM
2020-12-10 08:02 - 2020-12-18 13:01 - 000000000 ____D C:\WINDOWS\servicing
2020-12-10 08:02 - 2020-12-18 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-10 08:02 - 2020-12-18 12:55 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-12-10 08:02 - 2020-12-10 08:33 - 000000000 ____D C:\WINDOWS\system32\SMI

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-08 21:43 - 2016-11-18 17:20 - 000000000 ____D C:\Users\saullerist\AppData\Local\ConnectedDevicesPlatform
2021-01-08 21:41 - 2020-11-22 14:16 - 000000000 ____D C:\Program Files\CCleaner
2021-01-08 21:40 - 2020-10-06 12:16 - 000000000 ____D C:\Users\saullerist\AppData\LocalLow\Mozilla
2021-01-08 21:30 - 2019-01-30 16:22 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-08 13:05 - 2018-06-23 15:09 - 000000000 ____D C:\Users\saullerist\AppData\Local\D3DSCache
2021-01-07 11:05 - 2020-10-13 21:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-07 11:04 - 2020-10-06 12:15 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-03 15:06 - 2016-11-28 17:10 - 006150574 _____ C:\WINDOWS\system32\perfh01B.dat
2021-01-03 15:06 - 2016-11-28 17:10 - 001828564 _____ C:\WINDOWS\system32\perfc01B.dat
2021-01-03 15:02 - 2020-02-21 11:41 - 000012288 ___SH C:\DumpStack.log.tmp
2021-01-03 14:52 - 2016-01-12 10:47 - 000000000 ___RD C:\Users\saullerist\Disk Google
2020-12-19 13:35 - 2020-05-06 19:08 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-18 12:58 - 2017-07-15 16:50 - 000000000 ___RD C:\Users\saullerist\3D Objects
2020-12-18 12:58 - 2016-01-05 16:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-18 12:39 - 2017-10-18 09:41 - 000000000 ____D C:\Users\saullerist\AppData\Local\Packages
2020-12-18 12:37 - 2020-06-03 13:02 - 000000000 ____D C:\ProgramData\Package Cache
2020-12-18 12:37 - 2017-07-13 16:06 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2020-12-18 12:35 - 2016-01-06 00:47 - 000000000 ____D C:\AMD
2020-12-18 12:30 - 2020-09-26 17:15 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-12-18 12:29 - 2020-11-22 14:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-12-18 12:29 - 2020-08-01 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-12-18 12:29 - 2020-08-01 09:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-12-18 12:29 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-12-18 12:29 - 2017-07-07 14:16 - 000000000 ____D C:\Program Files\UNP
2020-12-18 12:29 - 2016-11-18 18:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-12-18 11:51 - 2020-03-21 20:12 - 000000000 ___RD C:\WINDOWS\WebManagement
2020-12-18 11:50 - 2018-05-23 13:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2020-12-18 11:50 - 2017-07-13 16:05 - 000000000 ____D C:\Program Files\Synaptics
2020-12-18 11:50 - 2017-07-13 16:05 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2020-12-18 11:50 - 2017-07-13 16:05 - 000000000 ____D C:\Program Files\AMD
2020-12-17 23:03 - 2016-11-28 16:54 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-12-17 20:59 - 2018-04-16 14:13 - 000000000 ____D C:\Users\saullerist\AppData\Local\ElevatedDiagnostics
2020-12-15 13:18 - 2018-06-04 18:58 - 000000000 ____D C:\Users\saullerist\AppData\Local\Google

==================== Files in the root of some directories ========

2020-02-26 20:13 - 2020-02-26 20:17 - 000000062 _____ () C:\Users\saullerist\AppData\Roaming\FalconX.cfg
2017-07-31 10:22 - 2017-07-31 10:22 - 000029696 _____ () C:\Users\saullerist\AppData\Local\MSGBOX.EXE
2017-10-18 09:16 - 2020-04-08 13:19 - 000007597 _____ () C:\Users\saullerist\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Naposledy upravil(a) 5manager5 dne 08 led 2021 22:44, celkem upraveno 1 x.

5manager5
Návštěvník
Návštěvník
Příspěvky: 202
Registrován: 10 led 2009 21:21

Re: kontrola logu na Keylogger

#2 Příspěvek od 5manager5 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2021
Ran by saullerist (08-01-2021 21:51:20)
Running from C:\Users\saullerist\Desktop
Windows 10 Home Version 2004 20279.1 (X64) (2020-12-18 11:56:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1796023744-1759536030-3900380101-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1796023744-1759536030-3900380101-503 - Limited - Disabled)
Guest (S-1-5-21-1796023744-1759536030-3900380101-501 - Limited - Disabled)
saull (S-1-5-21-1796023744-1759536030-3900380101-1016 - Limited - Disabled)
saullerist (S-1-5-21-1796023744-1759536030-3900380101-1002 - Administrator - Enabled) => C:\Users\saullerist
WDAGUtilityAccount (S-1-5-21-1796023744-1759536030-3900380101-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AIDA64 Extreme v6.32 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.32 - FinalWire Ltd.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Backup and Sync from Google (HKLM\...\{3A8CD593-8CF9-45B4-9932-FC41CBC14E15}) (Version: 3.53.3404.7585 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
LibreOffice 7.0.4.2 (HKLM\...\{B3171B83-4945-43E0-A101-841638C05506}) (Version: 7.0.4.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 84.0.2 (x64 sk)) (Version: 84.0.2 - Mozilla)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.8.12113.0_x64__8wekyb3d8bbwe [2020-12-22] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-11-03] (Google LLC -> Google)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-11-03] (Google LLC -> Google)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-12-19 14:23 - 2020-12-19 14:23 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\A4.Foundation\5bd97009b7f10a3bdef685e6ed2eb999\A4.Foundation.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\0ac4fd2affef199df16802d298ad4f61\AEM.Actions.CCAA.Shared.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\c3bd73c9c385056e72fdbbcb5472e4a0\AEM.Plugin.EEU.Shared.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\902e3b4359f7290a90af2366f35261c1\AEM.Plugin.Hotkeys.Shared.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\84016460286439c28703f4936f99c4ea\AEM.Plugin.DPPE.Shared.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\2798dafc155c7f05a955ec01f84718c3\AEM.Plugin.Source.Kit.Server.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\63d39aa2550bb42de19081270a3be316\AEM.Plugin.WinMessages.Shared.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\49bce58744d8cf451ac4b4c2c29692bb\AEM.Plugin.REG.Shared.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\69e57e884bd4ebb569abaf0df501920a\AEM.Plugin.GD.Shared.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\23a478d6f0af77fb26817ed1873a58f8\AEM.Server.Shared.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server\85da2200e1e9b1425daab1683b5186ae\AEM.Server.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Foundation\3cf9bfabc52491160769c1507d48787e\APM.Foundation.ni.dll
2020-12-19 15:31 - 2020-12-19 15:31 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ATICCCom\f81ed4d32790cc0b9a28c533896a7d3c\ATICCCom.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\397f077c0b123a95585c34e2f5bf25c5\CCC.Implementation.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000154112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\fa1234340183e2e6fb2d0e0acb656f55\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2020-12-19 14:35 - 2020-12-19 14:35 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\2bf225111b9c2ebfb0ef7357bf5c9596\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\26e077ffd178651008445aed683bc0c1\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\3f1823da0d717d5ed520f77c198a35ab\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\1663a3d3aac15e38eda9377046e29d1c\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000209920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\2406dde9068f957f8e724fef716df9e6\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\5dcd83965b8490b898ad8791caddf86e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\b6a1071a2e6cef9b163b0e4af6c5dead\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\8d4d9652d72f4f02fba1fa3545a41bd1\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\d602614be1b7d353ac5823bd49c87522\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2020-12-19 15:31 - 2020-12-19 15:31 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\d7ac2a712a5bae806e903170f4dca1d5\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2020-12-19 14:35 - 2020-12-19 14:35 - 000365056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\965fbc8fc669740db6f0df9c7a8d367d\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000064000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\eb02636ddc2e89774cc87442817ec927\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000678912 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\f5e07b57d66637b9fa8b3920508a8217\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000745472 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\62de3e3f83cf19972a5bb3d2921f029c\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000449536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\ced8ee3a6b1bbeb9d4c13f2189ec5a15\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\60ea9565169e72409d04ecba8674bd99\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000158208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\5f933d40f7bdbbaf07a2bdc122e6629e\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\03768122023655e908a74b497dabb096\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000082944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\f6658034a3fd0eb38ebab7cae8480aba\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2020-12-19 14:35 - 2020-12-19 14:35 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\516c3723ce5ea36445280930071f56c0\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000086528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\81629d0590510fea38c4427041529707\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\16099078f9b9ea4c7afd1ac4b98d784b\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000340992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\660a02f2704ba6dbe459917ec3b30ff4\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\1f586d8d118cae94e2bc3b5960975e9d\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000276480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\5ed4e3f7db74abd396fc8b9d36106d7a\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 003312640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\f6f23a534737c0696a71bd66b43d9192\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000240640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\37a818605652f035910e329367bca399\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\955a1d781bc8a31ad0d1e5669d4e8afb\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\6b8b37d3c0cd621f9d53bc7899a34de0\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\02626f451f2a7dd1848a9333aef6a6b0\CLI.Caste.A4.Runtime.ni.dll
2020-12-19 14:35 - 2020-12-19 14:35 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\869a6e0b77b2e98e5580951ed69eca2a\CLI.Caste.A4.Shared.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\bab36095ee4972fb2fe6af3df5b2af83\CLI.Caste.A4.Dashboard.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\ca3252bf6d541addbf59e8a1185f183d\CLI.Caste.Fuel.Shared.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\fd5ddf3abc2b64ba1de6a5a02c418352\CLI.Caste.Fuel.Runtime.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\bc42f26970633f765e8e70f13ae57ce7\CLI.Caste.Fuel.Dashboard.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\6effc8a963f215c15a1c9155fbe8433f\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2020-12-19 14:35 - 2020-12-19 14:35 - 001555456 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\a08b6220a70d6715b80bb51710d74c31\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000587776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\26303668bcf5c4b375e69fc5bf5e606f\CLI.Caste.Graphics.Dashboard.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\cff77c5224b92e2abb130378cea0e05a\CLI.Caste.HydraVision.Runtime.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\044b40140af0ebf8ae9487c3072762c8\CLI.Caste.HydraVision.Shared.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\31655245240b7acda6a8cf4a8f636bfd\CLI.Caste.HydraVision.Dashboard.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\fe860b189575754a2da0af07e2659bcf\CLI.Caste.Platform.Shared.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\79f1e09c72b1e35e8a4c55034c48ef82\CLI.Caste.Platform.Runtime.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\4527c000328e4c77df7f7663c60134db\CLI.Caste.Platform.Dashboard.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\c32053d502a59268a898373d5e0d9859\CLI.Component.Runtime.Shared.ni.dll
2020-12-19 15:31 - 2020-12-19 15:32 - 000901632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\9302c4fc01f1508dd2b7cff8bb10fdeb\CLI.Component.Systemtray.ni.dll
2020-12-19 15:31 - 2020-12-19 15:31 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\b3a03d07640e87821596f21a50963e29\CLI.Component.Dashboard.ProfileManager2.ni.dll
2020-12-19 14:35 - 2020-12-19 14:35 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\4018c1b3a9dd35f72ccfbc283d7199e2\CLI.Component.Runtime.Shared.Private.ni.dll
2020-12-19 15:31 - 2020-12-19 15:31 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\4e0bc06026a221e22dec9c2a6f5b414b\CLI.Component.Runtime.Extension.EEU.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 001609728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\964413ab5a8e336198ea99379dadb876\CLI.Component.Dashboard.Shared.Private.ni.dll
2020-12-19 14:25 - 2020-12-19 14:25 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\dff765890040c3668dcbdf95c51541a4\CLI.Component.Client.Shared.ni.dll
2020-12-19 14:25 - 2020-12-19 14:25 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\b63f7acc19ac99959fcb995432a3a405\CLI.Component.Dashboard.Shared.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\95854a275f04854eb3cd2b7c5f8b3c8c\CLI.Foundation.Private.ni.dll
2020-12-19 15:32 - 2020-12-19 15:32 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\94ff72ae98d7ab702e5cb7bf3d5c23ef\CLI.Foundation.XManifest.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\7450c94cda28a781029ca5f50473e1d3\CLI.Foundation.CoreAudioAPI.ni.dll
2020-12-19 14:25 - 2020-12-19 14:25 - 001079808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\002547f3403d6c81ea49a93b1dea447d\CLI.Foundation.Client.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\d9d69c8628b407be110045fe07c0ca71\CLI.Foundation.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\7733d38a819d207f5e37f5b1cd78b8d3\DEM.Foundation.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000115200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\4bdbb626f42d66a3af128935e2f7272e\DEM.Graphics.I0601.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\f399e7172e026742f882c64746b35078\DEM.Graphics.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\e89f6cdc4183df299e5bb6b4264dc24b\Fuel.Foundation.ni.dll
2020-12-19 15:32 - 2020-12-19 15:32 - 000296960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\43fafa6fb4af70449648f3263c344bbb\LOG.Foundation.Implementation.ni.dll
2020-12-19 14:23 - 2020-12-19 14:23 - 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\b1b351866554b7cc54bc188dc5457c83\LOG.Foundation.Private.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\d15314f0e423450bcc34c50a640ba17f\LOG.Foundation.Implementation.Private.ni.dll
2020-12-19 14:23 - 2020-12-19 14:23 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\e22e170b806dd34b0d63343208dd0843\LOG.Foundation.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\fb0f6fa73ae79a9f9570e6cb7b5a1e8a\MOM.Foundation.ni.dll
2020-12-19 15:34 - 2020-12-19 15:34 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\4e154e1ed32174321305e1a298891704\MOM.Implementation.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\6d2f1b38722c42b2381efe306d1a5f25\NEWAEM.Foundation.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\404c28da7fcad54995c5099a68c7a659\ADL.Foundation.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000256000 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Server\5575f5868668afca4e69c285b455d4ff\APM.Server.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000298496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\c78000618fe0ca27943323ded3a25375\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 001654272 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\489f5e701ca796886f66cb548f963a6c\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 006336512 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\c5d30f9c8c8317c626be08c3ec1724e3\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 008027648 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\189a3eed464df1733a2423c5b75dc066\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 001159680 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\305eaec0b0d501de748e7942f82c1920\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2020-12-19 14:25 - 2020-12-19 14:25 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\99b954b8d092a7c981f97334cf34213c\CLI.Component.Client.Shared.Private.ni.dll
2020-12-19 15:31 - 2020-12-19 15:31 - 000234496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\3c665fc0c5fedf89ba363b971f431294\CLI.Component.Runtime.ni.dll
2020-12-19 15:12 - 2020-12-19 15:12 - 000929280 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\79a965cd7efcfd4fd47fb751e3017a47\CLI.Component.Dashboard.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\517acf6b297ebeb40d0ece90ac05c467\DEM.Graphics.I0706.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\bfff3356d4ae83c8900b166f89579278\DEM.Graphics.I0709.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\c9189b13ada5dd65f3b563f24b854402\DEM.Graphics.I0712.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\fd5387b86c9a0971d41d8202ac8600cf\DEM.Graphics.I0804.ni.dll
2020-12-19 15:32 - 2020-12-19 15:32 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\7f04a5946202bd48006d56d3a4542941\DEM.Graphics.I0805.ni.dll
2020-12-19 15:32 - 2020-12-19 15:32 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\8124e32bc7cc93ca1fe7c252bcbd2eb3\DEM.Graphics.I0812.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\d27e7d5d17568066bcf24fc5289f73b0\DEM.Graphics.I0906.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\81ade84dd787be80bd4dcefab91ff256\DEM.Graphics.I0912.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\6c1dfb1b73ad2c0f4d95ecd5db8e2739\DEM.Graphics.I1010.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 001139200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\7241958459d67302f244fc94b701f628\Localization.Foundation.Private.ni.dll
2020-12-19 15:34 - 2020-12-19 15:34 - 000244736 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\1ea56da7dd3bd439945299f0e1e1e9c2\ResourceManagement.Foundation.Implementation.ni.dll
2020-12-19 14:25 - 2020-12-19 14:25 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\1ed0b76ae002a70b80ab326d05dc7915\ResourceManagement.Foundation.Private.ni.dll
2020-12-19 14:35 - 2020-12-19 14:35 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\fcc3396cfa6230d36c0d05d509655d54\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 002845696 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\728c46d324593bba7275599adc9a770d\CLI.Caste.Graphics.Shared.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 003268096 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\ce389aaeb87808b927e41660a861b940\CLI.Caste.Graphics.Runtime.ni.dll
2020-12-19 14:25 - 2020-12-19 14:25 - 000335360 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\04ba8c8dd07ae8678db2cd087af6f64d\Microsoft.WindowsAPICodePack.ni.dll
2020-12-19 14:35 - 2020-12-19 14:35 - 002546688 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\fc31cd3c286484d7356dfeeccd54a99d\Microsoft.WindowsAPICodePack.Shell.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nvdimm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{53966cb1-4d46-4166-bf23-c522403cd495} => ""="ScmDisk"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nvdimm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{53966cb1-4d46-4166-bf23-c522403cd495} => ""="ScmDisk"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1796023744-1759536030-3900380101-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-11-18 16:42 - 2017-03-13 16:31 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\Control Panel\Desktop\\Wallpaper -> c:\users\saullerist\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\img0.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\StartupFolder: => "Odoslanie do aplikácie OneNote.lnk"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "Uninstall C:\Users\saullerist\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_DDAEB60A3A4C412D731C2E4868511E36"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{C55F00AC-C798-4AB0-B8C1-6F427A4FB8A0}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{05D5E7A9-B196-422B-87DE-6022BDE9C93E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E8E38089-F7E7-43F4-ABB5-EDF626FD66AF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8866337C-71C6-4A99-B651-73002DE8AF05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BA94B2AF-32ED-43B0-9B5C-A9BBFCBCC76C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.42.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7E92E685-95D4-4189-8B87-D070E2A6CFE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.42.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B86A1AE4-0285-4430-AC20-49ED7CA71FCA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.42.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A7C9D772-FB32-48C2-92E1-3605FCE728BC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.42.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8E9295BE-5A1B-4609-93C1-6440BBD04E2D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C20DF22F-D596-4255-829A-FEB26CDFB312}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7DC022A0-0A09-417D-9133-48E496498A7D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7B9237A8-BB3E-4000-BCFA-D59B2C16F34F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2BAC6518-B35A-4380-AC76-6585D6890386}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doom 3\Doom3.exe (id Software) [File not signed]
FirewallRules: [{465A9F58-068B-45E2-8DC2-260DC292F19D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doom 3\Doom3.exe (id Software) [File not signed]

==================== Restore Points =========================

31-12-2020 15:26:40 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30)
Description: Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros
Service: L1C
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/08/2021 10:50:02 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službe Windows Search sa nepodarilo spracovať zoznam zahrnutých a vylúčených umiestnení, pretože sa vyskytla chyba <30, 0x80040d07, "iehistory://{S-1-5-21-1796023744-1759536030-3900380101-1002}/">.

Error: (01/05/2021 06:58:38 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

Error: (01/05/2021 10:05:20 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Cortana.exe version 2.2012.16655.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1f04

Start Time: 01d6e3416d2a2fa8

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2012.16655.0_x64__8wekyb3d8bbwe\Cortana.exe

Report Id: 73b9c84e-982d-4fa4-8084-33b2bfb33d72

Faulting package full name: Microsoft.549981C3F5F10_2.2012.16655.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (01/04/2021 03:35:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Cortana.exe version 2.2012.16655.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 12e8

Start Time: 01d6e2a693fb52d8

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2012.16655.0_x64__8wekyb3d8bbwe\Cortana.exe

Report Id: 593d5ce0-f09e-4a4c-9e40-014b3c84a02f

Faulting package full name: Microsoft.549981C3F5F10_2.2012.16655.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (01/03/2021 03:00:28 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (01/03/2021 01:38:48 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (01/03/2021 12:19:57 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v WINDOWS (C:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (01/03/2021 12:06:05 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Data (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)


System errors:
=============
Error: (01/05/2021 07:01:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Steam Client Service zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (01/05/2021 07:01:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Steam Client Service bol dosiahnutý časový limit (30000 ms).

Error: (01/01/2021 11:07:00 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Pri vytváraní poverenia protokolu TLS client sa vyskytla závažná chyba. Vnútorný stav chyby je 10013.
proces klienta SSPI svchost (PID: 5536).

Error: (12/31/2020 09:44:01 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Počas čakania na odpoveď transakcie od služby DSDFunctionKeyCtlService bol dosiahnutý časový limit (30000 ms).

Error: (12/27/2020 12:05:20 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3SMP07F)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

Error: (12/26/2020 10:57:59 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3SMP07F)
Description: The server Microsoft.YourPhone_1.20112.72.0_x64__8wekyb3d8bbwe!App.AppXvctmff39365zg14pgmystcwtys462fpa.mca did not register with DCOM within the required timeout.

Error: (12/26/2020 10:57:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3SMP07F)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19580.1000.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.

Error: (12/25/2020 10:57:16 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3SMP07F)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.


Windows Defender:
===================================0x4576656E745B305D0D0A20204C6F67204E616D653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465722F4F7065726174696F6E616C0D0A2020536F757263653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465720D0A2020446174653A20323032312D30312D30385431383A34383A30352E333334303030305A0D0A20204576656E742049443A20313030320D0A20205461736B3A204E2F410D0A20204C6576656C3A205761726E696E67003F20204F70636F64653A20496E666F00003F20204B6579776F72643A204E2F410D0A2020557365723A20532D312D352D31380D0A202055736572204E616D653A204E5420415554484F524954595C53595354454D0D0A2020436F6D70757465723A204445534B544F502D33534D503037460D0A20204465736372697074696F6E3A200D0A4D6963726F736F667420446566656E64657220416E74697669727573207363616E20686173206265656E2073746F70706564206265666F726520636F6D706C6574696F6E2E0D0A20095363616E2049443A207B43383836323933312D434639302D343841352D424543422D3935353439464433423346347D0D0A20095363616E20547970653A20416E74696D616C776172650D0A20095363616E20506172616D65746572733A20517569636B205363616E0D0A202009557365723A204E5420415554484F524954595C53595354454D003F0D0A4576656E745B315D0D0A20204C6F67204E616D653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465722F4F7065726174696F6E616C0D0A2020536F757263653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465720D0A2020446174653A20323032312D30312D30375431393A31303A31322E353736303030305A0D0A20204576656E742049443A20313030320D0A20205461736B3A204E2F410D0A20204C6576656C3A204E2F410D0A20204F70636F64653A204E2F410D0A20204B6579776F72643A204E2F410D0A2020557365723A20532D312D352D31380D0A202055736572204E616D653A204E5420415554484F524954595C53595354454D0D0A2020436F6D70757465723A204445534B544F502D33534D503037460D0A20204465736372697074696F6E3A200D0A4E2F410D0A0D0A4576656E745B325D0D0A20204C6F67204E616D653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465722F4F7065726174696F6E616C0D0A2020536F757263653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465720D0A2020446174653A20323032312D30312D30365431333A33393A31352E363633303030305A0D0A20204576656E742049443A20313030320D0A20205461736B3A204E2F410D0A20204C6576656C3A204E2F410D0A20204F70636F64653A204E2F410D0A20204B6579776F72643A204E2F410D0A2020557365723A20532D312D352D31380D0A202055736572204E616D653A204E5420415554484F524954595C53595354454D0D0A2020436F6D70757465723A204445534B544F502D33534D503037460D0A20204465736372697074696F6E3A200D0A4E2F410D0A0D0A4576656E745B335D0D0A20204C6F67204E616D653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465722F4F7065726174696F6E616C0D0A2020536F757263653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465720D0A2020446174653A20323032312D30312D30355431333A33303A33372E373834303030305A0D0A20204576656E742049443A20313030320D0A20205461736B3A204E2F410D0A20204C6576656C3A204E2F410D0A20204F70636F64653A204E2F410D0A20204B6579776F72643A204E2F410D0A2020557365723A20532D312D352D31380D0A202055736572204E616D653A204E5420415554484F524954595C53595354454D0D0A2020436F6D70757465723A204445534B544F502D33534D503037460D0A20204465736372697074696F6E3A200D0A4E2F410D0A0D0A4576656E745B345D0D0A20204C6F67204E616D653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465722F4F7065726174696F6E616C0D0A2020536F757263653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465720D0A2020446174653A20323032312D30312D30345431333A32303A34302E313039303030305A0D0A20204576656E742049443A20313030320D0A20205461736B3A204E2F410D0A20204C6576656C3A204E2F410D0A20204F70636F64653A204E2F410D0A20204B6579776F72643A204E2F410D0A2020557365723A20532D312D352D31380D0A202055736572204E616D653A204E5420415554484F524954595C53595354454D0D0A2020436F6D70757465723A204445534B544F502D33534D503037460D0A20204465736372697074696F6E3A200D0A4E2F410D0A0D0A
==================== Memory info ===========================

BIOS: INSYDE 1.40 05/17/2010
Motherboard: TOSHIBA Portable PC
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 88%
Total physical RAM: 3958.85 MB
Available physical RAM: 470.09 MB
Total Virtual: 6457.29 MB
Available Virtual: 1925.25 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:296.96 GB) (Free:262.82 GB) NTFS
Drive d: (Data) (Fixed) (Total:297.92 GB) (Free:287.07 GB) NTFS

\\?\Volume{18c6abd2-0000-0000-0000-100000000000}\ (SYSTEM) (Fixed) (Total:0.39 GB) (Free:0.18 GB) NTFS
\\?\Volume{18c6abd2-0000-0000-0000-a0564a000000}\ () (Fixed) (Total:0.89 GB) (Free:0.33 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 18C6ABD2)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=297 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=915 MB) - (Type=27)
Partition 4: (Not Active) - (Size=297.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Conder
Moderátor
Moderátor
Příspěvky: 4160
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: kontrola logu na Keylogger / log je v 2 postoch

#3 Příspěvek od Conder »

Ahoj :)

Ide iba o preventivku alebo mas podozrenie na keylogger, pripadne su nejake problemy s PC?

:arrow: Stiahni TDSSKiller: http://www.bleepingcomputer.com/download/tdsskiller/
  • Uloz na plochu a spusti ako spravca
  • Potvrd licencne podmienky
  • Klikni na Change parameters a zaskrtni "Loaded modules"
  • Potvrd restart PC
  • Po restartovani klikni na "Start Scan"
  • V pripade nalezu vyber u vsetkych nalezov "Skip" a klikni na "Continue"
  • Klikni na "Report" (vpravo hore) a tento log sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

5manager5
Návštěvník
Návštěvník
Příspěvky: 202
Registrován: 10 led 2009 21:21

Re: kontrola logu na Keylogger / log je v 2 postoch

#4 Příspěvek od 5manager5 »

aj aj v podstate

problémy s Notebookom nie sú...takže je to čisté?

