Jump to content

MWB Constantly Blocking Outbound Websites: Infected?


Recommended Posts

Hey y'all,

I have MWB premium and it has been giving me notifications about blocking outgoing websites on a fairly consistent basis all day. 

I have noticed that everytime I open up Google Chrome it shows a notice and it sometimes shows a notice when opening up a new tab (it shows it blocking chrome.exe).

I have also noticed that everytime I boot Spotify, it displays a similar notice, but replaced by Spotify.exe.

Additionally, it has also displayed similar notices svshost.exe and I think dashost.exe (I haven't been able to replicate it) after sleeping and awakening my computer. 

My FRST file is copied below and the Additional.txt is attached. 

Please let me know if there is any other info I can provide and thanks for your help!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017
Ran by Christian (administrator) on DESKTOP-4PARDUR (02-03-2017 19:20:39)
Running from C:\Users\Christian\Desktop
Loaded Profiles: Christian (Available Profiles: defaultuser0 & Christian)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (All) =========================

(Microsoft Corporation) C:\Windows\System32\smss.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\wininit.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\services.exe
(Microsoft Corporation) C:\Windows\System32\winlogon.exe
(Microsoft Corporation) C:\Windows\System32\lsass.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dwm.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\spoolsv.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\sihost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Microsoft Corporation) C:\Windows\explorer.exe
(Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(Spotify Ltd) C:\Users\Christian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5450\Agent.exe
(Microsoft Corporation) C:\Windows\System32\conhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.8423\Battle.net.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
() C:\Program Files (x86)\Battle.net\Battle.net.8423\Battle.net Helper.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Christian\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Christian\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Christian\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Christian\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
(Farbar) C:\Users\Christian\Desktop\FRST64.exe
() C:\Program Files (x86)\Battle.net\Battle.net.8423\Battle.net Helper.exe
(Microsoft Corporation) C:\Windows\System32\VSSVC.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\notepad.exe
(Microsoft Corporation) C:\Windows\System32\notepad.exe

==================== Registry (All) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-06] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [33280 2016-07-16] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] explorer.exe [4673304 2016-11-11] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [4311736 2016-11-11] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 0
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [8886976 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [8886976 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-839186125-1597883185-2061895484-1001\...\Run: [OneDrive] => C:\Users\Christian\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1518304 2017-02-28] (Microsoft Corporation)
HKU\S-1-5-21-839186125-1597883185-2061895484-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-18] (Valve Corporation)
HKU\S-1-5-21-839186125-1597883185-2061895484-1001\...\Run: [Spotify Web Helper] => C:\Users\Christian\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-28] (Spotify Ltd)
HKU\S-1-5-21-839186125-1597883185-2061895484-1001\...\Run: [Spotify] => C:\Users\Christian\AppData\Roaming\Spotify\Spotify.exe [7067760 2017-02-28] (Spotify Ltd)
HKLM\...\Providers\Internet Print Provider: C:\Windows\system32\inetpp.dll [174592 2016-07-16] (Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: C:\Windows\system32\win32spl.dll [833024 2016-10-05] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  No File
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\System32\EhStorShell.dll [2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-02-28] (Microsoft Corporation)
BootExecute: autocheck autochk * 
AlternateShell: cmd.exe

==================== Internet (All) ===========================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55808 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70656 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70656 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65024 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [24064 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [306016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 01 C:\Windows\system32\napinsp.dll [67584 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 02 C:\Windows\system32\pnrpnsp.dll [86016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [86016 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 04 C:\Windows\system32\NLAapi.dll [80896 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 05 C:\Windows\System32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 06 C:\Windows\System32\winrnr.dll [31744 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 11 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Winsock: Catalog9-x64 12 C:\Windows\system32\mswsock.dll [357216 2016-07-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{92a7f24a-89ae-4585-b27d-1649ad71b06e}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-839186125-1597883185-2061895484-1001\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-839186125-1597883185-2061895484-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-839186125-1597883185-2061895484-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
URLSearchHook: HKU\S-1-5-21-839186125-1597883185-2061895484-1001 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-21-839186125-1597883185-2061895484-1001 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2016-12-21] (Microsoft Corporation)
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2016-12-20] (Microsoft Corporation)
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll [2016-11-11] (Microsoft Corporation)
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll [2016-11-11] (Microsoft Corporation)
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll [2016-11-02] (Microsoft Corporation)
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll [2016-11-02] (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2016-11-11] (Microsoft Corporation)
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2016-11-11] (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2016-11-11] (Microsoft Corporation)
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2016-11-11] (Microsoft Corporation)
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2016-11-11] (Microsoft Corporation)
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2016-11-11] (Microsoft Corporation)
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2016-11-11] (Microsoft Corporation)
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2016-11-11] (Microsoft Corporation)
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2016-07-16] (Microsoft Corporation)
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2016-07-16] (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2016-12-21] (Microsoft Corporation)
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2016-12-20] (Microsoft Corporation)
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2016-11-11] (Microsoft Corporation)
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2016-11-11] (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2016-12-21] (Microsoft Corporation)
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2016-12-20] (Microsoft Corporation)
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll [2016-11-02] (Microsoft Corporation)
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2016-11-02] (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2016-11-11] (Microsoft Corporation)
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2016-11-11] (Microsoft Corporation)
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2016-07-16] (Microsoft Corporation)
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2016-07-16] (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2016-12-21] (Microsoft Corporation)
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2016-12-20] (Microsoft Corporation)
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2016-07-16] (Microsoft Corporation)
Handler-x32: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-07-16] (Microsoft Corporation)
