Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need help with winvmx client.


  • This topic is locked This topic is locked
2 replies to this topic

#1 Edwin20er

Edwin20er

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:59 AM

Posted 17 March 2017 - 01:52 AM

Cannot seem to get rid of it or a few other files including dataup, ct, splsrv, qdcomsvc, and svcvmc, 

 

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Edwin20er (administrator) on DESKTOP-L1T0PLA (17-03-2017 02:11:43)
Running from C:\Users\Edwin20er\Desktop
Loaded Profiles: Edwin20er (Available Profiles: defaultuser0 & Edwin20er)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (All) =========================
 
(Microsoft Corporation) C:\Windows\System32\smss.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\wininit.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\services.exe
(Microsoft Corporation) C:\Windows\System32\winlogon.exe
(Microsoft Corporation) C:\Windows\System32\lsass.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dwm.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\spoolsv.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\sihost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Microsoft Corporation) C:\Windows\explorer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
() C:\Program Files (x86)\svcvmx\svcvmx.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\ctfmon.exe
(ct Corp.) C:\Users\Edwin20er\AppData\Local\Temp\20170315\ct.exe
(splsrv Corp.) C:\Windows\SysWOW64\splsrv.exe
(qdcomsvc Inc.) C:\Program Files (x86)\qdcomsvc\qdcomsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\svcvmx\vmxclient.exe
() C:\Program Files (x86)\svcvmx\vmxclient.exe
() C:\Program Files (x86)\svcvmx\vmxclient.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
() C:\Program Files (x86)\svcvmx\vmxclient.exe
() C:\Program Files (x86)\svcvmx\vmxclient.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\Edwin20er\Desktop\FRST64.exe
(Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
 
==================== Registry (All) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [cpx] => "C:\Program Files (x86)\cpx\cpx.exe" -starup <===== ATTENTION
HKLM-x32\...\Run: [svcvmx] => C:\Program Files (x86)\svcvmx\svcvmx.exe [896512 2017-01-13] ()
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [33280 2016-07-16] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] explorer.exe [4674360 2017-03-04] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [4312248 2017-03-04] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 0
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [8886976 2016-05-29] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [8886976 2016-05-29] (Microsoft Corporation)
HKU\S-1-5-21-2053917788-801708927-1556930680-1001\...\Run: [OneDrive] => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1518304 2017-03-03] (Microsoft Corporation)
HKU\S-1-5-21-2053917788-801708927-1556930680-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-13] (Valve Corporation)
HKLM\...\Providers\Internet Print Provider: C:\Windows\system32\inetpp.dll [174592 2016-07-16] (Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: C:\Windows\system32\win32spl.dll [834048 2017-03-04] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  No File
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\System32\EhStorShell.dll [2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Edwin20er\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-03] (Microsoft Corporation)
BootExecute: autocheck autochk * 
AlternateShell: cmd.exe
 
==================== Internet (All) ===========================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55808 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70656 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70656 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65024 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [24064 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [51712 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 01 C:\Windows\system32\napinsp.dll [67584 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 02 C:\Windows\system32\pnrpnsp.dll [86016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [86016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 04 C:\Windows\system32\NLAapi.dll [80896 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 05 C:\Windows\System32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 06 C:\Windows\System32\winrnr.dll [31744 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Windows\System32\wshbth.dll [62976 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 11 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 12 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 13 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{48ecdb21-f550-4460-a7af-de412a12b3ba}: [DhcpNameServer] 75.75.76.76 75.75.75.75
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-2053917788-801708927-1556930680-1001\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-2053917788-801708927-1556930680-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-2053917788-801708927-1556930680-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
URLSearchHook: HKU\S-1-5-21-2053917788-801708927-1556930680-1001 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-21-2053917788-801708927-1556930680-1001 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-15] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-15] (Oracle Corporation)
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll [2016-11-02] (Microsoft Corporation)
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll [2016-11-02] (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2016-07-16] (Microsoft Corporation)
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2016-07-16] (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2017-03-04] (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-03-04] (Microsoft Corporation)
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2016-07-16] (Microsoft Corporation)
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2016-07-16] (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2017-03-04] (Microsoft Corporation)
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll [2016-11-02] (Microsoft Corporation)
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll [2016-11-02] (Microsoft Corporation)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-03-04] (Microsoft Corporation)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2017-03-04] (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2016-07-16] (Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2016-07-16] (Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2016-07-16] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.7\\npsitesafety.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [No File]
 
continued in next post

Attached Files



BC AdBot (Login to Remove)

 


#2 Edwin20er

Edwin20er
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:59 AM

Posted 17 March 2017 - 01:53 AM

Chrome: 
=======
CHR Profile: C:\Users\Edwin20er\AppData\Local\Google\Chrome\User Data\Default [2017-03-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Edwin20er\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-17]
CHR Extension: (Chrome Media Router) - C:\Users\Edwin20er\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-17]
StartMenuInternet: Google Chrome - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
 