12:30:11.0394 0x1b40 TDSS rootkit removing tool 3.1.0.28 Apr 9 2019 21:11:46
12:30:14.0206 0x1b40 ============================================================
12:30:14.0206 0x1b40 Current date / time: 2021/01/09 12:30:14.0206
12:30:14.0206 0x1b40 SystemInfo:
12:30:14.0206 0x1b40
12:30:14.0206 0x1b40 OS Version: 10.0.20279 ServicePack: 0.0
12:30:14.0206 0x1b40 Product type: Workstation
12:30:14.0206 0x1b40 ComputerName: DESKTOP-3SMP07F
12:30:14.0206 0x1b40 UserName: saullerist
12:30:14.0253 0x1b40 Windows directory: C:\WINDOWS
12:30:14.0253 0x1b40 System windows directory: C:\WINDOWS
12:30:14.0253 0x1b40 Running under WOW64
12:30:14.0253 0x1b40 Processor architecture: Intel x64
12:30:14.0253 0x1b40 Number of processors: 4
12:30:14.0253 0x1b40 Page size: 0x1000
12:30:14.0253 0x1b40 Boot type: Normal boot
12:30:14.0253 0x1b40 CodeIntegrityOptions = 0x00000301
12:30:14.0253 0x1b40 ============================================================
12:30:14.0253 0x1b40 KLMD ARK init status: drvProperties = 0xEF0F02, osBuild = 20279.0, osProperties = 0x1D
12:30:14.0253 0x1b40 KLMD BG init status: drvProperties = 0xEF0F02, osBuild = 20279.0, osProperties = 0x1D
12:30:14.0253 0x1b40 BG loaded
12:30:18.0862 0x1b40 System UUID: {A18CAF8E-19FE-AFC4-217E-3F4851D4940C}
12:30:24.0127 0x1b40 !crdlk
12:30:24.0565 0x1b40 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
12:30:24.0643 0x1b40 ============================================================
12:30:24.0643 0x1b40 \Device\Harddisk0\DR0:
12:30:24.0784 0x1b40 MBR partitions:
12:30:24.0784 0x1b40 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x251EC1A9
12:30:24.0784 0x1b40 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2547E800, BlocksNum 0x253D92B0
12:30:24.0784 0x1b40 ============================================================
12:30:24.0877 0x1b40 C: <-> \Device\Harddisk0\DR0\Partition1
12:30:27.0940 0x1b40 D: <-> \Device\Harddisk0\DR0\Partition2
12:30:27.0940 0x1b40 ============================================================
12:30:27.0940 0x1b40 Initialize success
12:30:27.0940 0x1b40 ============================================================
12:30:35.0564 0x1b1c ============================================================
12:30:35.0564 0x1b1c Scan started
12:30:35.0564 0x1b1c Mode: Manual;
12:30:35.0564 0x1b1c ============================================================
12:30:35.0564 0x1b1c KSN ping started
12:30:57.0180 0x1b1c KSN ping finished: true
12:31:08.0024 0x1b1c ================ Scan BIOS =================================
12:31:08.0024 0x1b1c BIOS info: vendor = INSYDE, version = 1.40, releaseDate = 05/17/2010
12:31:08.0024 0x1b1c Base board info: manufacturer = TOSHIBA, product = Portable PC, version = Base Board Version
12:31:10.0039 0x1b1c [ F72426FC0FF66D2075CA59563A911B45, 88476C0457B7573FEFDAB1C4AB90E2DA1BDD3A4F40E7C4C22CC30B9D88E9A227 ] BIOS
12:31:10.0039 0x1b1c BIOS - ok
12:31:10.0039 0x1b1c ================ Scan system memory ========================
12:31:10.0039 0x1b1c System memory - ok
12:31:10.0055 0x1b1c ================ Scan services =============================
12:31:10.0477 0x1b1c [ 7A81F650152C70035CEDD1950DFB76E9, E37CAD1350E794A24C4459EB992731D4C5DB262AB0AFE4FB03450A7F32749B9A ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
12:31:10.0492 0x1b1c 1394ohci - ok
12:31:10.0664 0x1b1c [ 65BDC26314E96AC33932D1297D3738DC, DE8D3016C529B04E400AFBA2F415954925909760E1824870E927ECE000D38C77 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
12:31:10.0664 0x1b1c 3ware - ok
12:31:10.0774 0x1b1c [ 25E6C904B273F97A5E6E2D16E859A70D, F1E82E58274F429163E23C33C37AF41699E3A8A2C01DD20549E8900C7B8CC953 ] a016bus C:\WINDOWS\System32\drivers\a016bus.sys
12:31:10.0805 0x1b1c a016bus - ok
12:31:10.0899 0x1b1c [ 1971B457B64377FA6243FC69B837C214, E75AFCDC7183B7E7DBEA3CBE146CF0CD962F9C93411339599BC0E796CEFA2DF3 ] a016mgmt C:\WINDOWS\System32\drivers\a016mgmt.sys
12:31:10.0914 0x1b1c a016mgmt - ok
12:31:10.0961 0x1b1c [ 6042FC874CCB746173B80D73DF293FD6, 4111F9F39FFEBF99F8CA0AB11546A57B629F5AB476323F2E96B69FC4C1338FD6 ] a016obex C:\WINDOWS\System32\drivers\a016obex.sys
12:31:10.0961 0x1b1c a016obex - ok
12:31:11.0117 0x1b1c [ A2C77328BF0D1E29CE0840B4ACFDF8CF, 4D6A307733ED37AAF01A2433D45FB6BFDA72F52C5A6F1B7F8F5E997BE93E6346 ] AarSvc C:\WINDOWS\System32\AarSvc.dll
12:31:11.0133 0x1b1c AarSvc - ok
12:31:11.0367 0x1b1c [ 17A07782B2F5186DAB434498558B5270, 41AC01D5EF137FC973F0022D2F93B49802D471B1EA028C72F8A94A539559DED9 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
12:31:11.0383 0x1b1c ACPI - ok
12:31:11.0414 0x1b1c [ E2DC49FF42EDE38D76F9B322069FD722, 5231ADD93684D8573F80D7157EEA220CC531B38273EEBC56BB6375DC1F357F9E ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
12:31:11.0414 0x1b1c AcpiDev - ok
12:31:11.0445 0x1b1c [ 2E1EB0535900740FAE648FF76AD96D48, 4EF1CE9FC9D1E016F9D65B2FE2CD0241A0A9E67474E5AEEF79CD90B823A706FA ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
12:31:11.0445 0x1b1c acpiex - ok
12:31:11.0508 0x1b1c [ 66233EB0E37409747264262FE86E0770, 5E3FF2496D9E7B297C926B2646B8680BAC93FF50312947B94EBC10A1EC2B8007 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
12:31:11.0508 0x1b1c acpipagr - ok
12:31:11.0633 0x1b1c [ 2200DF13691CBEF70C47CA8C17725F47, F9C2D42BFF59B4964F85B2FD9677A17A3E3AE0F0D90A97748E8FFAB7497A9511 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
12:31:11.0633 0x1b1c AcpiPmi - ok
12:31:11.0695 0x1b1c [ 911D2245AD4BE95242E8EB2EB41607DD, 7F273BB26BEFD020C64923BB985ED55732403006147844BDD3BBDB6205FF379C ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
12:31:11.0695 0x1b1c acpitime - ok
12:31:11.0758 0x1b1c [ B171D74089B84D480527AC252E72B611, B20B5A170F2911DF1F0AC6A8D495943858ADB276E157597A3112369F4A1C0BBF ] Acx01000 C:\WINDOWS\system32\drivers\Acx01000.sys
12:31:11.0789 0x1b1c Acx01000 - ok
12:31:11.0867 0x1b1c [ C449B37A3289A054A57EBD9CB0698911, D43D8AB30215857BCE8D71310F8929ED0D328E4F04390F1A9FE21FD8A84CE0D2 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
12:31:11.0977 0x1b1c ADP80XX - ok
12:31:12.0055 0x1b1c [ 148775A61D755771F93ACACD5D711220, 69A40C4BF293221F0DCF8AB0210BBB1EE08760F7A4D324A887B87C64362E1970 ] AFD C:\WINDOWS\system32\drivers\afd.sys
12:31:12.0070 0x1b1c AFD - ok
12:31:12.0102 0x1b1c [ 4E7B54BEA69A8BF1A8BBACFD4F01DCFB, AB24063871C5453E3EA9926A9EF4E2D4289020DFCE4C6BA907DB5CAAB7400A0E ] afunix C:\WINDOWS\system32\drivers\afunix.sys
12:31:12.0102 0x1b1c afunix - ok
12:31:12.0211 0x1b1c [ 5F4ED2F704D1BF729FD9517ECAB4415C, 21D91D5B15BD8320C7C11D5ABD58CDB46EEB2FB670D92A82945F853F6D383D07 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
12:31:12.0227 0x1b1c ahcache - ok
12:31:12.0414 0x1b1c [ 05184BC8E00491686CCCAC890CCD1EBE, D2BD4387B45A9C5061E3E253BDD95E04E5CBFD88863369A67418EA1C945E37B5 ] AIDA64Driver C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64
12:31:12.0414 0x1b1c AIDA64Driver - ok
12:31:12.0492 0x1b1c [ E387D6AE084A41AC12633654FE6328DD, 36D4FC349BDFE0F65A0AAC596545E0BA37106E3D10A52CF4AA555A9A71795FC3 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
12:31:12.0508 0x1b1c AJRouter - ok
12:31:12.0539 0x1b1c [ 3767F47B8FB2BBC38D1661233A510544, E59B2AAD1F09A820B816160038C34D3A1B0265F74E493E7A09759B117116D1B4 ] ALG C:\WINDOWS\System32\alg.exe
12:31:12.0555 0x1b1c ALG - ok
12:31:12.0649 0x1b1c [ BBADD85854BFB5D43C60B7AC8EEA3DBA, 968C043ABEA46F5C79525863B3FE2681AC0FA4202036C9EFD20B408DECF407E2 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
12:31:12.0680 0x1b1c AMD External Events Utility - ok
12:31:12.0711 0x1b1c [ 55578CF027B0AE9F0D653B209C9F1B6D, 46A53925BAA34FA9D87E7C3157504A4557D81CD8B8608E7AB6CAF02F482F7792 ] amdgpio2 C:\WINDOWS\System32\drivers\amdgpio2.sys
12:31:12.0711 0x1b1c amdgpio2 - ok
12:31:12.0727 0x1b1c [ D0E26E590DE1424CCC4F77D1687049EF, 387811D57DEF06C9736D9F0BAB0DFB0F83DBAB19E5489BF9A6DCDCBD682DD8FE ] amdi2c C:\WINDOWS\System32\drivers\amdi2c.sys
12:31:12.0742 0x1b1c amdi2c - ok
12:31:12.0758 0x1b1c [ 8F15323FBCF600E160DE1A3BF05FE457, 95A781F4D9D747D1D3361361AA5F2EB0807C3411DB7CC6532A90A07E2EBC2300 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
12:31:12.0789 0x1b1c AmdK8 - ok
12:31:12.0789 0x1b1c amdkmdag - ok
12:31:12.0852 0x1b1c [ 17BA5C907E14947574CBB788F4CEB85F, EAA3DBF436637C58666A91905E388287FC54334EBB2589A00727EB09AC4870E3 ] AMDKMDAP C:\WINDOWS\system32\DRIVERS\atikmpag.sys
12:31:12.0867 0x1b1c AMDKMDAP - ok
12:31:12.0914 0x1b1c [ A7820769AF79FF16DBF52133C00FEA80, 7D8B0B3A270F819C6E30123111C068598633B0AA9E68893FF4D9ECC457334593 ] amdkmpfd C:\WINDOWS\system32\drivers\amdkmpfd.sys
12:31:12.0914 0x1b1c amdkmpfd - ok
12:31:12.0977 0x1b1c [ 05BF990420C86104F952C9125BB72277, FED2FB113B1C74218D5FD4D911D6BC1EB61DAF7CFB2A787D3ABF9FC3D39EEBAF ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
12:31:13.0008 0x1b1c AmdPPM - ok
12:31:13.0055 0x1b1c [ E642D435E5B057FD36576903DE26E2C6, EC69C479C01D5BDEB2629930E6A2D5B085E1617A710FBFDB0F762753AFFF6A07 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
12:31:13.0055 0x1b1c amdsata - ok
12:31:13.0117 0x1b1c [ 0EC78BF9C6BF518BF3475859221C3F8A, 4293A407FEE72D438120C1523E83E7468B8DAEB834A7FB0D601A575930227D83 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
12:31:13.0117 0x1b1c amdsbs - ok
12:31:13.0133 0x1b1c [ A7ECDA90CD2C9FB1EE1EC5CDB69EDA39, 7E57323068D75CE7451054E8C0B152AC08A0133DCC1AF0C4B3DCBC6AA217EF11 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
12:31:13.0133 0x1b1c amdxata - ok
12:31:13.0195 0x1b1c [ 8BC6F2F3EAF5432C6588C2790233D40B, C234BA4F8A5D6F3BC03CF150F5EE169D46320182AE3B4202EB9E3103857278F5 ] AppID C:\WINDOWS\system32\drivers\appid.sys
12:31:13.0195 0x1b1c AppID - ok
12:31:13.0289 0x1b1c [ E9A54B839BBCA2470369D3A8A5BD7D66, DFF6DFDBFF898814AFD44DECB3299C1F919DE01BEB1B38A6F4FE1E2D142628C1 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
12:31:13.0305 0x1b1c AppIDSvc - ok
12:31:13.0352 0x1b1c [ 390BBE465741B3343F1E9CC896DA861D, A3B494548037DBE5F8F335A3158D68DCBCFB499FD1267C24702C7B3979B95844 ] Appinfo C:\WINDOWS\System32\appinfo.dll
12:31:13.0367 0x1b1c Appinfo - ok
12:31:13.0398 0x1b1c [ 05E79A4DDF63B99C219A82970B3755B8, 2DE7E462E0CCBDC8C61E87513CBB95E7BC1E449E60F40972ADCF699B19BB8D17 ] AppleSSD C:\WINDOWS\system32\drivers\AppleSSD.sys
12:31:13.0398 0x1b1c AppleSSD - ok
12:31:13.0461 0x1b1c [ D839A6EB04A49BF0E53C9CDCB1B8DAE4, CB78FE92BFC228E4F36904636829B1ADA511FC6ED1F8FD1EF7447B53F6692EC0 ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
12:31:13.0461 0x1b1c applockerfltr - ok
12:31:13.0555 0x1b1c [ F6E8D888A369DBA8D3ED415E16C0E222, 1242173A607CFA0CFDBC69A17FF61A4DFEBB7F17DE072F5BD5B3054FFE5AC410 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
12:31:13.0617 0x1b1c AppReadiness - ok
12:31:13.0867 0x1b1c [ 27F4AFB2B39008CE9EA2EA01B602ED4D, BAAF648C44159810B31557AC4626A97F228F40F810102A61345129DA6151B4D7 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
12:31:14.0117 0x1b1c AppXSvc - ok
12:31:14.0180 0x1b1c [ D34ECD3BB70D67436D51ADDE470D9D7C, 10AF28512050E52E7BEB72D704D7AC17AF3D4DC961482CC434749DCDC42E8D89 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
12:31:14.0195 0x1b1c arcsas - ok
12:31:14.0258 0x1b1c [ 72D3B732AF49E40366C5F7E8485169BA, 2141CACED453C2443E99250C1A764FD8B4A384F419737B9EB66B88122F39D9E2 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
12:31:14.0258 0x1b1c AsyncMac - ok
12:31:14.0289 0x1b1c [ 9C3249BEE8EEBBC2F0183BE92650CAD3, 10ACB44B61E2B9CFED217DFEBCCE74C1C0F225EC700B8AA4F0A339DD5ED0DB86 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
12:31:14.0289 0x1b1c atapi - ok
12:31:14.0336 0x1b1c [ FD9A5BCC3AFB02E87668B749546B6229, 4BE969A11CEE8033F40EDE7E06A5904B328D3FC1842855C0DB38D5EEF458219C ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
12:31:14.0336 0x1b1c AtiHDAudioService - ok
12:31:14.0414 0x1b1c [ 53E42988C9EBB2D8F817104D66906875, 003DCE9C90D7EC344B5DD9227146E13C54650F920B157B8106D7D741B8DB572E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
12:31:14.0602 0x1b1c AudioEndpointBuilder - ok
12:31:14.0695 0x1b1c [ 54E04671586313D9E258E5EF5AEB5417, 3C88E0F6A2E5690F125AA453CDBF19686487C287A4FA90FDEF110C3BA70D4D5B ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
12:31:14.0789 0x1b1c Audiosrv - ok
12:31:14.0883 0x1b1c [ 8723A2F1B7E76BD4E3509D3C9DA7F5C1, B33149EFAC5B4F4D723639C51F69C8116D30825385DF100F72957E3CF1F03A0C ] autotimesvc C:\WINDOWS\System32\autotimesvc.dll
12:31:14.0898 0x1b1c autotimesvc - ok
12:31:14.0992 0x1b1c [ 2FCF47F27D91AC751CAD826114D4BB7B, C9050EC241CAFFE923BDF070825814F441DA88DAE3A792283058561EC0754465 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
12:31:14.0992 0x1b1c AxInstSV - ok
12:31:15.0055 0x1b1c [ D27687DC992BFAE6FD109F676D712483, A07D02138E204CA964550C6ADD6B4C16334017A6F0E5716F969696585DA0801B ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
12:31:15.0086 0x1b1c b06bdrv - ok
12:31:15.0289 0x1b1c [ 08CFF2E7133BD364068C3783A65E8F0C, CD54FE2030F2923A24348D01F0473ED93BF36E6F870895814E9AF40BA0F42BC7 ] bam C:\WINDOWS\system32\drivers\bam.sys
12:31:15.0289 0x1b1c bam - ok
12:31:15.0414 0x1b1c [ 62590F348D6EF19EB39FFD96183C1F39, F8827C98F84B3876D05F2A35AB667AC658D3A24CE6083633E6D2779FB948B6EA ] BasicDisplay C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_e37d3f14599e155f\BasicDisplay.sys
12:31:15.0430 0x1b1c BasicDisplay - ok
12:31:15.0445 0x1b1c [ BEEBA4AA468840B6722AAB017382CE2A, 1B4A856A682902DC78C7BCCB407C897A126407157C4A7AAB6579C53ADD8C450C ] BasicRender C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_21f20fcd0fa6ca95\BasicRender.sys
12:31:15.0461 0x1b1c BasicRender - ok
12:31:15.0617 0x1b1c [ A8C2477BA176A0421282CD0AA33A1F1B, 6D842D1F106540891F3DE5C502E1900498AAC7B34D24B8FDEAB79F73776BC562 ] BcastDVRUserService C:\WINDOWS\System32\BcastDVRUserService.dll
12:31:15.0695 0x1b1c BcastDVRUserService - ok
12:31:15.0758 0x1b1c [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
12:31:15.0773 0x1b1c bcmfn2 - ok
12:31:15.0851 0x1b1c [ 7E67C08AFA613639B7A815AEC5E1039F, 8E7E3AAD3ECCB4780DED43E9DC6504C2CFBB26FE8F6422DA73020204FA64180F ] BDESVC C:\WINDOWS\System32\bdesvc.dll
12:31:15.0883 0x1b1c BDESVC - ok
12:31:15.0976 0x1b1c [ E8D3AD8147B92C998589EA0220F9E78B, 313A2BA801605E30BDDC586191307CA881D94B4C8A111FADF8F49E643A123A90 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:31:15.0976 0x1b1c Beep - ok
12:31:16.0117 0x1b1c [ 705ACDB0F4EC47C68B39B840A1307611, 3488C34800CC9BDC23039DEE5786BC48261A8A05622E020CCC4DEE66EB551B6A ] BFE C:\WINDOWS\System32\bfe.dll
12:31:16.0195 0x1b1c BFE - ok
12:31:16.0336 0x1b1c [ 6D4B2DA95FE32546C13EB7A310E607D7, E228CD183942FF5A1F722FFE193A698D768647C0A2DF92AC12F3863ECB9F4C4F ] bindflt C:\WINDOWS\system32\drivers\bindflt.sys
12:31:16.0351 0x1b1c bindflt - ok
12:31:16.0430 0x1b1c [ AF2D6091B59BC7EEC7A6231F86086BF1, 39CA54164A4D4F7978F0E62660C0EF22E857CD5DA8D0824D60A24A1AFFDC4984 ] BITS C:\WINDOWS\System32\qmgr.dll
12:31:16.0601 0x1b1c BITS - ok
12:31:16.0758 0x1b1c [ 203F5FB29E72CB8FB3C3BA377FF149D0, 9964B81D44AF265FF644F138B883B68DCF7F18C732E1AC8A1AC7F723E485B6A9 ] BluetoothUserService C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll
12:31:16.0773 0x1b1c BluetoothUserService - ok
12:31:16.0898 0x1b1c [ 4BE3AAA1A4EC31ED523AC7388B93908A, BF4B702F7AB4B0F9E9C224854C7493044CE0E6CB3A470C2F0B38EDA86D61293C ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
12:31:16.0898 0x1b1c bowser - ok
12:31:17.0039 0x1b1c [ 5FBA0D8B3417ED89F9FA16733C0F60E3, D0AE1A8AE10C37C4EF0AA3DCA843B390C671286442118832482F0A9ABB1B1C07 ] BrokerInfrastructure C:\WINDOWS\System32\psmsrv.dll
12:31:17.0055 0x1b1c BrokerInfrastructure - ok
12:31:17.0273 0x1b1c [ 93D3CE5BEACADBE11A7B62AC4E7497C6, AB28578C8B223AA28F6825F5AAD3427C38D8C832A2F3C62B34B3AB47FE080D23 ] BTAGService C:\WINDOWS\System32\BTAGService.dll
12:31:17.0445 0x1b1c BTAGService - ok
12:31:17.0476 0x1b1c [ 904FCC180A03AED56F742AE367DC43B5, D72962C47782D55F55472AE995689EDA5A3557107A487454194F15FADE37297B ] BthA2dp C:\WINDOWS\System32\drivers\BthA2dp.sys
12:31:17.0492 0x1b1c BthA2dp - ok
12:31:17.0539 0x1b1c [ 36D04F946007E5DD8BD6B5E56D509007, D66B8FFD1E700480F19C649C99E9012D19B74446F40548F867AA93E15B10F48B ] BthAvctpSvc C:\WINDOWS\System32\BthAvctpSvc.dll
12:31:17.0555 0x1b1c BthAvctpSvc - ok
12:31:17.0570 0x1b1c [ BE4FB66AB9EC8B891769256CC517687F, 37D78C644D7C1AA168B975FC8BA7CEFE6A92E0CCA64AD24F4BA659940338F508 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
12:31:17.0586 0x1b1c BthEnum - ok
12:31:17.0680 0x1b1c [ 96F787CA30263AA238FE6F82A853B959, 440B60345D088C3B54423E6A878FF9A35EB75854473BD28BA3C96B7AA8D8F046 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
12:31:17.0695 0x1b1c BthHFEnum - ok
12:31:17.0742 0x1b1c [ 240156D5440D7EAC59D2FC3A08F979AA, 3EBE14C4628AAC5EFAA6514EE34F5764D58FFAEB23367CC2D0868C78C1F4E370 ] BthLEEnum C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
12:31:17.0742 0x1b1c BthLEEnum - ok
12:31:17.0805 0x1b1c [ B48BEF63B3BA5FA2A6E5D3D4E313DEA6, 3804033103511804E3D3B771F93A57A4BF8534D84AB20F32C6B72066E21C0723 ] BthMini C:\WINDOWS\System32\drivers\BTHMINI.sys
12:31:17.0820 0x1b1c BthMini - ok
12:31:17.0914 0x1b1c [ E6B8309A8504AE5D5ABEA852B5412020, 17D790C6B5F04FA2C3318DB31B80B97D14DCBEEB83DB47CE4DAD94986ED31185 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
12:31:17.0914 0x1b1c BTHMODEM - ok
12:31:18.0070 0x1b1c [ A9C041A38DEA12D7B6F00785605038DE, 1367317E5430C72E68F011D6240CD82C56B681748D835B1E0CDED8EF25459A7C ] BTHPORT C:\WINDOWS\System32\drivers\BTHport.sys
12:31:18.0179 0x1b1c BTHPORT - ok
12:31:18.0258 0x1b1c [ 07DBF1752BF4F24295D03F64DB4EEC0B, F4192108BB126E95152A250376D29D5EF4F4485B07E09943474E089F791AC80A ] bthserv C:\WINDOWS\system32\bthserv.dll
12:31:18.0273 0x1b1c bthserv - ok
12:31:18.0320 0x1b1c [ C7F7BFF33B0B8F901EF94C0B351FF91C, A7D9C6D0CD20DD9FEC5F030518B32B69445DFAE49391942AEAD34605B59ADC4B ] BTHUSB C:\WINDOWS\System32\drivers\BTHUSB.sys
12:31:18.0336 0x1b1c BTHUSB - ok
12:31:18.0367 0x1b1c [ 64CC096BDF6E63BF7DACB83F2FFE10FB, F97E25F4641787378877F3A668CB9E59EB76C7ECA755551DD8525A39279255F0 ] bttflt C:\WINDOWS\system32\drivers\bttflt.sys
12:31:18.0383 0x1b1c bttflt - ok
12:31:18.0476 0x1b1c [ 71A75075B131E0C8DD2479B4ACC4A46A, 6BDC964EB37E3BFCC15291C28A9D8120CD1A0D55823FE73CF6388C08E4E4D2C0 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
12:31:18.0492 0x1b1c buttonconverter - ok
12:31:18.0539 0x1b1c [ 32EC33A5BF6EA25BA4381A43A53476F2, A81574070B4B58B3E1D4EF70A31A15BE641BB210EF13292DACD9C3F9B36482D5 ] CAD C:\WINDOWS\System32\drivers\CAD.sys
12:31:18.0539 0x1b1c CAD - ok
12:31:18.0601 0x1b1c [ B85343D4C9914A725413618BCA03C1E2, 414CBA102E94F8EA06D4665B69660DCEC6121817684AFA4F9CE659BC5BAFF5B5 ] camsvc C:\WINDOWS\system32\CapabilityAccessManager.dll
12:31:18.0617 0x1b1c camsvc - ok
12:31:18.0726 0x1b1c [ 8EFFE4B95132CC5BD1F677A38A038598, 2E07650F4191533F4D980ADA18865AB6AEBD7BDDF62323DA6F94AF42702FDF53 ] CaptureService C:\WINDOWS\System32\CaptureService.dll
12:31:18.0742 0x1b1c CaptureService - ok
12:31:18.0820 0x1b1c [ 200281BF99A51318B4C9A2D36E037A4F, 586DE71B7AD9252205A635BF63BBFDD3722504B423276A0AAC85D70438AC11C1 ] cbdhsvc C:\WINDOWS\System32\cbdhsvc.dll
12:31:18.0867 0x1b1c cbdhsvc - ok
12:31:18.0914 0x1b1c [ 2DA9B0EDAC129461C95F2C0F295BB23D, 85CEB327037CB4B19122EBC1F2511A3E8166E3D48DD37BA8FCD2B274D411EC75 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
12:31:18.0914 0x1b1c cdfs - ok
12:31:18.0976 0x1b1c [ 3A2C32B5D8F8BE0F1E825FAF2E639788, 04B8EDB4DDB5895721E13FF2909892E645F316FF84C00E6D28F325EF0B25AE36 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
12:31:18.0992 0x1b1c CDPSvc - ok
12:31:19.0054 0x1b1c [ FBE9450FF19631081F47959DE069C892, 6DB5771195CDC9497E0234E2C857C617603641595E4041C0530EB30E11DE5740 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
12:31:19.0101 0x1b1c CDPUserSvc - ok
12:31:19.0164 0x1b1c [ AA1399C416EDF8E521041F22EAE0D7DB, A4ABE386036A4E74DECC394A95C8E1D821EE7A85746589123CD68ED4756F164B ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
12:31:19.0164 0x1b1c cdrom - ok
12:31:19.0289 0x1b1c [ F5E09206A97D250D2F407243B3C6AF48, F0765407EA0C4727C8C9D96BCFEED77278BC1A92AC541486DB08A2A8A8BB2B6E ] CertPropSvc C:\WINDOWS\System32\certprop.dll
12:31:19.0304 0x1b1c CertPropSvc - ok
12:31:19.0367 0x1b1c [ 9003AEFCAAA492C02FF76C17E654D477, 7D6F9840AB3256ACFC30D693A21ABF7B3A28FB0BB5B8C05D03ED17FB0D4B5732 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
12:31:19.0367 0x1b1c cht4iscsi - ok
12:31:19.0476 0x1b1c [ D3A038902BF0D2BA9E30F76AC334A862, 7E3E0CCAB98AB712762B2390F612C2B13FC7439239894E1BB7D7D189CD455B76 ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
12:31:19.0554 0x1b1c cht4vbd - ok
12:31:19.0601 0x1b1c [ 33DE1D6F0E8D6E4B1935DB9E028BCAD0, 8B84DEEF99F1928D3723F18143C914A368233A752848B554E27C4501C4FBCEAB ] CimFS C:\WINDOWS\system32\drivers\CimFS.sys
12:31:19.0601 0x1b1c CimFS - ok
12:31:19.0711 0x1b1c [ 1E17807F28C8823AFA999879031F089D, FE672CC0DE8D13A698221C62EF8E4D0D7B4FE1498CD5767D8BD8C2D0F5D74717 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
12:31:19.0726 0x1b1c circlass - ok
12:31:19.0758 0x1b1c [ 47C628BFA7163B66F73E93D343471353, BB85B7FA16B56A8AA023EB05F38074454B450A2F065D09C1F24641271CF5A387 ] CldFlt C:\WINDOWS\system32\drivers\cldflt.sys
12:31:19.0773 0x1b1c CldFlt - ok
12:31:19.0836 0x1b1c [ BD30B2685D7FB0FA610DA3F07FD3D926, 7F67CA99800680460204F810D7FC80F42568D43262A454A77489F3E14574E9E6 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
12:31:19.0851 0x1b1c CLFS - ok
12:31:20.0054 0x1b1c [ DB29088B6DC11AA277FF620504B42EC4, 43C4075B3D84D243E33C7EE74C00164F4C35124A97ABF6242452FF4DFC643B48 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
12:31:20.0101 0x1b1c ClipSVC - ok
12:31:20.0179 0x1b1c [ 66C409030D6034031696C2560731E490, 3022751BA164ABE979CF3253F40CA3E58BB1DB07B23F7E1FD0E23BB02E2C24B7 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
12:31:20.0195 0x1b1c CmBatt - ok
12:31:20.0226 0x1b1c [ 34945BEB1865BD87D6756E386AEA3FF6, A27BEDB8AA1B44866B65C07C14513D786CC9848B6F0156877A49B36E7F2F77D0 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
12:31:20.0258 0x1b1c CNG - ok
12:31:20.0320 0x1b1c [ 084940DFBA773C59D240E054DE5590B0, C776594DEA288274D2D5DBB0FDCA09E4E23512D486E4A1D862C906FB877464AA ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
12:31:20.0320 0x1b1c cnghwassist - ok
12:31:20.0367 0x1b1c [ B85BA5CAB06B4994276168CBCB323A9C, 35659ABFB2641963F4EC23A633B3554466FA817A983F0F1A6D052BD167DF4D81 ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_e8e0b9b99f50f709\CompositeBus.sys
12:31:20.0367 0x1b1c CompositeBus - ok
12:31:20.0383 0x1b1c COMSysApp - ok
12:31:20.0429 0x1b1c [ 2F787C38054CA9F850ADA89AB4942FCB, 34D2CFFE89AE3ADF7FD6D970CDA69DC10C390D11E54BCD8BA9DFA20E8E59FB2E ] condrv C:\WINDOWS\system32\drivers\condrv.sys
12:31:20.0429 0x1b1c condrv - ok
12:31:20.0476 0x1b1c [ D46D08C0BB5ED488088B5E9A2F39CD12, 5B3F40B63A4844E5886B24F5D64F340FEA2F563E13D0A1B767BDEEFBA1553536 ] ConsentUxUserSvc C:\WINDOWS\System32\ConsentUxClient.dll
12:31:20.0476 0x1b1c ConsentUxUserSvc - ok
12:31:20.0601 0x1b1c [ 69D9E6C03F0430501EECEE6D3565A9EB, 76D2D4C792F3F5400841082F25E7D3835920E493CE2EBB50B763BC769B4579F2 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
12:31:20.0679 0x1b1c CoreMessagingRegistrar - ok
12:31:20.0758 0x1b1c [ 972130300038FC3D7ACC2B123E8BE334, 6118FD52CAD3917ED4269E0B94A124951D42E86B01F75A0380B85BAA375554E6 ] CredentialEnrollmentManagerUserSvc C:\WINDOWS\system32\CredentialEnrollmentManager.exe
12:31:20.0773 0x1b1c CredentialEnrollmentManagerUserSvc - ok
12:31:20.0789 0x1b1c [ 972130300038FC3D7ACC2B123E8BE334, 6118FD52CAD3917ED4269E0B94A124951D42E86B01F75A0380B85BAA375554E6 ] CredentialEnrollmentManagerUserSvc_6ae65 C:\WINDOWS\system32\CredentialEnrollmentManager.exe
12:31:20.0789 0x1b1c CredentialEnrollmentManagerUserSvc_6ae65 - ok
12:31:20.0836 0x1b1c [ 70182E3968BF1CDD8B7A65AE2915C1F2, D7B0282BB556B7968263C1D10960C0FBAA024D7502F24851F54993B5DE2E220A ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
12:31:20.0851 0x1b1c CryptSvc - ok
12:31:20.0883 0x1b1c [ D25E666CFDEE006A478D971D4703829C, D89716468A842336E4AA01F285C6239E4239CC6A008B5B48B324848CC2B1D081 ] dam C:\WINDOWS\system32\drivers\dam.sys
12:31:20.0883 0x1b1c dam - ok
12:31:20.0976 0x1b1c [ C020A29A3EF93F94CDC1A46E5353170F, 3EE5B2AE5755027935F71A6DDEBCFCA855101EA6EAB295CD198D15A0B48C7679 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:31:21.0054 0x1b1c DcomLaunch - ok
12:31:21.0117 0x1b1c [ 476DC6D4E08746AC0E35977705CF1A7B, 39F6A4EECAC395E44DF7529816CA8AF46B05E3FA90ADDDB24A9BCA3625ADC41C ] defragsvc C:\WINDOWS\System32\defragsvc.dll
12:31:21.0132 0x1b1c defragsvc - ok
12:31:21.0195 0x1b1c [ BEBBE7138ADD900B117770597679605F, 928EE74D48DAE71B98015C9FBB2B1960A41B7F7F31356D2A744F9DBE61813DF4 ] DeviceAssociationBrokerSvc C:\WINDOWS\System32\deviceaccess.dll
12:31:21.0211 0x1b1c DeviceAssociationBrokerSvc - ok
12:31:21.0289 0x1b1c [ 4661CBAECA7D795146799F944FA96ADF, D1FED7F6507E106F3963BF0F6AD5C4754A17241029C2BAC2C9D0149287B2D744 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
12:31:21.0304 0x1b1c DeviceAssociationService - ok
12:31:21.0367 0x1b1c [ 5AC69BD5AA1DC73B4EF6825317F562ED, F67283073B13D84B3AF1A1C1A4D821E14951E7B996837422B89E24698713A5C8 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
12:31:21.0382 0x1b1c DeviceInstall - ok
12:31:21.0445 0x1b1c [ 0DE7B5A29CB4D8F4614C13997993B3B1, E3F2901D7C383B452380464FBA896E3765340A88A35A2D789AA254EC163803FC ] DevicePickerUserSvc C:\WINDOWS\System32\Windows.Devices.Picker.dll
12:31:21.0461 0x1b1c DevicePickerUserSvc - ok
12:31:21.0523 0x1b1c [ A273BAA83B82DCEC6671E70D5BC9ACB5, B1400E4981D33D174DB2C6E32FFB280D1F47D44B26CE0C0CB09FF5E2C166CE16 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
12:31:21.0539 0x1b1c DevicesFlowUserSvc - ok
12:31:21.0601 0x1b1c [ 04C3EF007E72302DE32AD183BE27391A, ECEE6A4B2C06102699394665E21AC2B01DA7E107CB61B7561670C3BC1B16C99D ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
12:31:21.0601 0x1b1c DevQueryBroker - ok
12:31:21.0648 0x1b1c [ 07A79A2D87EF9B24D0B979AEBE70C280, 34307A45C0505C5A857E56C1FDBC4CF949152FF367C045F1D4848D762B84922E ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
12:31:21.0648 0x1b1c Dfsc - ok
12:31:21.0726 0x1b1c [ 2AFD9683B99CCA837DFD71F014B8AE82, 193BA3586D0A3914133BD23AE9EE0B25E5DCFE920027CE301987BA7CA6667CCC ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
12:31:21.0742 0x1b1c Dhcp - ok
12:31:21.0851 0x1b1c [ 79BF835F5C6C79807E0D0A7B02AACB2E, 3BCBC82E7E88782453B289356ABF3193B26A5847106D6C545FA9461BA1125E94 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
12:31:21.0867 0x1b1c diagnosticshub.standardcollector.service - ok
12:31:21.0929 0x1b1c [ 0B5AC9114F809012A83E55AB470124BC, F6BCE1B5EFE4FC0F307B85F81BBC188CAC9CE9A17E9674416F8FAB1255E9742B ] diagsvc C:\WINDOWS\system32\DiagSvc.dll
12:31:21.0945 0x1b1c diagsvc - ok
12:31:22.0148 0x1b1c [ 1047ED62003CCA68410EA57A9E8DF368, 1BEA32F341B2FA6807F9334C247D8C5D2373012738D901B404F51A486FA66837 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
12:31:22.0304 0x1b1c DiagTrack - ok
12:31:22.0382 0x1b1c [ 5417074D5EBC60991C617D14EFEE25F6, 258D50F5EFD8E7695971DB9A5FE7DBF3C3B7155261DD548AABF2B9A6B078A0EC ] disk C:\WINDOWS\system32\drivers\disk.sys
12:31:22.0382 0x1b1c disk - ok
12:31:22.0445 0x1b1c [ 5A4A21711E66164B36BD5906D229FAAE, B5F9D4D995ED167D01399B3480FF56CD47E8C604D4F87F84AA6AE4E906520B66 ] DispBrokerDesktopSvc C:\WINDOWS\System32\DispBroker.Desktop.dll
12:31:22.0461 0x1b1c DispBrokerDesktopSvc - ok
12:31:22.0554 0x1b1c [ 599D5F860AF722D7CE10CEBB5C61E42C, 0F3666E5533A348F5096D815FF2025795713279B6E83BFCF4E1760858873CCCE ] DisplayEnhancementService C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
12:31:22.0586 0x1b1c DisplayEnhancementService - ok
12:31:22.0664 0x1b1c [ 6737353ED79015C4C0DBFBD519CBD35B, 0E4DA174AEA0196344468BC0456B3BE0B3875DD44D8BFD63C2703519CA1EF1D3 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
12:31:22.0726 0x1b1c DmEnrollmentSvc - ok
12:31:22.0773 0x1b1c [ C3C1B32C7B8167083F125DA5B9355136, 9F5C6D1CD276087EE31E31489320727341812B84AA559662BE299F844B1124E7 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
12:31:22.0789 0x1b1c dmvsc - ok
12:31:22.0820 0x1b1c [ 600C4F9FB9E3A0D71A22A08D66D25540, 9BFAA9FB6D53800F1F7A7403FEEF33F9C2DC19E04CCBA91A7182FE6DC4CC21B0 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
12:31:22.0836 0x1b1c dmwappushservice - ok
12:31:22.0867 0x1b1c [ ADD0EF4A1062B7DA629CFC529A64B886, 70B84245151B779675A8ED4FD736AE59F39CB8EA2BBD6509B0671716D6D8BE74 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:31:22.0882 0x1b1c Dnscache - ok
12:31:22.0945 0x1b1c [ 013511B3F7F78A2E3247A0A1231007E2, 7842AF902BA24971AEE3FC0502FD81A6651FEE61AF88BCCC64128FA7D99CFCDB ] dot3svc C:\WINDOWS\System32\dot3svc.dll
12:31:22.0961 0x1b1c dot3svc - ok
12:31:23.0023 0x1b1c [ 4251CB52A461CDEC7E32EF5B07754E3F, 687DE89E6865EF3270BA5696019E120402F418507E01768D01DD95ABA5D29467 ] DPS C:\WINDOWS\system32\dps.dll
