zodiacon
commented
1 year ago I'll look into it, as currently, TotalRegistry does not use this driver.
Open mkali67 opened 1 year ago
zodiacon
commented
1 year ago I'll look into it, as currently, TotalRegistry does not use this driver.
Event viewer reports system integrity problem with KRegExp.sys.
Code Integrity Checker detected that the file image hash is invalid. The file may have been corrupted due to unauthorized modification. An invalid hash may indicate a potential problem with the disk device.
Filename: \Device\HarddiskVolume2\Windows\System32\drivers\KRegExp.sys
[ Name] Microsoft-Windows-Security-Auditing [ Guid] {54849625-5478-4994-a5ba-3e3b0328c30d} EventID 5038 Version 0 Level 0 Task 12290 Opcode 0 Keywords 0x8010000000000000