Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need help with winvmx client.


  • This topic is locked This topic is locked
3 replies to this topic

#1 Edwin20er

Edwin20er

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:57 AM

Posted 17 March 2017 - 01:50 AM

Cannot seem to get rid of it or a few other files including dataup, ct, splsrv, qdcomsvc, and svcvmc, 

 

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Edwin20er (administrator) on DESKTOP-L1T0PLA (17-03-2017 02:11:43)
Running from C:\Users\Edwin20er\Desktop
Loaded Profiles: Edwin20er (Available Profiles: defaultuser0 & Edwin20er)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (All) =========================
 
(Microsoft Corporation) C:\Windows\System32\smss.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\wininit.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\services.exe
(Microsoft Corporation) C:\Windows\System32\winlogon.exe
(Microsoft Corporation) C:\Windows\System32\lsass.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dwm.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\spoolsv.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\sihost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Microsoft Corporation) C:\Windows\explorer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
() C:\Program Files (x86)\svcvmx\svcvmx.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\ctfmon.exe
(ct Corp.) C:\Users\Edwin20er\AppData\Local\Temp\20170315\ct.exe
(splsrv Corp.) C:\Windows\SysWOW64\splsrv.exe
(qdcomsvc Inc.) C:\Program Files (x86)\qdcomsvc\qdcomsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\svcvmx\vmxclient.exe
() C:\Program Files (x86)\svcvmx\vmxclient.exe
() C:\Program Files (x86)\svcvmx\vmxclient.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
() C:\Program Files (x86)\svcvmx\vmxclient.exe
() C:\Program Files (x86)\svcvmx\vmxclient.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\Edwin20er\Desktop\FRST64.exe
(Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
 
==================== Registry (All) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [cpx] => "C:\Program Files (x86)\cpx\cpx.exe" -starup <===== ATTENTION
HKLM-x32\...\Run: [svcvmx] => C:\Program Files (x86)\svcvmx\svcvmx.exe [896512 2017-01-13] ()
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [33280 2016-07-16] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] explorer.exe [4674360 2017-03-04] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [4312248 2017-03-04] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 0
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [8886976 2016-05-29] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [8886976 2016-05-29] (Microsoft Corporation)
HKU\S-1-5-21-2053917788-801708927-1556930680-1001\...\Run: [OneDrive] => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1518304 2017-03-03] (Microsoft Corporation)
HKU\S-1-5-21-2053917788-801708927-1556930680-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-13] (Valve Corporation)
HKLM\...\Providers\Internet Print Provider: C:\Windows\system32\inetpp.dll [174592 2016-07-16] (Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: C:\Windows\system32\win32spl.dll [834048 2017-03-04] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  No File
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\System32\EhStorShell.dll [2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-03] (Microsoft Corporation)
BootExecute: autocheck autochk * 
AlternateShell: cmd.exe
 
==================== Internet (All) ===========================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55808 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70656 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70656 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65024 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [24064 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [51712 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 01 C:\Windows\system32\napinsp.dll [67584 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 02 C:\Windows\system32\pnrpnsp.dll [86016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [86016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 04 C:\Windows\system32\NLAapi.dll [80896 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 05 C:\Windows\System32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 06 C:\Windows\System32\winrnr.dll [31744 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Windows\System32\wshbth.dll [62976 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 11 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 12 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 13 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{48ecdb21-f550-4460-a7af-de412a12b3ba}: [DhcpNameServer] 75.75.76.76 75.75.75.75
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-2053917788-801708927-1556930680-1001\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-2053917788-801708927-1556930680-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-2053917788-801708927-1556930680-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
URLSearchHook: HKU\S-1-5-21-2053917788-801708927-1556930680-1001 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-21-2053917788-801708927-1556930680-1001 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-15] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-15] (Oracle Corporation)
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll [2016-11-02] (Microsoft Corporation)
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll [2016-11-02] (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2016-07-16] (Microsoft Corporation)
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2016-07-16] (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2017-03-04] (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2016-07-16] (Microsoft Corporation)
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2016-07-16] (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2017-03-04] (Microsoft Corporation)
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll [2016-11-02] (Microsoft Corporation)
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll [2016-11-02] (Microsoft Corporation)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2017-03-04] (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2016-07-16] (Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2016-07-16] (Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2016-07-16] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.7\\npsitesafety.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [No File]
 
Chrome: 
=======
CHR Profile: C:\Users\Edwin20er\AppData\Local\Google\Chrome\User Data\Default [2017-03-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Edwin20er\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-17]
CHR Extension: (Chrome Media Router) - C:\Users\Edwin20er\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-17]
StartMenuInternet: Google Chrome - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
 