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll [2016-11-02] (Microsoft Corporation)
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll [2016-11-02] (Microsoft Corporation)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2016-12-21] (Microsoft Corporation)
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2016-12-20] (Microsoft Corporation)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2016-07-16] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-07-16] (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2016-07-16] (Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2016-07-16] (Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2016-07-16] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-04] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.reddit.com/
CHR StartupUrls: Default -> "hxxp://www.reddit.com/","hxxps://www.endoftheinter.net/main.php","hxxps://mail.google.com/mail/u/0/#inbox"
CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default [2017-03-02]
CHR Extension: (Google Slides) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-04]
CHR Extension: (Google Docs) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-04]
CHR Extension: (Google Drive) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-04]
CHR Extension: (YouTube) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-04]
CHR Extension: (Classic Games) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpckajjkmjncafjlkielcgheibdlnfgc [2017-01-04]
CHR Extension: (uBlock Origin) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-02-10]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2017-01-04]
CHR Extension: (Native HLS Playback) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\emnphkkblegpebimobpbekeedfgemhof [2017-01-29]
CHR Extension: (YoWindow Free Weather) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef [2017-02-07]
CHR Extension: (Google Sheets) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-04]
CHR Extension: (Google Docs Offline) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-04]
CHR Extension: (Yesware Email Tracking) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjnkapjmjfpipfcccnjbjcbgdnahpjp [2017-03-02]
CHR Extension: (Lone Tree) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip [2017-01-04]
CHR Extension: (Imagus) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2017-02-17]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2017-02-17]
CHR Extension: (Google Drawings) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2017-01-04]
CHR Extension: (Typing Game) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mobfbeogeanchbdhboilncgnkfkibjjg [2017-01-04]
CHR Extension: (Mailtrack for Gmail & Inbox: Email tracking) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2017-02-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2017-02-20]
CHR Extension: (Stylebot) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiaejidbmkiecgbjeifoejpgmdaleoha [2017-01-26]
CHR Extension: (Outlook.com) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2017-01-04]
CHR Extension: (Gmail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-04]
CHR Extension: (Chrome Media Router) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-09]
CHR Extension: (DriveConverter) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnijkabgdodbjffhlmbnhlccpkfappil [2017-01-04]
StartMenuInternet: Google Chrome - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

==================== Services (All) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AJRouter; C:\Windows\System32\AJRouter.dll [24576 2016-07-16] (Microsoft Corporation)
S3 ALG; C:\Windows\System32\alg.exe [95744 2016-07-16] (Microsoft Corporation)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [299544 2017-01-27] (AMD)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [124416 2016-07-16] (Microsoft Corporation)
R3 Appinfo; C:\Windows\System32\appinfo.dll [125952 2016-09-15] (Microsoft Corporation)
S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [560128 2016-11-11] (Microsoft Corporation)
R3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [2275840 2016-12-21] (Microsoft Corporation)
R2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [337920 2016-11-02] (Microsoft Corporation)
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [942080 2016-11-02] (Microsoft Corporation)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [113664 2016-07-16] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [361472 2016-09-15] (Microsoft Corporation)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1494024 2017-02-09] ()
R2 BFE; C:\Windows\System32\bfe.dll [795648 2016-07-16] (Microsoft Corporation)
R2 BITS; C:\Windows\System32\qmgr.dll [1054208 2016-10-14] (Microsoft Corporation)
R2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [770560 2016-11-02] (Microsoft Corporation)
S3 Browser; C:\Windows\System32\browser.dll [134656 2016-07-16] (Microsoft Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321536 2016-07-16] (Microsoft Corporation)
S3 bthserv; C:\Windows\system32\bthserv.dll [157184 2016-07-16] (Microsoft Corporation)
R2 CDPSvc; C:\Windows\System32\CDPSvc.dll [411648 2016-11-11] (Microsoft Corporation)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [339456 2016-11-11] (Microsoft Corporation)
R2 CDPUserSvc_3c9ef; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 CDPUserSvc_3c9ef; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [193536 2016-12-13] (Microsoft Corporation)
R3 ClipSVC; C:\Windows\System32\ClipSVC.dll [729328 2016-07-16] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [764392 2016-12-09] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [483840 2016-12-09] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [81920 2016-07-16] (Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [888320 2016-07-16] (Microsoft Corporation)
S3 DcpSvc; C:\Windows\system32\dcpsvc.dll [183808 2016-07-16] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [511488 2016-07-16] (Microsoft Corporation)
R3 DeviceAssociationService; C:\Windows\system32\das.dll [447488 2016-08-05] (Microsoft Corporation)
S3 DeviceInstall; C:\Windows\system32\umpnpmgr.dll [111104 2016-07-16] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [34304 2016-07-16] (Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [360960 2016-07-16] (Microsoft Corporation)
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [292864 2016-07-16] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [93184 2016-07-16] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1980416 2016-10-14] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [407552 2016-11-11] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [298496 2016-11-11] (Microsoft Corporation)
S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [57344 2016-07-16] (Microsoft Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [264192 2016-07-16] (Microsoft Corporation)
R2 DoSvc; C:\Windows\system32\dosvc.dll [1231872 2016-12-13] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [262144 2016-07-16] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [172032 2016-07-16] (Microsoft Corporation)
S3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [197632 2016-07-16] (Microsoft Corporation)
S3 DsSvc; C:\Windows\System32\DsSvc.dll [152576 2016-07-16] (Microsoft Corporation)
S3 EapHost; C:\Windows\System32\eapsvc.dll [112128 2016-07-16] (Microsoft Corporation)
S3 EFS; C:\Windows\system32\efssvc.dll [55296 2016-07-16] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [140800 2016-07-16] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [285696 2016-11-11] (Microsoft Corporation)
R2 EventLog; C:\Windows\System32\wevtsvc.dll [1709056 2016-09-15] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [453632 2016-07-16] (Microsoft Corporation)
R2 EventSystem; C:\Windows\SysWOW64\es.dll [347136 2016-07-16] (Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [644608 2016-07-16] (Microsoft Corporation)
R3 fdPHost; C:\Windows\system32\fdPHost.dll [20992 2016-07-16] (Microsoft Corporation)
R3 FDResPub; C:\Windows\system32\fdrespub.dll [35328 2016-07-16] (Microsoft Corporation)
S3 fhsvc; C:\Windows\system32\fhsvc.dll [122368 2016-07-16] (Microsoft Corporation)
R2 FontCache; C:\Windows\system32\FntCache.dll [1840640 2016-10-14] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [43696 2016-05-25] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [805888 2016-11-02] (Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-08-11] (Futuremark)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [1227264 2016-09-15] (Microsoft Corporation)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-04] (Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-04] (Google Inc.)