12:31:23.0023 0x1b1c DPS - ok
12:31:23.0070 0x1b1c [ 0C576AF8E5E977036F696F96E92E7839, 1DD1548248F37072D4041DAFADD1381F22232E12E3023BCCAA5EDE0B1134AB65 ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys
12:31:23.0070 0x1b1c drmkaud - ok
12:31:23.0132 0x1b1c [ 78AD6FCE146125E48B2C5E139F336FA6, 589F873CC67521704F1890A348C632713C5F41E200A273E218196869DC088A74 ] DSDFunctionKeyCtlService C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\DSDFunctionKeyCtlService.exe
12:31:23.0148 0x1b1c DSDFunctionKeyCtlService - ok
12:31:23.0195 0x1b1c [ 3A28723AE3F61A3AFE342FD8B35A3E93, C9913475315F097BA8B97CB5A9086D375A535F464F89BFD91EB4C5FB2E4F697A ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
12:31:23.0211 0x1b1c DsmSvc - ok
12:31:23.0273 0x1b1c [ 7F98A79D9270BD91F91016B0648B8350, 7E408A6AC272F64FF9F9917744DE777674E7C31F066AB3B35C47C8BAFCD0CDF0 ] DsSvc C:\WINDOWS\System32\DsSvc.dll
12:31:23.0289 0x1b1c DsSvc - ok
12:31:23.0351 0x1b1c [ D12CD0AF758EC49E5B53380E95A1C346, 73C7A830B0C915DF2471C439A4045B601CC0AD0F277371C81F2F5BAF14AE2812 ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll
12:31:23.0367 0x1b1c DusmSvc - ok
12:31:23.0617 0x1b1c [ 3DB5270F4DEB28244E75DC7D0E934AED, 949047ECADCF28D39AF727A8D933F8A9CB02281BD61C53D0562551D92AD4A446 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:31:23.0804 0x1b1c DXGKrnl - ok
12:31:23.0867 0x1b1c [ E0FA7BE2A1A7321F7F20FCA7344069E4, 00CB1BB43D4312BC11EFD2FC062ECB40E998EAE5ADABA344D415EC2F1B53547D ] EapHost C:\WINDOWS\System32\eapsvc.dll
12:31:23.0867 0x1b1c EapHost - ok
12:31:24.0039 0x1b1c [ 148FCDD37D7530F9A1C417CA6B918BEF, 6D9DEFF837F45CF239726675CE059275C86D58CC8147A7A99921FF6F35B238C7 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
12:31:24.0226 0x1b1c ebdrv - ok
12:31:24.0445 0x1b1c [ 7DF126F33228BBA87B6B9985F7BA0307, DAE33332B23871C33712F4C7A2A8E20A150D4FB3CFD14C63AA10EA5936FB7595 ] edgeupdate C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
12:31:24.0460 0x1b1c edgeupdate - ok
12:31:24.0476 0x1b1c [ 7DF126F33228BBA87B6B9985F7BA0307, DAE33332B23871C33712F4C7A2A8E20A150D4FB3CFD14C63AA10EA5936FB7595 ] edgeupdatem C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
12:31:24.0476 0x1b1c edgeupdatem - ok
12:31:24.0539 0x1b1c [ EDBC355D76BFC9541E525C922827648A, 1352CF122083A8174C1CF88DCBCEED63278D41E4A0AA535D866F64AF45DB2E80 ] EFS C:\WINDOWS\System32\lsass.exe
12:31:24.0539 0x1b1c EFS - ok
12:31:24.0601 0x1b1c [ AC0A1E6B2668506835C969B5957FEE43, 8D185E4018591D076F61FF16C407906D94659412A8EE8D3516BD851A5C94D792 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
12:31:24.0601 0x1b1c EhStorClass - ok
12:31:24.0648 0x1b1c [ 044C906E3AEEEAAC9D8E6C76F35940C6, 242FD9BFB455297E6DBE7DA2FA20D2CE97BB7AF45CB31048EDF8778E1BDA85DF ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
12:31:24.0664 0x1b1c EhStorTcgDrv - ok
12:31:24.0726 0x1b1c [ DC191BA9B1FFB8348C8BD1057E3FB0BE, 675DC2686D0BEA9B1DB6E2ADFF28D5C9A49689B4C5D11F036E289729B75BB9F5 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
12:31:24.0726 0x1b1c embeddedmode - ok
12:31:24.0804 0x1b1c [ 58597CD50ADD948B8404D61A5F2AB80A, 5EEF6521A2F819F99B966B09FFA551A5AC478E4D52D48D1B4E538C1D44013F8E ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
12:31:24.0835 0x1b1c EntAppSvc - ok
12:31:24.0898 0x1b1c [ 0B9B962B9CA78F8324F8E0AF00F8832A, AB2BFDD9312812423F09A4A954FE8C5330212AA3599AD0D4EA6958FA17CA0615 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
12:31:24.0898 0x1b1c ErrDev - ok
12:31:25.0054 0x1b1c [ 887F29F8A37BFC12752D124946EE0421, 0806DF8E0818A91B4FA4DDA9423E09B8FBFCF36578C92C7B2BF1C34C7C9FC62A ] EventLog C:\WINDOWS\System32\wevtsvc.dll
12:31:25.0101 0x1b1c EventLog - ok
12:31:25.0164 0x1b1c [ 213C764F344DEC0EEC8983BB5D672C85, 153EB7B1C3D9AA78A6F9EAC02EEF561B2BA811DF2F6C37329935695FA996CDDE ] EventSystem C:\WINDOWS\system32\es.dll
12:31:25.0179 0x1b1c EventSystem - ok
12:31:25.0242 0x1b1c [ 725DCC0B234EC591440ED99F9D919D13, 7EBE604EE5CBA55501E2EE635AD963AC7F580502C1F77767E60291FD638B1E4A ] exfat C:\WINDOWS\system32\drivers\exfat.sys
12:31:25.0257 0x1b1c exfat - ok
12:31:25.0445 0x1b1c [ EAF8866162C98239432B996CB79BF9E2, A2D3E3BAD2725BA31B6F4B5842129451643DB76DD02B9A4ADC325CE0C9DB1754 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
12:31:25.0476 0x1b1c fastfat - ok
12:31:25.0539 0x1b1c [ 75F76D703A4BD0085EDA05F881F27139, C515CAF74E5CBC3CD98D88780102D28E4577550E1A920DA053D565525C31644B ] Fax C:\WINDOWS\system32\fxssvc.exe
12:31:25.0570 0x1b1c Fax - ok
12:31:25.0617 0x1b1c [ FA01A6289B07A2996668F6E33AFB84CB, 95D71C2EF0611914C4A424BAC575E852A798E26AB8D1CAE24E75C63098AB3329 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
12:31:25.0617 0x1b1c fdc - ok
12:31:25.0648 0x1b1c [ 3B1E1633D3B676CB8C96C9F291FAF06D, DE7CB6D9F76FC311E309419E955DFB393F1110BD956BDEA455E8D4D12D987C81 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
12:31:25.0648 0x1b1c fdPHost - ok
12:31:25.0664 0x1b1c [ 5328500AD1C169E4A246C119CF97A9CF, 2B2E4CF3860675FFF7DD5CF3BB82E2828ADBF50934B03A90BF610E5F603642E1 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
12:31:25.0664 0x1b1c FDResPub - ok
12:31:25.0726 0x1b1c [ 0B3790212AA5113ABD2299C8AEA94D29, F13888D03B6703D66EBD006FA34B60238D77F121A89C1B3D8D9DDE9EBDD6801A ] fhsvc C:\WINDOWS\system32\fhsvc.dll
12:31:25.0742 0x1b1c fhsvc - ok
12:31:25.0789 0x1b1c [ 1F4C3BDA04CCD9C05E27C8F4AF092A16, F38A86EDCE8CBBEF9DE10430F99D729DB042997AE32D8F81D51830C334ED0C9D ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
12:31:25.0789 0x1b1c FileCrypt - ok
12:31:25.0867 0x1b1c [ A80498FF0FD344988484D41E244C0F3F, A512DBAC4086B287C206E9AA2E262E0D3A84C3DC17688A3F47C124207360C4AF ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
12:31:25.0867 0x1b1c FileInfo - ok
12:31:25.0914 0x1b1c [ 19C0FBC62BC3EAB401728B97DF5B3621, 88576C78F4A40728E7BDCD4FB71E761A3D89F930DD4ADCE28364C382FF3D3D60 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
12:31:25.0914 0x1b1c Filetrace - ok
12:31:25.0929 0x1b1c [ 6FEA39C98B3E799B5B84CAAE1963B711, B6BB698970AF98B6E2DB147C21BB790364D145B6DC58220EDB91DD535C20346F ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
12:31:25.0945 0x1b1c flpydisk - ok
12:31:26.0007 0x1b1c [ 6E0AD2F7C86E7A3AFAE55FFDE1226B39, B375FFC95B69ED238F975CDE8584D69F18E778F1F2D473BEB455CB268D3F4762 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:31:26.0023 0x1b1c FltMgr - ok
12:31:26.0226 0x1b1c [ C38ECA00C30C9479723AB06FBE743811, BD4596C28EAA8B8E24C8BDCCFF8E3C36FA02281AB8D10A10A16D6EF682F7A940 ] FontCache C:\WINDOWS\system32\FntCache.dll
12:31:26.0335 0x1b1c FontCache - ok
12:31:26.0476 0x1b1c [ 1E4A11E5CDC54A97BE5B612ADBBDEA57, 3651FAAC6BCD5D6372FE8684CA83BEDC164CCE84B2D04F0CDA597CDFA6A4DFF8 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:31:26.0476 0x1b1c FontCache3.0.0.0 - ok
12:31:26.0585 0x1b1c [ AB297BAB6C25DF83B106F3E7607B7C97, 0311FDFCD3A68E9369010877388C57FE4361C790FAEE2E85EC35798086251549 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
12:31:26.0648 0x1b1c FrameServer - ok
12:31:26.0710 0x1b1c [ 328DDE24222BA25FB07E6BECB8329238, 638D6906DBBFAAE4A229E27C8D01662C5B136436D0E7831CECF5E8F6094DFD04 ] FrameServerMonitor C:\WINDOWS\system32\FrameServerMonitor.dll
12:31:26.0726 0x1b1c FrameServerMonitor - ok
12:31:26.0773 0x1b1c [ F0ADF3B8DEA06371672AC5A57E3BFC3C, 0339F8E9F17A226728CBB3B8975938C265BB1141E66CC335108D6957E0EF02F8 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
12:31:26.0789 0x1b1c FsDepends - ok
12:31:26.0851 0x1b1c [ 0E563B172ACDBCB37C46B167FEAAF16B, 337F18FED597CC0D47FA7D9DA3ADC2B6AC9BB39908CF24D91B0DF08779424125 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:31:26.0851 0x1b1c Fs_Rec - ok
12:31:26.0914 0x1b1c [ E0E86DC80267EF05D67865DF0689C66A, 2608F2A2BA6A1EE77B05DB6AFAD48C0E08DB3AEA8114DA64188456A1C7131487 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
12:31:26.0945 0x1b1c fvevol - ok
12:31:27.0023 0x1b1c [ 60ACB128E64C35C2B4E4AAB1B0A5C293, 7B476AB5E95529A894F95397C753662F4C58D1FE89F4648271251DA77C5A3FA9 ] FwLnk C:\WINDOWS\System32\drivers\FwLnk.sys
12:31:27.0023 0x1b1c FwLnk - ok
12:31:27.0070 0x1b1c [ 7D09924634E676C06724BCFC86CD142B, 7392C5B0A24C788D2547E51C8A486BD4B89AAE13ACB4817CFF70692F59878B5A ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
12:31:27.0101 0x1b1c gencounter - ok
12:31:27.0164 0x1b1c [ 07A266DFE641D1AC22973D91CF6621F9, 37D2315546A4B3A70AB9612B489DC40D385E99E4A037DB8045AA883EE275FAA8 ] genericusbfn C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_637685835fac8b88\genericusbfn.sys
12:31:27.0179 0x1b1c genericusbfn - ok
12:31:27.0242 0x1b1c [ EFA627A3DDECC31327643F8B394C30CA, 716A933AD5F2B1844C7E4E300C0BD716B70E074B8D17B4D8B9190C4C97D79880 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
12:31:27.0257 0x1b1c GPIOClx0101 - ok
12:31:27.0398 0x1b1c [ 90AB5C4876BFCCDEB9562C24B04733A1, D5F8C453D4E97B8D80C58D2AFAA4F5D27FC5CDF7A202F49E96508C4F70F5AECC ] gpsvc C:\WINDOWS\System32\gpsvc.dll
12:31:27.0445 0x1b1c gpsvc - ok
12:31:27.0476 0x1b1c [ B6A0554D89978FCA6C7B01F57E26DD3E, E464FC79C4342C1A702051723372699F8824B4022DF778A03F6B6E534FED3111 ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
12:31:27.0476 0x1b1c GpuEnergyDrv - ok
12:31:27.0523 0x1b1c [ 18149C075F2F6739EB5B280AB4646FA7, B3188D7E11CEA59F4A91455DD5530BFA2E0F882C891D6AE3CF00B8D855809C23 ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
12:31:27.0523 0x1b1c GraphicsPerfSvc - ok
12:31:27.0617 0x1b1c [ D7E8F8A26B5D89244321105E72CBC651, DC7ED9AC3C403FF1DE0BB56F0DE8194CA8BAA98138CDBD50161E0379AE03A378 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:31:27.0632 0x1b1c gupdate - ok
12:31:27.0648 0x1b1c [ D7E8F8A26B5D89244321105E72CBC651, DC7ED9AC3C403FF1DE0BB56F0DE8194CA8BAA98138CDBD50161E0379AE03A378 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:31:27.0648 0x1b1c gupdatem - ok
12:31:27.0710 0x1b1c [ 1EF0A8C7854593F301751F196F68ED9B, 4094CF239BBAB01FFA52F6860CC526A523DDA01D7FACAB0898EBC43E9F76DD0B ] HdAudAddService C:\WINDOWS\System32\drivers\HdAudio.sys
12:31:27.0742 0x1b1c HdAudAddService - ok
12:31:27.0820 0x1b1c [ B5BD0B33E74DD479BB9E0630A2D92207, 9AE3F9B1432365E12FCD055CBF0CA08312E1CE2F0D3526217B6B0A763294522A ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
12:31:27.0835 0x1b1c HDAudBus - ok
12:31:27.0898 0x1b1c [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
12:31:27.0898 0x1b1c HECIx64 - ok
12:31:27.0929 0x1b1c [ 37EFC0B178C140F3B4B52A083D43FFF2, 80BE14D87C47DC0F471EA320931ADB3B15040BD11AE758FDBA2147B9C4D9B330 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
12:31:27.0929 0x1b1c HidBatt - ok
12:31:27.0976 0x1b1c [ EE44ABF8630C9B4395CA3E25144D5BE0, 3249E9DB4E8D4949CA21BFA39AAD12F2EB0AC5B93FFF90D64B1892899CB1E99A ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
12:31:27.0992 0x1b1c HidBth - ok
12:31:28.0085 0x1b1c [ DB8C3B3A64C2C2FAA440DE262F0DDB12, 04CC8ECF5F53B77A89DE0B62D998F3AE3B987EAFB3D712ED262D74C3235481E9 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
12:31:28.0085 0x1b1c hidi2c - ok
12:31:28.0148 0x1b1c [ 2BF94EE1E6692419370BC07CAE7EEF83, DFF4FFEDB6D76E5441B1893C8E6CEF05CDBE44AE354B320C9361349A3C3D8883 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
12:31:28.0148 0x1b1c hidinterrupt - ok
12:31:28.0195 0x1b1c [ AAE2C71E3BEC67AD58C94DC8D3EC5DCE, 9472E74559CC87FEA875B31B8DC5B6677E44C7E9E355641754DC9BC42F7A1CFA ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
12:31:28.0195 0x1b1c HidIr - ok
12:31:28.0226 0x1b1c [ 04E87F055A4A5E421C256F8388673107, CB41EA6D0F5E8DFEEF48C55E6DB7E22E5759C75F3E7E0A870168084EBAD709CC ] hidserv C:\WINDOWS\system32\hidserv.dll
12:31:28.0242 0x1b1c hidserv - ok
12:31:28.0320 0x1b1c [ DF95258DB869E8480C631F6BA84EA5AA, 741CD713A819064BDE25BE10BFC509436A506B9D3F05125EEB8573952395DB1B ] hidspi C:\WINDOWS\System32\drivers\hidspi.sys
12:31:28.0320 0x1b1c hidspi - ok
12:31:28.0351 0x1b1c [ DAFCFEFDD44F3F93506B684A097377FA, 677BCB137A62B254AA50B042F4D950B352B2DFA81E0123FB4F69E8BCCC8785C6 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
12:31:28.0367 0x1b1c HidUsb - ok
12:31:28.0398 0x1b1c [ 5484D994BCBAAF9DB6AA736B912544E4, 113ECCECB99622AA3B4187DC329E48082DB28BD047C39AF8FB43A0015D60701D ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
12:31:28.0413 0x1b1c HpSAMD - ok
12:31:28.0507 0x1b1c [ 0BFA80E475E935CB8398C2C4DFF86176, DFAA846C8743B7C716483DECE73481AEF4FEE043729F3F0411F913CA95764755 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
12:31:28.0585 0x1b1c HTTP - ok
12:31:28.0632 0x1b1c [ BF9C677FCC8C832658D07611240B629C, 697169159F4DD3806C9C9B8E9CEF95821020BE7E78042C4FB44B6CCF36E290D9 ] hvcrash C:\WINDOWS\System32\drivers\hvcrash.sys
12:31:28.0632 0x1b1c hvcrash - ok
12:31:28.0695 0x1b1c [ 10FFA9FAC5E5C3E7198B555CA9B39DC2, 8D387606FC0510D607293B3B5D3CAF57A62C24DDF8631330B33CDE06B3653E0F ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
12:31:28.0695 0x1b1c HvHost - ok
12:31:28.0726 0x1b1c [ EF2F692FFDF6C937F48977A89FC54971, DDD312A994119CDFD470A6D190E8BE364D1D0083F917D9B148DB0EC602E4E065 ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
12:31:28.0726 0x1b1c hvservice - ok
12:31:28.0773 0x1b1c [ 8CF9D085951CF0D6DE2AC4105E440DE0, 300198709982026EF999CE5B341EC2BDB23351D8B4BD03C0190EE21F953CBF85 ] HWHandSet C:\WINDOWS\System32\drivers\hw_quusbmdm.sys
12:31:28.0788 0x1b1c HWHandSet - ok
12:31:28.0835 0x1b1c [ C5C2BE6DD338362275822A8DAD5628FC, 86071638ED0BDD5744FDD2CEFDA8DB2E1E747CDCB4E1C89DBC7A815D6B38B220 ] HwNClx0101 C:\WINDOWS\system32\Drivers\mshwnclx.sys
12:31:28.0835 0x1b1c HwNClx0101 - ok
12:31:28.0882 0x1b1c [ 00A9D9EE4278B9EFF67706B52AEB5831, FE0E8CBB348B8A833B2ED91818785F8F691E25D1639ED94B44FC6CA6A21DC159 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
12:31:28.0882 0x1b1c hwpolicy - ok
12:31:28.0929 0x1b1c [ 7920776AB1C59BD6EC70424952CC5FD4, FF4CFCE77613703BA1F5C58AF366CF96E982F6CB5DBCDA30173F957FD1117A74 ] hw_usbdev C:\WINDOWS\System32\drivers\hw_usbdev.sys
12:31:28.0929 0x1b1c hw_usbdev - ok
12:31:28.0976 0x1b1c [ 53A7848F7DFA526CF1D05BA724C3366A, 73E8B2BC246B0D2F1CF38ECBD8F8CBCA24D844D5A450E4EE2CACE769C1262A54 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
12:31:28.0976 0x1b1c hyperkbd - ok
12:31:29.0007 0x1b1c [ E2B176E6A25CB0F92F3158F4F0FEDF3A, 0913A6D516B9C03410512F0512B5D0D7E09EC918389CA2E30C907FC929B1F3DA ] HyperVideo C:\WINDOWS\System32\drivers\HyperVideo.sys
12:31:29.0007 0x1b1c HyperVideo - ok
12:31:29.0038 0x1b1c [ 61C5D29616BAB0A735C5F3FA74B13144, FAAC901572659C0743BFC91C6F66E7E1D932DA4180F55DAB165D9DB3C6D504F2 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
12:31:29.0038 0x1b1c i8042prt - ok
12:31:29.0070 0x1b1c [ 9E5AECAB5F05218D9AC923E7CEA1CE15, FAAA46F22944E043A90AE6E9F0F86AF187FC2819C563DA375B2A409347BB2C35 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
12:31:29.0070 0x1b1c iagpio - ok
12:31:29.0101 0x1b1c [ 48EDB9B5DAB7D294951A520330F13715, 9296A14590DFD94A3C728CAF3CA91BA211F27974F9CFF8417CDDC00D1453315C ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
12:31:29.0101 0x1b1c iai2c - ok
12:31:29.0148 0x1b1c [ 6C3EDE394C71D5A67A504F55E35B6F47, 6FF5D13EF69E8FBCB4772C7B5C4D5770C78E0B29F9164FA1611EFDE91CE876BE ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
12:31:29.0148 0x1b1c iaLPSS2i_GPIO2 - ok
12:31:29.0210 0x1b1c [ 806D14CEAF25E5F2DFCBA8E7E33B86BB, 2141DE558461B592D4111A0388D1AAC8062FA72CD1E2A2D2D68279A9633288E9 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
12:31:29.0210 0x1b1c iaLPSS2i_GPIO2_BXT_P - ok
12:31:29.0242 0x1b1c [ 87DDDAE1693484BD0A210C877BDA00C2, E353D90D0B79A70F976FD5EA1CB7E25A97835E25116962EA035424715B2F43FE ] iaLPSS2i_GPIO2_CNL C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys
12:31:29.0257 0x1b1c iaLPSS2i_GPIO2_CNL - ok
12:31:29.0304 0x1b1c [ 8D3E3C431367E3BA632B4396CA662E1A, 71FDC25244298D62A335769D6ED43394C33FBD8DB05AA54CA924A2977F37858F ] iaLPSS2i_GPIO2_GLK C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys
12:31:29.0320 0x1b1c iaLPSS2i_GPIO2_GLK - ok
12:31:29.0367 0x1b1c [ 149F1260537C4F68C3F67C363B62F3C5, 3F1F9EC7571D0F82D3F5BBA298965491260708F05EBAAA2CC23483521A5FF079 ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
12:31:29.0382 0x1b1c iaLPSS2i_I2C - ok
12:31:29.0445 0x1b1c [ 3E641E905A6DBF29CBA1E72BBE349808, BF354297A55713D9E2DD4044D42810C007733EE54D5A80D58B96DD279D92C716 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
12:31:29.0460 0x1b1c iaLPSS2i_I2C_BXT_P - ok
12:31:29.0476 0x1b1c [ 897478D8FACEAE8681F6F3502201EC68, F105EDD16E38F5C0044CC7139E4084A04B0AE3212171A1C7F6FE759F3F5F77FC ] iaLPSS2i_I2C_CNL C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys
12:31:29.0492 0x1b1c iaLPSS2i_I2C_CNL - ok
12:31:29.0538 0x1b1c [ 2ED3B41C7CB4101ACB15D84D8AB5AA9D, A92487129B81376471C842B9932FF3A7B3ABBBB89797978E3FDEAF71A6FD5E3F ] iaLPSS2i_I2C_GLK C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys
12:31:29.0554 0x1b1c iaLPSS2i_I2C_GLK - ok
12:31:29.0585 0x1b1c [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
12:31:29.0585 0x1b1c iaLPSSi_GPIO - ok
12:31:29.0617 0x1b1c [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
12:31:29.0632 0x1b1c iaLPSSi_I2C - ok
12:31:29.0695 0x1b1c [ 85977CD13FC16069CE0AF7943A811775, 421AFFF08D14C2F55CFEF05E4A5A8B086F80BE69A927F84052A502EC5B222990 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
12:31:29.0710 0x1b1c iaStor - ok
12:31:29.0773 0x1b1c [ 186B3653AAE91DB9B61F8830EC844862, 48A720591C7375A3A944BAE6E197C95C6FBEE7E3AAFF71881148D499C781B153 ] iaStorAVC C:\WINDOWS\system32\drivers\iaStorAVC.sys
12:31:29.0804 0x1b1c iaStorAVC - ok
12:31:29.0835 0x1b1c [ 18599980A57FC3168B3CB1531A4E5EF5, 29D34369B122905168E40EC02A5A745C5B5699A993A395601B4EA363E8B51016 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
12:31:29.0851 0x1b1c iaStorV - ok
12:31:29.0898 0x1b1c [ 2E0A71EE33B3D9D32A48DD6F273173E2, 13F0A61F40435377C142C5515A231FF29D8C6A598DE45278CADBBDF858228157 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
12:31:29.0929 0x1b1c ibbus - ok
12:31:30.0007 0x1b1c [ 97F692AABB80765B14FDBE05EA23DF77, A35626F6EE1F64D7EA7E59AA005F1DD6D2CACF06054EF445DC09505186235110 ] icssvc C:\WINDOWS\System32\tetheringservice.dll
12:31:30.0023 0x1b1c icssvc - ok
12:31:30.0116 0x1b1c [ 27CF510EE82D05DC2B1458CE235A53F8, DCC3E475D31339EFE14450BFF11530DB53D75C5C69A25F9B6FC0F34955F8D9F1 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
12:31:30.0179 0x1b1c IKEEXT - ok
12:31:30.0320 0x1b1c [ A05F6825BB6734E7C0DCA9C65267A46D, 342B7D8F0CC744452BF760BC0095A41885E7980E5C3A7810CD0113C32988E2D8 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
12:31:30.0335 0x1b1c IndirectKmd - ok
12:31:30.0632 0x1b1c [ 9C69F7874F63CD6F1FFCA81CCBD12C6B, 7CE32466E59C38C96EE0EBA196271CA57245166A808A6BBD77900BD2E3F39B6B ] InstallService C:\WINDOWS\system32\InstallService.dll
12:31:30.0788 0x1b1c InstallService - ok
12:31:30.0820 0x1b1c [ 91CB4185E2F6F788C12772D801D3FBBC, 3084E7CD3BFA0ED4B295422859841C67CB079ED6F52EB53EA91B6015EFD1C67A ] intelide C:\WINDOWS\system32\drivers\intelide.sys
12:31:30.0820 0x1b1c intelide - ok
12:31:30.0866 0x1b1c [ F69E568B1C57023AF5C0F2A5C663F437, 7F0541A164F73F87652300833296D0D5D3DA7A135C3EB67FA585DAE21146A630 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
12:31:30.0882 0x1b1c intelpep - ok
12:31:30.0945 0x1b1c [ 0F584F6D6BF5F171252BA14046C37B80, 0E86924E73208DA27438F5FC72E6BE36371776A2A625EA614F9CF613417EB543 ] intelpmax C:\WINDOWS\System32\drivers\intelpmax.sys
12:31:30.0945 0x1b1c intelpmax - ok
12:31:30.0976 0x1b1c [ 9B2E6151CA2F8594C33734BC0CEE7758, E7CB9262C72DE39109963D96CBEAC026C756D3875F5241D7BAFE677C27B8E6BC ] IntelPMT C:\WINDOWS\system32\drivers\IntelPMT.sys
12:31:30.0976 0x1b1c IntelPMT - ok
12:31:31.0023 0x1b1c [ AAC2E797BA594BE0C19074B9B35B1D13, 77894460F026F0A2E333819F68AE9B1E8C4F093A92D28366D825A5EDC1E9F992 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
12:31:31.0038 0x1b1c intelppm - ok
12:31:31.0070 0x1b1c [ DC0DACE9FEA3EC26E1B9BB70817F07BF, 690D999B34788205C0F8F82DFA4804CDACF9C533A2DF76CA69FB094675B0C450 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
12:31:31.0085 0x1b1c iorate - ok
12:31:31.0116 0x1b1c [ 5C7F49E03CB720E2FC0C3D2D0D90875C, 2244E16CBAD8013F673ADC05A5705A8FC321AE1DA80E4DD49A9906B787444E32 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:31:31.0116 0x1b1c IpFilterDriver - ok
12:31:31.0195 0x1b1c [ 4EC022D90A8D97725DFB4A637A83857E, 89E1F71568EDD033B229414D9583F6A69A2DCE049741499254F6EF55DD1BBBEC ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
12:31:31.0226 0x1b1c iphlpsvc - ok
12:31:31.0257 0x1b1c [ 11664F684BB5686B137BF52B63CCEBC2, 70899186D34B7ACC9DE1B3F81ECDF1DCDF30169DED8645BEB4D7BD6FAA158B4A ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
12:31:31.0257 0x1b1c IPMIDRV - ok
12:31:31.0288 0x1b1c [ A8D115FD40B692820821BD03BA3AFF2E, FC9BFFAC66312EEE65A0B1AD9943013F933EF654D6B72541B50AA7269F3E6FA8 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
12:31:31.0304 0x1b1c IPNAT - ok
12:31:31.0335 0x1b1c [ F02DAA89DA55EBE2156C133241A49B07, 6257BD401CFA23C4FFF35F373F87BB5264926023D36F7D15835D5982C9CC84E6 ] IPT C:\WINDOWS\System32\drivers\ipt.sys
12:31:31.0351 0x1b1c IPT - ok
12:31:31.0398 0x1b1c [ AA379FA5F470DAD3BFE80139C21EED0A, 6312003F21014B5AF352991E9F35C8076F2EF95748336FFBED016D40A1F8F494 ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll
12:31:31.0413 0x1b1c IpxlatCfgSvc - ok
12:31:31.0429 0x1b1c [ 7637E8DB3E13E363DF02E664DBABE034, 7DFC76F2818CD6835DADADE1D4722917BDB0221FB1898282516D15455EDBF405 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
12:31:31.0429 0x1b1c isapnp - ok
12:31:31.0491 0x1b1c [ 48231AF180A21B6AB6D444AEEA476FD9, 43ECA181B3D990965CB7C29B0658FA8FB0CF3D245D1F6933A10BF770B270A9CB ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
12:31:31.0507 0x1b1c iScsiPrt - ok
12:31:31.0523 0x1b1c [ ABE7DB01E9FDC1671D46F2DC31891070, 1A811681951307119B851C9957586F1D08406F1AC3DD75CB425BDFD96D47E5B5 ] ItSas35i C:\WINDOWS\system32\drivers\ItSas35i.sys
12:31:31.0538 0x1b1c ItSas35i - ok
12:31:31.0570 0x1b1c [ 15258861A6EF1BC6F338A270660290CA, 962DABCAB5DC4C5C62FE0D0DE05B3C822458A87235898219315F289310FA514A ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
12:31:31.0570 0x1b1c kbdclass - ok
12:31:31.0616 0x1b1c [ 22825D33537A70156859BC07B5D34C01, 68B54B5AC1658B18BD34EB8EDC5125248383DDE597932898E6E1BB4B5210D925 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
12:31:31.0616 0x1b1c kbdhid - ok
12:31:31.0632 0x1b1c [ 2A9D448413D2B4D3BA9503CDDECF552E, 149CF46638B33C456E83747B49E317D5F7F717946802EAEC77941D4F5AF4DAEE ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
12:31:31.0632 0x1b1c kdnic - ok
12:31:31.0663 0x1b1c [ EDBC355D76BFC9541E525C922827648A, 1352CF122083A8174C1CF88DCBCEED63278D41E4A0AA535D866F64AF45DB2E80 ] KeyIso C:\WINDOWS\system32\lsass.exe
12:31:31.0679 0x1b1c KeyIso - ok
12:31:31.0726 0x1b1c [ FEE0F8C8BB207EE8097FDB824F00CB89, D32D0E3BEBEAD8CF01E38BEFCEBA0BEF22CF7A02375B5603B4ADFC0EEC4E7B82 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
12:31:31.0741 0x1b1c KSecDD - ok
12:31:31.0788 0x1b1c [ B4F8BFA82AABFB81B2642B1C68AC2CBC, 456A88CCA8083CEDCDAD4E51BD7D356ED88B05BA60204D176E9AB44D27C8B1D0 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
12:31:31.0804 0x1b1c KSecPkg - ok
12:31:31.0835 0x1b1c [ 911DA372EB13EBD31FD9688E2B4FB0B6, BCCC950CA35A13AB82C0188ABAB9D12C28D9AD8F3FA811E3E2F9422EFBEFAE5E ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
12:31:31.0835 0x1b1c ksthunk - ok
12:31:31.0913 0x1b1c [ DB3D258EC54D52DE37002E18F212718D, 4AF8077DBC9453E1E632DF8217D7CC861C3041E76A1C3A13DCC945318C7FCC00 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
12:31:31.0991 0x1b1c KtmRm - ok
12:31:32.0054 0x1b1c [ 4E444F41E69BBE2E0BAE34D5DFCB5732, ACAEFB839CF7A3113D026B9A715994C3DFF8797D73B991253959EF606C4FBC00 ] L1C C:\WINDOWS\System32\drivers\L1C63x64.sys
12:31:32.0054 0x1b1c L1C - ok
12:31:32.0116 0x1b1c [ 72D623BABC60258AD59FFB98EECA5C4A, 85E43F293BCD128E3E02E786B0FCB46BB4F879692289B6149C423DBD2EDC65A9 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
12:31:32.0132 0x1b1c LanmanServer - ok
12:31:32.0210 0x1b1c [ B351D7596388F97787A4CDD0ED9D6511, 4D4AE186608AEAAF15578E5E6F0DB4F3E764564AA9C4EBDCF70301C9D935F188 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:31:32.0241 0x1b1c LanmanWorkstation - ok
12:31:32.0320 0x1b1c [ AA191A6CE99DBE5BF09DB62CD183F7C0, 48F9C4C5CED9BE1E7B4D4EC4D3AD327FBC0334FF35913A016F85872C2859E3FC ] lfsvc C:\WINDOWS\System32\lfsvc.dll
12:31:32.0335 0x1b1c lfsvc - ok
12:31:32.0366 0x1b1c [ 0ABC137A3305CE4517647B3792E11660, 24E8488426C8FC91ADA3629739B5153B5C1D328110906AF7AA882E757328C664 ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
12:31:32.0366 0x1b1c LicenseManager - ok
12:31:32.0413 0x1b1c [ 2543CDA3DFEB3B621C71D80D3E4819B0, D2D6E9240F7C0E94890FFA4E1034221D1478165CB37BCB230F9C7DC571483DA4 ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
12:31:32.0413 0x1b1c lltdio - ok
12:31:32.0460 0x1b1c [ 67A93D9ACA132316644EB0EACF01F356, F55ABAABAF6C76EAB04EEA50D6418845218101F52A2F6C0CF6115B928D246A2B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
12:31:32.0476 0x1b1c lltdsvc - ok
12:31:32.0538 0x1b1c [ 2D2AEDE03B00CE302243984063447B01, 57BCE49559298CEBFC3A05BA51906BBDCD459922064B0C7D05513752029F5DB0 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
12:31:32.0538 0x1b1c lmhosts - ok
12:31:32.0601 0x1b1c [ 9C4B8664C33A5DDDACB80FD096B07811, 812347502477DA224385D49BC8FE8E61C4EA0DF7C6195CDB86D669454EDD8ADE ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
12:31:32.0601 0x1b1c LSI_SAS - ok
12:31:32.0632 0x1b1c [ C5A94F681B6A8BBA90933A989FB4C166, 31B6EE1E693C5ACFA7771826A535C97A81CD34753D9606A7F80CFCA38D5666F2 ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
12:31:32.0632 0x1b1c LSI_SAS2i - ok
12:31:32.0663 0x1b1c [ 32D9F015029F774C6EE5E1FC5923AA62, 8260A076502AFE928E0EBCE1D9C80D873FB61BB081156C6C27EC4EF8DFBA35A8 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
12:31:32.0663 0x1b1c LSI_SAS3i - ok
12:31:32.0773 0x1b1c [ FE451A58445D08835DDFEF5B1C7CD096, A538C9B65D035325AE301B00E9FCDB29088A5954F10296F581BA09081C1E4BC6 ] LSM C:\WINDOWS\System32\lsm.dll
12:31:32.0804 0x1b1c LSM - ok
12:31:32.0866 0x1b1c [ DB1B5E7412654CA0219A2371D471D688, 1D7623CD37D1B852F335306908B8CA6FAAD57D7750D520F443301065AB4F8F35 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
12:31:32.0866 0x1b1c luafv - ok
12:31:32.0945 0x1b1c [ 1E7BE453FA2201B02D4EEAD43BBD84B7, 7359FCCDDF9ECCFDD5A996054BC9C1DE59D98046D804877361025F95A7EC10A0 ] LxpSvc C:\WINDOWS\System32\LanguageOverlayServer.dll
12:31:32.0976 0x1b1c LxpSvc - ok
12:31:33.0038 0x1b1c [ B8FF1A8697E31AAB73723AEF03BEF52A, F6F2E83BE5952241C19FBC4865F0B62C730BCD5C25D04E6707AF010616FD165F ] MapsBroker C:\WINDOWS\System32\moshost.dll
12:31:33.0038 0x1b1c MapsBroker - ok
12:31:33.0116 0x1b1c [ E43B60F24BB671C131AA4885AB9E9707, C9A06384A43FA83832DD3B50B22B6ABA4C2844F185AD1BE91182CD52B32CE250 ] mausbhost C:\WINDOWS\System32\drivers\mausbhost.sys
12:31:33.0304 0x1b1c mausbhost - ok
12:31:33.0319 0x1b1c [ 65F2F876BB577AE51B3D16B63D205E85, 788F55B6A5BCBF481BB1D97DB7E874334376A1A731E0F9D2B94B7DFA85E3BFBD ] mausbip C:\WINDOWS\System32\drivers\mausbip.sys
12:31:33.0335 0x1b1c mausbip - ok
12:31:33.0366 0x1b1c [ E271A915B084D17C4B18C26F8EB62EC9, 1D498436BB314813551704A3E46570CB3216224D6DAE5473598DF0CEC3C5577B ] MBAMFarflt C:\WINDOWS\system32\DRIVERS\farflt.sys
12:31:33.0382 0x1b1c MBAMFarflt - ok
12:31:33.0413 0x1b1c [ 5C263054E920632932D800066B13DA73, 2D687C227B78F5566C07D105DE794F5429A60D395D24CEE11DBAC5178BB12090 ] MbbCx C:\WINDOWS\system32\drivers\MbbCx.sys
12:31:33.0429 0x1b1c MbbCx - ok
12:31:33.0491 0x1b1c [ 72A87A01B4764691CE2525D7E7A3D10E, AC082A7C14E486768F02D051EB4B1A5CDC13FD8651F3FFB85316AE75440B7CAE ] McpManagementService C:\WINDOWS\System32\McpManagementService.dll
12:31:33.0523 0x1b1c McpManagementService - ok
12:31:33.0538 0x1b1c [ AA46E3B49296D30474F82E29BFE6AD48, 887AA95210BA6E8C57DD8EC6D927F8DC6369F2E0654B098E40677BEEC5C0F723 ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
12:31:33.0538 0x1b1c megasas2i - ok
12:31:33.0569 0x1b1c [ EBBAC71160B8D2A7AA4E64412FA50472, 5585413540E20B12E81F3C398CBDB5D98211F00509FC4CB3FCB3F7F7FF9C2C14 ] megasas35i C:\WINDOWS\system32\drivers\megasas35i.sys
12:31:33.0569 0x1b1c megasas35i - ok
12:31:33.0648 0x1b1c [ 355EA7AE2AF21F6930994B42B89E0AD5, E7299568C692641CE67C1F6A9A7C50AAD90F5CDC493D586FBF91BB37854A97DC ] megasr C:\WINDOWS\system32\drivers\megasr.sys
12:31:33.0679 0x1b1c megasr - ok
12:31:33.0757 0x1b1c [ DDE426C3540DEAB3B5D5843F1ABB8C34, 6518363DF8F02C30ACD8D544A2CC2A75A775285CEB418DC3D6B97F8D9CF93B43 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
12:31:33.0757 0x1b1c MessagingService - ok
12:31:33.0960 0x1b1c [ 90EDDCBA87C7630375A20A12142FFCBB, 896D5F5E8A24817B32F85F5818F7F79E3B2EE6BB176D98CB18FC2A05636012BF ] MicrosoftEdgeElevationService C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\elevation_service.exe
12:31:34.0429 0x1b1c MicrosoftEdgeElevationService - ok