==================== Services (All) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AJRouter; C:\Windows\System32\AJRouter.dll [24576 2016-07-16] (Microsoft Corporation)
S3 ALG; C:\Windows\System32\alg.exe [95744 2016-07-16] (Microsoft Corporation)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [124416 2016-07-16] (Microsoft Corporation)
R3 Appinfo; C:\Windows\System32\appinfo.dll [125952 2017-03-04] (Microsoft Corporation)
S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [560128 2017-03-04] (Microsoft Corporation)
S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [2278400 2017-03-04] (Microsoft Corporation)
S3 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [52920 2016-07-16] (Microsoft Corporation)
R2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [337920 2016-11-02] (Microsoft Corporation)
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [942080 2016-11-02] (Microsoft Corporation)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [113664 2016-07-16] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [361472 2016-09-15] (Microsoft Corporation)
R2 BFE; C:\Windows\System32\bfe.dll [795648 2016-07-16] (Microsoft Corporation)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
R2 BITS; C:\Windows\System32\qmgr.dll [1054208 2016-10-14] (Microsoft Corporation)
R2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [770560 2017-03-04] (Microsoft Corporation)
R3 Browser; C:\Windows\System32\browser.dll [134656 2016-07-16] (Microsoft Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321536 2016-07-16] (Microsoft Corporation)
R3 bthserv; C:\Windows\system32\bthserv.dll [157184 2016-07-16] (Microsoft Corporation)
R2 CDPSvc; C:\Windows\System32\CDPSvc.dll [411648 2016-11-11] (Microsoft Corporation)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [339456 2016-11-11] (Microsoft Corporation)
R2 CDPUserSvc_3a8f9; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 CDPUserSvc_3a8f9; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R3 CertPropSvc; C:\Windows\System32\certprop.dll [193536 2017-03-04] (Microsoft Corporation)
S3 ClipSVC; C:\Windows\System32\ClipSVC.dll [729328 2016-07-16] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [764392 2017-03-04] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [483840 2017-03-04] (Microsoft Corporation)
S3 cphs; C:\Windows\SysWow64\IntelCpHeciSvc.exe [280696 2016-05-12] (Intel Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [81920 2016-07-16] (Microsoft Corporation)
S2 Dataup; C:\Program Files (x86)\dataup\dataup.exe [77824 2017-01-05] () [File not signed] <==== ATTENTION
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [888320 2016-07-16] (Microsoft Corporation)
S3 DcpSvc; C:\Windows\system32\dcpsvc.dll [183808 2016-07-16] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [511488 2016-07-16] (Microsoft Corporation)
R3 DeviceAssociationService; C:\Windows\system32\das.dll [447488 2016-08-05] (Microsoft Corporation)
S3 DeviceInstall; C:\Windows\system32\umpnpmgr.dll [111104 2016-07-16] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [34304 2016-07-16] (Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [360960 2016-07-16] (Microsoft Corporation)
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [292864 2016-07-16] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [93184 2016-07-16] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1981440 2017-03-04] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [407552 2017-03-04] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [298496 2017-03-04] (Microsoft Corporation)
S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [57344 2016-07-16] (Microsoft Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [264704 2017-03-04] (Microsoft Corporation)
R2 DoSvc; C:\Windows\system32\dosvc.dll [1231872 2016-12-14] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [262144 2016-07-16] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [172032 2016-07-16] (Microsoft Corporation)
S3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [197632 2016-07-16] (Microsoft Corporation)
S3 DsSvc; C:\Windows\System32\DsSvc.dll [152576 2016-07-16] (Microsoft Corporation)
S3 EapHost; C:\Windows\System32\eapsvc.dll [112128 2016-07-16] (Microsoft Corporation)
S3 EFS; C:\Windows\system32\efssvc.dll [55296 2016-07-16] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [140800 2016-07-16] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [285696 2016-11-11] (Microsoft Corporation)
R2 EventLog; C:\Windows\System32\wevtsvc.dll [1709056 2016-09-15] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [453632 2016-07-16] (Microsoft Corporation)
R2 EventSystem; C:\Windows\SysWOW64\es.dll [347136 2016-07-16] (Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [644608 2016-07-16] (Microsoft Corporation)
R3 fdPHost; C:\Windows\system32\fdPHost.dll [20992 2016-07-16] (Microsoft Corporation)
S3 FDResPub; C:\Windows\system32\fdrespub.dll [35328 2016-07-16] (Microsoft Corporation)
S3 fhsvc; C:\Windows\system32\fhsvc.dll [122368 2016-07-16] (Microsoft Corporation)
R2 FontCache; C:\Windows\system32\FntCache.dll [1840640 2017-03-04] (Microsoft Corporation)
R3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [43696 2016-05-25] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [805888 2017-03-04] (Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [284736 2017-03-16] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2017-01-31] (GOG.com)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [1227264 2017-03-04] (Microsoft Corporation)
S3 hidserv; C:\Windows\system32\hidserv.dll [36864 2016-07-16] (Microsoft Corporation)
S3 hidserv; C:\Windows\SysWOW64\hidserv.dll [32256 2016-07-16] (Microsoft Corporation)
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [274432 2016-11-02] (Microsoft Corporation)
S3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [447488 2016-07-16] (Microsoft Corporation)
S3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [385536 2016-07-16] (Microsoft Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [202240 2016-07-16] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319096 2016-05-12] (Intel Corporation)
S3 IKEEXT; C:\Windows\System32\ikeext.dll [932352 2016-07-16] (Microsoft Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [945664 2017-03-04] (Microsoft Corporation)
S3 irmon; C:\Windows\System32\irmon.dll [25088 2016-07-16] (Microsoft Corporation)
R3 KeyIso; C:\Windows\system32\keyiso.dll [96768 2016-07-16] (Microsoft Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [70656 2016-07-16] (Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [376320 2016-07-16] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [305152 2016-07-16] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [283648 2016-11-11] (Microsoft Corporation)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [37376 2016-07-16] (Microsoft Corporation)
S3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [26112 2016-08-20] (Microsoft Corporation)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [275456 2016-07-16] (Microsoft Corporation)
R3 lmhosts; C:\Windows\System32\lmhsvc.dll [27136 2016-07-16] (Microsoft Corporation)
R2 LSM; C:\Windows\System32\lsm.dll [691712 2016-11-11] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [82944 2017-03-04] (Microsoft Corporation)
S3 MessagingService; C:\Windows\System32\MessagingService.dll [52224 2016-07-16] (Microsoft Corporation)
S3 MessagingService_3a8f9; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 MessagingService_3a8f9; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [893952 2017-03-04] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [147456 2016-07-16] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [151552 2016-07-16] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [65024 2016-07-16] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [58368 2016-07-16] (Microsoft Corporation)
S3 NcaSvc; C:\Windows\System32\ncasvc.dll [167936 2016-07-16] (Microsoft Corporation)
R3 NcbService; C:\Windows\System32\ncbservice.dll [339968 2016-07-16] (Microsoft Corporation)
S3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [88576 2016-07-16] (Microsoft Corporation)
S3 Netlogon; C:\Windows\system32\netlogon.dll [827392 2016-07-16] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [670720 2016-07-16] (Microsoft Corporation)
S3 Netman; C:\Windows\System32\netman.dll [259072 2016-07-16] (Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofmsvc.dll [519168 2016-07-16] (Microsoft Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [265728 2016-11-02] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [136360 2016-07-16] (Microsoft Corporation)
S3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [330752 2017-03-04] (Microsoft Corporation)
S3 NgcSvc; C:\Windows\system32\ngcsvc.dll [983040 2016-10-05] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [368640 2016-10-05] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [30720 2016-07-16] (Microsoft Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [366592 2016-07-16] (Microsoft Corporation)
R2 OneSyncSvc_3a8f9; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 OneSyncSvc_3a8f9; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [345088 2016-07-16] (Microsoft Corporation)
S3 p2psvc; C:\Windows\system32\p2psvc.dll [425472 2016-07-16] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [500064 2016-10-15] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [21504 2016-07-16] (Microsoft Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [781824 2016-09-07] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [203264 2017-03-04] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_3a8f9; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_3a8f9; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1457152 2016-07-16] (Microsoft Corporation)
S3 pla; C:\Windows\SysWOW64\pla.dll [1536512 2016-07-16] (Microsoft Corporation)
R3 PlugPlay; C:\Windows\system32\umpnpmgr.dll [111104 2016-07-16] (Microsoft Corporation)
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [27648 2016-07-16] (Microsoft Corporation)
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [345088 2016-07-16] (Microsoft Corporation)
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [391168 2016-07-16] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [123904 2016-07-16] (Microsoft Corporation)