R3 hidserv; C:\Windows\system32\hidserv.dll [36864 2016-07-16] (Microsoft Corporation)
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [32256 2016-07-16] (Microsoft Corporation)
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [274432 2016-11-02] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [447488 2016-07-16] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [385536 2016-07-16] (Microsoft Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [202240 2016-07-16] (Microsoft Corporation)
S3 IKEEXT; C:\Windows\System32\ikeext.dll [932352 2016-07-16] (Microsoft Corporation)
R2 IntuitUpdateServiceV4; C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [21216 2016-09-07] (Intuit Inc.)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [945664 2016-10-14] (Microsoft Corporation)
S3 irmon; C:\Windows\System32\irmon.dll [25088 2016-07-16] (Microsoft Corporation)
R3 KeyIso; C:\Windows\system32\keyiso.dll [96768 2016-07-16] (Microsoft Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [70656 2016-07-16] (Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [376320 2016-07-16] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [305152 2016-07-16] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [283648 2016-11-11] (Microsoft Corporation)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [37376 2016-07-16] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [26112 2016-08-19] (Microsoft Corporation)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [275456 2016-07-16] (Microsoft Corporation)
R3 lmhosts; C:\Windows\System32\lmhsvc.dll [27136 2016-07-16] (Microsoft Corporation)
R2 LSM; C:\Windows\System32\lsm.dll [691712 2016-11-11] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [82944 2016-11-11] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S3 MessagingService; C:\Windows\System32\MessagingService.dll [52224 2016-07-16] (Microsoft Corporation)
S3 MessagingService_3c9ef; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 MessagingService_3c9ef; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [893952 2016-07-16] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [147456 2016-07-16] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [151552 2016-07-16] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [65024 2016-07-16] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [58368 2016-07-16] (Microsoft Corporation)
S3 NcaSvc; C:\Windows\System32\ncasvc.dll [167936 2016-07-16] (Microsoft Corporation)
R3 NcbService; C:\Windows\System32\ncbservice.dll [339968 2016-07-16] (Microsoft Corporation)
R3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [88576 2016-07-16] (Microsoft Corporation)
S3 Netlogon; C:\Windows\system32\netlogon.dll [827392 2016-07-16] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [670720 2016-07-16] (Microsoft Corporation)
S3 Netman; C:\Windows\System32\netman.dll [259072 2016-07-16] (Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofmsvc.dll [519168 2016-07-16] (Microsoft Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [265728 2016-11-02] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [136360 2016-07-16] (Microsoft Corporation)
S3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [326656 2016-07-16] (Microsoft Corporation)
S3 NgcSvc; C:\Windows\system32\ngcsvc.dll [983040 2016-10-05] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [368640 2016-10-05] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [30720 2016-07-16] (Microsoft Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [366592 2016-07-16] (Microsoft Corporation)
R2 OneSyncSvc_3c9ef; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 OneSyncSvc_3c9ef; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [345088 2016-07-16] (Microsoft Corporation)
S3 p2psvc; C:\Windows\system32\p2psvc.dll [425472 2016-07-16] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [500064 2016-10-14] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [21504 2016-07-16] (Microsoft Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [781824 2016-09-06] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [203776 2016-09-15] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_3c9ef; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_3c9ef; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1457152 2016-07-16] (Microsoft Corporation)
S3 pla; C:\Windows\SysWOW64\pla.dll [1536512 2016-07-16] (Microsoft Corporation)
R3 PlugPlay; C:\Windows\system32\umpnpmgr.dll [111104 2016-07-16] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-01-18] ()
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [27648 2016-07-16] (Microsoft Corporation)
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [345088 2016-07-16] (Microsoft Corporation)
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [391168 2016-07-16] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [123904 2016-07-16] (Microsoft Corporation)
S3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [3318272 2016-07-16] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [358400 2016-09-15] (Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [275456 2016-07-16] (Microsoft Corporation)
S3 QWAVE; C:\Windows\SysWOW64\qwave.dll [234496 2016-07-16] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [105472 2016-07-16] (Microsoft Corporation)
S3 RasMan; C:\Windows\System32\rasmans.dll [657920 2016-11-11] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [496128 2016-09-15] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [431104 2016-09-15] (Microsoft Corporation)
S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [155648 2016-07-16] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [650752 2016-11-11] (Microsoft Corporation)
S3 RmSvc; C:\Windows\System32\RMapi.dll [140800 2016-09-15] (Microsoft Corporation)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [79360 2016-07-16] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [11264 2016-07-16] (Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [888320 2016-07-16] (Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [57400 2016-09-06] (Microsoft Corporation)
S4 SCardSvr; C:\Windows\System32\SCardSvr.dll [250880 2016-07-16] (Microsoft Corporation)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [201728 2016-12-13] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [948224 2016-07-16] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [193536 2016-12-13] (Microsoft Corporation)
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [147968 2016-07-16] (Microsoft Corporation)
S3 seclogon; C:\Windows\system32\seclogon.dll [31232 2016-07-16] (Microsoft Corporation)
R2 SENS; C:\Windows\System32\sens.dll [70656 2016-09-15] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1312768 2016-09-06] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [417792 2016-09-15] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [179200 2016-07-16] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [387072 2016-09-15] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [331776 2016-09-15] (Microsoft Corporation)
S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [541696 2016-11-02] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [617472 2016-07-16] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [566784 2016-07-16] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation)
S3 smphost; C:\Windows\System32\smphost.dll [23552 2016-08-05] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [20992 2016-08-05] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [590848 2016-07-16] (Microsoft Corporation)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [15872 2016-07-16] (Microsoft Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [792064 2016-10-14] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [5622088 2016-10-14] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [236544 2016-07-16] (Microsoft Corporation)
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [209920 2016-07-16] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [4136448 2016-11-11] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [3370496 2016-11-11] (Microsoft Corporation)
R3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [1464096 2017-01-18] (Valve Corporation)