==================== Services (All) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AJRouter; C:\Windows\System32\AJRouter.dll [24576 2016-07-16] (Microsoft Corporation)
S3 ALG; C:\Windows\System32\alg.exe [95744 2016-07-16] (Microsoft Corporation)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [124416 2016-07-16] (Microsoft Corporation)
R3 Appinfo; C:\Windows\System32\appinfo.dll [125952 2017-03-04] (Microsoft Corporation)
S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [560128 2017-03-04] (Microsoft Corporation)
S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [2278400 2017-03-04] (Microsoft Corporation)
S3 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [52920 2016-07-16] (Microsoft Corporation)
R2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [337920 2016-11-02] (Microsoft Corporation)
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [942080 2016-11-02] (Microsoft Corporation)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [113664 2016-07-16] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [361472 2016-09-15] (Microsoft Corporation)
R2 BFE; C:\Windows\System32\bfe.dll [795648 2016-07-16] (Microsoft Corporation)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
R2 BITS; C:\Windows\System32\qmgr.dll [1054208 2016-10-14] (Microsoft Corporation)
R2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [770560 2017-03-04] (Microsoft Corporation)
R3 Browser; C:\Windows\System32\browser.dll [134656 2016-07-16] (Microsoft Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321536 2016-07-16] (Microsoft Corporation)
R3 bthserv; C:\Windows\system32\bthserv.dll [157184 2016-07-16] (Microsoft Corporation)
R2 CDPSvc; C:\Windows\System32\CDPSvc.dll [411648 2016-11-11] (Microsoft Corporation)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [339456 2016-11-11] (Microsoft Corporation)
R2 CDPUserSvc_3a8f9; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 CDPUserSvc_3a8f9; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R3 CertPropSvc; C:\Windows\System32\certprop.dll [193536 2017-03-04] (Microsoft Corporation)
S3 ClipSVC; C:\Windows\System32\ClipSVC.dll [729328 2016-07-16] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [764392 2017-03-04] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [483840 2017-03-04] (Microsoft Corporation)
S3 cphs; C:\Windows\SysWow64\IntelCpHeciSvc.exe [280696 2016-05-12] (Intel Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [81920 2016-07-16] (Microsoft Corporation)
S2 Dataup; C:\Program Files (x86)\dataup\dataup.exe [77824 2017-01-05] () [File not signed] <==== ATTENTION
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [888320 2016-07-16] (Microsoft Corporation)
S3 DcpSvc; C:\Windows\system32\dcpsvc.dll [183808 2016-07-16] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [511488 2016-07-16] (Microsoft Corporation)
R3 DeviceAssociationService; C:\Windows\system32\das.dll [447488 2016-08-05] (Microsoft Corporation)
S3 DeviceInstall; C:\Windows\system32\umpnpmgr.dll [111104 2016-07-16] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [34304 2016-07-16] (Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [360960 2016-07-16] (Microsoft Corporation)
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [292864 2016-07-16] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [93184 2016-07-16] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1981440 2017-03-04] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [407552 2017-03-04] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [298496 2017-03-04] (Microsoft Corporation)
S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [57344 2016-07-16] (Microsoft Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [264704 2017-03-04] (Microsoft Corporation)
R2 DoSvc; C:\Windows\system32\dosvc.dll [1231872 2016-12-14] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [262144 2016-07-16] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [172032 2016-07-16] (Microsoft Corporation)
S3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [197632 2016-07-16] (Microsoft Corporation)
S3 DsSvc; C:\Windows\System32\DsSvc.dll [152576 2016-07-16] (Microsoft Corporation)
S3 EapHost; C:\Windows\System32\eapsvc.dll [112128 2016-07-16] (Microsoft Corporation)
S3 EFS; C:\Windows\system32\efssvc.dll [55296 2016-07-16] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [140800 2016-07-16] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [285696 2016-11-11] (Microsoft Corporation)
R2 EventLog; C:\Windows\System32\wevtsvc.dll [1709056 2016-09-15] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [453632 2016-07-16] (Microsoft Corporation)
R2 EventSystem; C:\Windows\SysWOW64\es.dll [347136 2016-07-16] (Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [644608 2016-07-16] (Microsoft Corporation)
R3 fdPHost; C:\Windows\system32\fdPHost.dll [20992 2016-07-16] (Microsoft Corporation)
S3 FDResPub; C:\Windows\system32\fdrespub.dll [35328 2016-07-16] (Microsoft Corporation)
S3 fhsvc; C:\Windows\system32\fhsvc.dll [122368 2016-07-16] (Microsoft Corporation)
R2 FontCache; C:\Windows\system32\FntCache.dll [1840640 2017-03-04] (Microsoft Corporation)
R3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [43696 2016-05-25] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [805888 2017-03-04] (Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [284736 2017-03-16] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2017-01-31] (GOG.com)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [1227264 2017-03-04] (Microsoft Corporation)
S3 hidserv; C:\Windows\system32\hidserv.dll [36864 2016-07-16] (Microsoft Corporation)
S3 hidserv; C:\Windows\SysWOW64\hidserv.dll [32256 2016-07-16] (Microsoft Corporation)
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [274432 2016-11-02] (Microsoft Corporation)
S3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [447488 2016-07-16] (Microsoft Corporation)
S3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [385536 2016-07-16] (Microsoft Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [202240 2016-07-16] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319096 2016-05-12] (Intel Corporation)
S3 IKEEXT; C:\Windows\System32\ikeext.dll [932352 2016-07-16] (Microsoft Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [945664 2017-03-04] (Microsoft Corporation)
S3 irmon; C:\Windows\System32\irmon.dll [25088 2016-07-16] (Microsoft Corporation)
R3 KeyIso; C:\Windows\system32\keyiso.dll [96768 2016-07-16] (Microsoft Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [70656 2016-07-16] (Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [376320 2016-07-16] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [305152 2016-07-16] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [283648 2016-11-11] (Microsoft Corporation)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [37376 2016-07-16] (Microsoft Corporation)