S3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [3318784 2017-03-04] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [358400 2016-09-15] (Microsoft Corporation)
R2 qdcomsvc; C:\Program Files (x86)\qdcomsvc\qdcomsvc.exe [756224 2017-03-10] (qdcomsvc Inc.) [File not signed] <==== ATTENTION
S3 QWAVE; C:\Windows\system32\qwave.dll [275456 2016-07-16] (Microsoft Corporation)
S3 QWAVE; C:\Windows\SysWOW64\qwave.dll [234496 2016-07-16] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [105472 2016-07-16] (Microsoft Corporation)
S3 RasMan; C:\Windows\System32\rasmans.dll [658432 2017-03-04] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [496128 2016-09-15] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [431104 2016-09-15] (Microsoft Corporation)
S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [155648 2016-07-16] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [650752 2017-03-04] (Microsoft Corporation)
S3 RmSvc; C:\Windows\System32\RMapi.dll [140800 2016-09-15] (Microsoft Corporation)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [79360 2016-07-16] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [11264 2016-07-16] (Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [888320 2016-07-16] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
R2 SamSs; C:\Windows\system32\lsass.exe [57400 2016-09-07] (Microsoft Corporation)
S4 SCardSvr; C:\Windows\System32\SCardSvr.dll [250880 2016-07-16] (Microsoft Corporation)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [201728 2016-12-14] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [948224 2016-07-16] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [193536 2017-03-04] (Microsoft Corporation)
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [147968 2016-07-16] (Microsoft Corporation)
S3 seclogon; C:\Windows\system32\seclogon.dll [31232 2016-07-16] (Microsoft Corporation)
R2 SENS; C:\Windows\System32\sens.dll [70656 2016-09-15] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1312768 2017-03-04] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [417792 2016-09-15] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [179200 2016-07-16] (Microsoft Corporation)
R3 SessionEnv; C:\Windows\system32\sessenv.dll [387072 2016-09-15] (Microsoft Corporation)
R3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [331776 2016-09-15] (Microsoft Corporation)
S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [541696 2017-03-04] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [617472 2016-07-16] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [566784 2016-07-16] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation)
S3 smphost; C:\Windows\System32\smphost.dll [23552 2016-08-05] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [20992 2016-08-05] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [590848 2016-07-16] (Microsoft Corporation)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [15872 2016-07-16] (Microsoft Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [792576 2017-03-04] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [5622088 2016-10-15] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [236544 2016-07-16] (Microsoft Corporation)
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [209920 2016-07-16] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [4136448 2016-11-11] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [3370496 2016-11-11] (Microsoft Corporation)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [1590560 2017-03-13] (Valve Corporation)
R2 stisvc; C:\Windows\System32\wiaservc.dll [646656 2016-07-16] (Microsoft Corporation)
R3 StorSvc; C:\Windows\system32\storsvc.dll [396800 2016-11-11] (Microsoft Corporation)
S3 svsvc; C:\Windows\system32\svsvc.dll [13824 2016-07-16] (Microsoft Corporation)
S3 swprv; C:\Windows\System32\swprv.dll [467456 2016-07-16] (Microsoft Corporation)
R2 SysMain; C:\Windows\system32\sysmain.dll [944128 2016-07-16] (Microsoft Corporation)
R2 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [387072 2016-07-16] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [148992 2016-07-16] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [309248 2016-07-16] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [254976 2016-07-16] (Microsoft Corporation)
R3 TermService; C:\Windows\System32\termsrv.dll [987648 2016-07-16] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [70656 2016-07-16] (Microsoft Corporation)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [287744 2016-07-16] (Microsoft Corporation)
R2 tiledatamodelsvc; C:\Windows\system32\tileobjserver.dll [574976 2016-07-16] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [116736 2016-07-16] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [122880 2016-11-11] (Microsoft Corporation)
S3 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [95232 2017-03-04] (Microsoft Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [42496 2016-07-16] (Microsoft Corporation)
R3 UmRdpService; C:\Windows\System32\umrdp.dll [273408 2016-07-16] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1184256 2017-03-04] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [968704 2017-03-04] (Microsoft Corporation)
S3 UnistoreSvc_3a8f9; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 UnistoreSvc_3a8f9; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 upnphost; C:\Windows\System32\upnphost.dll [440832 2016-07-16] (Microsoft Corporation)
S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [328192 2016-07-16] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1512448 2017-03-04] (Microsoft Corporation)
S3 UserDataSvc_3a8f9; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 UserDataSvc_3a8f9; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [1020928 2016-09-15] (Microsoft Corporation)
S3 UsoSvc; C:\Windows\system32\usocore.dll [548864 2017-03-04] (Microsoft Corporation)
R3 VaultSvc; C:\Windows\System32\vaultsvc.dll [358912 2016-07-16] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [649216 2017-03-04] (Microsoft Corporation)
S3 vmicguestinterface; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicheartbeat; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmickvpexchange; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2017-03-04] (Microsoft Corporation)
S3 vmicshutdown; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmictimesync; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2017-03-04] (Microsoft Corporation)
S3 VSS; C:\Windows\system32\vssvc.exe [1443328 2017-03-04] (Microsoft Corporation)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
R2 vToolbarUpdater40.3.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe [1354312 2017-03-17] (AVG Secure Search)
S3 W32Time; C:\Windows\system32\w32time.dll [520192 2016-08-05] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [436224 2016-07-16] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1547264 2017-03-04] (Microsoft Corporation)
S2 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [837632 2016-12-14] (Microsoft Corporation)
R2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [715776 2017-03-04] (Microsoft Corporation)
R3 wcncsvc; C:\Windows\System32\wcncsvc.dll [468992 2016-07-16] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [97792 2016-07-16] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [89088 2016-07-16] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [97792 2016-07-16] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [89088 2016-07-16] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [227328 2016-07-16] (Microsoft Corporation)
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [198656 2016-07-16] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [206848 2016-07-16] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [27648 2016-07-16] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [94208 2016-07-16] (Microsoft Corporation)
S3 WerSvc; C:\Windows\System32\WerSvc.dll [156672 2016-07-16] (Microsoft Corporation)
S3 WiaRpc; C:\Windows\System32\wiarpc.dll [82944 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation)
R2 windowsmanagementservice; C:\Users\Edwin20er\AppData\Local\Temp\20170315\ct.exe [724480 2017-02-22] (ct Corp.) [File not signed] <==== ATTENTION <==== ATTENTION
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [818176 2017-03-04] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [636928 2017-03-04] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [222720 2016-07-16] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2716672 2016-11-11] (Microsoft Corporation)
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [2333184 2016-11-11] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [635904 2017-03-04] (Microsoft Corporation)
R2 WlanSvc; C:\Windows\System32\wlansvc.dll [2370048 2017-03-04] (Microsoft Corporation)
S3 wlidsvc; C:\Windows\system32\wlidsvc.dll [2104320 2016-11-11] (Microsoft Corporation)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2016-07-16] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1184256 2016-09-07] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1837056 2017-03-04] (Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [88064 2016-07-16] (Microsoft Corporation)
R2 WpnService; C:\Windows\system32\WpnService.dll [234496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService; C:\Windows\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_3a8f9; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_3a8f9; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 wscsvc; C:\Windows\System32\wscsvc.dll [184832 2016-11-11] (Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [903680 2017-03-04] (Microsoft Corporation)
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [773120 2017-03-04] (Microsoft Corporation)
R3 wuauserv; C:\Windows\system32\wuaueng.dll [2317824 2017-03-04] (Microsoft Corporation)
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [99840 2016-07-16] (Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [1282048 2017-03-04] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [1016320 2017-03-04] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1159680 2016-07-16] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1025536 2017-03-04] (Microsoft Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
 