12:31:34.0476 0x1b1c [ CB5CDCBDB66C74B582EFDE1D1922543E, 01E5B64404E503A31CB23DAEABC5488DEC874D89D1B2B1AF047A80DCA588097B ] Microsoft_Bluetooth_AvrcpTransport C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys
12:31:34.0476 0x1b1c Microsoft_Bluetooth_AvrcpTransport - ok
12:31:34.0538 0x1b1c [ 1BDDEB4B9A4E93D1F804CA81DB00EC37, CB6789D1B16F49D500E4B10C14BD37D65EC54BE67F5CF2220B254957F79BE249 ] MixedRealityOpenXRSvc C:\WINDOWS\System32\MixedRealityRuntime.dll
12:31:34.0538 0x1b1c MixedRealityOpenXRSvc - ok
12:31:34.0585 0x1b1c [ 604846954365B099CFE8452E0EB28931, 86EAC6E3C89279A83C7FDD4484B7EDF25283B87C358F2655759AAEC1D61DF922 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
12:31:34.0648 0x1b1c mlx4_bus - ok
12:31:34.0694 0x1b1c [ 3DE1B3B7D4871E4B7AC39BB8B3C2E197, 3F48E4A8E47B3D3E028504C1B7351A0497C193619A92E11D7D6458EB82E1283C ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
12:31:34.0694 0x1b1c MMCSS - ok
12:31:34.0773 0x1b1c [ C2E7DBAC0108BB05B488A1BA00033EEE, 64E9D95723F3C73E96DFBA5BC04333525313C73DE641F024EC1BFBD389E1F36F ] Modem C:\WINDOWS\system32\drivers\modem.sys
12:31:34.0788 0x1b1c Modem - ok
12:31:34.0804 0x1b1c [ C8E19E57C93EFE447B0C48ABF7D253C3, 403C4FF5D6DE5A13712001ECBFC8C4E0067E02A94D835921F009022B517060C4 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
12:31:34.0819 0x1b1c monitor - ok
12:31:34.0835 0x1b1c [ 6CA29C30366B5FBB832D541B536DD70C, 27ED25B6DE5860E9E528885D7E21DBE3DA67938CBDC0117484C238FFD3FF05D0 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
12:31:34.0835 0x1b1c mouclass - ok
12:31:34.0882 0x1b1c [ D7087BE51D31A2791A9A7568FAD474E6, F7029134EA217A8479F273543E17D6D7F3BADA3E2BCAF255B435083A7AF0FE0E ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
12:31:34.0882 0x1b1c mouhid - ok
12:31:34.0913 0x1b1c [ 3433A0A7F5157A7479F400D26EAD2929, 431AE2ECC78F1697B6E7DBD098D41D912B5DF5F2C822698841715058F9AC4A23 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
12:31:34.0913 0x1b1c mountmgr - ok
12:31:35.0007 0x1b1c [ D80C4ABA0AFE02BFB75025087CEBB09B, E1BD8385AA61F645C6390BD8A67D3EBB72A5B938FB50C66A7FBF2601D69BA2DF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:31:35.0288 0x1b1c MozillaMaintenance - ok
12:31:35.0335 0x1b1c [ F9DAC9B2D71BCFA21A60EE02EB415DF6, C9D36970D32B42F4C50895FECD4012309C3C079F99C355DE409CAC4F6E48D804 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
12:31:35.0351 0x1b1c mpsdrv - ok
12:31:35.0491 0x1b1c [ 82A0FE6082AF8B3F8761164BBE6603A7, 6C82A0CF7967E03AFDC641BFD2069104246038D84BA7A6A662DA99DC09029ABA ] mpssvc C:\WINDOWS\system32\mpssvc.dll
12:31:35.0538 0x1b1c mpssvc - ok
12:31:35.0569 0x1b1c [ 2812443D5E2E7DE1F1C62EA8598F277C, F2317E6EEA3E9F4593DEB86D8AF440A7E2CF6FECCDD0F95FBDC4A0C954501154 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
12:31:35.0569 0x1b1c MRxDAV - ok
12:31:35.0632 0x1b1c [ F4F763B244439ED3B1D35DB0B4AD2F6E, 6A7FEC5A1A7FC801E120860B492704F9B7C9260E4365AF2BC97E20543BE1A8EF ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:31:35.0648 0x1b1c mrxsmb - ok
12:31:35.0788 0x1b1c [ 5906DED96DAD9FC6361CEA52099C007B, 5EF6E6C20047C4D768450054199E57B050D1B7AEE9C97098B6DE8FE574B27205 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
12:31:35.0788 0x1b1c mrxsmb20 - ok
12:31:35.0866 0x1b1c [ 0260E48F334DD21B4F1C03C4CB0A6A6A, 7D179EB02BCB185276FFA4DAD7F94666AB7A1B0BFF9941D457E0CFB6D634FE8B ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
12:31:35.0882 0x1b1c MsBridge - ok
12:31:35.0944 0x1b1c [ 4930C14D63B151D879D420E4F3CF9B1B, 0C0CA734583F917C98404936B4B72441E0157B93278E503B7D4C206016EC39F9 ] MSDTC C:\WINDOWS\System32\msdtc.exe
12:31:35.0976 0x1b1c MSDTC - ok
12:31:36.0023 0x1b1c [ 92537717F54D9D4AA8D07E3552E8EFC2, D8E242009BC4B891DD01B83855E15FDC3DDB2FC554EB0DF653368FFFB690A184 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:31:36.0023 0x1b1c Msfs - ok
12:31:36.0069 0x1b1c [ C4DD8A437BB49DA5D94381E875A1D86E, 462D7A9754F1BFFAE6922FC3B35D8641F118ED75659BC9C62EDAE0B4523380B5 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
12:31:36.0069 0x1b1c msgpiowin32 - ok
12:31:36.0101 0x1b1c [ 3412A3BAF857DA54F998EFE39415D83F, 9739ADCF844BDFC3B824D3DD79961B65D83113BF3A8A12C4AC8D17E8C1015744 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
12:31:36.0101 0x1b1c mshidkmdf - ok
12:31:36.0116 0x1b1c [ B8AB580298C0FE4380D2E330DC25A3A0, 89EF0E9C81E6351603ED1149C8E1B17EFFF149ED486A4F92F09FCB60F1FDDDE7 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
12:31:36.0116 0x1b1c mshidumdf - ok
12:31:36.0132 0x1b1c [ EB140A71038DE0586627151E88B2C26D, 6A164C7DD29EF3E04E068D963B097DF15D336DC8992DD2ACE0D120AB7791F075 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
12:31:36.0148 0x1b1c msisadrv - ok
12:31:36.0179 0x1b1c [ 4878EB586669CD01B257ACCB3F294AC3, BA346EC47C665A9EE135A8DD0558D0860D5BE596BBA00CC53EFC4DDD9CB3B2A9 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
12:31:36.0179 0x1b1c MSiSCSI - ok
12:31:36.0194 0x1b1c msiserver - ok
12:31:36.0226 0x1b1c [ A0EF409B2571D5DD6CB898FEB5861A17, A3B300408E26290028141B648F6139E0D25E6816A62D4D7B73EE1C8EB5C4E871 ] MSKSSRV C:\WINDOWS\System32\drivers\MSKSSRV.sys
12:31:36.0226 0x1b1c MSKSSRV - ok
12:31:36.0304 0x1b1c [ 03CD44AB4BF011CBCCF0B1776F901A6B, 426807D4F00BE028C5C2EB8A8A02C5AE28E5D9443A8A97644A2CDFD5C8604C2B ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
12:31:36.0304 0x1b1c MsLldp - ok
12:31:36.0335 0x1b1c [ 667FE2A067E23A8447C623823B95F65A, 0CDA35958FA575FA50CAF8F1234BAA31E74D76618131B15D455573903B296C44 ] MSPCLOCK C:\WINDOWS\System32\drivers\MSPCLOCK.sys
12:31:36.0335 0x1b1c MSPCLOCK - ok
12:31:36.0335 0x1b1c [ A156C9EFAC86DFEC36C6C6D9027CAC5C, 8A904528F1387F50F3AF04FA30A250A95858DEE17D3AB76D9F1A8E90DB9FF795 ] MSPQM C:\WINDOWS\System32\drivers\MSPQM.sys
12:31:36.0351 0x1b1c MSPQM - ok
12:31:36.0382 0x1b1c [ 209FD673358E10D1475F051BE87C94AF, 2EF097EA1C01619CDF08467C709CF8F93A7945D87FBF2290602F520403D094D3 ] MsQuic C:\WINDOWS\system32\drivers\msquic.sys
12:31:36.0382 0x1b1c MsQuic - ok
12:31:36.0429 0x1b1c [ FC1E51A334C846D1B77C407F04DA82E7, 9B7CC54861F2CB1D87D87192646E8B3C35C78E9D715EC727F88D2CF4AE33A5E0 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
12:31:36.0444 0x1b1c MsRPC - ok
12:31:36.0491 0x1b1c [ EDBE3C3B9788996286F74A402F631D46, 7A9BFC0AD45F861137FA743034AFAF979F2B336BD94D130F6E02C94F63984F37 ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
12:31:36.0491 0x1b1c mssmbios - ok
12:31:36.0507 0x1b1c [ 67B4FD16B4758C0180515E4894F7C330, 3FC1BE4FDD9C20E243C7003F53B41CC6E49DFB27B9E6F44A8BBEF4BBF2C5CDE4 ] MSTEE C:\WINDOWS\System32\drivers\MSTEE.sys
12:31:36.0507 0x1b1c MSTEE - ok
12:31:36.0554 0x1b1c [ BB282D0C76DF1E4A17CF3FE12E20C899, DA6D21FC0CC29F5277B16FC7249911D4D64E22718404EC6A59E408BC7975DEC1 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
12:31:36.0569 0x1b1c MTConfig - ok
12:31:36.0585 0x1b1c [ 2DC9FF251D7B3ECFA76075641A64BEAC, C8D3F29F0035241732AD0A72BA9E49EC694993FDD678248758780AEBD1FEC560 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
12:31:36.0601 0x1b1c Mup - ok
12:31:36.0663 0x1b1c [ 36BCBD78BDA75295B86CA10604818537, F660C10DBAD46E19D3D50A38DECF577C71A8F372D49455BD7F7FB11B3EA92C8D ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
12:31:36.0663 0x1b1c mvumis - ok
12:31:36.0788 0x1b1c [ 43C4FF1902ADBA39138C3C5EDCC786F3, CF3B6B6385DAF514504B48F00247BFA082DCB1A383A6E96ED28E74B244496089 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
12:31:36.0804 0x1b1c NativeWifiP - ok
12:31:36.0882 0x1b1c [ 3E01AFD00BF4455319789E32F30EF819, 5ED780F9CDFD5EC5E96E045EC94EF0AA98AA11828A0B09001E7EE7036B1EA465 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
12:31:36.0913 0x1b1c NaturalAuthentication - ok
12:31:36.0960 0x1b1c [ D205FDB9678F150DE94695A506C493A5, FFC3C27A42C44DC197E4D6FC73FCCF20718112B434254316A8125FD146D6A0B7 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
12:31:37.0007 0x1b1c NcaSvc - ok
12:31:37.0069 0x1b1c [ B5D8D4F4129EA7BD55F0C1A4AF479AC0, 13389ADDC481BB0675F4362F4CAAF7494450E4283EF5143CE099C6FE3367B293 ] NcbService C:\WINDOWS\System32\ncbservice.dll
12:31:37.0101 0x1b1c NcbService - ok
12:31:37.0148 0x1b1c [ AA2029FC28AAAA89263CD25A337FDF68, 02D3E42DC3C51CE71FF6EB5E4E956F0B04FC81930030B7EDB1D4868F54DF06E4 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
12:31:37.0163 0x1b1c NcdAutoSetup - ok
12:31:37.0194 0x1b1c [ 3FC08EAC818A5A4FF1185A39DFF9D4EB, 28FC288B2C05ADAE73203055BC97A31AFA7D07944F9636EF68A05A7ADB6D287C ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
12:31:37.0194 0x1b1c ndfltr - ok
12:31:37.0304 0x1b1c [ E5185F8052C62BFA4F1846820BCDB332, F974C24C11A8FD43F85B643C1F8BEEEB55B99CBD63B1001C53AD11E75090DD1F ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
12:31:37.0351 0x1b1c NDIS - ok
12:31:37.0429 0x1b1c [ FDB39B447E658AB65C4145C408C5CD68, FD053FCE0209CC815E1FD63751E0893951D986447B9548F8F6EBC207668033C0 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
12:31:37.0429 0x1b1c NdisCap - ok
12:31:37.0507 0x1b1c [ 71339A7F9EE55E22401C78EC29E01090, 2624D1755B361BCBA735FC7B6FC610C1C45EA63EABF58FC895100B979A3B9068 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
12:31:37.0835 0x1b1c NdisImPlatform - ok
12:31:37.0866 0x1b1c [ 72BBE9AA96E5A5ABB5370E0A00815FB5, 70AA79A87EF120C19212B054196E3DBEF19AE767D0351651CFD9646A5E68F196 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:31:37.0866 0x1b1c NdisTapi - ok
12:31:37.0897 0x1b1c [ FA0580BAB81E9ABDA1F810419D06DD55, 6058C93F34FAFD3EC0538DD5EC248847B53DF8637F1909A68F667AEA6E674EE9 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
12:31:37.0897 0x1b1c Ndisuio - ok
12:31:37.0960 0x1b1c [ 9C588136181EB353D95688A08D06986A, A420CC2B754636220DA280990F2CC8208DB973376A4315D34D5E7F8CFFFE789B ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
12:31:37.0960 0x1b1c NdisVirtualBus - ok
12:31:38.0022 0x1b1c [ 8EF7FD09E91F1A30EF215C619CBD9279, 3E3DF781D1DE4B202C701EF246AE7015349C2C191CF12782A597F84602097DBD ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
12:31:38.0038 0x1b1c NdisWan - ok
12:31:38.0069 0x1b1c [ 8EF7FD09E91F1A30EF215C619CBD9279, 3E3DF781D1DE4B202C701EF246AE7015349C2C191CF12782A597F84602097DBD ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:31:38.0069 0x1b1c ndiswanlegacy - ok
12:31:38.0101 0x1b1c [ 6366BA226672F29DA80E7269151F0902, 74E43C291BB9A1123CAE50E0F09A4C89D321748A8E9CF9D6AA785DBB4845074E ] NDKPerf C:\WINDOWS\system32\drivers\NDKPerf.sys
12:31:38.0101 0x1b1c NDKPerf - ok
12:31:38.0179 0x1b1c [ 85FB2EB25772DC90D5E94BA7B3C9B35E, E4E2E5528851FDBDB059066FBC2C1C6D473C947F79ECDF7EE7BAE1F6D1D038DB ] NDKPing C:\WINDOWS\system32\drivers\NDKPing.sys
12:31:38.0179 0x1b1c NDKPing - ok
12:31:38.0241 0x1b1c [ CCFFF1078A54B1940EF5F801A0F5B1A9, 6ADC5420987E865297683596C5554C5CF96A0282B22669A9A7FC53BAC27E2894 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
12:31:38.0241 0x1b1c ndproxy - ok
12:31:38.0272 0x1b1c [ 91B22A7E087712FC655D9F118DEC907C, 7671E5387C44A3C2A11E06302F9C80B054ECDCEAA057BA26E8CF39720D7EE8D4 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
12:31:38.0288 0x1b1c Ndu - ok
12:31:38.0319 0x1b1c [ FD3563AFD0E8F4BFAC2E94B0365FA9E7, 80D5BFB45EA4CF733A85551BFC3E10FEF6C8DCDFFDC4ECCE0B0B386D214E6789 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
12:31:38.0335 0x1b1c NetAdapterCx - ok
12:31:38.0351 0x1b1c [ B9FB278E9F97E8AEAE005670F190C960, 3A18BBF012C9737A3911F06339130304B9E7BECF8E37AE83EC19090352948106 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
12:31:38.0351 0x1b1c NetBIOS - ok
12:31:38.0429 0x1b1c [ 7600AA54B18FBD6B0EA1FA970EB762C7, 5F7E45605BC6B05C56B560DF981A20911AE87158D501D99ADE8960FAFCDEF43C ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:31:38.0444 0x1b1c NetBT - ok
12:31:38.0460 0x1b1c [ EDBC355D76BFC9541E525C922827648A, 1352CF122083A8174C1CF88DCBCEED63278D41E4A0AA535D866F64AF45DB2E80 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:31:38.0476 0x1b1c Netlogon - ok
12:31:38.0538 0x1b1c [ 539D493B2D9879D714EC783878ECBA61, 86B1A93D7D3F478276042FD9B8BAD5A88207576CC7973FA4CCA55D3735F2BC15 ] Netman C:\WINDOWS\System32\netman.dll
12:31:38.0710 0x1b1c Netman - ok
12:31:38.0819 0x1b1c [ ADE3E18D5DD3678ABCE979977ED5DF27, 78094762F40DEF759F4E856E1B6D5AADC1B0A79994F9EC1670642CE297564E7D ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
12:31:38.0851 0x1b1c netprofm - ok
12:31:38.0929 0x1b1c [ 12E11627E0018D48D2CD907B0F99F35A, CF6860012683CBE7274E39CFB9597545F927DF9DD1D3EA714F98E76A718154DB ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
12:31:38.0944 0x1b1c NetSetupSvc - ok
12:31:39.0038 0x1b1c [ DE2AFB6FE857A1C5C1FCF02A82459256, 780E2E990A929D4C6AECB998E0A8FAF2C2174A39EBF1AD55E10AEC763E9D7A9D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:31:39.0054 0x1b1c NetTcpPortSharing - ok
12:31:39.0147 0x1b1c [ C1D7B2DBA077749051C7CB500A8880D5, 7EB58153538D3992548ED68BEF91DA24DC199B4395DDDCDB66885E6A66734DB0 ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
12:31:39.0163 0x1b1c netvsc - ok
12:31:39.0241 0x1b1c [ 160F8CCA3A3FB756B68D555ACFE3F3DF, 14CC7C071144DB7BE0BAE447614040E723FA2EBAD279E3363CDAAF5F001C3338 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
12:31:39.0288 0x1b1c NgcCtnrSvc - ok
12:31:39.0413 0x1b1c [ 41708CBD41DB77FF5EB73DB7E848620F, 23CEFD07F3469751B2233C9EA26FD7FAFF2D42EA5777C16F8D4A23E9D5D90897 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
12:31:39.0491 0x1b1c NgcSvc - ok
12:31:39.0569 0x1b1c [ 39DBF95A7B0C80FB18C2E96577EED318, A040EF3736F56C5ED0A40113DC8E6F549E2A1963341D3393F6B8AB341C97C472 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
12:31:39.0585 0x1b1c NlaSvc - ok
12:31:39.0601 0x1b1c [ 56DE8194731308034D14517018B750BD, 583DA9BBB1C4C28F995712041655F2409BEF2F45991D5E90A8050DD3382D1F69 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:31:39.0601 0x1b1c Npfs - ok
12:31:39.0647 0x1b1c [ EF381B4C59D31DC2780AA9E5E653F374, 71587E8B8EFA9FE1E32DE80CD1AD1554B1D79496D81191DEF3735A33894897F3 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
12:31:39.0647 0x1b1c npsvctrig - ok
12:31:39.0710 0x1b1c [ 9B47A6EF94C46DD08E78420E2CDC8E4E, 5787CC746982C70625D570902A06BBBA9FE0B4E0A678880E3187FEDB425BC002 ] nsi C:\WINDOWS\system32\nsisvc.dll
12:31:39.0710 0x1b1c nsi - ok
12:31:39.0757 0x1b1c [ CBE1F385781772B5590A08CB8A2A3F22, D8C01A04C628697631ED635F3E94A40947AB31A5D1F3118CBABFD37EE01800FE ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
12:31:39.0757 0x1b1c nsiproxy - ok
12:31:39.0944 0x1b1c [ 7FA53E17AD11D832BE28E9D8331EB446, 1C38946D7CDC55F6E6CCA788E12B10D7433DD6EE5546DCA079F110E69CDB0406 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:31:40.0100 0x1b1c Ntfs - ok
12:31:40.0163 0x1b1c [ FF78C851641C776964D2910001E3B4FB, 03E85CCB2BF0FF8DA8BC0BF35EBE1B72E60026D53432D6C17BF4BF4C6C57D1C7 ] Null C:\WINDOWS\system32\drivers\Null.sys
12:31:40.0163 0x1b1c Null - ok
12:31:40.0194 0x1b1c [ 71F7C0D4B2846E93C713E1CEFE6826DD, CC67C118880784CE57395F5F7E1C00165638DE327548201C2AA731AAE6D261B2 ] nvdimm C:\WINDOWS\system32\drivers\nvdimm.sys
12:31:40.0210 0x1b1c nvdimm - ok
12:31:40.0241 0x1b1c [ 951B64D61CBEF76C1D7B6009F1AC0FDB, 2975F06F879551ACE54178882C61964D42ED646F48B23C01637ECD8DA92CACCF ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
12:31:40.0241 0x1b1c nvraid - ok
12:31:40.0288 0x1b1c [ 512D2F0EAED8DCEA2174ED1A3A82AADD, CB784A18223EEE9D74304D948EE6B40DE80C44D7CC7F5652D7C2B89AB608ECD6 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
12:31:40.0304 0x1b1c nvstor - ok
12:31:40.0350 0x1b1c [ 262B978EE14E3DA791E3EB510C534272, 92725EFC1DAF428B9E6B29717DEF7557A0A2728C89BF93835FCFE5B2AEBF5AD2 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
12:31:40.0413 0x1b1c OneSyncSvc - ok
12:31:40.0491 0x1b1c [ E4AA7BF7BA42230812944D00573FB11E, F020E1EB4E209471F8BEA69EA7F8D92753548E36787F60BEEF6C74D1282F04B9 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
12:31:40.0507 0x1b1c p2pimsvc - ok
12:31:40.0554 0x1b1c [ 063CF1C358992EF7450919D9B906D28E, 68C6E458C71B9065E58ADB6931EE344FDF0FDB4A73EEBE1FAD8B4F0464D32DED ] p2psvc C:\WINDOWS\system32\p2psvc.dll
12:31:40.0600 0x1b1c p2psvc - ok
12:31:40.0663 0x1b1c [ 134C9CA8A4EC6D323135B7A14329D76F, 2C79F8638BD5F04EECA999243787CAE6B3903CA65C5D44ABB5017B9D73143D7A ] Parport C:\WINDOWS\System32\drivers\parport.sys
12:31:40.0679 0x1b1c Parport - ok
12:31:40.0725 0x1b1c [ 5B3506DA374D7CD8A1BF92CA8BBF26BA, 9E60509ADED610DCBC63C7053F696A2E9632D0516933D7CD6EDFBF074FB7B079 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
12:31:40.0725 0x1b1c partmgr - ok
12:31:40.0850 0x1b1c [ 0701BFE04154DAD575506E0A668BB139, 4F17DAFFBB658D333A7787879165A1B0A7B02A2A5A200F6B9D5B4343E64C529C ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
12:31:40.0882 0x1b1c PcaSvc - ok
12:31:40.0929 0x1b1c [ CDEE7363A8529DDC155A26E813C947F2, F7CD076D9CC573F1CCDE9539B2B08E618BD2926AA8F6C2C76964627DC2CDFF91 ] pci C:\WINDOWS\system32\drivers\pci.sys
12:31:40.0944 0x1b1c pci - ok
12:31:40.0975 0x1b1c [ 0ACA5DBD78CDE92A60C2B949D7DBD64B, E0D247521555D3335CEBA3969D6313325F411314ED47AED24AF3DE563CDD5C5F ] pciide C:\WINDOWS\system32\drivers\pciide.sys
12:31:40.0975 0x1b1c pciide - ok
12:31:41.0007 0x1b1c [ EC45D330EC275EE75639C0D08431E78D, B6CB69D6345A815C885D6BAA705B6C189908B290C7912A6947EB2D1A6F651760 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
12:31:41.0007 0x1b1c pcmcia - ok
12:31:41.0054 0x1b1c [ 603103D061D2C6F0E082E2290C3CFA9B, 7F6EF6EF73A60847A7DF9C7887F8453D27E66B7FB3D6CE86E3C12819E08747DA ] pcw C:\WINDOWS\system32\drivers\pcw.sys
12:31:41.0054 0x1b1c pcw - ok
12:31:41.0085 0x1b1c [ DF1838EE51597407D6E0B17DADD5923D, 055E154ECE08EA7A112D90E2C4842DA5BE8A3AF1F79245EB36FB9AD667FD7C6F ] pdc C:\WINDOWS\system32\drivers\pdc.sys
12:31:41.0085 0x1b1c pdc - ok
12:31:41.0163 0x1b1c [ 02395DA6FB118EE21BEF48CC2C74F823, 0C3EF130ECCA8F581C97669F74BC4825B0BA4DD9B567E2687AEC43F7AFF2D831 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
12:31:41.0179 0x1b1c PEAUTH - ok
12:31:41.0225 0x1b1c [ A4B759A319E0F466D24EC11306A7D8CA, 075825D4AD675B9356BBCC4C89FB706341D34D2894DD33C3997BEB5FFD101216 ] PenService C:\WINDOWS\System32\PenService.dll
12:31:41.0241 0x1b1c PenService - ok
12:31:41.0335 0x1b1c [ 2CFEB4DFAA3DB541439E49CFE1E7151C, 4FF6EA641B8C220D01B5E8DAF30F1DD9E7540D380A2F4CC4391BAC41A52207BA ] perceptionsimulation C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe
12:31:41.0335 0x1b1c perceptionsimulation - ok
12:31:41.0366 0x1b1c [ B4BDE976CF4539136F887AC21FB66489, B5182A73925DD79D6EC9FEDE59B496C341EC2E0A7BA4BBEB11199B9713CD4206 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
12:31:41.0382 0x1b1c percsas2i - ok
12:31:41.0397 0x1b1c [ E6A084D7A7769EB303F7589AAD84DF66, 5E01BA4EF95FDE06C8B0B44F6A35445E7DAD2D73DDFA0FDAF7187469A1F00393 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
12:31:41.0413 0x1b1c percsas3i - ok
12:31:41.0507 0x1b1c [ 50468E4317494520B3903023436B0AA1, E598C4AACC8EF78E9DDA6281544F8964C08D676750768CCE0B8E59D80155A8BD ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
12:31:41.0741 0x1b1c PerfHost - ok
12:31:41.0882 0x1b1c [ 88C2B78C7F5A395AC3B3E838C451B7B2, 0E676AE8EEDCAC4500C2E31458A934B6A1D193BAAD6496BD3112A13C28E29985 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
12:31:41.0975 0x1b1c PhoneSvc - ok
12:31:42.0022 0x1b1c [ 3563D2C317909F72B3253F89B2D295FB, EF0FC3F855C9CE3987F854D0558D3376FAF1230C416E786FF020207B677E5EA7 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
12:31:42.0022 0x1b1c PimIndexMaintenanceSvc - ok
12:31:42.0100 0x1b1c [ 880120E4A4AF58A928B10ADEC6A6CC82, FA6D5326779A00872EE95399BDCF06C22A5FE5AE362A4650A0E318DA2134DFBD ] PktMon C:\WINDOWS\system32\drivers\PktMon.sys
12:31:42.0179 0x1b1c PktMon - ok
12:31:42.0350 0x1b1c [ CFC932EEF2F5A77C6D3545362A084958, 926C7AE13CFCA3A904A4E0A236681269AF97304E014DDC60EECBE646BF661F92 ] pla C:\WINDOWS\system32\pla.dll
12:31:42.0413 0x1b1c pla - ok
12:31:42.0475 0x1b1c [ 5AC69BD5AA1DC73B4EF6825317F562ED, F67283073B13D84B3AF1A1C1A4D821E14951E7B996837422B89E24698713A5C8 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
12:31:42.0475 0x1b1c PlugPlay - ok
12:31:42.0507 0x1b1c [ 31D34620139AE048F315259CCAB5E41B, 9139B4F3A8A59F81FC29C877CCBF508A45D0C3B578C267E496680C700DB11D91 ] pmem C:\WINDOWS\system32\drivers\pmem.sys
12:31:42.0553 0x1b1c pmem - ok
12:31:42.0600 0x1b1c [ 1A2D3DA3736C8531EA4075615299B26B, 68DEF88D350441F1C6712FBD7F5B2E204400753400771310B94ED4A88B7811BA ] PNPMEM C:\WINDOWS\System32\drivers\pnpmem.sys
12:31:42.0616 0x1b1c PNPMEM - ok
12:31:42.0663 0x1b1c [ C9E62BE7D479EDDB827C19A3C8A920DC, 7841A0C1312D2CA895DA8635CB2C364A1ED6C0318B91AE4EF5BBA9B0AF2F6922 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
12:31:42.0663 0x1b1c PNRPAutoReg - ok
12:31:42.0725 0x1b1c [ E4AA7BF7BA42230812944D00573FB11E, F020E1EB4E209471F8BEA69EA7F8D92753548E36787F60BEEF6C74D1282F04B9 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
12:31:42.0741 0x1b1c PNRPsvc - ok
12:31:42.0788 0x1b1c [ AB6C785C84E301287702928486B6FB96, 1B49CDE19B960F7B9A3532D15E335345F01220CD7F4AE8823584CA078EC6E5F6 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
12:31:42.0819 0x1b1c PolicyAgent - ok
12:31:42.0866 0x1b1c [ DF0F13B70AAD3B1B3F943A84CEA62DB9, C1560E879B6F608ACE336D34A8FC75BBB1D3284EACE88C57E91AAEEA34C995DF ] portcfg C:\WINDOWS\System32\drivers\portcfg.sys
12:31:42.0866 0x1b1c portcfg - ok
12:31:42.0928 0x1b1c [ 02DE43EDFF3DF786563BAD749442FDA4, D9F0965B9975CE0A91BFA5AF6EEB481B5A8D4288E1570B40E6658D326A7EDC89 ] Power C:\WINDOWS\system32\umpo.dll
12:31:42.0928 0x1b1c Power - ok
12:31:42.0975 0x1b1c [ 993C59BA34A1419080F4B5130E0318E7, 6FF77554F24C5DD9560285A1F41637C89A37B2A06C82866C29D26EBD734B7275 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
12:31:42.0975 0x1b1c PptpMiniport - ok
12:31:43.0257 0x1b1c [ 53E861BE77BC882CA5C6BD2F09AFC503, E8A8146599BE51AC0AEDE94E041A15058256A980683D8BAC6F7C0C72DEB91CA2 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:31:43.0444 0x1b1c PrintNotify - ok
12:31:43.0507 0x1b1c [ 834E0CE53F4B80046355B16545BE2CBD, DB85DF8B6E923FB2A43C0067CAB3F23C1BA99E884F6ED72E61BB76CFCFA0C2A7 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
12:31:43.0522 0x1b1c PrintWorkflowUserSvc - ok
12:31:43.0647 0x1b1c [ F5C4362626E5DC76B2498CB68060C354, CFDFC79F22F863C6E3F57AFF751488606CC571EAEE54E155955FE52924C00DCF ] PRM C:\WINDOWS\system32\DriverStore\FileRepository\prm.inf_amd64_bfcd248a53461c6e\PRM.sys
12:31:43.0647 0x1b1c PRM - ok
12:31:43.0694 0x1b1c [ 2E188A2F118728CFDF7B57113947F766, E664E32CBC927FFB518CFCBC5A3E3319385D383555BF6BA50B356EAC296291EB ] Processor C:\WINDOWS\System32\drivers\processr.sys
12:31:43.0710 0x1b1c Processor - ok
12:31:43.0757 0x1b1c [ 6009A535B36B83EE61FF335C2815524F, 7DA15FB8515EDA439F044AD2E2A298095203C6D7364059C7039C3501B52F992A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
12:31:43.0772 0x1b1c ProfSvc - ok
12:31:43.0850 0x1b1c [ FD1542C489FFC50954DCAE42EDD1858E, 554CA914FE2E7EF61380D3CF21E4FA9BB66ABBDB0C474F8C0C9E71CC9771DB7C ] Psched C:\WINDOWS\system32\drivers\pacer.sys
12:31:43.0866 0x1b1c Psched - ok
12:31:43.0913 0x1b1c [ 173E8A836FB50720F142CDD68EA5CAB7, E8AAC5893EF78A08D483DC24399FE7C8784E8B90B89A386EC95925321D25DBDE ] PushToInstall C:\WINDOWS\system32\PushToInstall.dll
12:31:43.0928 0x1b1c PushToInstall - ok
12:31:43.0991 0x1b1c [ 72DDC45C2CB743C2EDD0BA2978364AA4, ABCAEC12C239F49967EA0B9E23D8C92DA4BE37E292BD2E93798CAC5C48071240 ] QWAVE C:\WINDOWS\system32\qwave.dll
12:31:44.0007 0x1b1c QWAVE - ok
12:31:44.0053 0x1b1c [ C5610F96723CE86F03CB60D7B65775BD, A3BB3A35D106CCF882A25B5FA2748264A4980BA8A2446C0111092263E1A3B487 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
12:31:44.0053 0x1b1c QWAVEdrv - ok
12:31:44.0100 0x1b1c [ A3EF240257248FB96B307D9468651D6E, 26CEB674062D1715B6D51906E5D99C5E11C3F7DE8D1466217400B3024CC5646C ] Ramdisk C:\WINDOWS\system32\DRIVERS\ramdisk.sys
12:31:44.0100 0x1b1c Ramdisk - ok
12:31:44.0132 0x1b1c [ 177D7A2E7121C4CC19865A825EE85512, BF3B0251B7F657B9A14C3B6B0DA65167846CD4B4DBB0CD6E18877582C6F5605B ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:31:44.0132 0x1b1c RasAcd - ok
12:31:44.0194 0x1b1c [ D042983F84F6414D27F7885EB925F2B8, E437E1316ACB90CE483264065C4C3EFD46BFAD0A4FBFCD90C97A73941A0DA205 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
12:31:44.0210 0x1b1c RasAgileVpn - ok
12:31:44.0257 0x1b1c [ 4CA00CA52E824344882FCC444EC6BA73, E6496785A8B2A094A427BEBDEBAF7BF3A0F09763F586F85C3F88FCA71D8E501B ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:31:44.0350 0x1b1c RasAuto - ok
12:31:44.0397 0x1b1c [ 1453BA7AFC81F29E00B7DF84467B76D5, 953999A457B2A4648D102FEC70E5A38554050585759B8196B2AD82F28C9D8CCA ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
12:31:44.0413 0x1b1c Rasl2tp - ok
12:31:44.0553 0x1b1c [ C9E237E9BA2EB75D89109E7F7D0C6715, 5C294CD758726B74252CEF134CE7A65132FF06DD43F78BE03433EDEC5B997F81 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:31:44.0600 0x1b1c RasMan - ok
12:31:44.0632 0x1b1c [ 46A88F0149A99DADB1C76A9603AC580F, 7CA82037337B37AA6FDBFB01B2671746193831BEED08CB36C56B1F1F0FBEAFB9 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:31:44.0647 0x1b1c RasPppoe - ok
12:31:44.0663 0x1b1c [ 7A1A0CE03857357ADA730775B35CB8F0, 083D0F84D3F9135E36C5EF9227E9829E93D2AD19E5B5C354AE1F482D077A3758 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
12:31:44.0678 0x1b1c RasSstp - ok
12:31:44.0741 0x1b1c [ BACC222AFA299A64704FE8C6A1A9435D, 8C34103581291117D8069F66D5393B979F4B92C73BAD645AD100DCE7C1D0EF95 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:31:44.0757 0x1b1c rdbss - ok
12:31:44.0835 0x1b1c [ A68CA4C1C54E61D99298781058527D8E, F322939C33F320758B1AC06FA9DA92FE806FE34F6BD68759AF5F8F43F5327A10 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
12:31:44.0850 0x1b1c rdpbus - ok
12:31:44.0882 0x1b1c [ 22521C4F054041EF7A26A63E3CC95A2E, D5C7F0658DB16B4F5F48731E20BCE49E771874167EEB69B5E375CAA5316BA347 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
12:31:44.0944 0x1b1c RDPDR - ok
12:31:44.0991 0x1b1c [ 52B7587B36DA2F5C705FF7257D2A7D75, D93DFD65552FC8FD99186D7B7FC2F293FC2B79E2B85DBBA8FDE7526A5C5D737E ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
12:31:44.0991 0x1b1c RdpVideoMiniport - ok
12:31:45.0022 0x1b1c [ 467C06AE856B63CA5C54C34D21317037, 8EA1883568A164C65B3BC4BCEF4D4D7CF5684EC951EE0A10F1A71F0AE5024C2C ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
12:31:45.0038 0x1b1c rdyboost - ok
12:31:45.0178 0x1b1c [ 48EBCE68A3FF4D6890F14F659A24D23B, 03B81AC45308DA636CC1926574C1A3AB301C250F182C6324E45382C3CFE6FA4C ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
12:31:45.0303 0x1b1c ReFS - ok
12:31:45.0428 0x1b1c [ 7C437122BB637817AE023D594084FFEC, FAE11D6F6DDE38533663BF164F6B268EAB19742C2C123C17F1E2BF93C6EF1E2A ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
12:31:45.0522 0x1b1c ReFSv1 - ok
12:31:45.0616 0x1b1c [ 557F88813F187F90B448F16A77C66CEC, 4837A133EACD121A609B4A5C64EBCB1FD3F48432D88F3B38D5AA9C900735C67D ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:31:45.0631 0x1b1c RemoteAccess - ok
12:31:45.0694 0x1b1c [ C257BE00D7A1385058CC0490E1B9BF6C, 427B819DA6218FE0DD27B33DDB1EF1F02522F53ED4D718089B326475A3030AFD ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
12:31:45.0694 0x1b1c RemoteRegistry - ok
12:31:45.0772 0x1b1c [ D79ADF30E9EB42A8B06501B780509D5E, 5488BA423822C1D631B1F8AD9AF9C25C22E36F8C25595C64658675E44F632FBF ] RetailDemo C:\WINDOWS\system32\RDXService.dll
12:31:45.0819 0x1b1c RetailDemo - ok
12:31:45.0897 0x1b1c [ 2F01567B19F4603E89C409C58E339DC1, FC496AE4DF50A50472D1D8FE8837B6FCA6FDF0055DA23C5B87668C8CC0F5F9C0 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
12:31:45.0897 0x1b1c RFCOMM - ok
12:31:45.0928 0x1b1c [ 3968F2E7822A32C3266DBC663AAF38FB, D639D63EE9722C80C8636EB1C29A658FB8D2AC0168102926E64459804BA71303 ] rhproxy C:\WINDOWS\System32\drivers\rhproxy.sys
12:31:45.0960 0x1b1c rhproxy - ok
12:31:46.0006 0x1b1c [ 00D0DF4B08EC3A5D131593DEE0715C8D, CE2A447A6082B39002763C189961FBD038E54ED8A93E1249E2FC2A62CAB9CC3C ] RmSvc C:\WINDOWS\System32\RMapi.dll
12:31:46.0006 0x1b1c RmSvc - ok
12:31:46.0069 0x1b1c [ 97E2D5D361FE0EE5BA37D5A1EF3974DB, 8EBFC13F2AE316E7B22034DB740D8DE782E837CB79DAE014C74816D6DCA473C2 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
12:31:46.0085 0x1b1c RpcEptMapper - ok
12:31:46.0116 0x1b1c [ B61A65C662015ACB4483F96CFCBC9DE9, 6A64D34ECF25C466C2453883B9C60C7382D06B43E33F3F88E60FDA19C00F5458 ] RpcLocator C:\WINDOWS\system32\locator.exe
12:31:46.0116 0x1b1c RpcLocator - ok
12:31:46.0194 0x1b1c [ C020A29A3EF93F94CDC1A46E5353170F, 3EE5B2AE5755027935F71A6DDEBCFCA855101EA6EAB295CD198D15A0B48C7679 ] RpcSs C:\WINDOWS\system32\rpcss.dll
12:31:46.0225 0x1b1c RpcSs - ok
12:31:46.0303 0x1b1c [ 7D4C46637CF33F63F1575168EB0A7109, 80F96373598F98F13550740C2BB57480697E2533945DA5E7AAC37E2FC85C80E1 ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
12:31:46.0319 0x1b1c rspndr - ok