S3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [26112 2016-08-20] (Microsoft Corporation)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [275456 2016-07-16] (Microsoft Corporation)
R3 lmhosts; C:\Windows\System32\lmhsvc.dll [27136 2016-07-16] (Microsoft Corporation)
R2 LSM; C:\Windows\System32\lsm.dll [691712 2016-11-11] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [82944 2017-03-04] (Microsoft Corporation)
S3 MessagingService; C:\Windows\System32\MessagingService.dll [52224 2016-07-16] (Microsoft Corporation)
S3 MessagingService_3a8f9; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 MessagingService_3a8f9; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [893952 2017-03-04] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [147456 2016-07-16] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [151552 2016-07-16] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [65024 2016-07-16] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [58368 2016-07-16] (Microsoft Corporation)
S3 NcaSvc; C:\Windows\System32\ncasvc.dll [167936 2016-07-16] (Microsoft Corporation)
R3 NcbService; C:\Windows\System32\ncbservice.dll [339968 2016-07-16] (Microsoft Corporation)
S3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [88576 2016-07-16] (Microsoft Corporation)
S3 Netlogon; C:\Windows\system32\netlogon.dll [827392 2016-07-16] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [670720 2016-07-16] (Microsoft Corporation)
S3 Netman; C:\Windows\System32\netman.dll [259072 2016-07-16] (Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofmsvc.dll [519168 2016-07-16] (Microsoft Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [265728 2016-11-02] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [136360 2016-07-16] (Microsoft Corporation)
S3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [330752 2017-03-04] (Microsoft Corporation)
S3 NgcSvc; C:\Windows\system32\ngcsvc.dll [983040 2016-10-05] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [368640 2016-10-05] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [30720 2016-07-16] (Microsoft Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [366592 2016-07-16] (Microsoft Corporation)
R2 OneSyncSvc_3a8f9; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 OneSyncSvc_3a8f9; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [345088 2016-07-16] (Microsoft Corporation)
S3 p2psvc; C:\Windows\system32\p2psvc.dll [425472 2016-07-16] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [500064 2016-10-15] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [21504 2016-07-16] (Microsoft Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [781824 2016-09-07] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [203264 2017-03-04] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_3a8f9; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_3a8f9; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1457152 2016-07-16] (Microsoft Corporation)
S3 pla; C:\Windows\SysWOW64\pla.dll [1536512 2016-07-16] (Microsoft Corporation)
R3 PlugPlay; C:\Windows\system32\umpnpmgr.dll [111104 2016-07-16] (Microsoft Corporation)
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [27648 2016-07-16] (Microsoft Corporation)
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [345088 2016-07-16] (Microsoft Corporation)
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [391168 2016-07-16] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [123904 2016-07-16] (Microsoft Corporation)
S3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [3318784 2017-03-04] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [358400 2016-09-15] (Microsoft Corporation)
R2 qdcomsvc; C:\Program Files (x86)\qdcomsvc\qdcomsvc.exe [756224 2017-03-10] (qdcomsvc Inc.) [File not signed] <==== ATTENTION
S3 QWAVE; C:\Windows\system32\qwave.dll [275456 2016-07-16] (Microsoft Corporation)
S3 QWAVE; C:\Windows\SysWOW64\qwave.dll [234496 2016-07-16] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [105472 2016-07-16] (Microsoft Corporation)
S3 RasMan; C:\Windows\System32\rasmans.dll [658432 2017-03-04] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [496128 2016-09-15] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [431104 2016-09-15] (Microsoft Corporation)
S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [155648 2016-07-16] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [650752 2017-03-04] (Microsoft Corporation)
S3 RmSvc; C:\Windows\System32\RMapi.dll [140800 2016-09-15] (Microsoft Corporation)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [79360 2016-07-16] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [11264 2016-07-16] (Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [888320 2016-07-16] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
R2 SamSs; C:\Windows\system32\lsass.exe [57400 2016-09-07] (Microsoft Corporation)
S4 SCardSvr; C:\Windows\System32\SCardSvr.dll [250880 2016-07-16] (Microsoft Corporation)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [201728 2016-12-14] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [948224 2016-07-16] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [193536 2017-03-04] (Microsoft Corporation)
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [147968 2016-07-16] (Microsoft Corporation)
S3 seclogon; C:\Windows\system32\seclogon.dll [31232 2016-07-16] (Microsoft Corporation)
R2 SENS; C:\Windows\System32\sens.dll [70656 2016-09-15] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1312768 2017-03-04] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [417792 2016-09-15] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [179200 2016-07-16] (Microsoft Corporation)
R3 SessionEnv; C:\Windows\system32\sessenv.dll [387072 2016-09-15] (Microsoft Corporation)
R3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [331776 2016-09-15] (Microsoft Corporation)
S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [541696 2017-03-04] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [617472 2016-07-16] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [566784 2016-07-16] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation)
S3 smphost; C:\Windows\System32\smphost.dll [23552 2016-08-05] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [20992 2016-08-05] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [590848 2016-07-16] (Microsoft Corporation)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [15872 2016-07-16] (Microsoft Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [792576 2017-03-04] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [5622088 2016-10-15] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [236544 2016-07-16] (Microsoft Corporation)
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [209920 2016-07-16] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [4136448 2016-11-11] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [3370496 2016-11-11] (Microsoft Corporation)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [1590560 2017-03-13] (Valve Corporation)