==================== Drivers (All) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [235520 2016-07-16] (Microsoft Corporation)
S0 3ware; C:\Windows\System32\drivers\3ware.sys [107360 2016-07-16] (LSI)
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [705888 2016-07-16] (Microsoft Corporation)
S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation)
R0 acpiex; C:\Windows\System32\Drivers\acpiex.sys [126816 2016-07-16] (Microsoft Corporation)
S3 acpipagr; C:\Windows\System32\drivers\acpipagr.sys [12288 2016-07-16] (Microsoft Corporation)
S3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [14336 2016-07-16] (Microsoft Corporation)
S3 acpitime; C:\Windows\System32\drivers\acpitime.sys [13312 2016-07-16] (Microsoft Corporation)
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [1135456 2016-07-16] (PMC-Sierra)
R1 AFD; C:\Windows\system32\drivers\afd.sys [584032 2016-10-15] (Microsoft Corporation)
R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [227328 2016-10-14] (Microsoft Corporation)
S3 AmdK8; C:\Windows\System32\drivers\amdk8.sys [123392 2016-07-16] (Microsoft Corporation)
S3 AmdPPM; C:\Windows\System32\drivers\amdppm.sys [120832 2016-07-16] (Microsoft Corporation)
S0 amdsata; C:\Windows\System32\drivers\amdsata.sys [83296 2016-07-16] (Advanced Micro Devices)
S0 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2016-07-16] (AMD Technologies Inc.)
S0 amdxata; C:\Windows\System32\drivers\amdxata.sys [26976 2016-07-16] (Advanced Micro Devices)
S3 AppID; C:\Windows\System32\drivers\appid.sys [172896 2016-07-16] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation)
S0 arcsas; C:\Windows\System32\drivers\arcsas.sys [131936 2016-07-16] (PMC-Sierra, Inc.)
S3 AsyncMac; C:\Windows\System32\drivers\asyncmac.sys [28160 2016-07-16] (Microsoft Corporation)
S0 atapi; C:\Windows\System32\drivers\atapi.sys [28512 2016-07-16] (Microsoft Corporation)
R3 athr; C:\Windows\System32\drivers\athw8x.sys [4233728 2016-07-16] (Qualcomm Atheros Communications, Inc.)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation)
R1 BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [56320 2016-07-16] (Microsoft Corporation)
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [41472 2016-07-16] (Microsoft Corporation)
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [36192 2016-07-16] (Microsoft Corporation)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Windows ® Win 7 DDK provider)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [9728 2016-07-16] (Windows ® Win 7 DDK provider)
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [9728 2016-07-16] (Microsoft Corporation)
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [101888 2016-11-02] (Microsoft Corporation)
R3 BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [618720 2015-07-28] (Qualcomm Atheros)
S3 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [43008 2016-07-16] (Microsoft Corporation)
R3 BthEnum; C:\Windows\System32\drivers\BthEnum.sys [114176 2016-08-20] (Microsoft Corporation)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [65536 2016-07-16] (Microsoft Corporation)
S3 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [31232 2016-07-16] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [249856 2016-09-15] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [66048 2016-07-16] (Microsoft Corporation)
R3 BthPan; C:\Windows\System32\drivers\bthpan.sys [128512 2016-10-05] (Microsoft Corporation)
S3 BTHPORT; C:\Windows\System32\drivers\BTHport.sys [967168 2016-11-11] (Microsoft Corporation)
R3 BTHUSB; C:\Windows\System32\drivers\BTHUSB.sys [84992 2016-08-20] (Microsoft Corporation)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [38912 2016-07-16] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [118272 2016-09-10] (Microsoft Corporation)
R4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2016-07-16] (Microsoft Corporation)
R1 cdrom; C:\Windows\System32\drivers\cdrom.sys [173056 2016-07-16] (Microsoft Corporation)
S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications)
S3 circlass; C:\Windows\System32\drivers\circlass.sys [48640 2016-07-16] (Microsoft Corporation)
R0 CLFS; C:\Windows\System32\drivers\CLFS.sys [377184 2016-12-09] (Microsoft Corporation)
R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation)
R3 CmBatt; C:\Windows\System32\drivers\CmBatt.sys [29696 2016-07-16] (Microsoft Corporation)
R0 CNG; C:\Windows\System32\Drivers\cng.sys [624048 2017-03-04] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [38752 2016-07-16] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys [39936 2016-07-16] (Microsoft Corporation)
R3 condrv; C:\Windows\System32\drivers\condrv.sys [53088 2016-07-16] (Microsoft Corporation)
S1 dam; C:\Windows\System32\drivers\dam.sys [63328 2017-03-04] (Microsoft Corporation)
R1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [145408 2017-03-04] (Microsoft Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 disk; C:\Windows\System32\drivers\disk.sys [101720 2016-07-16] (Microsoft Corporation)
S3 dmvsc; C:\Windows\System32\drivers\dmvsc.sys [35840 2016-07-16] (Microsoft Corporation)
S3 drmkaud; C:\Windows\system32\DRIVERS\drmkaud.sys [16168 2016-07-16] (Microsoft Corporation)
R1 drmkpro64; C:\Windows\System32\drivers\drmkpro64.sys [51784 2012-01-31] () [File not signed] <==== ATTENTION
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [2189664 2017-03-04] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3418976 2016-07-16] (QLogic Corporation)
R0 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [88416 2016-07-16] (Microsoft Corporation)
S0 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [118112 2016-09-07] (Microsoft Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [40344 2014-12-20] (Elaborate Bytes AG)
S3 ErrDev; C:\Windows\System32\drivers\errdev.sys [13312 2016-07-16] (Microsoft Corporation)
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [334848 2016-07-16] (Microsoft Corporation)
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [352096 2016-11-11] (Microsoft Corporation)
S3 fdc; C:\Windows\System32\drivers\fdc.sys [32256 2016-07-16] (Microsoft Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [88576 2016-07-16] (Microsoft Corporation)
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [85344 2016-07-16] (Microsoft Corporation)
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [35840 2016-07-16] (Microsoft Corporation)
S3 flpydisk; C:\Windows\System32\drivers\flpydisk.sys [26112 2016-07-16] (Microsoft Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [377696 2016-07-16] (Microsoft Corporation)
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [62816 2016-07-16] (Microsoft Corporation)
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [31584 2016-07-16] (Microsoft Corporation)
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [649568 2016-09-15] (Microsoft Corporation)
S3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [13312 2016-07-16] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20480 2016-07-16] (Microsoft Corporation)