12:31:46.0460 0x1b1c [ 5065AF94871CA7E884F0C9D92073C378, 3868EE0DD6A9FD05FC5EB16FE53F6874A335EB3D46D0B37B2CBDB79A9576DB04 ] rtl8192se C:\WINDOWS\System32\drivers\rtl8192se.sys
12:31:46.0585 0x1b1c rtl8192se - ok
12:31:46.0694 0x1b1c [ EA268BCE30691C2DD24F02E617FD2EB5, DD95E7C1C60C773953CE9DB77D8441508CE4A21820AAEDE455A3A6C373278DA4 ] s0016bus C:\WINDOWS\System32\drivers\s0016bus.sys
12:31:46.0694 0x1b1c s0016bus - ok
12:31:46.0772 0x1b1c [ CC267F04C54C5EC5B7BD658D7628469F, 66F2283C8CE15BEED0B933EA82158C91FC77B1BF9FEF057D0E291922D07A8E53 ] s0016mgmt C:\WINDOWS\System32\drivers\s0016mgmt.sys
12:31:46.0788 0x1b1c s0016mgmt - ok
12:31:46.0835 0x1b1c [ CA394DCC38579C7AD82E83EE64D798A0, A56DB0C67EF6CF1A95BB8E7FBFFBC7926D3E3A0511DD4389D2002312E72703A9 ] s0016obex C:\WINDOWS\System32\drivers\s0016obex.sys
12:31:46.0850 0x1b1c s0016obex - ok
12:31:46.0881 0x1b1c [ EB267CCEA84E6E8598D92F73332AC67B, 3C7F0FDD825D2C50B13E78FB742B09A5E636820C6F47778F1C5E6900B3C9B905 ] s0016unic C:\WINDOWS\System32\drivers\s0016unic.sys
12:31:46.0897 0x1b1c s0016unic - ok
12:31:46.0960 0x1b1c [ 032F537623A7B2FB81AAA184C30B70C3, C9E0569322A173D62D357CEA7BFECB0CF9D5817E3AE4B46955760BF98F5D16B3 ] s0017bus C:\WINDOWS\System32\drivers\s0017bus.sys
12:31:46.0975 0x1b1c s0017bus - ok
12:31:47.0006 0x1b1c [ F0F0747B3FA50272DE6B1BF575FA4700, FCB9007C630A0FD23CA0A8286BA9E498F6B36F1090F717B4A713286EEC4346C0 ] s0017mgmt C:\WINDOWS\System32\drivers\s0017mgmt.sys
12:31:47.0022 0x1b1c s0017mgmt - ok
12:31:47.0053 0x1b1c [ 3FEADBC7F09B8B596CBFB82F12ABA87F, FBA6209893FF7C07823AB6F89FF7E36CF116C9FE202868DB4289233AF85E659A ] s0017obex C:\WINDOWS\System32\drivers\s0017obex.sys
12:31:47.0069 0x1b1c s0017obex - ok
12:31:47.0116 0x1b1c [ 2B63BEA31D939888B2A8F3F14D89B5C1, 0C1333885DB315A63C1FAA53ED2160695F97C1B336B8DA986A48B97F39A46954 ] s0017unic C:\WINDOWS\System32\drivers\s0017unic.sys
12:31:47.0131 0x1b1c s0017unic - ok
12:31:47.0163 0x1b1c [ 301FBA4594FB5C0A469299A65106B4AA, 53683D49420B4647DBA63B1A6328511620DF615EAE6F42221A16AD3D3B77EE19 ] s1018bus C:\WINDOWS\System32\drivers\s1018bus.sys
12:31:47.0178 0x1b1c s1018bus - ok
12:31:47.0194 0x1b1c [ 065FF5E62D2D18A6D93FD925546CD549, 18D38DA96C618B96BE715E2E3F17C15E80468879DB68E3AAB333E0CBB3822070 ] s1018mgmt C:\WINDOWS\System32\drivers\s1018mgmt.sys
12:31:47.0210 0x1b1c s1018mgmt - ok
12:31:47.0272 0x1b1c [ 13F220C65B444AC9BDA49DACFC3230BB, 996B46949AEE14D1D43D9D68759CA0EBA7C43B83363E2F2C674A9A0A249C7881 ] s1018obex C:\WINDOWS\System32\drivers\s1018obex.sys
12:31:47.0288 0x1b1c s1018obex - ok
12:31:47.0350 0x1b1c [ CE7D8BCE80211D8A35F6BD7A87791860, 93A5DEB41B5AA3F706EB5F601BB3CFF45B51310BBB3D0320A91B4A2CF9560B6D ] s1018unic C:\WINDOWS\System32\drivers\s1018unic.sys
12:31:47.0366 0x1b1c s1018unic - ok
12:31:47.0413 0x1b1c [ 68F717BC57B0FE12011EB9517C97F78D, C1492E889C5C3DEA1CB89F591A840D383ADA23AE46B496A1C01A23538113245E ] s1029bus C:\WINDOWS\System32\drivers\s1029bus.sys
12:31:47.0428 0x1b1c s1029bus - ok
12:31:47.0460 0x1b1c [ E0FD4F4F42B76E910CC4295C97AA30BA, 3561478D9BD5E4BC66E150A82127964BF7E6C4A0862685CEBEC6AA097C878689 ] s1029mgmt C:\WINDOWS\System32\drivers\s1029mgmt.sys
12:31:47.0460 0x1b1c s1029mgmt - ok
12:31:47.0522 0x1b1c [ 128ED45223FAB846E8436A2F2BAEBB55, CE5A2F05B6D5598100113AD688A8E0A7D041424F68106B3BFFD31C27E5D6811A ] s1029obex C:\WINDOWS\System32\drivers\s1029obex.sys
12:31:47.0538 0x1b1c s1029obex - ok
12:31:47.0678 0x1b1c [ 400FC5591586A1DFECF7A0CFAA6B0D68, E9E99BD39CFAFCB8103E4CCA62A35BBE81B5982FD5575F64F5F189C57EB6A65B ] s1029unic C:\WINDOWS\System32\drivers\s1029unic.sys
12:31:47.0835 0x1b1c s1029unic - ok
12:31:49.0069 0x1b1c [ BCC3F31F1FE1E78A5BA2CD6A0E44BA64, 1E6A2EA0349C31644992A67F8BF73105EB341E58D91156FEA6EEB10FF0DBD96D ] s1039mgmt C:\WINDOWS\System32\drivers\s1039mgmt.sys
12:31:49.0178 0x1b1c s1039mgmt - ok
12:31:49.0334 0x1b1c [ BD2DA968C5DCEF51BA8014FBAC7A0B6A, 72F4085AE5411E3540D3EB670CF52F52C3CBEB02B76E3FE0938D0E97E816E8FD ] s1039obex C:\WINDOWS\System32\drivers\s1039obex.sys
12:31:49.0350 0x1b1c s1039obex - ok
12:31:49.0366 0x1b1c [ 96B4051B65C1974258A8A33A03C0B082, 66C56434CD21DF0A62F2B4FC4E1A467DAD3BECAFF8F5E296069F9657B1B96FC3 ] s1039unic C:\WINDOWS\System32\drivers\s1039unic.sys
12:31:49.0397 0x1b1c s1039unic - ok
12:31:49.0444 0x1b1c [ DFD771757AA3232899E9DBB19F10C79F, 9409A1103340ECCEDBDBBE194EEE885D5F9CDB49DC44585B04D7B070015F9B03 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
12:31:49.0459 0x1b1c s3cap - ok
12:31:49.0553 0x1b1c [ 83926D62EE621CCD4992E6E76948A7D9, 78D27A63EC31DA73A19BE2C15605C50B38B9D766D1B70C9A4280E83893D7F383 ] s916bus C:\WINDOWS\System32\drivers\s916bus.sys
12:31:49.0584 0x1b1c s916bus - ok
12:31:49.0616 0x1b1c [ 90081721F8F4FF10526D514E34EC4A5B, A969EC76602374D1647B71B3C533483713DA6B2CADB9F671848ECF93DF2899F5 ] s916mgmt C:\WINDOWS\System32\drivers\s916mgmt.sys
12:31:49.0631 0x1b1c s916mgmt - ok
12:31:49.0741 0x1b1c [ 3876FCA216E19F1383EFE48F439F6F87, AFDBB1AC4ABB474945440B49B68D4DC818B3D1FF3E642E76534FFEEA487A77AF ] s916obex C:\WINDOWS\System32\drivers\s916obex.sys
12:31:49.0741 0x1b1c s916obex - ok
12:31:49.0803 0x1b1c [ EDBC355D76BFC9541E525C922827648A, 1352CF122083A8174C1CF88DCBCEED63278D41E4A0AA535D866F64AF45DB2E80 ] SamSs C:\WINDOWS\system32\lsass.exe
12:31:49.0803 0x1b1c SamSs - ok
12:31:49.0866 0x1b1c [ 6B9B1D00AE4865F8284269F496FA8A2B, C6780F201D3ECB2E8C9F9C626F388E1691DD7105C75AC0B68E6DA8AC3E9B42DD ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
12:31:49.0866 0x1b1c sbp2port - ok
12:31:50.0006 0x1b1c [ 273BF573E5674885DC7F9B5BF33EBBCE, 722197C61106CD1A47A22433B93DEE042350ADD0C89DC1DF666589E31EBDAA3F ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
12:31:50.0022 0x1b1c SCardSvr - ok
12:31:50.0116 0x1b1c [ 2F983F5E323C031CE6FC02F77E6796EC, 80086AC981E0FB899E8C2102A7EDADC4A52C6AA02522F9B856274653F5674ECD ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
12:31:50.0131 0x1b1c ScDeviceEnum - ok
12:31:50.0256 0x1b1c [ 5925C1FCE0B56C661A2017C94991CF67, AA62E250E8EB4CFEA9D0A56F6AC45C3D5CB7997A014BF6DBF5BD551C10B0657E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
12:31:50.0272 0x1b1c scfilter - ok
12:31:50.0334 0x1b1c [ 6CA46E26B0A653BEAC8726316D37FE4D, 171A45520A301B6AD8517D9D02622DE00F1BD2DDE08B083AD0C17AD24C805AFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:31:50.0366 0x1b1c Schedule - ok
12:31:50.0381 0x1b1c [ F0AC3CBF7BF82709F63B383D55142DD0, 33A6D75334A5F429EB34E229CC2AD5ACCF68DEBCC12DC1E379C0516EFCB07F9D ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
12:31:50.0397 0x1b1c scmbus - ok
12:31:50.0491 0x1b1c [ F5E09206A97D250D2F407243B3C6AF48, F0765407EA0C4727C8C9D96BCFEED77278BC1A92AC541486DB08A2A8A8BB2B6E ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
12:31:50.0506 0x1b1c SCPolicySvc - ok
12:31:50.0553 0x1b1c [ 45AE53E98DB84B9370C1416BD47604C1, 59B31D1F147EF33419A966BA553AF821A59C6E4C6C70E97756923D9552A789B5 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
12:31:50.0569 0x1b1c sdbus - ok
12:31:50.0631 0x1b1c [ 5D2E9BF736645D37E3B3DE04A6F050EC, 9DE1294937C11E3DF6C33D669BAC0F423CA66D432F45BF1A9E683401BE911B9A ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys
12:31:50.0631 0x1b1c SDFRd - ok
12:31:50.0694 0x1b1c [ 66D1E0DA3DC22F62A52729E5F7867608, C9236A388401C8DBEA964D789323B1A8FF69B6C66903950A38215B0530863ED8 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
12:31:50.0709 0x1b1c SDRSVC - ok
12:31:50.0741 0x1b1c [ 647C8AB245ED66807067B62A49057AD3, 170F504EACB86D79F13575C7AB0A5953E4A82BA8D14DE488AFD160E4964F4755 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
12:31:50.0741 0x1b1c sdstor - ok
12:31:50.0866 0x1b1c [ 70372343528BD799D609A347F25EBDF2, 5D480B99088ED972A6A2DAF7B55A65C7AD680E9333198D15859276D2682DC5A5 ] se3ebus C:\WINDOWS\System32\drivers\se3ebus.sys
12:31:50.0897 0x1b1c se3ebus - ok
12:31:50.0975 0x1b1c [ 37BCAC9E77AA0E58B1456A250DC9D9DD, 0BE0E14FBA3D1767B77F3FC1647C908780E7F35A3F54A60645E1AF85372518E4 ] se3emgmt C:\WINDOWS\System32\drivers\se3emgmt.sys
12:31:50.0991 0x1b1c se3emgmt - ok
12:31:51.0038 0x1b1c [ 5DB076E3594FC259309C38ECD0D4764D, 308EB12E1D1E346FA86C58729AFA8E19FC5713CD641FF9AB6688DC81B1329687 ] se3eobex C:\WINDOWS\System32\drivers\se3eobex.sys
12:31:51.0038 0x1b1c se3eobex - ok
12:31:51.0209 0x1b1c [ 41818B049BA2B46B83BC5965381B6E69, 7EC8CEDDD3077DC1FB6ED3FC6898DD2E3F254B435715A362F357247B26685606 ] seclogon C:\WINDOWS\system32\seclogon.dll
12:31:51.0241 0x1b1c seclogon - ok
12:31:51.0397 0x1b1c [ DDB0A7BFF222B86FA1FDA7314DE9534F, 7AFB4C65C34B43C4ECE3B7543B9BF51A6D191C2FD5E54E97CC44EA50633C08D6 ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
12:31:51.0428 0x1b1c SecurityHealthService - ok
12:31:51.0553 0x1b1c [ D953746611050A98DCC13CA599B8E2FB, 122E0D5DFD8212A27AE81FD315294D314EE17D92010346476537C131FBB17025 ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll
12:31:51.0616 0x1b1c SEMgrSvc - ok
12:31:51.0694 0x1b1c [ 7D2D4AB931B9B01713DB31097A02DBFE, 7B876E12C369626E32F5B1D8DA1C782E81906131E4726D6C15EB6F7B1814582A ] SENS C:\WINDOWS\System32\sens.dll
12:31:51.0694 0x1b1c SENS - ok
12:31:51.0772 0x1b1c [ D7DF13B1CA6FA07CA647DBD276C8FA08, 6126317BEEA47D59E545F85EF172A751BCCB8373EE0C42E42F0C8014567E9462 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
12:31:51.0975 0x1b1c SensorDataService - ok
12:31:52.0131 0x1b1c [ 796E5FF1A8CA8561FF94FFB711FDE025, 57208C638761E81B9E4F898B7DD0EE3B5CBE7295ED455FD3BDDF42CEA6AF8BB8 ] SensorService C:\WINDOWS\system32\SensorService.dll
12:31:52.0162 0x1b1c SensorService - ok
12:31:52.0209 0x1b1c [ CC2158F66EA132BE48F5EE7A4E021357, 895DE9E8B876D1CB69055D70386F3D7613A51FEAEAC7447CD48C76EBE46E7205 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
12:31:52.0225 0x1b1c SensrSvc - ok
12:31:52.0241 0x1b1c [ E5DB2463C0BE6FB50B8B1FC7DF5308E6, 4559E4FCCCACF9B76C8A4D286C7368BE46ABB9AFB06DAEE2750A67A21B178ADF ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
12:31:52.0241 0x1b1c SerCx - ok
12:31:52.0287 0x1b1c [ 81C369C284C3967CD00C7A80435D2A5A, 0A22FE95E5141F7F90054841F73F7ACCDBAFE9328C78591A2106F6403DFD2384 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
12:31:52.0287 0x1b1c SerCx2 - ok
12:31:52.0334 0x1b1c [ 678635F7E773D8899EC7048D936CECC1, 50919016C0F1C1122265939C6DC1B77F2CF00826FFBCA75619AF5E28E5C6E1DD ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
12:31:52.0334 0x1b1c Serenum - ok
12:31:52.0366 0x1b1c [ 7FBEEDE10AF80F56D3B518579489B2CC, 251E9F09FACCF0CB008D362E4B899CE450B46E8DECAB4FFD47724BCC31DF1E3E ] Serial C:\WINDOWS\System32\drivers\serial.sys
12:31:52.0366 0x1b1c Serial - ok
12:31:52.0444 0x1b1c [ 8AEC00FE1D03003705FA2B2DA65DA65C, 8225EB339B323D298CE54243235ECEE25AC0C86D0052CB123947D84C4394FAED ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
12:31:52.0444 0x1b1c sermouse - ok
12:31:52.0584 0x1b1c [ C2019209B880BA50E0250593108FC294, 1416E43F5DFAC7E779CF2E950679199C366E59D58CA35D4EA57C729148CE8842 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
12:31:52.0616 0x1b1c SessionEnv - ok
12:31:52.0631 0x1b1c [ 6691DFFCF767272CD30B35699F75489F, 049271F01DDBBC80924099CCC1422AC1B371E7D1F124C6451FC8EBEB6B8A2F3D ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
12:31:52.0631 0x1b1c sfloppy - ok
12:31:52.0709 0x1b1c [ F784B388A98DBA71D8CF984C033A611E, 4F5AFD10C10D2912BB5DA4443BA0FDC7E3B91F57D34717956E2EF4D0E96D1508 ] SgrmAgent C:\WINDOWS\system32\drivers\SgrmAgent.sys
12:31:52.0709 0x1b1c SgrmAgent - ok
12:31:52.0803 0x1b1c [ EC06FADCB3689493F90C19B19855234D, 87500C1ED3F51EB297A83EC101E3AD76D48AA2702BDEF18C4D61A379A13B959D ] SgrmBroker C:\WINDOWS\system32\SgrmBroker.exe
12:31:52.0850 0x1b1c SgrmBroker - ok
12:31:52.0944 0x1b1c [ D48CF18843E783759C93018DA82EFD29, 582C71FBCFD4909A8F6B1EE7403DA8D1924B59409EA6C733C7D5DF5FBE04B320 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:31:52.0991 0x1b1c SharedAccess - ok
12:31:53.0053 0x1b1c [ 0862BF6018EFB9D2930FCAB627E99E30, 84E36F989D3D00CFC95D539A984E2953E073DD630221B1C2C37F323B89BF56E0 ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
12:31:53.0069 0x1b1c SharedRealitySvc - ok
12:31:53.0162 0x1b1c [ 742C18D2E04523B9EB76542B24E11F38, 130F0D45EB7F9AC71A95122B9F039532D669D01A90E5C0844AF21D359E608986 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:31:53.0178 0x1b1c ShellHWDetection - ok
12:31:53.0225 0x1b1c [ 79F995FC4AC34C9968E13F6BA7F2CEDD, B56AACACA8A9BA443F77D935127B4C5ACCD53AC188D60ECEDEDF069CAD1E908D ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
12:31:53.0241 0x1b1c shpamsvc - ok
12:31:53.0319 0x1b1c [ 244BAC4A7BB9EF5426D4894CEB3B3161, C80A2B858DA075249ABF19F079C03997FD2DA96E36DF5908C2D5F3EB3A81369C ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
12:31:53.0319 0x1b1c SiSRaid2 - ok
12:31:53.0350 0x1b1c [ 948BC8B96AB1F5D3770AE95D25D7DD98, 742C88BD0333EF2BC2E61AF03FF2366E5002523ABBF1131330C61AB051A03973 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
12:31:53.0350 0x1b1c SiSRaid4 - ok
12:31:53.0397 0x1b1c [ 31D385D60917C8A7769DD593206A2EB6, C92120BAE667ED49DE946536DD0171ECD62F09CCE4AD25B52CF4E8A2BDB57FFA ] SmartSAMD C:\WINDOWS\system32\drivers\SmartSAMD.sys
12:31:53.0412 0x1b1c SmartSAMD - ok
12:31:53.0459 0x1b1c [ 95068B5B640DBE9EDB83EE74B3823B4A, 4F34BCFFEAE1CC7D3C02A0E8D5FCE207A397451DBF32A56612507C2C01109EFF ] SmbDrv C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
12:31:53.0459 0x1b1c SmbDrv - ok
12:31:53.0491 0x1b1c [ 6F577F1C828B8B4E80E93947C74E29C3, 3F73EF0C6DCF95AD4469B772567B71D2DA3A5785C4ADD56D55CEA047C8F387BF ] SmbDrvI C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys
12:31:53.0491 0x1b1c SmbDrvI - ok
12:31:53.0584 0x1b1c [ DAB40590B58960216BCF499866587480, BEF633F213F0033DE8324291A4E03EE159318E66402E0E7389E5096736B61C63 ] smphost C:\WINDOWS\System32\smphost.dll
12:31:53.0584 0x1b1c smphost - ok
12:31:53.0678 0x1b1c [ 3DBED50A140018B0B77719CE5C2C019C, 22A9E5CE3DCA09D2F45F5F0DB35093D8AEB82AD0ADF0A968ECC713E84C4B977F ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
12:31:53.0709 0x1b1c SmsRouter - ok
12:31:53.0787 0x1b1c [ 0D4ADF71742552A5FBD98FADB6E087FD, 9818B141DEFCF45EBF1749A22763D56CD3E1FC3B2D47B25D4A6F586B2783A03A ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
12:31:53.0787 0x1b1c SNMPTRAP - ok
12:31:53.0819 0x1b1c [ 0B7B8EBCDFC8D037C04F201075518CF4, A39F734A4DCF7C56D18108CEFF86067859309840B6B8574B7289817EA6E7E6BE ] spaceparser C:\WINDOWS\system32\drivers\spaceparser.sys
12:31:53.0819 0x1b1c spaceparser - ok
12:31:53.0881 0x1b1c [ 1F7D05932AE90579E27DBFC7370EE5A3, C2DCA11776D8F4CEF40E4F3EEDE7800A1956030BBCFB58F787EB75D1E5C1FDB3 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
12:31:53.0897 0x1b1c spaceport - ok
12:31:53.0944 0x1b1c [ AC2E9846F171983956748606B0524C27, BD852DB7B31E40BE3F6CE25BCCC84007AB98473243CA021042009D9FDA17F504 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
12:31:53.0944 0x1b1c SpatialGraphFilter - ok
12:31:53.0975 0x1b1c [ 29F7B0CFB642F082563C9DED53DA40DA, 733CA23465BA17FA44C1A167B57B040C96ED8BF674315CC7C507376404DDE7D6 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
12:31:53.0991 0x1b1c SpbCx - ok
12:31:54.0069 0x1b1c [ 151B20BA3328186B13F61FB88485B475, 802EA5FEF41CAB553B698EAA43D2D453D10CA2BB438EFFD5D95F9D79C9494568 ] spectrum C:\WINDOWS\system32\spectrum.exe
12:31:54.0100 0x1b1c spectrum - ok
12:31:54.0241 0x1b1c [ 7DB60F9CF2ADD7947A6FB38175D5343E, 60AC5B28496B8AC28F5F1C1CE322297213C9858FF2E794739412F5DC77742DC5 ] Spooler C:\WINDOWS\System32\spoolsv.exe
12:31:54.0287 0x1b1c Spooler - ok
12:31:54.0522 0x1b1c [ 2E7BFB5053D4485C15A617B50BA93959, 869BD65EC6458593B72989A894479348E7B0B45B48F20EDC4E844EA14C7CEFD8 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
12:31:54.0740 0x1b1c sppsvc - ok
12:31:54.0803 0x1b1c [ 053ED460878CCCA8068B96FA95B68A9B, D2151BC072A07D2236C95D556754E103742F64C5BDF0408641171D9C6325A84C ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
12:31:54.0819 0x1b1c srv2 - ok
12:31:54.0912 0x1b1c [ A8BD6A4031740824CC73300FA619CB61, 0AE7222F58EC33F77779A85B5A7AC2FAEF518152FFF0A7D99EAF7DB36134A712 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
12:31:54.0928 0x1b1c srvnet - ok
12:31:55.0022 0x1b1c [ 69C50A34E4D0FE6360F2BD16B853C75C, CE8C900DF0305920D51224FDBD682BAC2B574598D26B89E0A74795AC28709175 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:31:55.0037 0x1b1c SSDPSRV - ok
12:31:55.0115 0x1b1c [ 66969AA56E77953E596470C73A9004E0, 71F4CC7595C6D5E93AAA14259DF817C6C1D4BBCF285545FD980F6DBC86A30379 ] ssh-agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
12:31:55.0131 0x1b1c ssh-agent - ok
12:31:55.0178 0x1b1c [ E607C91850DC23074D47EC5D6A6EF6B4, 6935C3FAA765C38D4BA586600338148D2D39445D3BDF53A9107EC6768E5C1D8B ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
12:31:55.0178 0x1b1c SstpSvc - ok
12:31:55.0475 0x1b1c [ 23972058C729AA2507ED4B0056653073, 3922DFDFC0F05F0E29E30930CBA6340A112CC642CABA81AB32B192BF753E84FF ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
12:31:55.0819 0x1b1c StateRepository - ok
12:31:56.0006 0x1b1c [ A05C80B4174E233A3FA1275F5307E37B, B2E28B620519E8C172335369E922650E04CE440D051AECB6207098C088A6F562 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:31:56.0584 0x1b1c Steam Client Service - ok
12:31:56.0647 0x1b1c [ 8E22A084DD5E9736912A16C08B0E653D, 43FB1ADC68DCCDD448056FDEA885FBEF6475A1927022956CB587483DE6705951 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
12:31:56.0647 0x1b1c stexstor - ok
12:31:56.0725 0x1b1c [ 750BCD18B765D779A47FD00F68C07D26, 2B7FE3975C755BDA23EEC61C4C108F1142F74F1A1F7D5A21B1CBCBE9E056DCB8 ] StiSvc C:\WINDOWS\System32\wiaservc.dll
12:31:56.0740 0x1b1c StiSvc - ok
12:31:56.0787 0x1b1c [ 15986CA8E6117C1A6BB3BE9F4E07B7DC, 383E880D81950DCD54A1025CBCEE4DB78F53033FF8CC6B172B887F53D74F5B47 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
12:31:56.0787 0x1b1c storahci - ok
12:31:56.0850 0x1b1c [ BD4DCCD8A229D6EAD69D89864EDDA903, 158CEA0774B66ADAE11C05DB81B6A5EA09297EB85E602BF80FE05504242B9D79 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
12:31:56.0865 0x1b1c storflt - ok
12:31:56.0928 0x1b1c [ 236CC6AEAE9399E1FD118B4C76886DC6, 992E173B2D1B0B2DCA31D2899F4170C108D2C5F612B53F62A9D48DB48265CB50 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
12:31:56.0944 0x1b1c stornvme - ok
12:31:57.0006 0x1b1c [ DE96FF87DD70BA5CEA1388AAF93B89DE, BE9B6750CA2D69CA292A274194A0A366D4F279E0CC97E1ECEEC6212489EC13E9 ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
12:31:57.0006 0x1b1c storqosflt - ok
12:31:57.0131 0x1b1c [ 1B8003362FE623533C88F85992775557, 30F467A0804C68E62EE989CBB9B87D480FA8E6918ECBB8E378B5A0A3E64A34EB ] StorSvc C:\WINDOWS\system32\storsvc.dll
12:31:57.0209 0x1b1c StorSvc - ok
12:31:57.0240 0x1b1c [ BEDE73F298F6546947261A9DF132EEBC, 75FD7BDB412020085D34C3F6D7F7E02B643F4FFB37BF0316958905CED403D5F6 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
12:31:57.0240 0x1b1c storufs - ok
12:31:57.0303 0x1b1c [ 8906374A0EF0714D1DDF1E406E02E44A, F14FA9B459615B2C872D21264F359F39D91DF522D179F5CEC37F95248AB5AF38 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
12:31:57.0303 0x1b1c storvsc - ok
12:31:57.0381 0x1b1c [ 07C29C5756391C160FDD7DFDA5FF3926, E9049F8E7307206971795E1A6F889E9E849B43F8B6473ED83A241B7F451C3542 ] svsvc C:\WINDOWS\system32\svsvc.dll
12:31:57.0397 0x1b1c svsvc - ok
12:31:57.0428 0x1b1c [ 65E744C599DD01E8EF096BB90357DBDC, 32D7AC7D81D9E7AB68C07A46C308F2334E10A215AF7CF13FF19B3E8D57EC97C1 ] swenum C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2644f95fc9ad0bf5\swenum.sys
12:31:57.0428 0x1b1c swenum - ok
12:31:57.0475 0x1b1c [ 4E0769EF4D5A8FEF51E7D0ED2543DD7A, AF2C7E9D5819C25F6AD638F201AFA4CE513F86326505DB5541C5794B087AB1C1 ] swprv C:\WINDOWS\System32\swprv.dll
12:31:57.0490 0x1b1c swprv - ok
12:31:57.0631 0x1b1c [ D47B1A895DD6DAAE11DFD7A961E8E26C, EFB46E1BF68E050E8A135EBF5A3E395C168153E8A16CDDD266605985140E41CA ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
12:31:57.0662 0x1b1c SynTP - ok
12:31:57.0819 0x1b1c [ BC623F804B1C4EA9E825885FF240EA10, 8FBB9C16C3A83EB4E8DE085770AB516DEC7707423DC2581A5CE77C89704315BC ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
12:31:58.0334 0x1b1c SynTPEnhService - ok
12:31:58.0443 0x1b1c [ 8854845E67CC385429656D2100279EA1, DA30D88DA6CE110A36C6232A8232956060442F9DD8BBF5A25D2EAFC3C4F6ED33 ] SysMain C:\WINDOWS\system32\sysmain.dll
12:31:58.0475 0x1b1c SysMain - ok
12:31:58.0537 0x1b1c [ 1B3A2E2FE7C1D4EE6304E7F4C50D14BE, 22A403B83647DB887507C2A0EB6B11F5461B6BE750D34A19894B29086B4E29DC ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:31:58.0537 0x1b1c SystemEventsBroker - ok
12:31:58.0631 0x1b1c [ 70C0131DF2D764CACD76925651A1AA65, 40A2F4D36E40A71178F5111DD12D230E544D74AC40AB33683630227428867253 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
12:31:58.0647 0x1b1c TabletInputService - ok
12:31:58.0772 0x1b1c [ CDF8F7024EDC35CDE2189926579190E0, 422C3F11246F9A64DCA3CD59D83D40325F074EEC5C0576E678E3B117FD177B8D ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:31:58.0818 0x1b1c TapiSrv - ok
12:31:59.0037 0x1b1c [ 3FCBBD7D54092AB47269E24276BF673C, C8B113B36C5BE21D28E3A7BC73FFB37E4034646227C7759DF9F4C672C7E7A5F7 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
12:31:59.0272 0x1b1c Tcpip - ok
12:31:59.0443 0x1b1c [ 3FCBBD7D54092AB47269E24276BF673C, C8B113B36C5BE21D28E3A7BC73FFB37E4034646227C7759DF9F4C672C7E7A5F7 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
12:31:59.0522 0x1b1c Tcpip6 - ok
12:31:59.0584 0x1b1c [ E3210C5EB2F299ED27F45F83971BA2B6, D8D990CD7C1C676E3F5B63C5E71EF38F7D5A14AA400E0C915D5D8819F1983888 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
12:31:59.0584 0x1b1c tcpipreg - ok
12:31:59.0615 0x1b1c [ D69958B5C099935ABEAE1CBBF37A209C, A72CF6BAE04A0B3D59DA1283CA536EE8FA014B6949EE7189B7967BF322D902EB ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
12:31:59.0615 0x1b1c tdx - ok
12:31:59.0693 0x1b1c [ B814F301CD29123B35C3C0005943CFDE, 5DDF430468EB020FB39EBAD1707FE6BFCA2242A5A8EBE08539B1C2AAEC135A04 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
12:31:59.0693 0x1b1c terminpt - ok
12:31:59.0865 0x1b1c [ E53A5E54596DE6F99C755D8750F3FA59, DEF7CDB9F957D6FAD7AF2CAEC69E3AC8F146D1829EA85D9F9E3BDB4B36BACCFA ] TermService C:\WINDOWS\System32\termsrv.dll
12:31:59.0928 0x1b1c TermService - ok
12:32:00.0037 0x1b1c [ 662C3911D70EC709E8A4C5D16D5A0C93, 7EE736B4C1E60A87557F30231E6F63CBEFB06D0A2DC6912F9460B6D7AFD2F242 ] Themes C:\WINDOWS\system32\themeservice.dll
12:32:00.0037 0x1b1c Themes - ok
12:32:00.0100 0x1b1c [ DA32F75ACD5CD10744A70DC039B4F541, 74CC003998BCA56EBA439B93BCFF34FB83A9712141719B20F47A2D40B8A773CD ] Thotkey C:\WINDOWS\System32\drivers\Thotkey.sys
12:32:00.0240 0x1b1c Thotkey - ok
12:32:00.0428 0x1b1c [ EAEAF7C824F1A04CCA5ACBF1E0EFA0AC, 3BF3B653AB2E145573A5CEC2116FD96EC96D78A9B5D86AD839995426CC27D3E3 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
12:32:00.0443 0x1b1c TieringEngineService - ok
12:32:00.0490 0x1b1c [ B732F0F9FBF355B00E7F9A5606F6D80C, D9F742A7638153EA2B86E6BD778EE0875E683658DBBB4FA2B92286BDF61607D6 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
12:32:00.0490 0x1b1c TimeBrokerSvc - ok
12:32:00.0647 0x1b1c [ 329BBD704EAE1A1C30CCC6A383F75FC9, 0DDEEB4DA09B8C41D6AE8926FED261D48F8875C5277F94DBC45BD9D6568B88EF ] TokenBroker C:\WINDOWS\System32\TokenBroker.dll
12:32:00.0725 0x1b1c TokenBroker - ok
12:32:00.0803 0x1b1c [ 40B263A78BA4B914B9F86FCE65F53AD8, 87F131C753B5E27A220081818D9A86DFC6F7066AB9BC2413C5A4E12EB687BD8F ] TosSrvCtlDrv C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\TosSrvCtlDrv.sys
12:32:00.0834 0x1b1c TosSrvCtlDrv - ok
12:32:00.0896 0x1b1c [ 5A31F9D83639291D0BA80C379EB4DB18, B4B7DAB68FE2C6CA01CBD579C41B8490DCB029489879A83706BCBA32F75A7179 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
12:32:00.0896 0x1b1c TPM - ok
12:32:00.0959 0x1b1c [ 6412BA479D04AC7436093D29B4B02CF1, 5AF97CD5D5D1012B28A9A89B446DB042D3C4A79DADEA41986CA2C9309853B789 ] TrkWks C:\WINDOWS\System32\trkwks.dll
12:32:00.0975 0x1b1c TrkWks - ok
12:32:01.0053 0x1b1c [ FCFE9CB73B7225C637746706E8FE3E64, B8257925DA763971A6D86C3C00314D6241DE8DBE5A0AD962F4C4CC5D833B8C30 ] TroubleshootingSvc C:\WINDOWS\system32\MitigationClient.dll
12:32:01.0068 0x1b1c TroubleshootingSvc - ok
12:32:01.0162 0x1b1c [ 1EEEB5515071A10025FB33CE184B1773, 1196AF4EFF68117EEBC8CE9DF94075CC0097F750D2F6F4FC5B72B4ED37D2DF45 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
12:32:01.0178 0x1b1c TrustedInstaller - ok
12:32:01.0193 0x1b1c TSDSettingService - ok
12:32:01.0271 0x1b1c [ A94D0F92C3D833C1E8BE838E00DF26E4, BBBA8813A7BFDB788387F2B1F38F83915D195DB1E6CE89006C15E2A29EC1E190 ] TSDTabletControlService C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\TOSTABSYSSVC.exe
12:32:01.0412 0x1b1c TSDTabletControlService - ok
12:32:01.0475 0x1b1c [ E55BA864039A3773B30FCA7EA4904C71, 4B1E88E5A672ABFCF7D95FF706D287471BBA89DE0A48B91028C2748C115DB7E0 ] TSDWirelessLEDCtlService C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\RMService.exe
12:32:01.0787 0x1b1c TSDWirelessLEDCtlService - ok
12:32:01.0881 0x1b1c [ 8D2FD00A9DBFB03B32F4E338804874FB, 700F71C6293EAA248276F3DEC4C2B066BE32BDC02AD34CEA1326CE9AE0FCD4F7 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
12:32:01.0896 0x1b1c TsUsbFlt - ok
12:32:02.0021 0x1b1c [ 5A550E581C5559E9D0F2B9BD1BC14CE3, A974F07E5969827F82A8A50A6B1C1D94AFD3FEE0BA249118863939F16FC0D7EE ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
12:32:02.0021 0x1b1c TsUsbGD - ok
12:32:02.0084 0x1b1c [ EB393EE7BF0ADD4455271B0961957DAC, 6A5F1832D09DA715CC0FF2F4D46E0B6DA663467A512A5A13A38BF0D0B5D7DB7F ] tunnel C:\WINDOWS\system32\drivers\tunnel.sys
12:32:02.0100 0x1b1c tunnel - ok
12:32:02.0146 0x1b1c [ D00E0AF0A3E1B97E6642528E2C26DFB5, 7EBF845AFEBA3887ECC200AD8DB0838984D9D0A820D68160215BF41B16261E6A ] TVALZ_O C:\WINDOWS\system32\drivers\TVALZ_O.SYS
12:32:02.0193 0x1b1c TVALZ_O - ok
12:32:02.0318 0x1b1c [ 4EEB72431FE437200D0A2613774BBCDF, 1A6E6C5647FA0C356D914B023E1FE7B153F2585C9115522B6445BABA3EA3B791 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
12:32:02.0334 0x1b1c tzautoupdate - ok
12:32:02.0412 0x1b1c [ 9102CF3E4C21A5C661B5C53C3CD339E2, 8CA523CFCA0F53CBFCA5FECC606E11FD76E66C9E4A5CEE127D503E314968D7F1 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
12:32:02.0412 0x1b1c UASPStor - ok
12:32:02.0537 0x1b1c [ 6025C2A9A94F64DCADA2FF6B7A13E36E, BE233BF6854309E7E0FF41AF680695B6472C1585F9AE5DC2C6FFF3CA7CA80CED ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
12:32:02.0553 0x1b1c UcmCx0101 - ok
12:32:02.0600 0x1b1c [ 6BE70CC3FDCB23DB7D780A24CF9C5465, 7FD504B71FC029C77E7CC1FDFABF6BB4C34A39A7F454876317B48C8244FF8460 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
12:32:02.0600 0x1b1c UcmTcpciCx0101 - ok
12:32:02.0756 0x1b1c [ 3D0AAFD54A48AEB4EDEF235DDAEC8DDB, D1713D2F0F3D91D446F0115086891A81E5FD84EBCB488332C739025E0E03BF43 ] UcmUcsiAcpiClient C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys
12:32:02.0771 0x1b1c UcmUcsiAcpiClient - ok
12:32:02.0818 0x1b1c [ 4D00BBD4E7D5356AE85F8ADD1A624D1F, 724A912C1F9E7DC68E20404C693C12F31A616500D0CB8BE27C9D74A5C0978E1A ] UcmUcsiCx0101 C:\WINDOWS\system32\Drivers\UcmUcsiCx.sys
12:32:02.0818 0x1b1c UcmUcsiCx0101 - ok
12:32:02.0850 0x1b1c [ 88A64E669E2C7BA29839B029E52A4FAC, 65E279EAE4C04EEB2E5442D39C70298030A3D47271FC36E5AE59820F844E4F7E ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
12:32:02.0865 0x1b1c Ucx01000 - ok
12:32:02.0881 0x1b1c [ AD5648DBAF53BC3BC7181AF5DE51F8F2, 1ECA9E3BBE591F4E5155704F157ADF29585FC7798EF3B4EF3B923A21CF8BC300 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
12:32:02.0881 0x1b1c UdeCx - ok
12:32:02.0943 0x1b1c [ 402401FE8B315871D9BCF9BA3A7521CF, F5A2300A0E937007FBD9788D328CCD28406D7A7A55AF85DB2C2BC3F2339E7373 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
12:32:02.0959 0x1b1c udfs - ok
12:32:03.0053 0x1b1c [ 472B644F8FB4B1D30F422B19D33FBA46, 2634D7C6690E777DFD39E73FA37AC46CADE8EDD9F30A3D8C356BD3425CBC9176 ] UdkUserSvc C:\WINDOWS\System32\windowsudkservices.shellcommon.dll
12:32:03.0068 0x1b1c UdkUserSvc - ok
12:32:03.0209 0x1b1c [ 64B55F3A9A72F04C2665E90BADE3E9CA, 6945E8C1E7CF21133B16F947D7FC4ED2286D8ACB22553E94C34FAA4DEB8035BE ] UEFI C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_54e417b5e76a8816\UEFI.sys
12:32:03.0209 0x1b1c UEFI - ok
12:32:03.0256 0x1b1c [ 27EF6FA955114F9E398531E13A7B50CE, BDFFB241D55FB3EEC7014BCF2396933C991A0609E6936D44F95633D387084C54 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
12:32:03.0256 0x1b1c Ufx01000 - ok
12:32:03.0303 0x1b1c [ 370BA28D5E71E8B51E6559F97F646DF5, 53637C164AE74AE2877DA88D9A11EDFD18CC434278A15E8FFC920DE90E5B9FE4 ] UfxChipidea C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_2c5bddd87c3a8966\UfxChipidea.sys
12:32:03.0303 0x1b1c UfxChipidea - ok
12:32:03.0396 0x1b1c [ 34A623BB54FA3929FBE9A69E336E0878, ABC006B638036D60792A3716BE34617F048191036947ACFDAAF289F5BCB7E96C ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
12:32:03.0428 0x1b1c ufxsynopsys - ok
12:32:03.0490 0x1b1c [ 039BD4FA93AFC8750770D3CD3914B102, 7F6207B656A0556D3A6598BB1DCBAFA776022955E3F5F5F32976A13CDF2929DF ] umbus C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_3a41975ab24ab880\umbus.sys