S3 stisvc; C:\Windows\System32\wiaservc.dll [646656 2016-07-16] (Microsoft Corporation)
R3 StorSvc; C:\Windows\system32\storsvc.dll [396800 2016-11-11] (Microsoft Corporation)
S3 svsvc; C:\Windows\system32\svsvc.dll [13824 2016-07-16] (Microsoft Corporation)
R3 swprv; C:\Windows\System32\swprv.dll [467456 2016-07-16] (Microsoft Corporation)
R2 SysMain; C:\Windows\system32\sysmain.dll [944128 2016-07-16] (Microsoft Corporation)
R2 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [387072 2016-07-16] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [148992 2016-07-16] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [309248 2016-07-16] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [254976 2016-07-16] (Microsoft Corporation)
S3 TermService; C:\Windows\System32\termsrv.dll [987648 2016-07-16] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [70656 2016-07-16] (Microsoft Corporation)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [287744 2016-07-16] (Microsoft Corporation)
R2 tiledatamodelsvc; C:\Windows\system32\tileobjserver.dll [574976 2016-07-16] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [116736 2016-07-16] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [122880 2016-11-11] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [95232 2016-09-06] (Microsoft Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [42496 2016-07-16] (Microsoft Corporation)
S3 UmRdpService; C:\Windows\System32\umrdp.dll [273408 2016-07-16] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1184256 2016-07-16] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [968704 2016-07-16] (Microsoft Corporation)
S3 UnistoreSvc_3c9ef; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 UnistoreSvc_3c9ef; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 upnphost; C:\Windows\System32\upnphost.dll [440832 2016-07-16] (Microsoft Corporation)
S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [328192 2016-07-16] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1512448 2016-07-16] (Microsoft Corporation)
S3 UserDataSvc_3c9ef; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 UserDataSvc_3c9ef; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [1020928 2016-09-15] (Microsoft Corporation)
S3 UsoSvc; C:\Windows\system32\usocore.dll [539648 2016-12-13] (Microsoft Corporation)
R3 VaultSvc; C:\Windows\System32\vaultsvc.dll [358912 2016-07-16] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [649216 2016-07-16] (Microsoft Corporation)
S3 vmicguestinterface; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicheartbeat; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmickvpexchange; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2016-09-15] (Microsoft Corporation)
S3 vmicshutdown; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmictimesync; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2016-09-15] (Microsoft Corporation)
R3 VSS; C:\Windows\system32\vssvc.exe [1443328 2016-07-16] (Microsoft Corporation)
S3 W32Time; C:\Windows\system32\w32time.dll [520192 2016-08-05] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [436224 2016-07-16] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1547264 2016-07-16] (Microsoft Corporation)
S2 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [837632 2016-12-13] (Microsoft Corporation)
R2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [718848 2016-07-16] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [468992 2016-07-16] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [97792 2016-07-16] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [89088 2016-07-16] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [97792 2016-07-16] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [89088 2016-07-16] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [227328 2016-07-16] (Microsoft Corporation)
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [198656 2016-07-16] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [206848 2016-07-16] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [27648 2016-07-16] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [94208 2016-07-16] (Microsoft Corporation)
S3 WerSvc; C:\Windows\System32\WerSvc.dll [156672 2016-07-16] (Microsoft Corporation)
S3 WiaRpc; C:\Windows\System32\wiarpc.dll [82944 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [817664 2016-10-14] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [636928 2016-10-14] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [222720 2016-07-16] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2716672 2016-11-11] (Microsoft Corporation)
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [2333184 2016-11-11] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [635904 2016-11-02] (Microsoft Corporation)
S3 WlanSvc; C:\Windows\System32\wlansvc.dll [2370048 2016-09-06] (Microsoft Corporation)
S3 wlidsvc; C:\Windows\system32\wlidsvc.dll [2104320 2016-11-11] (Microsoft Corporation)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2016-07-16] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1184256 2016-09-06] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1836032 2016-07-16] (Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [88064 2016-07-16] (Microsoft Corporation)
R2 WpnService; C:\Windows\system32\WpnService.dll [234496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService; C:\Windows\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_3c9ef; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_3c9ef; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 wscsvc; C:\Windows\System32\wscsvc.dll [184832 2016-11-11] (Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [903680 2016-09-15] (Microsoft Corporation)
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [773120 2016-09-15] (Microsoft Corporation)
R3 wuauserv; C:\Windows\system32\wuaueng.dll [2317824 2016-12-13] (Microsoft Corporation)
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [99840 2016-07-16] (Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [1282048 2016-11-02] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [1013248 2016-09-15] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1159680 2016-07-16] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1025536 2016-07-16] (Microsoft Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

==================== Drivers (All) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [235520 2016-07-16] (Microsoft Corporation)
S0 3ware; C:\Windows\System32\drivers\3ware.sys [107360 2016-07-16] (LSI)
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [705888 2016-07-16] (Microsoft Corporation)
S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation)
R0 acpiex; C:\Windows\System32\Drivers\acpiex.sys [126816 2016-07-16] (Microsoft Corporation)
R3 acpipagr; C:\Windows\System32\drivers\acpipagr.sys [12288 2016-07-16] (Microsoft Corporation)
S3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [14336 2016-07-16] (Microsoft Corporation)
S3 acpitime; C:\Windows\System32\drivers\acpitime.sys [13312 2016-07-16] (Microsoft Corporation)
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [1135456 2016-07-16] (PMC-Sierra)
R1 AFD; C:\Windows\system32\drivers\afd.sys [584032 2016-10-14] (Microsoft Corporation)
R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [227328 2016-10-14] (Microsoft Corporation)
S3 AmdK8; C:\Windows\System32\drivers\amdk8.sys [123392 2016-07-16] (Microsoft Corporation)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0310791.inf_amd64_1a41492ddaa53f63\atikmdag.sys [28762648 2017-01-27] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0310791.inf_amd64_1a41492ddaa53f63\atikmpag.sys [530968 2017-01-27] (Advanced Micro Devices, Inc.)
S3 AmdPPM; C:\Windows\System32\drivers\amdppm.sys [120832 2016-07-16] (Microsoft Corporation)
S0 amdsata; C:\Windows\System32\drivers\amdsata.sys [83296 2016-07-16] (Advanced Micro Devices)
S0 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2016-07-16] (AMD Technologies Inc.)
S0 amdxata; C:\Windows\System32\drivers\amdxata.sys [26976 2016-07-16] (Advanced Micro Devices)
S3 AppID; C:\Windows\System32\drivers\appid.sys [172896 2016-07-16] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation)
S0 arcsas; C:\Windows\System32\drivers\arcsas.sys [131936 2016-07-16] (PMC-Sierra, Inc.)