S3 GPIOClx0101; C:\Windows\System32\Drivers\msgpioclx.sys [168800 2016-07-16] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2016-07-16] (Microsoft Corporation)
S3 HdAudAddService; C:\Windows\system32\DRIVERS\HdAudio.sys [410624 2016-07-16] (Microsoft Corporation)
R3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [83456 2016-07-16] (Microsoft Corporation)
S3 HidBatt; C:\Windows\System32\drivers\HidBatt.sys [36704 2016-07-16] (Microsoft Corporation)
R3 HidBth; C:\Windows\System32\drivers\hidbth.sys [108032 2016-07-16] (Microsoft Corporation)
S3 hidi2c; C:\Windows\System32\drivers\hidi2c.sys [51200 2016-07-16] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [50016 2016-07-16] (Microsoft Corporation)
S3 HidIr; C:\Windows\System32\drivers\hidir.sys [46592 2016-07-16] (Microsoft Corporation)
R3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [38400 2016-08-05] (Microsoft Corporation)
S0 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2016-07-16] (Hewlett-Packard Company)
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [1100128 2016-10-15] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [73568 2016-08-06] (Microsoft Corporation)
S0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [29536 2016-07-16] (Microsoft Corporation)
S3 hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [16384 2016-07-16] (Microsoft Corporation)
R3 i8042prt; C:\Windows\System32\drivers\i8042prt.sys [114176 2016-07-16] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel® Corporation)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [81408 2016-07-16] (Intel® Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [176384 2016-07-16] (Intel Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [38128 2016-07-16] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [113152 2016-07-16] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [673120 2016-07-16] (Intel Corporation)
S0 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2016-07-16] (Intel Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [526176 2016-07-16] (Mellanox)
R3 igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [3793872 2016-05-12] (Intel Corporation)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation)
S3 intaud_WaveExtensible; C:\Windows\system32\drivers\intelaud.sys [50160 2015-12-01] (Intel Corporation)
R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTKVHD64.sys [4518136 2015-08-04] (Realtek Semiconductor Corp.)
R3 IntcDAud; C:\Windows\system32\DRIVERS\IntcDAud.sys [463112 2015-08-21] (Intel® Corporation)
S0 intelide; C:\Windows\System32\drivers\intelide.sys [19296 2016-07-16] (Microsoft Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [48152 2016-07-16] (Microsoft Corporation)
R3 intelppm; C:\Windows\System32\drivers\intelppm.sys [134144 2016-07-16] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [48992 2016-11-02] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [85504 2016-07-16] (Microsoft Corporation)
S3 IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [90976 2017-03-04] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [212480 2016-07-16] (Microsoft Corporation)
S3 irda; C:\Windows\system32\drivers\irda.sys [120320 2016-07-16] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [19456 2016-07-16] (Microsoft Corporation)
S0 isapnp; C:\Windows\System32\drivers\isapnp.sys [22880 2016-07-16] (Microsoft Corporation)
S3 iScsiPrt; C:\Windows\System32\drivers\msiscsi.sys [277344 2016-07-16] (Microsoft Corporation)
R3 iwdbus; C:\Windows\System32\drivers\iwdbus.sys [38896 2015-12-01] (Intel Corporation)
R3 kbdclass; C:\Windows\System32\drivers\kbdclass.sys [62304 2016-07-16] (Microsoft Corporation)
S3 kbdhid; C:\Windows\System32\drivers\kbdhid.sys [39424 2016-09-15] (Microsoft Corporation)
R3 kdnic; C:\Windows\System32\drivers\kdnic.sys [25088 2016-07-16] (Microsoft Corporation)
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [133472 2016-09-07] (Microsoft Corporation)
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [168800 2016-08-06] (Microsoft Corporation)
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [26112 2016-07-16] (Microsoft Corporation)
R2 lltdio; C:\Windows\System32\drivers\lltdio.sys [66048 2016-07-16] (Microsoft Corporation)
S0 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [108896 2016-07-16] (LSI Corporation)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [105824 2016-07-16] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [101216 2016-07-16] (Avago Technologies)
S0 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82776 2016-07-16] (LSI Corporation)
R2 luafv; C:\Windows\system32\drivers\luafv.sys [125952 2016-07-16] (Microsoft Corporation)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59744 2016-07-16] (Avago Technologies)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
S0 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2016-07-16] (LSI Corporation, Inc.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-01-20] (Intel Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [842584 2016-07-16] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [48128 2016-07-16] (Microsoft Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [42496 2016-11-11] (Microsoft Corporation)
R3 monitor; C:\Windows\System32\drivers\monitor.sys [38400 2016-07-16] (Microsoft Corporation)
R3 mouclass; C:\Windows\System32\drivers\mouclass.sys [59232 2016-07-16] (Microsoft Corporation)
R3 mouhid; C:\Windows\System32\drivers\mouhid.sys [32256 2016-07-16] (Microsoft Corporation)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [104800 2016-07-16] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [75776 2016-07-16] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [143872 2016-10-05] (Microsoft Corporation)
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [450400 2017-03-04] (Microsoft Corporation)
R2 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [282624 2016-11-11] (Microsoft Corporation)
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [223584 2017-03-04] (Microsoft Corporation)
S3 MsBridge; C:\Windows\System32\drivers\bridge.sys [114688 2016-07-16] (Microsoft Corporation)
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [31232 2016-07-16] (Microsoft Corporation)
S3 msgpiowin32; C:\Windows\System32\drivers\msgpiowin32.sys [50528 2016-07-16] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8704 2016-07-16] (Microsoft Corporation)
S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [11776 2016-07-16] (Microsoft Corporation)
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [18784 2016-07-16] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\system32\DRIVERS\MSKSSRV.sys [27136 2017-03-04] (Microsoft Corporation)
R2 MsLldp; C:\Windows\System32\drivers\mslldp.sys [78336 2016-07-16] (Microsoft Corporation)
S3 MSPCLOCK; C:\Windows\system32\DRIVERS\MSPCLOCK.sys [10752 2016-07-16] (Microsoft Corporation)
S3 MSPQM; C:\Windows\system32\DRIVERS\MSPQM.sys [10752 2016-07-16] (Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [361312 2016-07-16] (Microsoft Corporation)
R1 mssmbios; C:\Windows\System32\drivers\mssmbios.sys [43360 2016-07-16] (Microsoft Corporation)