12:32:03.0490 0x1b1c umbus - ok
12:32:03.0568 0x1b1c [ 243ECEF0BA0A896B564278648384AA90, 1E974B9DCAEFC39147CD3559894EAE81E90AB53F7E5F6716C00A8300FFC5A58E ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
12:32:03.0568 0x1b1c UmPass - ok
12:32:03.0724 0x1b1c [ DC02EB5F6A02CF6873AEADE5E694CF7F, CAE41356CBA40F89D1F5B3BF366E22B0668C828B9E80810E4DCDE3419A2A5602 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
12:32:03.0756 0x1b1c UmRdpService - ok
12:32:03.0865 0x1b1c [ FFC79979B5103309832D42F424253729, 1D3882B7D894DB868FC77BD920381319F6388F5C42D6F68CD53C9C123F0D95DB ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
12:32:03.0928 0x1b1c UnistoreSvc - ok
12:32:04.0021 0x1b1c [ 7E38C2EAB730A0E0EE2B4EA5A545DC37, 1ADE7D7BAFB9D628EB017D4AE4613796196F0A7469C66CB288FAF6D64799B6F1 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:32:04.0037 0x1b1c upnphost - ok
12:32:04.0131 0x1b1c [ C480FA589F962D35D819E2A4A79E836B, AED47B716013B59829A43EE73F53A77FFC55BDC77E1BBBD5C3900E5632C979E5 ] UrsChipidea C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_8b3c42cd45b994d1\urschipidea.sys
12:32:04.0131 0x1b1c UrsChipidea - ok
12:32:04.0193 0x1b1c [ B7DBCE5F6BBA43AFD1D42CAFC7885A0E, ABDBCA69BE22BEF6E6A4ADE525035FDC349D530FD0D1D82CB1F53654E805502A ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
12:32:04.0209 0x1b1c UrsCx01000 - ok
12:32:04.0256 0x1b1c [ 208E7EE7538F39C05A5753499E306172, B921B51DB75E006F0A084FB3259C2A8BBD44346DAB103A750A6916D05903F47F ] UrsSynopsys C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_68563647136f58d3\urssynopsys.sys
12:32:04.0256 0x1b1c UrsSynopsys - ok
12:32:04.0334 0x1b1c [ 4EFFFEC32B8824DB2425D37D03C09B40, 199AE4EDACBD16B44DA83DB7E8B5E31592A868D41FBCA9FB713AE4130673D96B ] Usb4DeviceRouter C:\WINDOWS\System32\drivers\Usb4DeviceRouter.sys
12:32:04.0443 0x1b1c Usb4DeviceRouter - ok
12:32:04.0474 0x1b1c [ 75DF727A69888039135F9D8B3DFDF918, CC0742A58AD2B9E3E948900809824784EB4418834B6CA8E36D8815DCA676DF71 ] Usb4HostRouter C:\WINDOWS\System32\drivers\Usb4HostRouter.sys
12:32:04.0490 0x1b1c Usb4HostRouter - ok
12:32:04.0521 0x1b1c [ E47AE702919662FF4D554FBD778FE993, F6F0208B0007EC6788BFC68DDE6660ED70A5BDF75B5CC5D0EB055C78383E15B1 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
12:32:04.0521 0x1b1c usbaudio - ok
12:32:04.0599 0x1b1c [ 5334945AECD8FA7A2F486D08F3DE9E72, 994F0D4E4A6834397D8A1A8B52200EC433A77AD4D0790E112E06669C4BB1A524 ] usbaudio2 C:\WINDOWS\System32\drivers\usbaudio2.sys
12:32:04.0615 0x1b1c usbaudio2 - ok
12:32:04.0662 0x1b1c [ 14701ED0AFE3E5A9FD26CE8F2B295EDF, 7E08E5BF00319CF0CF48AB491B5DD5BB38256DC0DA3C584F3332F22A8ADC68CB ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
12:32:04.0662 0x1b1c usbccgp - ok
12:32:04.0709 0x1b1c [ 3620E01846A6ECB8FDA280AB35D3F269, EE0C12AC176F8F469DF9FD03AED8059FC70BDD76E83955641553FFC00BD78A1C ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
12:32:04.0724 0x1b1c usbcir - ok
12:32:04.0756 0x1b1c [ 8661F1D0EB9EC0A5A49FCB4294C2A7C6, FAD10BCD2E38BA695F35518093DE5B3258118C6D90C198EB2607605AE7EE79EC ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
12:32:04.0756 0x1b1c usbehci - ok
12:32:04.0787 0x1b1c [ 829DF18042A11F322CD427E8A161A94B, 919E1E74688C85144CD709943FF0DF97A1245EBAC0C73832443CAF2A6B927455 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
12:32:04.0803 0x1b1c usbhub - ok
12:32:04.0912 0x1b1c [ 797B25B08B3788F3D677B8A44E68B668, CF994AABA9CBB464E9996D9A6C24970ADC5DB694C805CDC0403ED951FB05A53C ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
12:32:04.0928 0x1b1c USBHUB3 - ok
12:32:04.0959 0x1b1c [ 352D2AF845F77BBA56A56A5DC45EB088, 11B4CA0BA7F2B8DF471E642B815D68B1EBA3FB9FDF3B1F63F7CC1B8FEBCBC683 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
12:32:04.0959 0x1b1c usbohci - ok
12:32:05.0006 0x1b1c [ 061D009B8214C8DCA271B09FDAC8B8B8, 294EB5B6188FFB1F69A55F6255E4D7BC5F4FD0BF8BDB234CA8C5120197496D60 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
12:32:05.0021 0x1b1c usbprint - ok
12:32:05.0084 0x1b1c [ DFE8665DC9B04EB613D14F146043B38C, 24373CD11130DEA89B4B79A04520E1527DB7C6A926C288E3662F5A05EE167CA7 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
12:32:05.0099 0x1b1c usbser - ok
12:32:05.0178 0x1b1c [ A99DAFC5E5A08922D375A1E446A9AAFD, 3690911B09ABB59CCB9CB4F8A621C7D81ED01F75A032ABD9E10BDCB0339AC587 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:32:05.0178 0x1b1c USBSTOR - ok
12:32:05.0225 0x1b1c [ BBB5550AA31DF93C9CEE16AA4DD103D0, F8FBF9EE3D3E5DCCC60F0FB574489FD2669CA3D359F25B71383D1D9DFF003D1A ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
12:32:05.0225 0x1b1c usbuhci - ok
12:32:05.0271 0x1b1c [ BB179569EEBD7A24CBADD6097BF8811F, DC0B0F430088B515DBEC768BBBE67E9EB15DDE7764AA710DBFD623419FB0E076 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
12:32:05.0287 0x1b1c usbvideo - ok
12:32:05.0318 0x1b1c [ FCC6C9D72B28931ECF2F44C5AAE8C715, 60AC53FDE3AE79C71E669BF54FFDD6E9E8E5AEE2481730AB683BE20F1C533CC2 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
12:32:05.0349 0x1b1c USBXHCI - ok
12:32:05.0474 0x1b1c [ B9F3B4181E37BDC600CB35C9853120AC, 3F270BC53D8681BD64DC580679BBD46D2ACC3D0476D737F787D4FE59647ACC79 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
12:32:05.0568 0x1b1c UserDataSvc - ok
12:32:05.0709 0x1b1c [ F0DFFE9F95A78D595DE02EC2F6E2D91F, 4D70770B8200757251E3AF0E326D485654B31B5CCC4477FC375BB85A55135336 ] UserManager C:\WINDOWS\System32\usermgr.dll
12:32:05.0787 0x1b1c UserManager - ok
12:32:06.0271 0x1b1c [ 0B139D01E74A8CA0C63296CEDAC93616, 49D46B1F5F2A0D3126CA101D4AD7C6D890F5AAA1E4BC02FDB014745A24E628E6 ] UsoSvc C:\WINDOWS\system32\usosvc.dll
12:32:06.0287 0x1b1c UsoSvc - ok
12:32:06.0474 0x1b1c [ 19627F61394019CC715832B39A7ADD68, 7CFE722836060B0888F43312D0A65F0CF6D186B7BB9E8DE57628A1EBE28E6AAD ] VacSvc C:\WINDOWS\System32\vac.dll
12:32:06.0787 0x1b1c VacSvc - ok
12:32:06.0912 0x1b1c [ EDBC355D76BFC9541E525C922827648A, 1352CF122083A8174C1CF88DCBCEED63278D41E4A0AA535D866F64AF45DB2E80 ] VaultSvc C:\WINDOWS\system32\lsass.exe
12:32:06.0927 0x1b1c VaultSvc - ok
12:32:07.0021 0x1b1c [ 6C26416F75F115BFDAC748CBF8F46E76, DA21C39ECDEED9B030B1D86F4A379AAE0E2B16361C6BF13CC7B912E9EB548198 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
12:32:07.0037 0x1b1c vdrvroot - ok
12:32:07.0177 0x1b1c [ 80BB0A24888F153D9AC9BA75229EC228, 8863DBA04A1ADE2FE20333BC1260DA780E64B6F295E6D999E962FE5D66DFA4A0 ] vds C:\WINDOWS\System32\vds.exe
12:32:07.0318 0x1b1c vds - ok
12:32:07.0396 0x1b1c [ 7C8B5B5654F1D50E2F763C7FEC897E20, 76FA43A6615595F1CB591AA5BBC1CE919126E3208C9194AF967BE4A10279ADF7 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
12:32:07.0412 0x1b1c VerifierExt - ok
12:32:07.0521 0x1b1c [ 0EB363EF624530D12108070EE0520C1E, 23655CFBAC47F8C14B98BCCFB2557B8B76188353977817ACA1F8E98621BDB325 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
12:32:07.0646 0x1b1c vhdmp - ok
12:32:07.0677 0x1b1c [ 17E7FE7E8CCAC982DAB334A16BBB0CED, 875A9E6E5D0B9BBF36C27A15930CC2C3887B37FA30061E1BC03B00B5C49BF719 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
12:32:07.0677 0x1b1c vhf - ok
12:32:07.0818 0x1b1c [ DE9F0A3A482AAB83FFAB33DEC62BAF5B, E2E8F2501591F3DA6A46D21F9AE51E6271DA74F8D7E32F55CA58F2F03C99A103 ] Vid C:\WINDOWS\System32\drivers\Vid.sys
12:32:07.0834 0x1b1c Vid - ok
12:32:07.0990 0x1b1c [ 0FE9E4DF3C9C5E8DF2C1856C0E85A42E, D3223DB2D06E5AB555EFBE8222583DC113F55271F836CE7C0B7819DEB286019B ] VirtualRender C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_74bf1f8cf6fb0df0\vrd.sys
12:32:08.0021 0x1b1c VirtualRender - ok
12:32:08.0162 0x1b1c [ 0186F40D0FB621B627BC20253A301F22, BAFA01D2ECD6ABC87F06826F46C94AE7CD6948D5475845CCBFDF40881AC7732E ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
12:32:08.0193 0x1b1c vmbus - ok
12:32:08.0302 0x1b1c [ 8C8115B4B039D57F17A3F84EAADFC890, 7AEEFCE6A566C353690AABF29F65D43C5900C2F3A80A025FD694F70258AA3DCC ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
12:32:08.0302 0x1b1c VMBusHID - ok
12:32:08.0396 0x1b1c [ C4953E6AA8BEC92A4C948ECFC42FFA2F, B131DAA7F51129C44A1DB883C51174BFC30B1A7231755F366FC3D335ED06FD23 ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
12:32:08.0396 0x1b1c vmgid - ok
12:32:08.0490 0x1b1c [ 203A29158E9AFE854288145101F8583E, 4BE6BB4D202EECAA98A3F12DBAA6ED01D23A2E9152F45D32EB7DC4636AFA0559 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
12:32:08.0506 0x1b1c vmicguestinterface - ok
12:32:08.0521 0x1b1c [ 203A29158E9AFE854288145101F8583E, 4BE6BB4D202EECAA98A3F12DBAA6ED01D23A2E9152F45D32EB7DC4636AFA0559 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
12:32:08.0521 0x1b1c vmicheartbeat - ok
12:32:08.0537 0x1b1c [ 203A29158E9AFE854288145101F8583E, 4BE6BB4D202EECAA98A3F12DBAA6ED01D23A2E9152F45D32EB7DC4636AFA0559 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
12:32:08.0552 0x1b1c vmickvpexchange - ok
12:32:08.0568 0x1b1c [ 203A29158E9AFE854288145101F8583E, 4BE6BB4D202EECAA98A3F12DBAA6ED01D23A2E9152F45D32EB7DC4636AFA0559 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
12:32:08.0584 0x1b1c vmicshutdown - ok
12:32:08.0662 0x1b1c [ 203A29158E9AFE854288145101F8583E, 4BE6BB4D202EECAA98A3F12DBAA6ED01D23A2E9152F45D32EB7DC4636AFA0559 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
12:32:08.0662 0x1b1c vmictimesync - ok
12:32:08.0677 0x1b1c [ 203A29158E9AFE854288145101F8583E, 4BE6BB4D202EECAA98A3F12DBAA6ED01D23A2E9152F45D32EB7DC4636AFA0559 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
12:32:08.0709 0x1b1c vmicvmsession - ok
12:32:08.0927 0x1b1c [ 963D1F40DC20DDFB3936AB23AEE31EBA, 6CB7DF554F1F8CDE6C4DCF44B606B6CC7727AB18DD43DFCAE26DC0D686C26130 ] vmicvss C:\WINDOWS\System32\icsvcvss.dll
12:32:09.0084 0x1b1c vmicvss - ok
12:32:09.0115 0x1b1c [ 38B95EFF5294D449FC3A7E3F72C63B8E, F00C44FE870BD1178FB647F197256ADAA8F15103839B2C43A81400CCEAF624E5 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
12:32:09.0131 0x1b1c volmgr - ok
12:32:09.0162 0x1b1c [ 6D2B4A24019C86404BE77D8B1DDC174F, 3F7AA5E7F6DDE04445BF9CA05827E17C30E9996DA1002C52DFD3915F70F85680 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
12:32:09.0177 0x1b1c volmgrx - ok
12:32:09.0302 0x1b1c [ 83FF83976C90BB42932E51BC8CD7B652, A5ED6AC3A6AD82046C04184F16ABD9D3754C12475EC4E41A3D9F8365367C8536 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
12:32:09.0334 0x1b1c volsnap - ok
12:32:09.0349 0x1b1c [ A51AFA66016135FD217266A28907B8A4, DAEDF1954615A7F5411C4581D66945D893C083A6DCAF6919638CE7EACEF805D1 ] volume C:\WINDOWS\system32\drivers\volume.sys
12:32:09.0349 0x1b1c volume - ok
12:32:09.0818 0x1b1c [ 128F5B7EDF378171A1A0988005B4920E, BA33B96653CC599D0478811186CD3B8A41A8DE4F76DF723B992F70E3A02ED573 ] vpci C:\WINDOWS\system32\drivers\vpci.sys
12:32:09.0818 0x1b1c vpci - ok
12:32:09.0880 0x1b1c [ 7175F6F4675AFBCD16FB07DBC611B843, 6F25ABFFFD654B4D1C3DC1C182CFE28D23E78F0ED64326E27888D83F40333E90 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
12:32:09.0896 0x1b1c vsmraid - ok
12:32:10.0068 0x1b1c [ 5A927A2105864B8D71325B53382DD513, DAC09707ABE602B8101E7533DFFADC1F6B90555058AD5BEDD013F7CF8039AEEF ] VSS C:\WINDOWS\system32\vssvc.exe
12:32:10.0255 0x1b1c VSS - ok
12:32:10.0396 0x1b1c [ 68B0C874489D6DFC2DDC7FC442589B8A, 98CE0A0C475E110E8702B17548D57507E644FCAECE060C862D8CB99E481922E2 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
12:32:10.0412 0x1b1c VSTXRAID - ok
12:32:10.0459 0x1b1c [ 6C3D04C5ED039EFF604CFAC56078AA35, 1F923836EAB455BDD9E707C8A274675CBB4058324DCE14117064BCD3DBFDA03D ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
12:32:10.0459 0x1b1c vwifibus - ok
12:32:10.0474 0x1b1c [ AB78BAF8B9C721C2D7B002F9B0177133, F903680B3D9A02C2D689486A8CBBB25B0588C0CEDDE4C15965029767D0A0B47C ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
12:32:10.0490 0x1b1c vwififlt - ok
12:32:10.0662 0x1b1c [ 6BA439E534440B64C52EBDF46B01BF03, FB2DA14B2AAD4E1AF9B4D5766B7E052A8884EA9EC62CC78BEDB5359F2FD1914F ] W32Time C:\WINDOWS\system32\w32time.dll
12:32:10.0677 0x1b1c W32Time - ok
12:32:11.0037 0x1b1c [ FA195570EEE9EAE0052E38D06C98420B, D1E1202CDA1ECFF2851D2FCF75B84834417B0584EAFE070054D853FC5865A761 ] WaaSMedicSvc C:\WINDOWS\System32\WaaSMedicSvc.dll
12:32:11.0068 0x1b1c WaaSMedicSvc - ok
12:32:11.0287 0x1b1c [ 23C032497B422137AD06B75453BA1EA9, 0BE3CAFF88CC344FC6EA66846AB96C12B67DE188BF3B9A05D0F16462CC817EF0 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
12:32:11.0287 0x1b1c WacomPen - ok
12:32:11.0459 0x1b1c [ 4D8997E72D39D37B12B42ACEB487B5DA, 6CD60AE75E1F20BAA17E8954B45ECCDBB24BADD75DFF8855FBE5F1357FDEBFB5 ] WalletService C:\WINDOWS\system32\WalletService.dll
12:32:11.0490 0x1b1c WalletService - ok
12:32:11.0537 0x1b1c [ 645360242950FAC33FFF45A16CB2BF49, 73463F137ACB8F24B4B599DD72F9317AD0949EEC3B6E924BD03E097B22DA6CDE ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:32:11.0537 0x1b1c wanarp - ok
12:32:11.0552 0x1b1c [ 645360242950FAC33FFF45A16CB2BF49, 73463F137ACB8F24B4B599DD72F9317AD0949EEC3B6E924BD03E097B22DA6CDE ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:32:11.0552 0x1b1c wanarpv6 - ok
12:32:11.0630 0x1b1c [ 867C239ED7887B72546CBD6ED7B0287B, 88741BFE29AD0E59A798668A7645FF4958A88813BAEC3630965F68296117C8BA ] WarpJITSvc C:\WINDOWS\System32\Windows.WARP.JITService.dll
12:32:11.0646 0x1b1c WarpJITSvc - ok
12:32:11.0724 0x1b1c [ 5B6550AD76AB100F8CEA17A03DA5BCEE, 73803A664C70D11890FA4ED9462574A251D7D43004EEE411D1E9E0443AB0A543 ] wbengine C:\WINDOWS\system32\wbengine.exe
12:32:11.0787 0x1b1c wbengine - ok
12:32:11.0880 0x1b1c [ 8B6D20F633988C02771F96BB36C06AEF, 1E71B8E3DA627B59C48F01CC4F8795370F63BA2590BE4F4E72DD7F687AF37CE3 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
12:32:12.0037 0x1b1c WbioSrvc - ok
12:32:12.0271 0x1b1c [ 15E0E2DE1812F71C076F157DFE8DDCD4, 46D0123041C2960A129BE91BD5FCC1BBD48E8E1EF30C5DF7A6F7D1CFB8797CBA ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
12:32:12.0287 0x1b1c wcifs - ok
12:32:12.0365 0x1b1c [ 8E0DF717C7B48F841F6FD15F3519562D, 99C73E82B901F02E23CEE35A47A6AC67477EF12B34FD744DD6A16C9E26C17253 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
12:32:12.0396 0x1b1c Wcmsvc - ok
12:32:12.0552 0x1b1c [ 6E1CCA79376DD37591788AA75C6D9443, 624251AF572AA055D890AE13D56953AF7A95DF91F08146BDAB07DB428CB11EC9 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
12:32:12.0584 0x1b1c wcncsvc - ok
12:32:12.0646 0x1b1c [ 940D6DBF479EE8E9295141A78A8EEB0E, 8CF8F5DC38962ED4FC9EE6325CB995452432F1691C67FB6EFDE723F2BEE8A28D ] WdBoot C:\WINDOWS\system32\drivers\wd\WdBoot.sys
12:32:12.0646 0x1b1c WdBoot - ok
12:32:12.0833 0x1b1c [ 9870467F703E5426574520AA201C578C, 26E4E4B8FE8FC010A6EB271D00D30E818602936198A8187F2F67FA71A558D69A ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
12:32:12.0912 0x1b1c Wdf01000 - ok
12:32:12.0974 0x1b1c [ B16484A01B3F1C0380573DD6615D4DEC, 5E1309967C897A8E900629E02F9B4DE370D4CCD4C1E2FFDD86339263053AC71A ] WdFilter C:\WINDOWS\system32\drivers\wd\WdFilter.sys
12:32:12.0990 0x1b1c WdFilter - ok
12:32:13.0177 0x1b1c [ 9797AD41BDBA73027A9FBA16DA8B9B0B, 96F0C5A64ECD6FA1EFBB996EBEA5507D93ED7A34CFE7C2F5C3CA7476AC37ED53 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
12:32:13.0193 0x1b1c WdiServiceHost - ok
12:32:13.0208 0x1b1c [ 9797AD41BDBA73027A9FBA16DA8B9B0B, 96F0C5A64ECD6FA1EFBB996EBEA5507D93ED7A34CFE7C2F5C3CA7476AC37ED53 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
12:32:13.0208 0x1b1c WdiSystemHost - ok
12:32:13.0318 0x1b1c [ 7F295B7D6761ED4A607F6DA58894E061, 7869BC3B7AA86421700EC169D75BD1B7D25AB05FB88A02DA125AD0C97770D55E ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
12:32:13.0443 0x1b1c wdiwifi - ok
12:32:13.0490 0x1b1c [ 89D5EA2DCF491978FCC813E63AB27FC6, E0B04F30D8CDB0CCC4819E3D910346C2760B043BD8E83D862D77678C90BC07A4 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
12:32:13.0490 0x1b1c WdmCompanionFilter - ok
12:32:13.0537 0x1b1c [ 6D789C6D540000F19158A2A4711C06E0, F1680DCD193F5863D9319F6B1E6311BE2660987AB1169C9CA63CA43727112DF7 ] WdNisDrv C:\WINDOWS\system32\drivers\wd\WdNisDrv.sys
12:32:13.0537 0x1b1c WdNisDrv - ok
12:32:14.0193 0x1b1c [ A0DF3E9AAF3E0B8453CC3065A6B4F8E2, 8B0BBEFD3ECD78A89A912126732B21901A82F1A378451F9F1C12BDD075BBD5BD ] WdNisSvc C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe
12:32:14.0333 0x1b1c WdNisSvc - ok
12:32:14.0427 0x1b1c [ 06D40C20FD3E51FF7DCAC1D9A4FD2178, DB6BBF0B7F66476A76BB3189B7016E9A832A6B686142F457DD493FB8B536DB29 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:32:14.0458 0x1b1c WebClient - ok
12:32:14.0599 0x1b1c [ 82DDA4AC8456EDD7DDE9B3C24DFBFB25, 25F95D7026B5109CDA0009B89F2E5CB69EC1FAF17298CBC6A569E74D8C42A8CD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
12:32:14.0630 0x1b1c Wecsvc - ok
12:32:14.0646 0x1b1c [ 9A5062CAB946CF4AFA5295A5B99A086D, AED954380863934EFC2631058A9F15FBA81C81F5E0C836E5AA56937BCDD3CF4D ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
12:32:14.0646 0x1b1c WEPHOSTSVC - ok
12:32:14.0958 0x1b1c [ AD0D35ABBEC5FB722A34E287EF18BD74, A4C4C15D56EF9C129B4406740CAD46C288C553166D94A6083D1CFDF256B56FE9 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
12:32:14.0958 0x1b1c wercplsupport - ok
12:32:15.0521 0x1b1c [ 05B5FB7F2A33F3A3EEB5A03E0501D7A7, 950CF9FFB3383AB3346563C7A904B57AC4498BA8E5706ADF85A38565DB287B03 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
12:32:15.0537 0x1b1c WerSvc - ok
12:32:15.0615 0x1b1c [ 2ABF2A5169FBB666114C7FF75F52B439, 15E121A308AC889A065729C2EB56F44C853A32D0BB1B12BDE96572DF7B6DA34A ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll
12:32:15.0708 0x1b1c WFDSConMgrSvc - ok
12:32:15.0974 0x1b1c [ C3FDA3311404B51C0722C4AD58497625, 4A0EFD7A04F622C5E1FF073F8E8A3EA1C556F79B51977749330A8E593CD13B86 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
12:32:15.0990 0x1b1c WFPLWFS - ok
12:32:16.0083 0x1b1c [ D5C8CF9B747A14A73F8460261B593390, FF583BBDB653B0D21A6C27F692981CC5703C8EDD2E53479FB84A7D533252837E ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
12:32:16.0099 0x1b1c WiaRpc - ok
12:32:16.0146 0x1b1c [ 04F8E2A649CE9558B771A9B91F29889F, 9717C115E12421CF2F78AD8547DF8A19FF1AE9C1D8BF1DE9167330EDB49BB0F1 ] WifiCx C:\WINDOWS\system32\drivers\WifiCx.sys
12:32:16.0177 0x1b1c WifiCx - ok
12:32:16.0208 0x1b1c [ 542C9263CB3DBFDD5E4DFDED963E9972, 550BD5CE6A113B60BB9A2A1A6CB1D26DB6581D6F30530B38FFFD48FF70F37C2C ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
12:32:16.0208 0x1b1c WIMMount - ok
12:32:16.0255 0x1b1c [ D454A99D57B443CA7EDC229C9532B09C, FCFB070FE80F1A97DC45DEBE9CB12E0C78182A6C6700A4734577AE1735B39E1A ] WinDefend C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe
12:32:16.0255 0x1b1c WinDefend - ok
12:32:16.0349 0x1b1c [ BF7223A53C2F409CC2B1C2E6F3B0B2D5, 4193E018527CB0F9A022A31E9F85EF2F3C54D496CECFCAE0CB8EBC9E42641608 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
12:32:16.0365 0x1b1c WindowsTrustedRT - ok
12:32:16.0396 0x1b1c [ 6653F9A92DDAEEF821EDA5457659DD48, BD1AEAC1B40B8EDC7E4451A1D47939E8E1F25D42D48E66E573CE3D8F56AF7FD9 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
12:32:16.0396 0x1b1c WindowsTrustedRTProxy - ok
12:32:16.0505 0x1b1c [ 9D50E4F069FECA79EF380B47127F0FF0, DF7EC054643B26FA42A21FB5F120C5824365A3544179E5A11B926A684AF9D1BF ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
12:32:16.0552 0x1b1c WinHttpAutoProxySvc - ok
12:32:16.0755 0x1b1c [ F072AB2067A5385AA8F471FA574672CA, 039A561495468A3637CBE94142E9EE16FA671E2A928E3C3DC58DB794CC45FFA2 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
12:32:16.0771 0x1b1c WinMad - ok
12:32:16.0911 0x1b1c [ 66D416A37640DD5A90F26588F18C8963, E9A2A77C422F5E801EBAC2E5487A8F2E120184798ACF7BAAF9D965CD74B99789 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:32:16.0927 0x1b1c Winmgmt - ok
12:32:17.0146 0x1b1c [ 9DF02A4771CA383A6732A91276E7D941, 0740BFC5D8D4B8274EB4D20ADC6DCE6FE993EB7B86451614279240B9ED1958AB ] WinNat C:\WINDOWS\system32\drivers\winnat.sys
12:32:17.0161 0x1b1c WinNat - ok
12:32:17.0380 0x1b1c [ 8BFD978417F905E43F218C20CFD66F23, 3F5A5FC44012151D5C605EAA437712B79CE48FDBC8F6D4F968C2CC1EE965811F ] WinRM C:\WINDOWS\system32\WsmSvc.dll
12:32:17.0536 0x1b1c WinRM - ok
12:32:17.0615 0x1b1c [ 11EB937074A53D313312F5261504474A, F01BA664B9D07834E08971B2C79C0E85DC4B9B30A5DBC9148482DFB2C8DEC690 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
12:32:17.0615 0x1b1c WINUSB - ok
12:32:17.0724 0x1b1c [ 81CB1D6E8CCB21F7804F90DDBEA01CA5, A0BC1529254FDBF4730BA283A70D94D200CC3131470DA3BAB6E611D24EA08CB7 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
12:32:17.0724 0x1b1c WinVerbs - ok
12:32:17.0927 0x1b1c [ F8D99D66DAF7B6CF93E2E6BBD8B4D82C, 7E559931BFB06F1B41AC8E52A8FB3A673B63B2B7B129EE793FC7D22C2FBC0506 ] wisvc C:\WINDOWS\system32\flightsettings.dll
12:32:17.0974 0x1b1c wisvc - ok
12:32:18.0130 0x1b1c [ 61F48DB68CC165E1F797DAB96F8E647C, CA6B9A26FC629E87B1EB20AE175881378FB0A942BE4B89A9DD4F417AE512BCC5 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
12:32:18.0318 0x1b1c WlanSvc - ok
12:32:18.0552 0x1b1c [ C52A1F7828287F5C7357E7DD1D08E8A8, A156B981417BFF026C0BD242929B007314E55E60525AD71B21008DB8B3710A51 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
12:32:18.0677 0x1b1c wlidsvc - ok
12:32:18.0802 0x1b1c [ F6D41FFF228ECCC8F3DE3AA1108C757C, E7C1A7DB5D8B0382274B6801D72E2706F5C242DC7706995D80C9413338032A35 ] wlpasvc C:\WINDOWS\System32\lpasvc.dll
12:32:18.0943 0x1b1c wlpasvc - ok
12:32:19.0083 0x1b1c [ 98B3BCD548EDAC8D4215EE4E00754B82, 340BB715B534EC0C787F44FDB0693AB7747B219945576D19B2A3FC0C4FB512C7 ] WManSvc C:\WINDOWS\system32\Windows.Management.Service.dll
12:32:19.0396 0x1b1c WManSvc - ok
12:32:19.0427 0x1b1c [ C2177ADE00F3BC13DFD11E8BB4CB4A82, 4417738AD2FB7886DC6C9D0CDA6136FDE19B5F31CC25D6F60FCC2CCFB7A0B85F ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
12:32:19.0427 0x1b1c WmiAcpi - ok
12:32:19.0536 0x1b1c [ B9899E12236ACE2007FD2978D8BEE4A2, D5B2600F9251356C8B42F70F5D1EE2F5843806409F31E77D3B75902E7ACBC022 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
12:32:19.0568 0x1b1c wmiApSrv - ok
12:32:19.0630 0x1b1c [ FC12B00916780069BEB41CFBD1CCCFEB, 9C1AE90EE5D1C748FB41601D289749F98A21E60130E18016AC07CF819152BF2E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
12:32:19.0630 0x1b1c Wof - ok
12:32:19.0818 0x1b1c [ 93D6C8DB5FF6A74DF28676A7C3011A5B, 9B74C67C2AC633AE55B70551628E2A18E9CF86C8D5A0EC9A94EE2FB001FA3177 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
12:32:19.0943 0x1b1c workfolderssvc - ok
12:32:20.0208 0x1b1c [ 980E4EC35F6A0DC8C3863513B4854460, 47C038BE374F6080EBF03A77111F3D0038BA1E018E29300F5C8661A0167D2491 ] WpcMonSvc C:\WINDOWS\System32\WpcDesktopMonSvc.dll
12:32:20.0411 0x1b1c WpcMonSvc - ok
12:32:20.0599 0x1b1c [ C13F9389B0930B0B932E8949C079E489, 5FB7BB05DEB52EDD534E837CA60B2B478C94F87AA63C0228257E6A80B722D5A5 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
12:32:20.0614 0x1b1c WPDBusEnum - ok
12:32:20.0677 0x1b1c [ AB5E37EAD918F782A6C7D93B5E885B76, C970957AFFD0E85256D7F8395A815D4F58E7559601C0F6AFA32F4FD1CC8873E3 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
12:32:20.0677 0x1b1c WpdUpFltr - ok
12:32:20.0802 0x1b1c [ 2177DC37ECEE25134FB3C54F7D2FBE8B, F91486113BD2AA0AC028A75D11D90C83A70D93685CE65EFBB1F462C899651778 ] WpnService C:\WINDOWS\system32\WpnService.dll
12:32:20.0818 0x1b1c WpnService - ok
12:32:20.0833 0x1b1c [ CE77D2008B8FB701A1FAE3B4D68DB1F4, 5DB4A2763E212160AA096A38BA498EE269BB6E35C8A61116E43101843399B0C8 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
12:32:20.0849 0x1b1c WpnUserService - ok
12:32:20.0864 0x1b1c [ C464D8D350FB0D62C10EA8607CE633FF, 91DF81F990694B6CA28DDCB5ABE336695B530D5E17C1802095A6F5DBF92377CB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:32:20.0864 0x1b1c ws2ifsl - ok
12:32:21.0146 0x1b1c [ 4C55049E92D9EB99CD007C7D7B5FF1F4, F92918E4CFD48454C46927D5CBC583E27ED4CB4C5125FEF8FEE24E1C8F38AEE0 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
12:32:21.0161 0x1b1c wscsvc - ok
12:32:21.0177 0x1b1c WSearch - ok
12:32:21.0474 0x1b1c [ 8315741EF27CA070572A4D09DC27A609, D33F9A04A28DDB9E952C50F8464966871C63950FEBFEB7C2BEFE876449065B40 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
12:32:21.0661 0x1b1c wuauserv - ok
12:32:21.0802 0x1b1c [ 0691E88EEB3AC45064D91C256651C9AB, AFA40814D25D44F71A20849CDD1B7726D329E4D549444C52130E7375C3CF0DF8 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
12:32:21.0833 0x1b1c WudfPf - ok
12:32:21.0911 0x1b1c [ FBB19FCEA61458CB351E106AD942D301, F1BF9F0A95236C376312A51CB8EA17037C1B1805130459A0E215990D9F0D068C ] WUDFRd C:\WINDOWS\system32\drivers\WudfRd.sys
12:32:21.0927 0x1b1c WUDFRd - ok
12:32:22.0083 0x1b1c [ B525C152DF134EA87FEBE7B7D1D7CF84, A244A8C47D929DCA8D0691EC8A1FA9AB763B183B5B5598514F77EA632240BB36 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
12:32:22.0239 0x1b1c WwanSvc - ok
12:32:22.0380 0x1b1c [ E4D41873B04EF7DE0F64B74200E762A6, F69A60972FA93B8E3309C85469489805498B09883EB63C858F73254E34247897 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
12:32:22.0521 0x1b1c XblAuthManager - ok
12:32:22.0583 0x1b1c [ 5DE21986038B592B63F18A227AE7DEB0, 241B1BAE200FAFF14747B08C133625083064A03ACB97CE3B74F0E8C83BFD84F9 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
12:32:22.0646 0x1b1c XblGameSave - ok
12:32:22.0755 0x1b1c [ 287006C13C3EBF274221611ADBA2BC45, 639ACCF08FBA0C1EADC3B7D0CFDC67A670173ED2DF7AD1267C9C3C52FA835DA9 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
12:32:22.0771 0x1b1c xboxgip - ok
12:32:22.0880 0x1b1c [ B43DFB0100478CABEFC04BDE8C60A03C, 7F268FF1C1AEB95E06201E525397B3663CBFDBBC4D465E1C5DE0CFA256E2D1E0 ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll
12:32:22.0880 0x1b1c XboxGipSvc - ok
12:32:23.0036 0x1b1c [ D7DE7A2E96585629493C9F1D9DAE9D70, 7617F82995CE5A994D5A89849F07DF7A8B1845B7930FED2891C9FF450379AA76 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
12:32:23.0114 0x1b1c XboxNetApiSvc - ok
12:32:23.0146 0x1b1c [ D9CE6D28E665943A46068CCC83DD432F, 5A7C084053888E8A04662D4CB7C6ADA17483225B6150C4C6CFF3C23E667A9EF0 ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
12:32:23.0146 0x1b1c xinputhid - ok
12:32:23.0161 0x1b1c ================ Scan global ===============================
12:32:23.0317 0x1b1c [ 4FDBE1A2327ACC8C4B3FF89DCC951AEE, 05D8E259CAE4204C4A0C2E429797C36512DC2197D590089AC076CE9EE528DA7A ] C:\WINDOWS\system32\basesrv.dll
12:32:23.0411 0x1b1c [ 20EF05F6E74474FB4A730B6C57B7F4D4, 51D0987C2CD0549EAAF77CE08E50BD0A0EB8248015E873D23602BFDE208FEA80 ] C:\WINDOWS\system32\winsrv.dll
12:32:23.0474 0x1b1c [ 91676DDB8F8D22477B0D6A3C9A9F21FC, D9D552D386229ADA1BFB973C66C8E31838BB1743E996FBB51D66460AE155808B ] C:\WINDOWS\system32\sxssrv.dll
12:32:23.0583 0x1b1c [ E4CD6580E68E9AA5210F7FCE27A9009F, C1668111F54848E3002D205EAD5383339A85A4F07C4A4A0B06CCF7C221DD9C00 ] C:\WINDOWS\system32\services.exe
12:32:23.0614 0x1b1c [ Global ] - ok
12:32:23.0614 0x1b1c ================ Scan MBR ==================================
12:32:23.0724 0x1b1c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:32:25.0130 0x1b1c \Device\Harddisk0\DR0 - ok
12:32:25.0130 0x1b1c ================ Scan VBR ==================================
12:32:25.0146 0x1b1c [ DBFFA5D32D08BF8D8D43D7FD88A74AAE ] \Device\Harddisk0\DR0\Partition1
12:32:25.0146 0x1b1c \Device\Harddisk0\DR0\Partition1 - ok
12:32:25.0177 0x1b1c [ 6B46527F6CC79F9C59CC3B58E4F7AE15 ] \Device\Harddisk0\DR0\Partition2
12:32:25.0192 0x1b1c \Device\Harddisk0\DR0\Partition2 - ok
12:32:25.0192 0x1b1c ================ Scan active images ========================
12:32:25.0192 0x1b1c ================ Scan generic autorun ======================
12:32:25.0255 0x1b1c [ 96ED1536FCCF81523DCEC80A29D5A1D0, E0F18BE431BC44B6A4C21EC5017D3BBB5D859A95571FAEC4EDAAFA5268BC2E45 ] C:\WINDOWS\system32\SecurityHealthSystray.exe
12:32:25.0255 0x1b1c SecurityHealth - ok
12:32:25.0583 0x1b1c [ 4C6AAABB264526A9C845A39AEBB79B69, B27F869E8B44CC5F1F9ADCA53AA848C16D706587ED9C7F995AE59BF9B0426523 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
12:32:25.0599 0x1b1c StartCCC - ok
12:32:25.0708 0x1b1c OneDriveSetup - ok
12:32:25.0724 0x1b1c OneDriveSetup - ok
12:32:25.0786 0x1b1c GoogleDriveSync - ok
12:32:25.0817 0x1b1c CCleaner Smart Cleaning - ok
12:32:26.0083 0x1b1c [ 3E7A8BDAC93BB1F8E58A1B970A0663F2, E7534572F457C4A6AA5FC339A38A961D21C4E0717C3B8B2CD6FEB04E076A0DD3 ] C:\Program Files (x86)\Steam\steam.exe
12:32:28.0020 0x1b1c Steam - ok
12:32:28.0020 0x1b1c Waiting for KSN requests completion. In queue: 3
12:32:29.0536 0x1b1c AV detected via SS2: Windows Defender, windowsdefender:// ( ), 0x61100 ( enabled : updated )
12:32:29.0677 0x1b1c Win FW state via NFP2: enabled ( trusted )
12:32:30.0098 0x1b1c ============================================================
12:32:30.0098 0x1b1c Scan finished
12:32:30.0098 0x1b1c ============================================================
12:32:30.0130 0x1988 Detected object count: 0
12:32:30.0130 0x1988 Actual detected object count: 0