S3 AsyncMac; C:\Windows\System32\drivers\asyncmac.sys [28160 2016-07-16] (Microsoft Corporation)
S0 atapi; C:\Windows\System32\drivers\atapi.sys [28512 2016-07-16] (Microsoft Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [101376 2016-12-08] (Advanced Micro Devices)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation)
R1 BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [56320 2016-07-16] (Microsoft Corporation)
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [41472 2016-07-16] (Microsoft Corporation)
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [36192 2016-07-16] (Microsoft Corporation)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Windows (R) Win 7 DDK provider)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [9728 2016-07-16] (Windows (R) Win 7 DDK provider)
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [9728 2016-07-16] (Microsoft Corporation)
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [101888 2016-11-02] (Microsoft Corporation)
S3 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [43008 2016-07-16] (Microsoft Corporation)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [65536 2016-07-16] (Microsoft Corporation)
S3 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [31232 2016-07-16] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [66048 2016-07-16] (Microsoft Corporation)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [38912 2016-07-16] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [118272 2016-09-10] (Microsoft Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2016-07-16] (Microsoft Corporation)
S1 cdrom; C:\Windows\System32\drivers\cdrom.sys [173056 2016-07-16] (Microsoft Corporation)
S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications)
S3 circlass; C:\Windows\System32\drivers\circlass.sys [48640 2016-07-16] (Microsoft Corporation)
R0 CLFS; C:\Windows\System32\drivers\CLFS.sys [377184 2016-12-09] (Microsoft Corporation)
R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation)
S3 CmBatt; C:\Windows\System32\drivers\CmBatt.sys [29696 2016-07-16] (Microsoft Corporation)
R0 CNG; C:\Windows\System32\Drivers\cng.sys [624048 2016-12-21] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [38752 2016-07-16] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys [39936 2016-07-16] (Microsoft Corporation)
R3 condrv; C:\Windows\System32\drivers\condrv.sys [53088 2016-07-16] (Microsoft Corporation)
S1 dam; C:\Windows\System32\drivers\dam.sys [63328 2016-10-14] (Microsoft Corporation)
R1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [144896 2016-10-05] (Microsoft Corporation)
R0 disk; C:\Windows\System32\drivers\disk.sys [101720 2016-07-16] (Microsoft Corporation)
S3 dmvsc; C:\Windows\System32\drivers\dmvsc.sys [35840 2016-07-16] (Microsoft Corporation)
S3 drmkaud; C:\Windows\system32\DRIVERS\drmkaud.sys [16168 2016-07-16] (Microsoft Corporation)
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [2189664 2016-12-09] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3418976 2016-07-16] (QLogic Corporation)
R0 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [88416 2016-07-16] (Microsoft Corporation)
S0 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [118112 2016-09-06] (Microsoft Corporation)
S3 ErrDev; C:\Windows\System32\drivers\errdev.sys [13312 2016-07-16] (Microsoft Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2016-12-14] ()
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [334848 2016-07-16] (Microsoft Corporation)
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [352096 2016-11-11] (Microsoft Corporation)
S3 fdc; C:\Windows\System32\drivers\fdc.sys [32256 2016-07-16] (Microsoft Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [88576 2016-07-16] (Microsoft Corporation)
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [85344 2016-07-16] (Microsoft Corporation)
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [35840 2016-07-16] (Microsoft Corporation)
S3 flpydisk; C:\Windows\System32\drivers\flpydisk.sys [26112 2016-07-16] (Microsoft Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [377696 2016-07-16] (Microsoft Corporation)
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [62816 2016-07-16] (Microsoft Corporation)
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [31584 2016-07-16] (Microsoft Corporation)
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [649568 2016-09-15] (Microsoft Corporation)
S3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [13312 2016-07-16] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20480 2016-07-16] (Microsoft Corporation)
R3 GPIOClx0101; C:\Windows\System32\Drivers\msgpioclx.sys [168800 2016-07-16] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2016-07-16] (Microsoft Corporation)
R3 HdAudAddService; C:\Windows\system32\DRIVERS\HdAudio.sys [410624 2016-07-16] (Microsoft Corporation)
R3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [83456 2016-07-16] (Microsoft Corporation)
S3 HidBatt; C:\Windows\System32\drivers\HidBatt.sys [36704 2016-07-16] (Microsoft Corporation)
S3 HidBth; C:\Windows\System32\drivers\hidbth.sys [108032 2016-07-16] (Microsoft Corporation)
S3 hidi2c; C:\Windows\System32\drivers\hidi2c.sys [51200 2016-07-16] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [50016 2016-07-16] (Microsoft Corporation)
S3 HidIr; C:\Windows\System32\drivers\hidir.sys [46592 2016-07-16] (Microsoft Corporation)
R3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [38400 2016-08-05] (Microsoft Corporation)
S0 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2016-07-16] (Hewlett-Packard Company)
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [1100128 2016-10-14] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [73568 2016-08-05] (Microsoft Corporation)
S0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [29536 2016-07-16] (Microsoft Corporation)
S3 hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [16384 2016-07-16] (Microsoft Corporation)
S3 i8042prt; C:\Windows\System32\drivers\i8042prt.sys [114176 2016-07-16] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel(R) Corporation)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [81408 2016-07-16] (Intel(R) Corporation)
R3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation)
R3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [176384 2016-07-16] (Intel Corporation)
R3 iaLPSS2_UART2; C:\Windows\System32\drivers\iaLPSS2_UART2.sys [287032 2016-10-26] (Intel Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [38128 2016-07-16] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [113152 2016-07-16] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [673120 2016-07-16] (Intel Corporation)
S0 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2016-07-16] (Intel Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [526176 2016-07-16] (Mellanox)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation)
S0 intelide; C:\Windows\System32\drivers\intelide.sys [19296 2016-07-16] (Microsoft Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [48152 2016-07-16] (Microsoft Corporation)
R3 intelppm; C:\Windows\System32\drivers\intelppm.sys [134144 2016-07-16] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [48992 2016-11-02] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [85504 2016-07-16] (Microsoft Corporation)
S3 IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [89952 2016-07-16] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [212480 2016-07-16] (Microsoft Corporation)
S3 irda; C:\Windows\system32\drivers\irda.sys [120320 2016-07-16] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [19456 2016-07-16] (Microsoft Corporation)
S0 isapnp; C:\Windows\System32\drivers\isapnp.sys [22880 2016-07-16] (Microsoft Corporation)
S3 iScsiPrt; C:\Windows\System32\drivers\msiscsi.sys [277344 2016-07-16] (Microsoft Corporation)
R3 kbdclass; C:\Windows\System32\drivers\kbdclass.sys [62304 2016-07-16] (Microsoft Corporation)
R3 kbdhid; C:\Windows\System32\drivers\kbdhid.sys [39424 2016-09-15] (Microsoft Corporation)
R3 kdnic; C:\Windows\System32\drivers\kdnic.sys [25088 2016-07-16] (Microsoft Corporation)
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [133472 2016-09-06] (Microsoft Corporation)
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [168800 2016-08-05] (Microsoft Corporation)
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [26112 2016-07-16] (Microsoft Corporation)
R2 lltdio; C:\Windows\System32\drivers\lltdio.sys [66048 2016-07-16] (Microsoft Corporation)
S0 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [108896 2016-07-16] (LSI Corporation)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [105824 2016-07-16] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [101216 2016-07-16] (Avago Technologies)
S0 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82776 2016-07-16] (LSI Corporation)