R2 stisvc; C:\Windows\System32\wiaservc.dll [646656 2016-07-16] (Microsoft Corporation)
R3 StorSvc; C:\Windows\system32\storsvc.dll [396800 2016-11-11] (Microsoft Corporation)
S3 svsvc; C:\Windows\system32\svsvc.dll [13824 2016-07-16] (Microsoft Corporation)
S3 swprv; C:\Windows\System32\swprv.dll [467456 2016-07-16] (Microsoft Corporation)
R2 SysMain; C:\Windows\system32\sysmain.dll [944128 2016-07-16] (Microsoft Corporation)
R2 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [387072 2016-07-16] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [148992 2016-07-16] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [309248 2016-07-16] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [254976 2016-07-16] (Microsoft Corporation)
R3 TermService; C:\Windows\System32\termsrv.dll [987648 2016-07-16] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [70656 2016-07-16] (Microsoft Corporation)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [287744 2016-07-16] (Microsoft Corporation)
R2 tiledatamodelsvc; C:\Windows\system32\tileobjserver.dll [574976 2016-07-16] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [116736 2016-07-16] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [122880 2016-11-11] (Microsoft Corporation)
S3 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [95232 2017-03-04] (Microsoft Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [42496 2016-07-16] (Microsoft Corporation)
R3 UmRdpService; C:\Windows\System32\umrdp.dll [273408 2016-07-16] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1184256 2017-03-04] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [968704 2017-03-04] (Microsoft Corporation)
S3 UnistoreSvc_3a8f9; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 UnistoreSvc_3a8f9; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 upnphost; C:\Windows\System32\upnphost.dll [440832 2016-07-16] (Microsoft Corporation)
S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [328192 2016-07-16] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1512448 2017-03-04] (Microsoft Corporation)
S3 UserDataSvc_3a8f9; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 UserDataSvc_3a8f9; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [1020928 2016-09-15] (Microsoft Corporation)
S3 UsoSvc; C:\Windows\system32\usocore.dll [548864 2017-03-04] (Microsoft Corporation)
R3 VaultSvc; C:\Windows\System32\vaultsvc.dll [358912 2016-07-16] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [649216 2017-03-04] (Microsoft Corporation)
S3 vmicguestinterface; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicheartbeat; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmickvpexchange; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2017-03-04] (Microsoft Corporation)
S3 vmicshutdown; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmictimesync; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2017-03-04] (Microsoft Corporation)
S3 VSS; C:\Windows\system32\vssvc.exe [1443328 2017-03-04] (Microsoft Corporation)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
R2 vToolbarUpdater40.3.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe [1354312 2017-03-17] (AVG Secure Search)
S3 W32Time; C:\Windows\system32\w32time.dll [520192 2016-08-05] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [436224 2016-07-16] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1547264 2017-03-04] (Microsoft Corporation)
S2 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [837632 2016-12-14] (Microsoft Corporation)
R2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [715776 2017-03-04] (Microsoft Corporation)
R3 wcncsvc; C:\Windows\System32\wcncsvc.dll [468992 2016-07-16] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [97792 2016-07-16] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [89088 2016-07-16] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [97792 2016-07-16] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [89088 2016-07-16] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [227328 2016-07-16] (Microsoft Corporation)
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [198656 2016-07-16] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [206848 2016-07-16] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [27648 2016-07-16] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [94208 2016-07-16] (Microsoft Corporation)
S3 WerSvc; C:\Windows\System32\WerSvc.dll [156672 2016-07-16] (Microsoft Corporation)
S3 WiaRpc; C:\Windows\System32\wiarpc.dll [82944 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation)
R2 windowsmanagementservice; C:\Users\Edwin20er\AppData\Local\Temp\20170315\ct.exe [724480 2017-02-22] (ct Corp.) [File not signed] <==== ATTENTION <==== ATTENTION
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [818176 2017-03-04] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [636928 2017-03-04] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [222720 2016-07-16] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2716672 2016-11-11] (Microsoft Corporation)
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [2333184 2016-11-11] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [635904 2017-03-04] (Microsoft Corporation)
R2 WlanSvc; C:\Windows\System32\wlansvc.dll [2370048 2017-03-04] (Microsoft Corporation)
S3 wlidsvc; C:\Windows\system32\wlidsvc.dll [2104320 2016-11-11] (Microsoft Corporation)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2016-07-16] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1184256 2016-09-07] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1837056 2017-03-04] (Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [88064 2016-07-16] (Microsoft Corporation)
R2 WpnService; C:\Windows\system32\WpnService.dll [234496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService; C:\Windows\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_3a8f9; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_3a8f9; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 wscsvc; C:\Windows\System32\wscsvc.dll [184832 2016-11-11] (Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [903680 2017-03-04] (Microsoft Corporation)
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [773120 2017-03-04] (Microsoft Corporation)
R3 wuauserv; C:\Windows\system32\wuaueng.dll [2317824 2017-03-04] (Microsoft Corporation)
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [99840 2016-07-16] (Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [1282048 2017-03-04] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [1016320 2017-03-04] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1159680 2016-07-16] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1025536 2017-03-04] (Microsoft Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
 