5manager5
Návštěvník
Návštěvník
Příspěvky: 202
Registrován: 10 led 2009 21:21

Re: kontrola logu na Keylogger / log je v 2 postoch

#5 Příspěvek od 5manager5 »

mohol by som Vás alebo kolegov poprosiť o vyjadrenie? nech viem ako to je, ďakujem :)

5manager5
Návštěvník
Návštěvník
Příspěvky: 202
Registrován: 10 led 2009 21:21

Re: kontrola logu na Keylogger / log je v 2 postoch

#6 Příspěvek od 5manager5 »

nikto?

Conder
Moderátor
Moderátor
Příspěvky: 4160
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: kontrola logu na Keylogger / log je v 2 postoch

#7 Příspěvek od Conder »

Nie vzdy mame cas odpovedat, kedze to robime vo volnom case :)

Kazdopadne logy vyzeraju ciste. Mozeme este precistit niektore zbytocnosti, v takom pripade poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

5manager5
Návštěvník
Návštěvník
Příspěvky: 202
Registrován: 10 led 2009 21:21

Re: kontrola logu na Keylogger / log je v 2 postoch

#8 Příspěvek od 5manager5 »

jasne ja chápem a vážim si vašu prácu len zažil som aj osobne kedy som niečo riešil a čas hral rolu

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-01-2021
Ran by saullerist (administrator) on DESKTOP-3SMP07F (TOSHIBA Satellite L650) (11-01-2021 11:29:08)
Running from C:\Users\saullerist\Desktop
Loaded Profiles: saullerist
Platform: Windows 10 Home Version 2004 20279.1 (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\DSDFunctionKeyCtlService.exe <2>
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\dynabookSystemService.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\RMService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> ) C:\Windows\System32\AggregatorHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50010064 2020-11-03] (Google LLC -> )
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\MountPoints2: {7787a485-5271-11eb-bc80-00266c5324d3} - "F:\HiSuiteDownLoader.exe"

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06A812AE-5323-4342-B1EA-3DCF41D27001} - System32\Tasks\Agent Activation Runtime\S-1-5-21-1796023744-1759536030-3900380101-1002 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [32768 2020-12-10] (Microsoft Windows -> )
Task: {1047E825-BC15-4910-B698-64EB4CF7B260} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2D2648FA-DFD3-4DEC-A9AB-4C55F13F7203} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4DA3F32C-CAE5-4618-95EA-A8743FEAA28E} - System32\Tasks\Microsoft\Windows\Shell\UpdateAgentTask_RemoveFOD => C:\WINDOWS\System32\ShellUpdateAgentTask.exe
Task: {592B68C5-94FA-4030-B47C-09892DA378AE} - System32\Tasks\Microsoft\Windows\Shell\ThemesSyncedImageDownload => {79F8E185-4E45-4B74-8182-02AA430661E4} C:\Windows\System32\Themes.SsfDownload.ScheduledTask.dll [245760 2020-12-10] (Microsoft Windows -> Microsoft Corporation)
Task: {6F87B0C7-EEA0-4F38-868A-D06BDBFBBD8A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {742A9E60-5AC3-467A-A1F5-3A9C9F5C2CB8} - System32\Tasks\Microsoft\Windows\Shell\UpdateAgentTask_SetCBSEndOfLife => C:\WINDOWS\System32\ShellUpdateAgentTask.exe
Task: {769BEB31-15CD-4B22-9149-9850590EE438} - System32\Tasks\Microsoft\Windows\Shell\UpdateAgentTask_AcquireFOD => C:\WINDOWS\System32\ShellUpdateAgentTask.exe
Task: {798DF91D-F240-419A-96F9-BE1CAE57BDA9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {80F87968-8825-4261-B05C-C7970A35114C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {81C5BC77-FD07-42F3-81C8-99D9DD879647} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {83CE6C76-3F28-489E-A7C6-794989F68298} - System32\Tasks\S-1-5-21-1796023744-1759536030-3900380101-1002\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe
Task: {87876812-554A-47E6-A1CC-48BCC1406F56} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UUS Failover Task => C:\WINDOWS\system32\failover.exe
Task: {B40F8511-B9B4-4F7B-9312-FC6DAA6B9F00} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-01] (Google Inc -> Google LLC)
Task: {B91219DC-34E0-47A2-B494-6279369FA6B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-01] (Google Inc -> Google LLC)
Task: {CE4330EF-036E-4564-9532-A5CED048145E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DCB6B88A-7EDE-48DD-80A7-832385E1711A} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe
Task: {EFBE98E8-21EB-4BDB-BABF-3DCA57B3A10D} - System32\Tasks\Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup => C:\WINDOWS\system32\MdmDiagnosticsTool.exe [90112 2020-12-10] (Microsoft Windows -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 04 C:\WINDOWS\SysWOW64\nlansp_c.dll [84480 2020-12-10] (Microsoft Windows -> Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 04 C:\Windows\system32\nlansp_c.dll [126976 2020-12-10] (Microsoft Windows -> Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{5c6459f7-5caf-472f-850f-576031683b95}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{5c6459f7-5caf-472f-850f-576031683b95}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{6f775dc0-2278-405d-8f3d-3e457ae63af2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9dfcf0d8-e52f-4e05-8126-662ce4070db5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ac43cc5f-f1a9-43e0-b2f7-f545309d60e6}: [DhcpNameServer] 192.168.1.1 195.146.128.62
ManualProxies:

Edge:
======
DownloadDir: C:\Users\saullerist\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\saullerist\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-10]
Edge DownloadDir: C:\Users\saullerist\Downloads

FireFox:
========
FF DefaultProfile: axn99qis.default
FF ProfilePath: C:\Users\saullerist\AppData\Roaming\Mozilla\Firefox\Profiles\axn99qis.default [2020-10-06]
FF ProfilePath: C:\Users\saullerist\AppData\Roaming\Mozilla\Firefox\Profiles\jtgg6ln9.default-release [2021-01-11]
FF DownloadDir: C:\Users\saullerist\Desktop
FF Homepage: Mozilla\Firefox\Profiles\jtgg6ln9.default-release -> www.google.sk