R2 luafv; C:\Windows\system32\drivers\luafv.sys [125952 2016-07-16] (Microsoft Corporation)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2017-01-04] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2017-03-02] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-03-02] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [250816 2017-03-02] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [91584 2017-03-02] (Malwarebytes)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59744 2016-07-16] (Avago Technologies)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
S0 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2016-07-16] (LSI Corporation, Inc.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [204032 2016-01-20] (Intel Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [842584 2016-07-16] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [48128 2016-07-16] (Microsoft Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [42496 2016-11-11] (Microsoft Corporation)
R3 monitor; C:\Windows\System32\drivers\monitor.sys [38400 2016-07-16] (Microsoft Corporation)
R3 mouclass; C:\Windows\System32\drivers\mouclass.sys [59232 2016-07-16] (Microsoft Corporation)
R3 mouhid; C:\Windows\System32\drivers\mouhid.sys [32256 2016-07-16] (Microsoft Corporation)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [104800 2016-07-16] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [75776 2016-07-16] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [143872 2016-10-05] (Microsoft Corporation)
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [450392 2016-09-06] (Microsoft Corporation)
R2 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [282624 2016-11-11] (Microsoft Corporation)
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [223584 2016-11-11] (Microsoft Corporation)
S3 MsBridge; C:\Windows\System32\drivers\bridge.sys [114688 2016-07-16] (Microsoft Corporation)
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [31232 2016-07-16] (Microsoft Corporation)
S3 msgpiowin32; C:\Windows\System32\drivers\msgpiowin32.sys [50528 2016-07-16] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8704 2016-07-16] (Microsoft Corporation)
S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [11776 2016-07-16] (Microsoft Corporation)
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [18784 2016-07-16] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\system32\DRIVERS\MSKSSRV.sys [27136 2016-07-16] (Microsoft Corporation)
R2 MsLldp; C:\Windows\System32\drivers\mslldp.sys [78336 2016-07-16] (Microsoft Corporation)
S3 MSPCLOCK; C:\Windows\system32\DRIVERS\MSPCLOCK.sys [10752 2016-07-16] (Microsoft Corporation)
S3 MSPQM; C:\Windows\system32\DRIVERS\MSPQM.sys [10752 2016-07-16] (Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [361312 2016-07-16] (Microsoft Corporation)
R1 mssmbios; C:\Windows\System32\drivers\mssmbios.sys [43360 2016-07-16] (Microsoft Corporation)
S3 MSTEE; C:\Windows\system32\DRIVERS\MSTEE.sys [12800 2016-07-16] (Microsoft Corporation)
S3 MTConfig; C:\Windows\System32\drivers\MTConfig.sys [15872 2016-07-16] (Microsoft Corporation)
R0 Mup; C:\Windows\System32\Drivers\mup.sys [126304 2016-07-16] (Microsoft Corporation)
S0 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2016-07-16] (Marvell Semiconductor, Inc.)
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [533504 2016-07-16] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [108896 2016-07-16] (Mellanox)
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [1181536 2016-10-05] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\drivers\ndiscap.sys [50176 2016-07-16] (Microsoft Corporation)
S3 NdisImPlatform; C:\Windows\System32\drivers\NdisImPlatform.sys [126464 2016-07-16] (Microsoft Corporation)
S3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [26112 2016-07-16] (Microsoft Corporation)
S3 Ndisuio; C:\Windows\System32\drivers\ndisuio.sys [63488 2016-07-16] (Microsoft Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [20480 2016-07-16] (Microsoft Corporation)
S3 NdisWan; C:\Windows\System32\drivers\ndiswan.sys [189440 2016-07-16] (Microsoft Corporation)
S3 ndiswanlegacy; C:\Windows\System32\DRIVERS\ndiswan.sys [189440 2016-07-16] (Microsoft Corporation)
S3 ndproxy; C:\Windows\System32\DRIVERS\NDProxy.sys [60928 2016-07-16] (Microsoft Corporation)
R2 Ndu; C:\Windows\System32\drivers\Ndu.sys [125440 2016-07-16] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 NetBIOS; C:\Windows\System32\drivers\netbios.sys [57184 2016-07-16] (Microsoft Corporation)
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [279040 2016-07-16] (Microsoft Corporation)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [68608 2016-07-16] (Microsoft Corporation)
R1 npsvctrig; C:\Windows\System32\drivers\npsvctrig.sys [26624 2016-07-16] (Microsoft Corporation)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [41984 2016-07-16] (Microsoft Corporation)
R3 NTFS; C:\Windows\System32\Drivers\NTFS.sys [2255712 2016-11-02] (Microsoft Corporation)
R1 Null; C:\Windows\System32\Drivers\Null.sys [7168 2016-07-16] (Microsoft Corporation)
S0 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2016-07-16] (NVIDIA Corporation)
S0 nvstor; C:\Windows\System32\drivers\nvstor.sys [166240 2016-07-16] (NVIDIA Corporation)
R3 Parport; C:\Windows\System32\drivers\parport.sys [96768 2016-07-16] (Microsoft Corporation)
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [128352 2016-11-11] (Microsoft Corporation)
R0 pci; C:\Windows\System32\drivers\pci.sys [335712 2016-12-13] (Microsoft Corporation)
S0 pciide; C:\Windows\System32\drivers\pciide.sys [16224 2016-07-16] (Microsoft Corporation)
S0 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [118112 2016-07-16] (Microsoft Corporation)
R0 pcw; C:\Windows\System32\drivers\pcw.sys [51552 2016-07-16] (Microsoft Corporation)
R0 pdc; C:\Windows\System32\drivers\pdc.sys [108384 2016-08-20] (Microsoft Corporation)
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [723968 2016-07-16] (Microsoft Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [61792 2016-07-16] (Avago Technologies)
S3 PptpMiniport; C:\Windows\System32\drivers\raspptp.sys [96256 2016-07-16] (Microsoft Corporation)
S3 Processor; C:\Windows\System32\drivers\processr.sys [119808 2016-07-16] (Microsoft Corporation)
R1 Psched; C:\Windows\System32\drivers\pacer.sys [160608 2016-07-16] (Microsoft Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [48640 2016-07-16] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [17408 2016-07-16] (Microsoft Corporation)
S3 RasAgileVpn; C:\Windows\System32\drivers\AgileVpn.sys [107520 2016-07-16] (Microsoft Corporation)
S3 Rasl2tp; C:\Windows\System32\drivers\rasl2tp.sys [104960 2016-07-16] (Microsoft Corporation)
S3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [81408 2016-07-16] (Microsoft Corporation)
S3 RasSstp; C:\Windows\System32\drivers\rassstp.sys [77824 2016-07-16] (Microsoft Corporation)
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [433504 2016-11-11] (Microsoft Corporation)
R3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [26112 2016-07-16] (Microsoft Corporation)
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [177152 2016-07-16] (Microsoft Corporation)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [29536 2016-07-16] (Microsoft Corporation)
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [267104 2016-07-16] (Microsoft Corporation)
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [928608 2016-07-16] (Microsoft Corporation)
R2 rspndr; C:\Windows\System32\drivers\rspndr.sys [81408 2016-07-16] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
S3 s3cap; C:\Windows\System32\drivers\vms3cap.sys [9216 2016-07-16] (Microsoft Corporation)
S0 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [110432 2016-07-16] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [43008 2016-07-16] (Microsoft Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88416 2016-07-16] (Microsoft Corporation)
S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation)
S3 sdbus; C:\Windows\System32\drivers\sdbus.sys [279904 2016-10-05] (Microsoft Corporation)
S3 sdstor; C:\Windows\System32\drivers\sdstor.sys [95072 2016-07-16] (Microsoft Corporation)
S3 SerCx; C:\Windows\System32\drivers\SerCx.sys [74592 2016-07-16] (Microsoft Corporation)
R3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [151904 2016-07-16] (Microsoft Corporation)
R3 Serenum; C:\Windows\System32\drivers\serenum.sys [25088 2016-07-16] (Microsoft Corporation)
R3 Serial; C:\Windows\System32\drivers\serial.sys [83968 2016-07-16] (Microsoft Corporation)
S3 sermouse; C:\Windows\System32\drivers\sermouse.sys [27648 2016-07-16] (Microsoft Corporation)
S3 sfloppy; C:\Windows\System32\drivers\sfloppy.sys [18432 2016-07-16] (Microsoft Corporation)
S0 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2016-07-16] (Silicon Integrated Systems Corp.)