==================== Drivers (All) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [235520 2016-07-16] (Microsoft Corporation)
S0 3ware; C:\Windows\System32\drivers\3ware.sys [107360 2016-07-16] (LSI)
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [705888 2016-07-16] (Microsoft Corporation)
S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation)
R0 acpiex; C:\Windows\System32\Drivers\acpiex.sys [126816 2016-07-16] (Microsoft Corporation)
S3 acpipagr; C:\Windows\System32\drivers\acpipagr.sys [12288 2016-07-16] (Microsoft Corporation)
S3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [14336 2016-07-16] (Microsoft Corporation)
S3 acpitime; C:\Windows\System32\drivers\acpitime.sys [13312 2016-07-16] (Microsoft Corporation)
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [1135456 2016-07-16] (PMC-Sierra)
R1 AFD; C:\Windows\system32\drivers\afd.sys [584032 2016-10-15] (Microsoft Corporation)
R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [227328 2016-10-14] (Microsoft Corporation)
S3 AmdK8; C:\Windows\System32\drivers\amdk8.sys [123392 2016-07-16] (Microsoft Corporation)
S3 AmdPPM; C:\Windows\System32\drivers\amdppm.sys [120832 2016-07-16] (Microsoft Corporation)
S0 amdsata; C:\Windows\System32\drivers\amdsata.sys [83296 2016-07-16] (Advanced Micro Devices)
S0 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2016-07-16] (AMD Technologies Inc.)
S0 amdxata; C:\Windows\System32\drivers\amdxata.sys [26976 2016-07-16] (Advanced Micro Devices)
S3 AppID; C:\Windows\System32\drivers\appid.sys [172896 2016-07-16] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation)
S0 arcsas; C:\Windows\System32\drivers\arcsas.sys [131936 2016-07-16] (PMC-Sierra, Inc.)
S3 AsyncMac; C:\Windows\System32\drivers\asyncmac.sys [28160 2016-07-16] (Microsoft Corporation)
S0 atapi; C:\Windows\System32\drivers\atapi.sys [28512 2016-07-16] (Microsoft Corporation)
R3 athr; C:\Windows\System32\drivers\athw8x.sys [4233728 2016-07-16] (Qualcomm Atheros Communications, Inc.)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation)
R1 BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [56320 2016-07-16] (Microsoft Corporation)
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [41472 2016-07-16] (Microsoft Corporation)
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [36192 2016-07-16] (Microsoft Corporation)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Windows ® Win 7 DDK provider)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [9728 2016-07-16] (Windows ® Win 7 DDK provider)
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [9728 2016-07-16] (Microsoft Corporation)
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [101888 2016-11-02] (Microsoft Corporation)
R3 BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [618720 2015-07-28] (Qualcomm Atheros)
S3 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [43008 2016-07-16] (Microsoft Corporation)
R3 BthEnum; C:\Windows\System32\drivers\BthEnum.sys [114176 2016-08-20] (Microsoft Corporation)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [65536 2016-07-16] (Microsoft Corporation)
S3 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [31232 2016-07-16] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [249856 2016-09-15] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [66048 2016-07-16] (Microsoft Corporation)
R3 BthPan; C:\Windows\System32\drivers\bthpan.sys [128512 2016-10-05] (Microsoft Corporation)
S3 BTHPORT; C:\Windows\System32\drivers\BTHport.sys [967168 2016-11-11] (Microsoft Corporation)
R3 BTHUSB; C:\Windows\System32\drivers\BTHUSB.sys [84992 2016-08-20] (Microsoft Corporation)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [38912 2016-07-16] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [118272 2016-09-10] (Microsoft Corporation)
R4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2016-07-16] (Microsoft Corporation)
R1 cdrom; C:\Windows\System32\drivers\cdrom.sys [173056 2016-07-16] (Microsoft Corporation)
S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications)
S3 circlass; C:\Windows\System32\drivers\circlass.sys [48640 2016-07-16] (Microsoft Corporation)
R0 CLFS; C:\Windows\System32\drivers\CLFS.sys [377184 2016-12-09] (Microsoft Corporation)
R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation)
R3 CmBatt; C:\Windows\System32\drivers\CmBatt.sys [29696 2016-07-16] (Microsoft Corporation)
R0 CNG; C:\Windows\System32\Drivers\cng.sys [624048 2017-03-04] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [38752 2016-07-16] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys [39936 2016-07-16] (Microsoft Corporation)
R3 condrv; C:\Windows\System32\drivers\condrv.sys [53088 2016-07-16] (Microsoft Corporation)
S1 dam; C:\Windows\System32\drivers\dam.sys [63328 2017-03-04] (Microsoft Corporation)
R1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [145408 2017-03-04] (Microsoft Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 disk; C:\Windows\System32\drivers\disk.sys [101720 2016-07-16] (Microsoft Corporation)
S3 dmvsc; C:\Windows\System32\drivers\dmvsc.sys [35840 2016-07-16] (Microsoft Corporation)
S3 drmkaud; C:\Windows\system32\DRIVERS\drmkaud.sys [16168 2016-07-16] (Microsoft Corporation)
R1 drmkpro64; C:\Windows\System32\drivers\drmkpro64.sys [51784 2012-01-31] () [File not signed] <==== ATTENTION
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [2189664 2017-03-04] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3418976 2016-07-16] (QLogic Corporation)
R0 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [88416 2016-07-16] (Microsoft Corporation)
S0 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [118112 2016-09-07] (Microsoft Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [40344 2014-12-20] (Elaborate Bytes AG)
S3 ErrDev; C:\Windows\System32\drivers\errdev.sys [13312 2016-07-16] (Microsoft Corporation)
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [334848 2016-07-16] (Microsoft Corporation)
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [352096 2016-11-11] (Microsoft Corporation)
S3 fdc; C:\Windows\System32\drivers\fdc.sys [32256 2016-07-16] (Microsoft Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [88576 2016-07-16] (Microsoft Corporation)
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [85344 2016-07-16] (Microsoft Corporation)
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [35840 2016-07-16] (Microsoft Corporation)
S3 flpydisk; C:\Windows\System32\drivers\flpydisk.sys [26112 2016-07-16] (Microsoft Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [377696 2016-07-16] (Microsoft Corporation)
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [62816 2016-07-16] (Microsoft Corporation)
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [31584 2016-07-16] (Microsoft Corporation)
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [649568 2016-09-15] (Microsoft Corporation)
S3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [13312 2016-07-16] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20480 2016-07-16] (Microsoft Corporation)
S3 GPIOClx0101; C:\Windows\System32\Drivers\msgpioclx.sys [168800 2016-07-16] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2016-07-16] (Microsoft Corporation)