S3 MSTEE; C:\Windows\system32\DRIVERS\MSTEE.sys [12800 2016-07-16] (Microsoft Corporation)
S3 MTConfig; C:\Windows\System32\drivers\MTConfig.sys [15872 2016-07-16] (Microsoft Corporation)
R0 Mup; C:\Windows\System32\Drivers\mup.sys [126304 2016-07-16] (Microsoft Corporation)
S0 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2016-07-16] (Marvell Semiconductor, Inc.)
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [535552 2017-03-04] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [108896 2016-07-16] (Mellanox)
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [1181024 2017-03-04] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\drivers\ndiscap.sys [50176 2016-07-16] (Microsoft Corporation)
S3 NdisImPlatform; C:\Windows\System32\drivers\NdisImPlatform.sys [126464 2016-07-16] (Microsoft Corporation)
S3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [26112 2016-07-16] (Microsoft Corporation)
R3 Ndisuio; C:\Windows\System32\drivers\ndisuio.sys [63488 2016-07-16] (Microsoft Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [20480 2016-07-16] (Microsoft Corporation)
S3 NdisWan; C:\Windows\System32\drivers\ndiswan.sys [189440 2016-07-16] (Microsoft Corporation)
S3 ndiswanlegacy; C:\Windows\System32\DRIVERS\ndiswan.sys [189440 2016-07-16] (Microsoft Corporation)
S3 ndproxy; C:\Windows\System32\DRIVERS\NDProxy.sys [60928 2016-07-16] (Microsoft Corporation)
R2 Ndu; C:\Windows\System32\drivers\Ndu.sys [125440 2016-07-16] (Microsoft Corporation)
R1 NetBIOS; C:\Windows\System32\drivers\netbios.sys [57184 2016-07-16] (Microsoft Corporation)
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [279040 2016-07-16] (Microsoft Corporation)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [68608 2016-07-16] (Microsoft Corporation)
R1 npsvctrig; C:\Windows\System32\drivers\npsvctrig.sys [26624 2016-07-16] (Microsoft Corporation)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [41984 2016-07-16] (Microsoft Corporation)
R3 NTFS; C:\Windows\System32\Drivers\NTFS.sys [2255712 2017-03-04] (Microsoft Corporation)
R1 Null; C:\Windows\System32\Drivers\Null.sys [7168 2016-07-16] (Microsoft Corporation)
S0 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2016-07-16] (NVIDIA Corporation)
S0 nvstor; C:\Windows\System32\drivers\nvstor.sys [166240 2016-07-16] (NVIDIA Corporation)
S3 Parport; C:\Windows\System32\drivers\parport.sys [96768 2016-07-16] (Microsoft Corporation)
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [128352 2017-03-04] (Microsoft Corporation)
R0 pci; C:\Windows\System32\drivers\pci.sys [335712 2016-12-14] (Microsoft Corporation)
S0 pciide; C:\Windows\System32\drivers\pciide.sys [16224 2016-07-16] (Microsoft Corporation)
S0 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [118112 2016-07-16] (Microsoft Corporation)
R0 pcw; C:\Windows\System32\drivers\pcw.sys [51552 2016-07-16] (Microsoft Corporation)
R0 pdc; C:\Windows\System32\drivers\pdc.sys [108384 2017-03-04] (Microsoft Corporation)
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [723968 2016-07-16] (Microsoft Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [61792 2016-07-16] (Avago Technologies)
S3 PptpMiniport; C:\Windows\System32\drivers\raspptp.sys [96256 2016-07-16] (Microsoft Corporation)
S3 Processor; C:\Windows\System32\drivers\processr.sys [119808 2016-07-16] (Microsoft Corporation)
R1 Psched; C:\Windows\System32\drivers\pacer.sys [160608 2016-07-16] (Microsoft Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [48640 2016-07-16] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [17408 2016-07-16] (Microsoft Corporation)
S3 RasAgileVpn; C:\Windows\System32\drivers\AgileVpn.sys [107520 2016-07-16] (Microsoft Corporation)
S3 Rasl2tp; C:\Windows\System32\drivers\rasl2tp.sys [104960 2016-07-16] (Microsoft Corporation)
S3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [81408 2016-07-16] (Microsoft Corporation)
S3 RasSstp; C:\Windows\System32\drivers\rassstp.sys [77824 2016-07-16] (Microsoft Corporation)
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [432992 2017-03-04] (Microsoft Corporation)
R3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [26112 2016-07-16] (Microsoft Corporation)
R3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [177152 2016-07-16] (Microsoft Corporation)
R3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [29536 2016-07-16] (Microsoft Corporation)
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [267104 2016-07-16] (Microsoft Corporation)
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [928608 2016-07-16] (Microsoft Corporation)
R3 RFCOMM; C:\Windows\System32\drivers\rfcomm.sys [183808 2016-07-16] (Microsoft Corporation)
R2 rspndr; C:\Windows\System32\drivers\rspndr.sys [81408 2016-07-16] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410848 2015-08-13] (Realsil Semiconductor Corporation)
S3 s3cap; C:\Windows\System32\drivers\vms3cap.sys [9216 2016-07-16] (Microsoft Corporation)
S0 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [110432 2016-07-16] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [43008 2016-07-16] (Microsoft Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88416 2016-07-16] (Microsoft Corporation)
S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation)
S3 sdbus; C:\Windows\System32\drivers\sdbus.sys [279904 2016-10-05] (Microsoft Corporation)
S3 sdstor; C:\Windows\System32\drivers\sdstor.sys [95072 2016-07-16] (Microsoft Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R3 SensorsSimulatorDriver; C:\Windows\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 SerCx; C:\Windows\System32\drivers\SerCx.sys [74592 2016-07-16] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [151904 2016-07-16] (Microsoft Corporation)
S3 Serenum; C:\Windows\System32\drivers\serenum.sys [25088 2016-07-16] (Microsoft Corporation)
S3 Serial; C:\Windows\System32\drivers\serial.sys [83968 2016-07-16] (Microsoft Corporation)
S3 sermouse; C:\Windows\System32\drivers\sermouse.sys [27648 2016-07-16] (Microsoft Corporation)
S3 sfloppy; C:\Windows\System32\drivers\sfloppy.sys [18432 2016-07-16] (Microsoft Corporation)
S0 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2016-07-16] (Silicon Integrated Systems Corp.)
S0 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2016-07-16] (Silicon Integrated Systems)
R0 spaceport; C:\Windows\System32\drivers\spaceport.sys [557400 2017-03-04] (Microsoft Corporation)
S3 SpbCx; C:\Windows\System32\drivers\SpbCx.sys [79200 2016-07-16] (Microsoft Corporation)
R2 srv; C:\Windows\System32\DRIVERS\srv.sys [410112 2017-03-04] (Microsoft Corporation)
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [713216 2016-11-11] (Microsoft Corporation)
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [248320 2016-09-07] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2016-07-16] (Promise Technology, Inc.)
R0 storahci; C:\Windows\System32\drivers\storahci.sys [130912 2017-03-04] (Microsoft Corporation)
S0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [46944 2016-07-16] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [81760 2016-09-15] (Microsoft Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [78336 2016-07-16] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [32096 2016-07-16] (Microsoft Corporation)