S0 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2016-07-16] (Silicon Integrated Systems)
R0 spaceport; C:\Windows\System32\drivers\spaceport.sys [557408 2016-10-14] (Microsoft Corporation)
R3 SpbCx; C:\Windows\System32\drivers\SpbCx.sys [79200 2016-07-16] (Microsoft Corporation)
R2 srv; C:\Windows\System32\DRIVERS\srv.sys [409088 2016-09-06] (Microsoft Corporation)
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [713216 2016-11-11] (Microsoft Corporation)
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [248320 2016-09-06] (Microsoft Corporation)
S0 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2016-07-16] (Promise Technology, Inc.)
R0 storahci; C:\Windows\System32\drivers\storahci.sys [130912 2016-09-15] (Microsoft Corporation)
S0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [46944 2016-07-16] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [81760 2016-09-15] (Microsoft Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [78336 2016-07-16] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [32096 2016-07-16] (Microsoft Corporation)
S0 storvsc; C:\Windows\System32\drivers\storvsc.sys [36192 2016-07-16] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\drivers\swenum.sys [17760 2016-07-16] (Microsoft Corporation)
S3 Synth3dVsc; C:\Windows\System32\drivers\Synth3dVsc.sys [64000 2016-07-16] (Microsoft Corporation)
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2537824 2016-10-14] (Microsoft Corporation)
S3 Tcpip6; C:\Windows\System32\drivers\tcpip.sys [2537824 2016-10-14] (Microsoft Corporation)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [52224 2016-07-16] (Microsoft Corporation)
R1 tdx; C:\Windows\system32\DRIVERS\tdx.sys [118112 2016-07-16] (Microsoft Corporation)
S3 terminpt; C:\Windows\System32\drivers\terminpt.sys [38752 2016-07-16] (Microsoft Corporation)
S3 TPM; C:\Windows\System32\drivers\tpm.sys [219488 2016-11-11] (Microsoft Corporation)
S3 tsusbflt; C:\Windows\System32\drivers\TsUsbFlt.sys [61440 2016-07-16] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [34304 2016-07-16] (Microsoft Corporation)
R3 tunnel; C:\Windows\System32\drivers\tunnel.sys [158208 2016-07-16] (Microsoft Corporation)
S3 UASPStor; C:\Windows\System32\drivers\uaspstor.sys [77152 2016-07-16] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [95744 2016-07-16] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [50688 2016-07-16] (Microsoft Corporation)
R3 Ucx01000; C:\Windows\System32\drivers\ucx01000.sys [210272 2016-07-16] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45568 2016-07-16] (Microsoft Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [320000 2016-07-16] (Microsoft Corporation)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [28512 2016-07-16] (Microsoft Corporation)
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [263008 2016-07-16] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [96608 2016-07-16] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [137056 2016-07-16] (Microsoft Corporation)
R3 umbus; C:\Windows\System32\drivers\umbus.sys [56832 2016-07-16] (Microsoft Corporation)
S3 UmPass; C:\Windows\System32\drivers\umpass.sys [13824 2016-07-16] (Microsoft Corporation)
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [28512 2016-07-16] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [57696 2016-07-16] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [27488 2016-07-16] (Microsoft Corporation)
R3 usbaudio; C:\Windows\system32\drivers\usbaudio.sys [132096 2016-07-16] (Microsoft Corporation)
R3 usbccgp; C:\Windows\System32\drivers\usbccgp.sys [169312 2016-07-16] (Microsoft Corporation)
S3 usbcir; C:\Windows\System32\drivers\usbcir.sys [102400 2016-07-16] (Microsoft Corporation)
S3 usbehci; C:\Windows\System32\drivers\usbehci.sys [96096 2016-07-16] (Microsoft Corporation)
S3 usbhub; C:\Windows\System32\drivers\usbhub.sys [501088 2016-07-16] (Microsoft Corporation)
R3 USBHUB3; C:\Windows\System32\drivers\UsbHub3.sys [535904 2016-07-16] (Microsoft Corporation)
S3 usbohci; C:\Windows\System32\drivers\usbohci.sys [30208 2016-07-16] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\drivers\usbprint.sys [27648 2016-07-16] (Microsoft Corporation)
S3 usbser; C:\Windows\System32\drivers\usbser.sys [69120 2016-07-16] (Microsoft Corporation)
S3 USBSTOR; C:\Windows\System32\drivers\USBSTOR.SYS [129888 2016-07-16] (Microsoft Corporation)
S3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [35328 2016-07-16] (Microsoft Corporation)
R3 USBXHCI; C:\Windows\System32\drivers\USBXHCI.SYS [381792 2016-07-16] (Microsoft Corporation)
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [53088 2016-07-16] (Microsoft Corporation)
S3 VerifierExt; C:\Windows\System32\drivers\VerifierExt.sys [201056 2016-07-16] (Microsoft Corporation)
S3 vhdmp; C:\Windows\System32\drivers\vhdmp.sys [715104 2016-12-13] (Microsoft Corporation)
S3 vhf; C:\Windows\System32\drivers\vhf.sys [32256 2016-07-16] (Microsoft Corporation)
S0 vmbus; C:\Windows\System32\drivers\vmbus.sys [104288 2016-07-16] (Microsoft Corporation)
S3 VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [25088 2016-07-16] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation)
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [80224 2016-07-16] (Microsoft Corporation)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [367456 2016-07-16] (Microsoft Corporation)
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [391520 2016-07-16] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation)
S3 vpci; C:\Windows\System32\drivers\vpci.sys [74080 2016-09-15] (Microsoft Corporation)
S0 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [166752 2016-07-16] (VIA Technologies Inc.,Ltd)
S0 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2016-07-16] (VIA Corporation)
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [26624 2016-07-16] (Microsoft Corporation)