S3 HdAudAddService; C:\Windows\system32\DRIVERS\HdAudio.sys [410624 2016-07-16] (Microsoft Corporation)
R3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [83456 2016-07-16] (Microsoft Corporation)
S3 HidBatt; C:\Windows\System32\drivers\HidBatt.sys [36704 2016-07-16] (Microsoft Corporation)
R3 HidBth; C:\Windows\System32\drivers\hidbth.sys [108032 2016-07-16] (Microsoft Corporation)
S3 hidi2c; C:\Windows\System32\drivers\hidi2c.sys [51200 2016-07-16] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [50016 2016-07-16] (Microsoft Corporation)
S3 HidIr; C:\Windows\System32\drivers\hidir.sys [46592 2016-07-16] (Microsoft Corporation)
R3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [38400 2016-08-05] (Microsoft Corporation)
S0 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2016-07-16] (Hewlett-Packard Company)
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [1100128 2016-10-15] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [73568 2016-08-06] (Microsoft Corporation)
S0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [29536 2016-07-16] (Microsoft Corporation)
S3 hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [16384 2016-07-16] (Microsoft Corporation)
R3 i8042prt; C:\Windows\System32\drivers\i8042prt.sys [114176 2016-07-16] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel® Corporation)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [81408 2016-07-16] (Intel® Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [176384 2016-07-16] (Intel Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [38128 2016-07-16] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [113152 2016-07-16] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [673120 2016-07-16] (Intel Corporation)
S0 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2016-07-16] (Intel Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [526176 2016-07-16] (Mellanox)
R3 igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [3793872 2016-05-12] (Intel Corporation)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation)
S3 intaud_WaveExtensible; C:\Windows\system32\drivers\intelaud.sys [50160 2015-12-01] (Intel Corporation)
R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTKVHD64.sys [4518136 2015-08-04] (Realtek Semiconductor Corp.)
R3 IntcDAud; C:\Windows\system32\DRIVERS\IntcDAud.sys [463112 2015-08-21] (Intel® Corporation)
S0 intelide; C:\Windows\System32\drivers\intelide.sys [19296 2016-07-16] (Microsoft Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [48152 2016-07-16] (Microsoft Corporation)
R3 intelppm; C:\Windows\System32\drivers\intelppm.sys [134144 2016-07-16] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [48992 2016-11-02] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [85504 2016-07-16] (Microsoft Corporation)
S3 IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [90976 2017-03-04] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [212480 2016-07-16] (Microsoft Corporation)
S3 irda; C:\Windows\system32\drivers\irda.sys [120320 2016-07-16] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [19456 2016-07-16] (Microsoft Corporation)
S0 isapnp; C:\Windows\System32\drivers\isapnp.sys [22880 2016-07-16] (Microsoft Corporation)
S3 iScsiPrt; C:\Windows\System32\drivers\msiscsi.sys [277344 2016-07-16] (Microsoft Corporation)
R3 iwdbus; C:\Windows\System32\drivers\iwdbus.sys [38896 2015-12-01] (Intel Corporation)
R3 kbdclass; C:\Windows\System32\drivers\kbdclass.sys [62304 2016-07-16] (Microsoft Corporation)
S3 kbdhid; C:\Windows\System32\drivers\kbdhid.sys [39424 2016-09-15] (Microsoft Corporation)
R3 kdnic; C:\Windows\System32\drivers\kdnic.sys [25088 2016-07-16] (Microsoft Corporation)
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [133472 2016-09-07] (Microsoft Corporation)
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [168800 2016-08-06] (Microsoft Corporation)
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [26112 2016-07-16] (Microsoft Corporation)
R2 lltdio; C:\Windows\System32\drivers\lltdio.sys [66048 2016-07-16] (Microsoft Corporation)
S0 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [108896 2016-07-16] (LSI Corporation)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [105824 2016-07-16] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [101216 2016-07-16] (Avago Technologies)
S0 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82776 2016-07-16] (LSI Corporation)
R2 luafv; C:\Windows\system32\drivers\luafv.sys [125952 2016-07-16] (Microsoft Corporation)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59744 2016-07-16] (Avago Technologies)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
S0 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2016-07-16] (LSI Corporation, Inc.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-01-20] (Intel Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [842584 2016-07-16] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [48128 2016-07-16] (Microsoft Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [42496 2016-11-11] (Microsoft Corporation)
R3 monitor; C:\Windows\System32\drivers\monitor.sys [38400 2016-07-16] (Microsoft Corporation)
R3 mouclass; C:\Windows\System32\drivers\mouclass.sys [59232 2016-07-16] (Microsoft Corporation)
R3 mouhid; C:\Windows\System32\drivers\mouhid.sys [32256 2016-07-16] (Microsoft Corporation)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [104800 2016-07-16] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [75776 2016-07-16] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [143872 2016-10-05] (Microsoft Corporation)
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [450400 2017-03-04] (Microsoft Corporation)
R2 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [282624 2016-11-11] (Microsoft Corporation)
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [223584 2017-03-04] (Microsoft Corporation)
S3 MsBridge; C:\Windows\System32\drivers\bridge.sys [114688 2016-07-16] (Microsoft Corporation)
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [31232 2016-07-16] (Microsoft Corporation)
S3 msgpiowin32; C:\Windows\System32\drivers\msgpiowin32.sys [50528 2016-07-16] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8704 2016-07-16] (Microsoft Corporation)
S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [11776 2016-07-16] (Microsoft Corporation)
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [18784 2016-07-16] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\system32\DRIVERS\MSKSSRV.sys [27136 2017-03-04] (Microsoft Corporation)
R2 MsLldp; C:\Windows\System32\drivers\mslldp.sys [78336 2016-07-16] (Microsoft Corporation)
S3 MSPCLOCK; C:\Windows\system32\DRIVERS\MSPCLOCK.sys [10752 2016-07-16] (Microsoft Corporation)
S3 MSPQM; C:\Windows\system32\DRIVERS\MSPQM.sys [10752 2016-07-16] (Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [361312 2016-07-16] (Microsoft Corporation)
R1 mssmbios; C:\Windows\System32\drivers\mssmbios.sys [43360 2016-07-16] (Microsoft Corporation)
S3 MSTEE; C:\Windows\system32\DRIVERS\MSTEE.sys [12800 2016-07-16] (Microsoft Corporation)
S3 MTConfig; C:\Windows\System32\drivers\MTConfig.sys [15872 2016-07-16] (Microsoft Corporation)