S0 storvsc; C:\Windows\System32\drivers\storvsc.sys [36192 2016-07-16] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\drivers\swenum.sys [17760 2016-07-16] (Microsoft Corporation)
S3 Synth3dVsc; C:\Windows\System32\drivers\Synth3dVsc.sys [64000 2016-07-16] (Microsoft Corporation)
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2536288 2017-03-04] (Microsoft Corporation)
S3 Tcpip6; C:\Windows\System32\drivers\tcpip.sys [2536288 2017-03-04] (Microsoft Corporation)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [52224 2017-03-04] (Microsoft Corporation)
R1 tdx; C:\Windows\system32\DRIVERS\tdx.sys [118624 2017-03-04] (Microsoft Corporation)
S3 terminpt; C:\Windows\System32\drivers\terminpt.sys [38752 2016-07-16] (Microsoft Corporation)
S3 TPM; C:\Windows\System32\drivers\tpm.sys [219488 2016-11-11] (Microsoft Corporation)
S3 tsusbflt; C:\Windows\System32\drivers\TsUsbFlt.sys [61440 2016-07-16] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [34304 2016-07-16] (Microsoft Corporation)
R3 tunnel; C:\Windows\System32\drivers\tunnel.sys [158208 2016-07-16] (Microsoft Corporation)
S3 UASPStor; C:\Windows\System32\drivers\uaspstor.sys [77152 2016-07-16] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [95744 2016-07-16] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [50688 2016-07-16] (Microsoft Corporation)
R3 Ucx01000; C:\Windows\System32\drivers\ucx01000.sys [210272 2016-07-16] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45568 2016-07-16] (Microsoft Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [320000 2016-07-16] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [28512 2016-07-16] (Microsoft Corporation)
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [263008 2016-07-16] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [96608 2016-07-16] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [137056 2016-07-16] (Microsoft Corporation)
R3 umbus; C:\Windows\System32\drivers\umbus.sys [56832 2016-07-16] (Microsoft Corporation)
S3 UmPass; C:\Windows\System32\drivers\umpass.sys [13824 2016-07-16] (Microsoft Corporation)
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [28512 2016-07-16] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [57696 2016-07-16] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [27488 2016-07-16] (Microsoft Corporation)
R3 usbccgp; C:\Windows\System32\drivers\usbccgp.sys [169312 2016-07-16] (Microsoft Corporation)
S3 usbcir; C:\Windows\System32\drivers\usbcir.sys [102400 2016-07-16] (Microsoft Corporation)
R3 usbehci; C:\Windows\System32\drivers\usbehci.sys [96096 2016-07-16] (Microsoft Corporation)
R3 usbhub; C:\Windows\System32\drivers\usbhub.sys [501088 2016-07-16] (Microsoft Corporation)
R3 USBHUB3; C:\Windows\System32\drivers\UsbHub3.sys [535904 2016-07-16] (Microsoft Corporation)
S3 usbohci; C:\Windows\System32\drivers\usbohci.sys [30208 2016-07-16] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\drivers\usbprint.sys [27648 2016-07-16] (Microsoft Corporation)
S3 usbser; C:\Windows\System32\drivers\usbser.sys [69120 2016-07-16] (Microsoft Corporation)
S3 USBSTOR; C:\Windows\System32\drivers\USBSTOR.SYS [129888 2016-07-16] (Microsoft Corporation)
S3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [35328 2016-07-16] (Microsoft Corporation)
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [226816 2016-08-05] (Microsoft Corporation)
R3 USBXHCI; C:\Windows\System32\drivers\USBXHCI.SYS [381792 2016-07-16] (Microsoft Corporation)
R3 VClone; C:\Windows\System32\drivers\VClone.sys [34816 2014-05-03] (Elaborate Bytes AG)
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [53088 2016-07-16] (Microsoft Corporation)
S3 VerifierExt; C:\Windows\System32\drivers\VerifierExt.sys [201056 2016-07-16] (Microsoft Corporation)
S3 vhdmp; C:\Windows\System32\drivers\vhdmp.sys [715104 2016-12-14] (Microsoft Corporation)
S3 vhf; C:\Windows\System32\drivers\vhf.sys [32256 2016-07-16] (Microsoft Corporation)
S0 vmbus; C:\Windows\System32\drivers\vmbus.sys [104288 2016-07-16] (Microsoft Corporation)
S3 VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [25088 2016-07-16] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation)
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [80224 2016-07-16] (Microsoft Corporation)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [367456 2016-07-16] (Microsoft Corporation)
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [391520 2016-07-16] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation)
S3 vpci; C:\Windows\System32\drivers\vpci.sys [74080 2016-09-15] (Microsoft Corporation)
S0 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [166752 2016-07-16] (VIA Technologies Inc.,Ltd)
S0 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2016-07-16] (VIA Corporation)
R3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [26624 2016-07-16] (Microsoft Corporation)
R1 vwififlt; C:\Windows\System32\drivers\vwififlt.sys [73216 2016-07-16] (Microsoft Corporation)
R3 vwifimp; C:\Windows\System32\drivers\vwifimp.sys [39936 2016-07-16] (Microsoft Corporation)
S3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [30208 2016-07-16] (Microsoft Corporation)
R2 wanarp; C:\Windows\System32\DRIVERS\wanarp.sys [79872 2016-07-16] (Microsoft Corporation)
S3 wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [79872 2016-07-16] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119648 2016-09-15] (Microsoft Corporation)
R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [861296 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [719872 2017-03-04] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R0 WFPLWFS; C:\Windows\System32\drivers\wfplwfs.sys [156000 2016-07-16] (Microsoft Corporation)
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [35680 2016-07-16] (Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [107032 2016-07-16] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2016-07-16] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [32096 2016-07-16] (Mellanox)
S3 WINUSB; C:\Windows\System32\drivers\WinUSB.SYS [89088 2016-07-16] (Microsoft Corporation)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [64864 2016-07-16] (Mellanox)
R3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [18432 2016-07-16] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [199008 2016-08-06] (Microsoft Corporation)
S3 WpdUpFltr; C:\Windows\System32\drivers\WpdUpFltr.sys [30560 2016-07-16] (Microsoft Corporation)
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [22528 2016-07-16] (Microsoft Corporation)
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [99328 2016-07-16] (Microsoft Corporation)
R3 WUDFRd; C:\Windows\System32\drivers\WudfRd.sys [216064 2016-07-16] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [258560 2017-03-04] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [43520 2016-08-20] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
==================== End of FRST.txt ============================