Chrome:
=======
CHR HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\DSDFunctionKeyCtlService.exe [615768 2020-11-18] (Dynabook Inc. -> Dynabook Inc.)
S3 FrameServerMonitor; C:\WINDOWS\system32\FrameServerMonitor.dll [303104 2020-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 McpManagementService; C:\WINDOWS\System32\McpManagementService.dll [290816 2020-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\dynabookSystemService.exe [44767040 2020-11-18] (Dynabook Inc. -> Dynabook Inc.)
S3 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\TOSTABSYSSVC.exe [254792 2020-11-18] (Dynabook Inc. -> Dynabook Inc.)
R3 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\RMService.exe [446240 2020-11-18] (Dynabook Inc. -> Dynabook Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 a016bus; C:\WINDOWS\System32\drivers\a016bus.sys [109096 2008-01-18] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 a016mgmt; C:\WINDOWS\System32\drivers\a016mgmt.sys [130600 2008-01-18] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 a016obex; C:\WINDOWS\System32\drivers\a016obex.sys [125480 2008-01-18] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
R3 FwLnk; C:\WINDOWS\System32\drivers\FwLnk.sys [9216 2009-07-07] (Microsoft Windows Hardware Compatibility Publisher -> TOSHIBA Corporation)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 IntelPMT; C:\WINDOWS\System32\drivers\IntelPMT.sys [49472 2020-12-10] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-11-01] (Malwarebytes Corporation -> Malwarebytes)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [95008 2020-12-10] (Microsoft Windows -> Broadcom Inc)
S3 NDKPerf; C:\WINDOWS\System32\drivers\NDKPerf.sys [74016 2020-12-10] (Microsoft Windows -> )
S3 s0016bus; C:\WINDOWS\System32\drivers\s0016bus.sys [115240 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016mgmt; C:\WINDOWS\System32\drivers\s0016mgmt.sys [137256 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016obex; C:\WINDOWS\System32\drivers\s0016obex.sys [136744 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016unic; C:\WINDOWS\System32\drivers\s0016unic.sys [151592 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017bus; C:\WINDOWS\System32\drivers\s0017bus.sys [113704 2008-10-21] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017mgmt; C:\WINDOWS\System32\drivers\s0017mgmt.sys [133160 2008-10-21] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017obex; C:\WINDOWS\System32\drivers\s0017obex.sys [128552 2008-10-21] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017unic; C:\WINDOWS\System32\drivers\s0017unic.sys [145960 2008-10-21] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018bus; C:\WINDOWS\System32\drivers\s1018bus.sys [113704 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018mgmt; C:\WINDOWS\System32\drivers\s1018mgmt.sys [133160 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018obex; C:\WINDOWS\System32\drivers\s1018obex.sys [128552 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018unic; C:\WINDOWS\System32\drivers\s1018unic.sys [146472 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1029bus; C:\WINDOWS\System32\drivers\s1029bus.sys [116264 2009-05-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1029mgmt; C:\WINDOWS\System32\drivers\s1029mgmt.sys [139304 2009-05-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1029obex; C:\WINDOWS\System32\drivers\s1029obex.sys [135208 2009-05-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1029unic; C:\WINDOWS\System32\drivers\s1029unic.sys [151592 2009-05-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mgmt; C:\WINDOWS\System32\drivers\s1039mgmt.sys [141424 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039obex; C:\WINDOWS\System32\drivers\s1039obex.sys [137328 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039unic; C:\WINDOWS\System32\drivers\s1039unic.sys [158320 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s916bus; C:\WINDOWS\System32\drivers\s916bus.sys [108072 2007-11-02] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s916mgmt; C:\WINDOWS\System32\drivers\s916mgmt.sys [130088 2007-11-02] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s916obex; C:\WINDOWS\System32\drivers\s916obex.sys [124968 2007-11-02] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 se3ebus; C:\WINDOWS\System32\drivers\se3ebus.sys [107784 2007-04-10] (MCCI Corporation -> MCCI Corporation)
S3 se3emgmt; C:\WINDOWS\System32\drivers\se3emgmt.sys [126216 2007-04-10] (MCCI Corporation -> MCCI Corporation)
S3 se3eobex; C:\WINDOWS\System32\drivers\se3eobex.sys [123144 2007-04-10] (MCCI Corporation -> MCCI Corporation)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [47816 2020-07-21] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\TosSrvCtlDrv.sys [25832 2020-11-18] (Dynabook Inc. -> Dynabook Inc.)
R0 TVALZ_O; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46088 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-11-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-11-20] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-11-20] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-11 11:29 - 2021-01-11 11:31 - 000017638 _____ C:\Users\saullerist\Desktop\FRST.txt
2021-01-11 11:27 - 2021-01-11 11:30 - 000000000 ____D C:\FRST
2021-01-11 11:27 - 2021-01-11 11:27 - 002281472 _____ (Farbar) C:\Users\saullerist\Desktop\FRST64.exe
2021-01-11 10:29 - 2021-01-11 10:30 - 000000029 _____ C:\Users\saullerist\Desktop\Nový textový dokument.txt
2021-01-09 18:05 - 2021-01-11 09:35 - 000000000 ____D C:\Program Files\CCleaner
2021-01-09 18:05 - 2021-01-09 18:05 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-09 18:05 - 2021-01-09 18:05 - 000002898 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-01-09 18:05 - 2021-01-09 18:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-01-08 10:57 - 2021-01-08 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0
2021-01-08 10:56 - 2021-01-08 10:57 - 000000000 ____D C:\Program Files\LibreOffice
2021-01-07 11:05 - 2021-01-07 11:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-07 09:24 - 2021-01-09 12:28 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-05 19:03 - 2021-01-05 19:03 - 000000000 ____D C:\Users\saullerist\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-05 19:01 - 2021-01-05 19:01 - 000000000 ____D C:\Users\saullerist\AppData\Local\Steam
2021-01-05 18:58 - 2021-01-10 22:45 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-05 18:58 - 2021-01-05 18:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-12-19 17:49 - 2021-01-09 17:25 - 000000000 ___HD C:\$WINDOWS.~BT
2020-12-18 13:04 - 2020-12-18 13:04 - 000000000 ____D C:\ProgramData\ATI
2020-12-18 13:02 - 2020-12-18 13:02 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-12-18 12:58 - 2020-12-18 12:58 - 000000020 ___SH C:\Users\saullerist\ntuser.ini
2020-12-18 12:55 - 2021-01-09 17:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-18 12:55 - 2020-12-18 12:55 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-18 12:55 - 2020-12-18 12:55 - 000003384 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-18 12:55 - 2020-12-18 12:55 - 000003280 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-18 12:55 - 2020-12-18 12:55 - 000003160 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-18 12:55 - 2020-12-18 12:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-1796023744-1759536030-3900380101-1002
2020-12-18 12:55 - 2020-12-18 12:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2020-12-18 12:54 - 2021-01-09 15:34 - 000040008 _____ C:\WINDOWS\diagwrn.xml
2020-12-18 12:54 - 2021-01-09 15:34 - 000040008 _____ C:\WINDOWS\diagerr.xml
2020-12-18 12:47 - 2021-01-09 17:53 - 008957458 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-18 12:38 - 2020-12-18 12:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2020-12-18 12:37 - 2020-12-18 12:58 - 000000000 ____D C:\Users\saullerist
2020-12-18 12:37 - 2020-12-18 12:37 - 000000000 ____D C:\Program Files\ATI Technologies
2020-12-18 12:37 - 2020-12-18 12:36 - 000000000 ____D C:\Users\saullerist\AppData\Roaming\ATI
2020-12-18 12:37 - 2020-12-18 12:36 - 000000000 ____D C:\Users\saullerist\AppData\Local\ATI
2020-12-18 12:36 - 2020-12-18 12:36 - 000000000 ____D C:\Users\Default\AppData\Roaming\ATI
2020-12-18 12:36 - 2020-12-18 12:36 - 000000000 ____D C:\Users\Default\AppData\Local\ATI
2020-12-18 12:36 - 2020-12-18 12:36 - 000000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2020-12-18 12:36 - 2020-12-18 12:36 - 000000000 ____D C:\Users\Default User\AppData\Local\ATI
2020-12-18 12:30 - 2021-01-09 12:28 - 000644656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-18 12:30 - 2020-12-18 12:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-18 11:49 - 2020-12-18 12:29 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-12-18 11:44 - 2020-12-18 11:49 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-12-18 11:33 - 2020-06-29 00:16 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2020-12-18 11:33 - 2020-06-20 14:28 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2020-12-18 11:28 - 2020-12-18 11:28 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-12-18 11:28 - 2020-12-18 11:28 - 000000000 ____D C:\Program Files\MSBuild
2020-12-18 11:28 - 2020-12-18 11:28 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-12-18 11:28 - 2020-12-18 11:28 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-12-18 11:00 - 2020-12-18 11:00 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-12-16 20:41 - 2021-01-09 13:34 - 000000000 ___DC C:\WINDOWS\Panther
2020-12-15 13:18 - 2020-12-18 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-12-15 13:18 - 2020-12-15 13:18 - 000000000 ____D C:\Program Files\Google

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-11 11:30 - 2020-12-10 08:15 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-11 10:32 - 2019-01-30 16:22 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-11 10:31 - 2020-10-06 12:16 - 000000000 ____D C:\Users\saullerist\AppData\LocalLow\Mozilla
2021-01-10 20:54 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-01-10 20:54 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-10 15:53 - 2016-01-12 10:47 - 000000000 ___RD C:\Users\saullerist\Disk Google
2021-01-09 17:53 - 2020-12-10 08:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-09 17:53 - 2016-11-28 17:10 - 006150574 _____ C:\WINDOWS\system32\perfh01B.dat
2021-01-09 17:53 - 2016-11-28 17:10 - 001828564 _____ C:\WINDOWS\system32\perfc01B.dat
2021-01-09 17:49 - 2020-02-21 11:41 - 000012288 ___SH C:\DumpStack.log.tmp
2021-01-09 17:48 - 2020-12-10 08:02 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2021-01-09 17:47 - 2018-06-23 15:09 - 000000000 ____D C:\Users\saullerist\AppData\Local\D3DSCache
2021-01-09 16:28 - 2020-06-03 13:02 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-09 16:02 - 2020-12-10 08:15 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-09 16:02 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-09 14:53 - 2020-12-10 08:02 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-09 13:00 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-09 12:37 - 2020-05-06 19:08 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-09 12:28 - 2020-10-13 21:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-08 21:43 - 2016-11-18 17:20 - 000000000 ____D C:\Users\saullerist\AppData\Local\ConnectedDevicesPlatform
2021-01-07 11:04 - 2020-10-06 12:15 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-12-19 13:20 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\appcompat
2020-12-18 13:16 - 2020-12-10 08:15 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-12-18 13:01 - 2020-12-10 08:02 - 000000000 ____D C:\WINDOWS\servicing
2020-12-18 13:01 - 2020-12-10 08:02 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-18 12:59 - 2020-12-10 08:15 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-18 12:58 - 2017-07-15 16:50 - 000000000 ___RD C:\Users\saullerist\3D Objects
2020-12-18 12:58 - 2016-01-05 16:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-18 12:56 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-18 12:55 - 2020-12-10 08:15 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-18 12:39 - 2017-10-18 09:41 - 000000000 ____D C:\Users\saullerist\AppData\Local\Packages
2020-12-18 12:37 - 2017-07-13 16:06 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2020-12-18 12:35 - 2016-01-06 00:47 - 000000000 ____D C:\AMD
2020-12-18 12:30 - 2020-12-10 08:15 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-12-18 12:30 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-12-18 12:30 - 2020-09-26 17:15 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-12-18 12:29 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\spool
2020-12-18 12:29 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\ServiceState
2020-12-18 12:29 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\Registration
2020-12-18 12:29 - 2020-12-10 08:15 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-12-18 12:29 - 2020-08-01 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-12-18 12:29 - 2020-08-01 09:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-12-18 12:29 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-12-18 12:29 - 2017-07-07 14:16 - 000000000 ____D C:\Program Files\UNP
2020-12-18 12:29 - 2016-11-18 18:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-12-18 11:57 - 2020-12-10 08:15 - 000000000 ____D C:\ProgramData\USOPrivate
2020-12-18 11:54 - 2020-12-10 08:15 - 000000000 __RHD C:\Users\Public\Libraries
2020-12-18 11:51 - 2020-03-21 20:12 - 000000000 ___RD C:\WINDOWS\WebManagement
2020-12-18 11:50 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\Resources
2020-12-18 11:50 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\Help
2020-12-18 11:50 - 2018-05-23 13:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2020-12-18 11:50 - 2017-07-13 16:05 - 000000000 ____D C:\Program Files\Synaptics
2020-12-18 11:50 - 2017-07-13 16:05 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2020-12-18 11:50 - 2017-07-13 16:05 - 000000000 ____D C:\Program Files\AMD
2020-12-18 11:46 - 2020-12-10 08:19 - 000000000 ____D C:\WINDOWS\Setup
2020-12-18 11:38 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-18 11:38 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-18 11:33 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2020-12-18 11:33 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2020-12-18 11:33 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2020-12-18 11:33 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2020-12-18 11:33 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2020-12-18 11:33 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2020-12-18 11:33 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\et-EE
2020-12-18 11:33 - 2020-12-10 08:15 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-12-17 23:03 - 2016-11-28 16:54 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-12-17 20:59 - 2018-04-16 14:13 - 000000000 ____D C:\Users\saullerist\AppData\Local\ElevatedDiagnostics
2020-12-15 13:18 - 2018-06-04 18:58 - 000000000 ____D C:\Users\saullerist\AppData\Local\Google

==================== Files in the root of some directories ========

2020-02-26 20:13 - 2020-02-26 20:17 - 000000062 _____ () C:\Users\saullerist\AppData\Roaming\FalconX.cfg
2017-07-31 10:22 - 2017-07-31 10:22 - 000029696 _____ () C:\Users\saullerist\AppData\Local\MSGBOX.EXE
2017-10-18 09:16 - 2020-04-08 13:19 - 000007597 _____ () C:\Users\saullerist\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

5manager5
Návštěvník
Návštěvník
Příspěvky: 202
Registrován: 10 led 2009 21:21

Re: kontrola logu na Keylogger / log je v 2 postoch

#9 Příspěvek od 5manager5 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Ran by saullerist (11-01-2021 11:34:38)
Running from C:\Users\saullerist\Desktop
Windows 10 Home Version 2004 20279.1 (X64) (2020-12-18 11:56:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1796023744-1759536030-3900380101-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1796023744-1759536030-3900380101-503 - Limited - Disabled)
Guest (S-1-5-21-1796023744-1759536030-3900380101-501 - Limited - Disabled)
saull (S-1-5-21-1796023744-1759536030-3900380101-1016 - Limited - Disabled)
saullerist (S-1-5-21-1796023744-1759536030-3900380101-1002 - Administrator - Enabled) => C:\Users\saullerist
WDAGUtilityAccount (S-1-5-21-1796023744-1759536030-3900380101-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AIDA64 Extreme v6.32 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.32 - FinalWire Ltd.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Backup and Sync from Google (HKLM\...\{3A8CD593-8CF9-45B4-9932-FC41CBC14E15}) (Version: 3.53.3404.7585 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
LibreOffice 7.0.4.2 (HKLM\...\{B3171B83-4945-43E0-A101-841638C05506}) (Version: 7.0.4.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 84.0.2 (x64 sk)) (Version: 84.0.2 - Mozilla)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.8.12113.0_x64__8wekyb3d8bbwe [2020-12-22] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-11-03] (Google LLC -> Google)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-11-03] (Google LLC -> Google)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-12-19 14:23 - 2020-12-19 14:23 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\A4.Foundation\5bd97009b7f10a3bdef685e6ed2eb999\A4.Foundation.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\0ac4fd2affef199df16802d298ad4f61\AEM.Actions.CCAA.Shared.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\c3bd73c9c385056e72fdbbcb5472e4a0\AEM.Plugin.EEU.Shared.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\902e3b4359f7290a90af2366f35261c1\AEM.Plugin.Hotkeys.Shared.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\84016460286439c28703f4936f99c4ea\AEM.Plugin.DPPE.Shared.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\2798dafc155c7f05a955ec01f84718c3\AEM.Plugin.Source.Kit.Server.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\63d39aa2550bb42de19081270a3be316\AEM.Plugin.WinMessages.Shared.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\49bce58744d8cf451ac4b4c2c29692bb\AEM.Plugin.REG.Shared.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\69e57e884bd4ebb569abaf0df501920a\AEM.Plugin.GD.Shared.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\23a478d6f0af77fb26817ed1873a58f8\AEM.Server.Shared.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server\85da2200e1e9b1425daab1683b5186ae\AEM.Server.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Foundation\3cf9bfabc52491160769c1507d48787e\APM.Foundation.ni.dll
2020-12-19 15:31 - 2020-12-19 15:31 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ATICCCom\f81ed4d32790cc0b9a28c533896a7d3c\ATICCCom.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\397f077c0b123a95585c34e2f5bf25c5\CCC.Implementation.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000154112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\fa1234340183e2e6fb2d0e0acb656f55\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2020-12-19 14:35 - 2020-12-19 14:35 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\2bf225111b9c2ebfb0ef7357bf5c9596\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\26e077ffd178651008445aed683bc0c1\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\3f1823da0d717d5ed520f77c198a35ab\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\1663a3d3aac15e38eda9377046e29d1c\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000209920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\2406dde9068f957f8e724fef716df9e6\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\5dcd83965b8490b898ad8791caddf86e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\b6a1071a2e6cef9b163b0e4af6c5dead\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\8d4d9652d72f4f02fba1fa3545a41bd1\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\d602614be1b7d353ac5823bd49c87522\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2020-12-19 15:31 - 2020-12-19 15:31 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\d7ac2a712a5bae806e903170f4dca1d5\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2020-12-19 14:35 - 2020-12-19 14:35 - 000365056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\965fbc8fc669740db6f0df9c7a8d367d\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000064000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\eb02636ddc2e89774cc87442817ec927\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000678912 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\f5e07b57d66637b9fa8b3920508a8217\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000745472 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\62de3e3f83cf19972a5bb3d2921f029c\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000449536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\ced8ee3a6b1bbeb9d4c13f2189ec5a15\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\60ea9565169e72409d04ecba8674bd99\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000158208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\5f933d40f7bdbbaf07a2bdc122e6629e\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\03768122023655e908a74b497dabb096\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000082944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\f6658034a3fd0eb38ebab7cae8480aba\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2020-12-19 14:35 - 2020-12-19 14:35 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\516c3723ce5ea36445280930071f56c0\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000086528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\81629d0590510fea38c4427041529707\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\16099078f9b9ea4c7afd1ac4b98d784b\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000340992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\660a02f2704ba6dbe459917ec3b30ff4\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\1f586d8d118cae94e2bc3b5960975e9d\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000276480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\5ed4e3f7db74abd396fc8b9d36106d7a\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 003312640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\f6f23a534737c0696a71bd66b43d9192\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000240640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\37a818605652f035910e329367bca399\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\955a1d781bc8a31ad0d1e5669d4e8afb\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\6b8b37d3c0cd621f9d53bc7899a34de0\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\02626f451f2a7dd1848a9333aef6a6b0\CLI.Caste.A4.Runtime.ni.dll
2020-12-19 14:35 - 2020-12-19 14:35 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\869a6e0b77b2e98e5580951ed69eca2a\CLI.Caste.A4.Shared.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\bab36095ee4972fb2fe6af3df5b2af83\CLI.Caste.A4.Dashboard.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\ca3252bf6d541addbf59e8a1185f183d\CLI.Caste.Fuel.Shared.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\fd5ddf3abc2b64ba1de6a5a02c418352\CLI.Caste.Fuel.Runtime.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\bc42f26970633f765e8e70f13ae57ce7\CLI.Caste.Fuel.Dashboard.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\6effc8a963f215c15a1c9155fbe8433f\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2020-12-19 14:35 - 2020-12-19 14:35 - 001555456 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\a08b6220a70d6715b80bb51710d74c31\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000587776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\26303668bcf5c4b375e69fc5bf5e606f\CLI.Caste.Graphics.Dashboard.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\cff77c5224b92e2abb130378cea0e05a\CLI.Caste.HydraVision.Runtime.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\044b40140af0ebf8ae9487c3072762c8\CLI.Caste.HydraVision.Shared.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\31655245240b7acda6a8cf4a8f636bfd\CLI.Caste.HydraVision.Dashboard.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\fe860b189575754a2da0af07e2659bcf\CLI.Caste.Platform.Shared.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\79f1e09c72b1e35e8a4c55034c48ef82\CLI.Caste.Platform.Runtime.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\4527c000328e4c77df7f7663c60134db\CLI.Caste.Platform.Dashboard.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\c32053d502a59268a898373d5e0d9859\CLI.Component.Runtime.Shared.ni.dll
2020-12-19 15:31 - 2020-12-19 15:32 - 000901632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\9302c4fc01f1508dd2b7cff8bb10fdeb\CLI.Component.Systemtray.ni.dll
2020-12-19 15:31 - 2020-12-19 15:31 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\b3a03d07640e87821596f21a50963e29\CLI.Component.Dashboard.ProfileManager2.ni.dll
2020-12-19 14:35 - 2020-12-19 14:35 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\4018c1b3a9dd35f72ccfbc283d7199e2\CLI.Component.Runtime.Shared.Private.ni.dll
2020-12-19 15:31 - 2020-12-19 15:31 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\4e0bc06026a221e22dec9c2a6f5b414b\CLI.Component.Runtime.Extension.EEU.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 001609728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\964413ab5a8e336198ea99379dadb876\CLI.Component.Dashboard.Shared.Private.ni.dll
2020-12-19 14:25 - 2020-12-19 14:25 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\dff765890040c3668dcbdf95c51541a4\CLI.Component.Client.Shared.ni.dll
2020-12-19 14:25 - 2020-12-19 14:25 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\b63f7acc19ac99959fcb995432a3a405\CLI.Component.Dashboard.Shared.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\95854a275f04854eb3cd2b7c5f8b3c8c\CLI.Foundation.Private.ni.dll
2020-12-19 15:32 - 2020-12-19 15:32 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\94ff72ae98d7ab702e5cb7bf3d5c23ef\CLI.Foundation.XManifest.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\7450c94cda28a781029ca5f50473e1d3\CLI.Foundation.CoreAudioAPI.ni.dll
2020-12-19 14:25 - 2020-12-19 14:25 - 001079808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\002547f3403d6c81ea49a93b1dea447d\CLI.Foundation.Client.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\d9d69c8628b407be110045fe07c0ca71\CLI.Foundation.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\7733d38a819d207f5e37f5b1cd78b8d3\DEM.Foundation.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000115200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\4bdbb626f42d66a3af128935e2f7272e\DEM.Graphics.I0601.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\f399e7172e026742f882c64746b35078\DEM.Graphics.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\e89f6cdc4183df299e5bb6b4264dc24b\Fuel.Foundation.ni.dll
2020-12-19 15:32 - 2020-12-19 15:32 - 000296960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\43fafa6fb4af70449648f3263c344bbb\LOG.Foundation.Implementation.ni.dll
2020-12-19 14:23 - 2020-12-19 14:23 - 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\b1b351866554b7cc54bc188dc5457c83\LOG.Foundation.Private.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\d15314f0e423450bcc34c50a640ba17f\LOG.Foundation.Implementation.Private.ni.dll
2020-12-19 14:23 - 2020-12-19 14:23 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\e22e170b806dd34b0d63343208dd0843\LOG.Foundation.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\fb0f6fa73ae79a9f9570e6cb7b5a1e8a\MOM.Foundation.ni.dll
2020-12-19 15:34 - 2020-12-19 15:34 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\4e154e1ed32174321305e1a298891704\MOM.Implementation.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\6d2f1b38722c42b2381efe306d1a5f25\NEWAEM.Foundation.ni.dll
2015-11-04 16:40 - 2015-11-04 16:40 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\404c28da7fcad54995c5099a68c7a659\ADL.Foundation.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 000256000 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Server\5575f5868668afca4e69c285b455d4ff\APM.Server.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000298496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\c78000618fe0ca27943323ded3a25375\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 001654272 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\489f5e701ca796886f66cb548f963a6c\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 006336512 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\c5d30f9c8c8317c626be08c3ec1724e3\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 008027648 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\189a3eed464df1733a2423c5b75dc066\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 001159680 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\305eaec0b0d501de748e7942f82c1920\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2020-12-19 14:25 - 2020-12-19 14:25 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\99b954b8d092a7c981f97334cf34213c\CLI.Component.Client.Shared.Private.ni.dll
2020-12-19 15:31 - 2020-12-19 15:31 - 000234496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\3c665fc0c5fedf89ba363b971f431294\CLI.Component.Runtime.ni.dll
2020-12-19 15:12 - 2020-12-19 15:12 - 000929280 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\79a965cd7efcfd4fd47fb751e3017a47\CLI.Component.Dashboard.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\517acf6b297ebeb40d0ece90ac05c467\DEM.Graphics.I0706.ni.dll
2020-12-19 14:49 - 2020-12-19 14:49 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\bfff3356d4ae83c8900b166f89579278\DEM.Graphics.I0709.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\c9189b13ada5dd65f3b563f24b854402\DEM.Graphics.I0712.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\fd5387b86c9a0971d41d8202ac8600cf\DEM.Graphics.I0804.ni.dll
2020-12-19 15:32 - 2020-12-19 15:32 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\7f04a5946202bd48006d56d3a4542941\DEM.Graphics.I0805.ni.dll
2020-12-19 15:32 - 2020-12-19 15:32 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\8124e32bc7cc93ca1fe7c252bcbd2eb3\DEM.Graphics.I0812.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\d27e7d5d17568066bcf24fc5289f73b0\DEM.Graphics.I0906.ni.dll
2020-12-19 14:48 - 2020-12-19 14:48 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\81ade84dd787be80bd4dcefab91ff256\DEM.Graphics.I0912.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\6c1dfb1b73ad2c0f4d95ecd5db8e2739\DEM.Graphics.I1010.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 001139200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\7241958459d67302f244fc94b701f628\Localization.Foundation.Private.ni.dll
2020-12-19 15:34 - 2020-12-19 15:34 - 000244736 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\1ea56da7dd3bd439945299f0e1e1e9c2\ResourceManagement.Foundation.Implementation.ni.dll
2020-12-19 14:25 - 2020-12-19 14:25 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\1ed0b76ae002a70b80ab326d05dc7915\ResourceManagement.Foundation.Private.ni.dll
2020-12-19 14:35 - 2020-12-19 14:35 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\fcc3396cfa6230d36c0d05d509655d54\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2020-12-19 14:24 - 2020-12-19 14:24 - 002845696 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\728c46d324593bba7275599adc9a770d\CLI.Caste.Graphics.Shared.ni.dll
2020-12-19 14:50 - 2020-12-19 14:50 - 003268096 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\ce389aaeb87808b927e41660a861b940\CLI.Caste.Graphics.Runtime.ni.dll
2020-12-19 14:25 - 2020-12-19 14:25 - 000335360 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\04ba8c8dd07ae8678db2cd087af6f64d\Microsoft.WindowsAPICodePack.ni.dll
2020-12-19 14:35 - 2020-12-19 14:35 - 002546688 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\fc31cd3c286484d7356dfeeccd54a99d\Microsoft.WindowsAPICodePack.Shell.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\54529861.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nvdimm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{53966cb1-4d46-4166-bf23-c522403cd495} => ""="ScmDisk"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\54529861.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nvdimm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{53966cb1-4d46-4166-bf23-c522403cd495} => ""="ScmDisk"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1796023744-1759536030-3900380101-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-11-18 16:42 - 2017-03-13 16:31 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\Control Panel\Desktop\\Wallpaper -> c:\users\saullerist\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\img0.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\StartupFolder: => "Odoslanie do aplikácie OneNote.lnk"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "Uninstall C:\Users\saullerist\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_DDAEB60A3A4C412D731C2E4868511E36"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\StartupApproved\Run: => "CCleanerBrowserAutoLaunch_AFE589D608B3188594AF573809023416"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{C55F00AC-C798-4AB0-B8C1-6F427A4FB8A0}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{05D5E7A9-B196-422B-87DE-6022BDE9C93E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E8E38089-F7E7-43F4-ABB5-EDF626FD66AF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8866337C-71C6-4A99-B651-73002DE8AF05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BA94B2AF-32ED-43B0-9B5C-A9BBFCBCC76C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.42.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7E92E685-95D4-4189-8B87-D070E2A6CFE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.42.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B86A1AE4-0285-4430-AC20-49ED7CA71FCA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.42.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A7C9D772-FB32-48C2-92E1-3605FCE728BC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.42.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8E9295BE-5A1B-4609-93C1-6440BBD04E2D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C20DF22F-D596-4255-829A-FEB26CDFB312}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7DC022A0-0A09-417D-9133-48E496498A7D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7B9237A8-BB3E-4000-BCFA-D59B2C16F34F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2BAC6518-B35A-4380-AC76-6585D6890386}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doom 3\Doom3.exe (id Software) [File not signed]
FirewallRules: [{465A9F58-068B-45E2-8DC2-260DC292F19D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doom 3\Doom3.exe (id Software) [File not signed]

==================== Restore Points =========================

09-01-2021 15:56:47 Windows Update
09-01-2021 15:56:47 Windows Update
09-01-2021 15:57:39 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/09/2021 07:58:57 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v WINDOWS (C:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (01/09/2021 07:12:59 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Data (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (01/09/2021 05:48:14 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (01/09/2021 05:48:14 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (01/09/2021 05:48:14 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (01/09/2021 05:48:14 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (01/08/2021 10:50:02 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službe Windows Search sa nepodarilo spracovať zoznam zahrnutých a vylúčených umiestnení, pretože sa vyskytla chyba <30, 0x80040d07, "iehistory://{S-1-5-21-1796023744-1759536030-3900380101-1002}/">.

Error: (01/05/2021 06:58:38 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe


System errors:
=============
Error: (01/09/2021 05:25:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x800704c7: Windows 10 Insider Preview 21286.1000 (rs_prerelease).

Error: (01/09/2021 05:11:28 PM) (Source: iaStor) (EventID: 9) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (01/09/2021 04:48:45 PM) (Source: WinRM) (EventID: 10142) (User: )
Description: The WinRM service cannot migrate the listener with Address * and Transport HTTP. A listener that has the same Address and Transport configuration already exists.

Error: (01/09/2021 12:27:10 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.

Error: (01/09/2021 12:26:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x800704c7: Windows 10 Insider Preview 21286.1000 (rs_prerelease).

Error: (01/05/2021 07:01:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Steam Client Service zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (01/05/2021 07:01:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Steam Client Service bol dosiahnutý časový limit (30000 ms).

Error: (01/01/2021 11:07:00 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Pri vytváraní poverenia protokolu TLS client sa vyskytla závažná chyba. Vnútorný stav chyby je 10013.
proces klienta SSPI svchost (PID: 5536).


Windows Defender:
===================================0x4576656E745B305D0D0A20204C6F67204E616D653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465722F4F7065726174696F6E616C0D0A2020536F757263653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465720D0A2020446174653A20323032312D30312D31305431333A30373A31352E363231303030305A0D0A20204576656E742049443A20313030320D0A20205461736B3A204E2F410D0A20204C6576656C3A205761726E696E67003F20204F70636F64653A20496E666F00003F20204B6579776F72643A204E2F410D0A2020557365723A20532D312D352D31380D0A202055736572204E616D653A204E5420415554484F524954595C53595354454D0D0A2020436F6D70757465723A204445534B544F502D33534D503037460D0A20204465736372697074696F6E3A200D0A4D6963726F736F667420446566656E64657220416E74697669727573207363616E20686173206265656E2073746F70706564206265666F726520636F6D706C6574696F6E2E0D0A20095363616E2049443A207B42444133394530422D463031332D343432302D414443332D4241343745373041334642397D0D0A20095363616E20547970653A20416E74696D616C776172650D0A20095363616E20506172616D65746572733A20517569636B205363616E0D0A202009557365723A204E5420415554484F524954595C53595354454D003F0D0A4576656E745B315D0D0A20204C6F67204E616D653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465722F4F7065726174696F6E616C0D0A2020536F757263653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465720D0A2020446174653A20323032312D30312D30395431383A33333A34362E333234303030305A0D0A20204576656E742049443A20313030320D0A20205461736B3A204E2F410D0A20204C6576656C3A204E2F410D0A20204F70636F64653A204E2F410D0A20204B6579776F72643A204E2F410D0A2020557365723A20532D312D352D31380D0A202055736572204E616D653A204E5420415554484F524954595C53595354454D0D0A2020436F6D70757465723A204445534B544F502D33534D503037460D0A20204465736372697074696F6E3A200D0A4E2F410D0A0D0A4576656E745B325D0D0A20204C6F67204E616D653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465722F4F7065726174696F6E616C0D0A2020536F757263653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465720D0A2020446174653A20323032312D30312D30395431383A30313A34382E303839303030305A0D0A20204576656E742049443A20313030320D0A20205461736B3A204E2F410D0A20204C6576656C3A204E2F410D0A20204F70636F64653A204E2F410D0A20204B6579776F72643A204E2F410D0A2020557365723A20532D312D352D31380D0A202055736572204E616D653A204E5420415554484F524954595C53595354454D0D0A2020436F6D70757465723A204445534B544F502D33534D503037460D0A20204465736372697074696F6E3A200D0A4E2F410D0A0D0A4576656E745B335D0D0A20204C6F67204E616D653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465722F4F7065726174696F6E616C0D0A2020536F757263653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465720D0A2020446174653A20323032312D30312D30395431373A31313A33372E353631303030305A0D0A20204576656E742049443A20313030320D0A20205461736B3A204E2F410D0A20204C6576656C3A204E2F410D0A20204F70636F64653A204E2F410D0A20204B6579776F72643A204E2F410D0A2020557365723A20532D312D352D31380D0A202055736572204E616D653A204E5420415554484F524954595C53595354454D0D0A2020436F6D70757465723A204445534B544F502D33534D503037460D0A20204465736372697074696F6E3A200D0A4E2F410D0A0D0A4576656E745B345D0D0A20204C6F67204E616D653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465722F4F7065726174696F6E616C0D0A2020536F757263653A204D6963726F736F66742D57696E646F77732D57696E646F777320446566656E6465720D0A2020446174653A20323032312D30312D30385431383A34383A30352E333334303030305A0D0A20204576656E742049443A20313030320D0A20205461736B3A204E2F410D0A20204C6576656C3A204E2F410D0A20204F70636F64653A204E2F410D0A20204B6579776F72643A204E2F410D0A2020557365723A20532D312D352D31380D0A202055736572204E616D653A204E5420415554484F524954595C53595354454D0D0A2020436F6D70757465723A204445534B544F502D33534D503037460D0A20204465736372697074696F6E3A200D0A4E2F410D0A0D0A
==================== Memory info ===========================

BIOS: INSYDE 1.40 05/17/2010
Motherboard: TOSHIBA Portable PC
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 78%
Total physical RAM: 3958.85 MB
Available physical RAM: 851.03 MB
Total Virtual: 6262.85 MB
Available Virtual: 2039.22 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:296.96 GB) (Free:252.05 GB) NTFS
Drive d: (Data) (Fixed) (Total:297.92 GB) (Free:287.07 GB) NTFS

\\?\Volume{18c6abd2-0000-0000-0000-100000000000}\ (SYSTEM) (Fixed) (Total:0.39 GB) (Free:0.18 GB) NTFS
\\?\Volume{18c6abd2-0000-0000-0000-a0564a000000}\ () (Fixed) (Total:0.89 GB) (Free:0.33 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 18C6ABD2)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=297 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=915 MB) - (Type=27)
Partition 4: (Not Active) - (Size=297.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Conder
Moderátor
Moderátor
Příspěvky: 4160
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: kontrola logu na Keylogger / log je v 2 postoch

#10 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies
    RemoveProxy:
    
    HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\MountPoints2: {7787a485-5271-11eb-bc80-00266c5324d3} - "F:\HiSuiteDownLoader.exe" 
    CHR HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
    2017-07-31 10:22 - 2017-07-31 10:22 - 000029696 _____ () C:\Users\saullerist\AppData\Local\MSGBOX.EXE
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah skopiruj a vloz do dalsej odpovede
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

5manager5
Návštěvník
Návštěvník
Příspěvky: 202
Registrován: 10 led 2009 21:21

Re: kontrola logu na Keylogger / log je v 2 postoch

#11 Příspěvek od 5manager5 »

ďakujem, môžme uzavrieť

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Ran by saullerist (13-01-2021 21:19:11) Run:1
Running from C:\Users\saullerist\Desktop
Loaded Profiles: saullerist
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies
RemoveProxy:

HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\MountPoints2: {7787a485-5271-11eb-bc80-00266c5324d3} - "F:\HiSuiteDownLoader.exe"
CHR HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
2017-07-31 10:22 - 2017-07-31 10:22 - 000029696 _____ () C:\Users\saullerist\AppData\Local\MSGBOX.EXE
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 8
Average :
Sum : 2362893
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies]
""=""

=== End of ExportKey ===

========= RemoveProxy: =========

"HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\" => removed successfully
"HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7787a485-5271-11eb-bc80-00266c5324d3} => removed successfully
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => removed successfully
C:\Users\saullerist\AppData\Local\MSGBOX.EXE => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17942249 B
Java, Flash, Steam htmlcache => 37499122 B
Windows/system/drivers => 7733153 B
Edge => 4096 B
Chrome => 0 B
Firefox => 1100908408 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 6656 B
NetworkService => 20210 B
saullerist => 118064465 B

RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:21:56 ====
Naposledy upravil(a) 5manager5 dne 14 led 2021 09:33, celkem upraveno 1 x.

Conder
Moderátor
Moderátor
Příspěvky: 4160
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: kontrola logu na Keylogger / log je v 2 postoch

#12 Příspěvek od Conder »

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

5manager5
Návštěvník
Návštěvník
Příspěvky: 202
Registrován: 10 led 2009 21:21

Re: kontrola logu na Keylogger / log je v 2 postoch

#13 Příspěvek od 5manager5 »

ok dík, skúsim lebo ja tie programy ručne vždy povyhadzujem :D (a nie nič to neurobí so systémom)

Conder
Moderátor
Moderátor
Příspěvky: 4160
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: kontrola logu na Keylogger / log je v 2 postoch

#14 Příspěvek od Conder »

No vacsina z tychto nastrojov sa neinstaluje, takze mozu sa zmazat aj rucne, ale cez DelFix je to naraz a rychlejsie (a tiez zmaze aj povytvarane logy a ine subory).
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

5manager5
Návštěvník
Návštěvník
Příspěvky: 202
Registrován: 10 led 2009 21:21

Re: kontrola logu na Keylogger / log je v 2 postoch

#15 Příspěvek od 5manager5 »

ok, hotovo

Odpovědět