R0 Mup; C:\Windows\System32\Drivers\mup.sys [126304 2016-07-16] (Microsoft Corporation)
S0 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2016-07-16] (Marvell Semiconductor, Inc.)
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [535552 2017-03-04] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [108896 2016-07-16] (Mellanox)
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [1181024 2017-03-04] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\drivers\ndiscap.sys [50176 2016-07-16] (Microsoft Corporation)
S3 NdisImPlatform; C:\Windows\System32\drivers\NdisImPlatform.sys [126464 2016-07-16] (Microsoft Corporation)
S3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [26112 2016-07-16] (Microsoft Corporation)
R3 Ndisuio; C:\Windows\System32\drivers\ndisuio.sys [63488 2016-07-16] (Microsoft Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [20480 2016-07-16] (Microsoft Corporation)
S3 NdisWan; C:\Windows\System32\drivers\ndiswan.sys [189440 2016-07-16] (Microsoft Corporation)
S3 ndiswanlegacy; C:\Windows\System32\DRIVERS\ndiswan.sys [189440 2016-07-16] (Microsoft Corporation)
S3 ndproxy; C:\Windows\System32\DRIVERS\NDProxy.sys [60928 2016-07-16] (Microsoft Corporation)
R2 Ndu; C:\Windows\System32\drivers\Ndu.sys [125440 2016-07-16] (Microsoft Corporation)
R1 NetBIOS; C:\Windows\System32\drivers\netbios.sys [57184 2016-07-16] (Microsoft Corporation)
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [279040 2016-07-16] (Microsoft Corporation)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [68608 2016-07-16] (Microsoft Corporation)
R1 npsvctrig; C:\Windows\System32\drivers\npsvctrig.sys [26624 2016-07-16] (Microsoft Corporation)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [41984 2016-07-16] (Microsoft Corporation)
R3 NTFS; C:\Windows\System32\Drivers\NTFS.sys [2255712 2017-03-04] (Microsoft Corporation)
R1 Null; C:\Windows\System32\Drivers\Null.sys [7168 2016-07-16] (Microsoft Corporation)
S0 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2016-07-16] (NVIDIA Corporation)
S0 nvstor; C:\Windows\System32\drivers\nvstor.sys [166240 2016-07-16] (NVIDIA Corporation)
S3 Parport; C:\Windows\System32\drivers\parport.sys [96768 2016-07-16] (Microsoft Corporation)
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [128352 2017-03-04] (Microsoft Corporation)
R0 pci; C:\Windows\System32\drivers\pci.sys [335712 2016-12-14] (Microsoft Corporation)
S0 pciide; C:\Windows\System32\drivers\pciide.sys [16224 2016-07-16] (Microsoft Corporation)
S0 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [118112 2016-07-16] (Microsoft Corporation)
R0 pcw; C:\Windows\System32\drivers\pcw.sys [51552 2016-07-16] (Microsoft Corporation)
R0 pdc; C:\Windows\System32\drivers\pdc.sys [108384 2017-03-04] (Microsoft Corporation)
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [723968 2016-07-16] (Microsoft Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [61792 2016-07-16] (Avago Technologies)
S3 PptpMiniport; C:\Windows\System32\drivers\raspptp.sys [96256 2016-07-16] (Microsoft Corporation)
S3 Processor; C:\Windows\System32\drivers\processr.sys [119808 2016-07-16] (Microsoft Corporation)
R1 Psched; C:\Windows\System32\drivers\pacer.sys [160608 2016-07-16] (Microsoft Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [48640 2016-07-16] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [17408 2016-07-16] (Microsoft Corporation)
S3 RasAgileVpn; C:\Windows\System32\drivers\AgileVpn.sys [107520 2016-07-16] (Microsoft Corporation)
S3 Rasl2tp; C:\Windows\System32\drivers\rasl2tp.sys [104960 2016-07-16] (Microsoft Corporation)
S3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [81408 2016-07-16] (Microsoft Corporation)
S3 RasSstp; C:\Windows\System32\drivers\rassstp.sys [77824 2016-07-16] (Microsoft Corporation)
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [432992 2017-03-04] (Microsoft Corporation)
R3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [26112 2016-07-16] (Microsoft Corporation)
R3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [177152 2016-07-16] (Microsoft Corporation)
R3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [29536 2016-07-16] (Microsoft Corporation)
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [267104 2016-07-16] (Microsoft Corporation)
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [928608 2016-07-16] (Microsoft Corporation)
R3 RFCOMM; C:\Windows\System32\drivers\rfcomm.sys [183808 2016-07-16] (Microsoft Corporation)
R2 rspndr; C:\Windows\System32\drivers\rspndr.sys [81408 2016-07-16] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410848 2015-08-13] (Realsil Semiconductor Corporation)
S3 s3cap; C:\Windows\System32\drivers\vms3cap.sys [9216 2016-07-16] (Microsoft Corporation)
S0 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [110432 2016-07-16] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [43008 2016-07-16] (Microsoft Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88416 2016-07-16] (Microsoft Corporation)
S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation)
S3 sdbus; C:\Windows\System32\drivers\sdbus.sys [279904 2016-10-05] (Microsoft Corporation)
S3 sdstor; C:\Windows\System32\drivers\sdstor.sys [95072 2016-07-16] (Microsoft Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R3 SensorsSimulatorDriver; C:\Windows\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 SerCx; C:\Windows\System32\drivers\SerCx.sys [74592 2016-07-16] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [151904 2016-07-16] (Microsoft Corporation)
S3 Serenum; C:\Windows\System32\drivers\serenum.sys [25088 2016-07-16] (Microsoft Corporation)
S3 Serial; C:\Windows\System32\drivers\serial.sys [83968 2016-07-16] (Microsoft Corporation)
S3 sermouse; C:\Windows\System32\drivers\sermouse.sys [27648 2016-07-16] (Microsoft Corporation)
S3 sfloppy; C:\Windows\System32\drivers\sfloppy.sys [18432 2016-07-16] (Microsoft Corporation)
S0 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2016-07-16] (Silicon Integrated Systems Corp.)
S0 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2016-07-16] (Silicon Integrated Systems)
R0 spaceport; C:\Windows\System32\drivers\spaceport.sys [557400 2017-03-04] (Microsoft Corporation)
S3 SpbCx; C:\Windows\System32\drivers\SpbCx.sys [79200 2016-07-16] (Microsoft Corporation)
R2 srv; C:\Windows\System32\DRIVERS\srv.sys [410112 2017-03-04] (Microsoft Corporation)
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [713216 2016-11-11] (Microsoft Corporation)
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [248320 2016-09-07] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2016-07-16] (Promise Technology, Inc.)
R0 storahci; C:\Windows\System32\drivers\storahci.sys [130912 2017-03-04] (Microsoft Corporation)
S0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [46944 2016-07-16] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [81760 2016-09-15] (Microsoft Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [78336 2016-07-16] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [32096 2016-07-16] (Microsoft Corporation)