 

 

FRST.txt is posted, Addition.txt is attached,

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,922 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:57 AM

Posted 17 March 2017 - 10:50 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

This infection does not give up easy.

I need more information.


Farbar Recovery Scan Tool (FRST) - Registry Search
Follow the instructions below to download and execute a Registry search on your system with FRST, and provide the log in your next reply.
  • Right-click on the executable and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds;
  • In the Search text area, copy and paste the following:
drmkpro64.sys;dataup.exe;svcvmx.exe;qdcomsvc.exe;splsrv.exe;ct.exe;winscr.exe;vmxclient.exe
  • Once done, click on the Search Registry button and wait for FRST to finish the search;
  • On completion, a log will open in Notepad. Copy and paste its content in your next reply;
Include also the Addition.txt log in your reply.
The file was not attached in your last post.

If you must you can paste the contents of the log.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,922 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:57 AM

Posted 18 March 2017 - 01:30 PM

If you still are with me please run the Farbar tool and post fresh FRST and Addition.txt file.

I need to see all the contents of both files.

If the files are too long you can attach both of them for my review.

We are making headway in solving this bad infection.

#4 Edwin20er

Edwin20er
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:57 AM

Posted 18 March 2017 - 11:16 PM

I apologize for the delay in getting back to you, I managed to get Zemana and RKILL running and cleared out the issues and removed all of the offending files, thanks for the quick response but I've got it taken care of.   Thank you. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users