S0 storvsc; C:\Windows\System32\drivers\storvsc.sys [36192 2016-07-16] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\drivers\swenum.sys [17760 2016-07-16] (Microsoft Corporation)
S3 Synth3dVsc; C:\Windows\System32\drivers\Synth3dVsc.sys [64000 2016-07-16] (Microsoft Corporation)
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2536288 2017-03-04] (Microsoft Corporation)
S3 Tcpip6; C:\Windows\System32\drivers\tcpip.sys [2536288 2017-03-04] (Microsoft Corporation)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [52224 2017-03-04] (Microsoft Corporation)
R1 tdx; C:\Windows\system32\DRIVERS\tdx.sys [118624 2017-03-04] (Microsoft Corporation)
S3 terminpt; C:\Windows\System32\drivers\terminpt.sys [38752 2016-07-16] (Microsoft Corporation)
S3 TPM; C:\Windows\System32\drivers\tpm.sys [219488 2016-11-11] (Microsoft Corporation)
S3 tsusbflt; C:\Windows\System32\drivers\TsUsbFlt.sys [61440 2016-07-16] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [34304 2016-07-16] (Microsoft Corporation)
R3 tunnel; C:\Windows\System32\drivers\tunnel.sys [158208 2016-07-16] (Microsoft Corporation)
S3 UASPStor; C:\Windows\System32\drivers\uaspstor.sys [77152 2016-07-16] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [95744 2016-07-16] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [50688 2016-07-16] (Microsoft Corporation)
R3 Ucx01000; C:\Windows\System32\drivers\ucx01000.sys [210272 2016-07-16] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45568 2016-07-16] (Microsoft Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [320000 2016-07-16] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [28512 2016-07-16] (Microsoft Corporation)
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [263008 2016-07-16] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [96608 2016-07-16] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [137056 2016-07-16] (Microsoft Corporation)
R3 umbus; C:\Windows\System32\drivers\umbus.sys [56832 2016-07-16] (Microsoft Corporation)
S3 UmPass; C:\Windows\System32\drivers\umpass.sys [13824 2016-07-16] (Microsoft Corporation)
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [28512 2016-07-16] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [57696 2016-07-16] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [27488 2016-07-16] (Microsoft Corporation)
R3 usbccgp; C:\Windows\System32\drivers\usbccgp.sys [169312 2016-07-16] (Microsoft Corporation)
S3 usbcir; C:\Windows\System32\drivers\usbcir.sys [102400 2016-07-16] (Microsoft Corporation)
R3 usbehci; C:\Windows\System32\drivers\usbehci.sys [96096 2016-07-16] (Microsoft Corporation)
R3 usbhub; C:\Windows\System32\drivers\usbhub.sys [501088 2016-07-16] (Microsoft Corporation)
R3 USBHUB3; C:\Windows\System32\drivers\UsbHub3.sys [535904 2016-07-16] (Microsoft Corporation)
S3 usbohci; C:\Windows\System32\drivers\usbohci.sys [30208 2016-07-16] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\drivers\usbprint.sys [27648 2016-07-16] (Microsoft Corporation)
S3 usbser; C:\Windows\System32\drivers\usbser.sys [69120 2016-07-16] (Microsoft Corporation)
S3 USBSTOR; C:\Windows\System32\drivers\USBSTOR.SYS [129888 2016-07-16] (Microsoft Corporation)
S3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [35328 2016-07-16] (Microsoft Corporation)
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [226816 2016-08-05] (Microsoft Corporation)
R3 USBXHCI; C:\Windows\System32\drivers\USBXHCI.SYS [381792 2016-07-16] (Microsoft Corporation)
R3 VClone; C:\Windows\System32\drivers\VClone.sys [34816 2014-05-03] (Elaborate Bytes AG)
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [53088 2016-07-16] (Microsoft Corporation)
S3 VerifierExt; C:\Windows\System32\drivers\VerifierExt.sys [201056 2016-07-16] (Microsoft Corporation)
S3 vhdmp; C:\Windows\System32\drivers\vhdmp.sys [715104 2016-12-14] (Microsoft Corporation)
S3 vhf; C:\Windows\System32\drivers\vhf.sys [32256 2016-07-16] (Microsoft Corporation)
S0 vmbus; C:\Windows\System32\drivers\vmbus.sys [104288 2016-07-16] (Microsoft Corporation)
S3 VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [25088 2016-07-16] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation)
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [80224 2016-07-16] (Microsoft Corporation)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [367456 2016-07-16] (Microsoft Corporation)
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [391520 2016-07-16] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation)
S3 vpci; C:\Windows\System32\drivers\vpci.sys [74080 2016-09-15] (Microsoft Corporation)
S0 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [166752 2016-07-16] (VIA Technologies Inc.,Ltd)
S0 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2016-07-16] (VIA Corporation)
R3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [26624 2016-07-16] (Microsoft Corporation)
R1 vwififlt; C:\Windows\System32\drivers\vwififlt.sys [73216 2016-07-16] (Microsoft Corporation)
R3 vwifimp; C:\Windows\System32\drivers\vwifimp.sys [39936 2016-07-16] (Microsoft Corporation)
S3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [30208 2016-07-16] (Microsoft Corporation)
R2 wanarp; C:\Windows\System32\DRIVERS\wanarp.sys [79872 2016-07-16] (Microsoft Corporation)
S3 wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [79872 2016-07-16] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119648 2016-09-15] (Microsoft Corporation)
R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [861296 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [719872 2017-03-04] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R0 WFPLWFS; C:\Windows\System32\drivers\wfplwfs.sys [156000 2016-07-16] (Microsoft Corporation)
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [35680 2016-07-16] (Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [107032 2016-07-16] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2016-07-16] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [32096 2016-07-16] (Mellanox)
S3 WINUSB; C:\Windows\System32\drivers\WinUSB.SYS [89088 2016-07-16] (Microsoft Corporation)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [64864 2016-07-16] (Mellanox)
R3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [18432 2016-07-16] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [199008 2016-08-06] (Microsoft Corporation)
S3 WpdUpFltr; C:\Windows\System32\drivers\WpdUpFltr.sys [30560 2016-07-16] (Microsoft Corporation)
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [22528 2016-07-16] (Microsoft Corporation)
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [99328 2016-07-16] (Microsoft Corporation)
R3 WUDFRd; C:\Windows\System32\drivers\WudfRd.sys [216064 2016-07-16] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [258560 2017-03-04] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [43520 2016-08-20] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
==================== End of FRST.txt ============================

 

 

FRST.txt is posted, Addition.txt is attached to first post.



#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,924 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:59 AM

Posted 17 March 2017 - 10:51 AM

Duplicate. The topic will be closed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users