R1 vwififlt; C:\Windows\System32\drivers\vwififlt.sys [73216 2016-07-16] (Microsoft Corporation)
S3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [30208 2016-07-16] (Microsoft Corporation)
R2 wanarp; C:\Windows\System32\DRIVERS\wanarp.sys [79872 2016-07-16] (Microsoft Corporation)
S3 wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [79872 2016-07-16] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119648 2016-09-15] (Microsoft Corporation)
R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [861296 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [719360 2016-09-15] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R0 WFPLWFS; C:\Windows\System32\drivers\wfplwfs.sys [156000 2016-07-16] (Microsoft Corporation)
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [35680 2016-07-16] (Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [107032 2016-07-16] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2016-07-16] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [32096 2016-07-16] (Mellanox)
S3 WINUSB; C:\Windows\System32\drivers\WinUSB.SYS [89088 2016-07-16] (Microsoft Corporation)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [64864 2016-07-16] (Mellanox)
R3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [18432 2016-07-16] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [199008 2016-08-05] (Microsoft Corporation)
S3 WpdUpFltr; C:\Windows\System32\drivers\WpdUpFltr.sys [30560 2016-07-16] (Microsoft Corporation)
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [22528 2016-07-16] (Microsoft Corporation)
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [99328 2016-07-16] (Microsoft Corporation)
S3 WUDFRd; C:\Windows\System32\drivers\WudfRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [258560 2016-11-11] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [43520 2016-08-19] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [95744 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-02 19:18 - 2017-03-02 19:18 - 00040805 _____ C:\Users\Christian\Desktop\Addition.txt
2017-03-02 19:17 - 2017-03-02 19:20 - 00084436 _____ C:\Users\Christian\Desktop\FRST.txt
2017-03-02 19:17 - 2017-03-02 19:20 - 00000000 ____D C:\FRST
2017-03-02 19:17 - 2017-03-02 19:17 - 02423808 _____ (Farbar) C:\Users\Christian\Desktop\FRST64.exe
2017-02-09 20:33 - 2017-02-09 20:33 - 00015411 _____ C:\Users\Christian\Downloads\Verizon Monthy Bill - 02 09 17.xlsx
2017-02-09 17:48 - 2017-02-09 18:22 - 01611950 _____ C:\Users\Christian\Documents\~2016 Snelgrove C Form 1040  Individual Tax Return.tax2016
2017-02-09 17:43 - 2017-02-09 18:25 - 01611950 _____ C:\Users\Christian\Documents\2016 Snelgrove C Form 1040  Individual Tax Return.tax2016
2017-02-09 17:14 - 2017-02-09 17:15 - 00000000 ____D C:\Users\Christian\Documents\TurboTax
2017-02-09 17:12 - 2017-02-09 17:12 - 00000000 ____D C:\Users\Christian\AppData\Local\IsolatedStorage
2017-02-09 17:11 - 2017-02-09 18:18 - 00000469 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2017-02-09 17:11 - 2017-02-09 17:14 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Intuit
2017-02-09 17:11 - 2017-02-09 17:11 - 00002529 _____ C:\Users\Public\Desktop\TurboTax 2016.lnk
2017-02-09 17:11 - 2017-02-09 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2016
2017-02-09 17:10 - 2017-02-09 17:11 - 00000000 ____D C:\ProgramData\Intuit
2017-02-09 17:10 - 2017-02-09 17:10 - 122027080 _____ C:\Users\Christian\Downloads\TurboTax_Deluxe_2016_Tax_Software_Federal__State__Fed_Efile_PC_download__Amazon_Exclusive.exe
2017-02-09 17:10 - 2017-02-09 17:10 - 00000000 ____D C:\Program Files (x86)\TurboTax
2017-02-02 18:20 - 2017-02-02 18:20 - 00003160 _____ C:\Windows\System32\Tasks\StartCN
2017-02-02 18:20 - 2017-02-02 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-02-02 18:20 - 2017-02-02 18:20 - 00000000 ____D C:\Program Files (x86)\AMD
2017-02-02 18:14 - 2017-02-02 18:14 - 34390000 _____ (AMD Inc.) C:\Users\Christian\Downloads\radeon-crimson-relive-17.1.2-minimalsetup-170130_64bit.exe
2017-02-02 18:14 - 2017-02-02 18:14 - 00000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml
2017-02-01 18:05 - 2017-02-01 18:05 - 00000000 ____D C:\Users\Christian\AppData\Local\Adobe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-02 19:18 - 2017-01-04 03:13 - 00000000 ____D C:\Program Files (x86)\Overwatch
2017-03-02 19:18 - 2017-01-04 03:11 - 00000000 ____D C:\Users\Christian\AppData\Local\Battle.net
2017-03-02 19:18 - 2017-01-04 02:58 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Spotify
2017-03-02 19:17 - 2016-07-16 05:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-02 19:17 - 2016-07-16 05:47 - 00000000 ____D C:\Windows\AppReadiness
2017-03-02 07:35 - 2017-01-04 02:58 - 00000000 ____D C:\Users\Christian\AppData\Local\Spotify
2017-03-02 07:25 - 2017-01-04 02:58 - 01187020 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-02 07:24 - 2017-01-04 02:58 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-02 07:19 - 2017-01-04 18:59 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-02 07:19 - 2017-01-04 03:11 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-03-02 07:19 - 2017-01-04 03:00 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-03-02 07:19 - 2017-01-04 02:58 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-02 07:19 - 2017-01-04 02:58 - 00102856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-03-02 07:19 - 2017-01-04 02:58 - 00091584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-03-02 07:19 - 2017-01-04 02:58 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-03-02 07:19 - 2016-07-16 00:04 - 00262144 _____ C:\Windows\system32\config\BBI
2017-03-02 07:18 - 2017-01-04 19:02 - 00000000 ____D C:\Users\Christian
2017-03-02 06:54 - 2017-01-04 18:59 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-02-28 19:16 - 2017-01-04 19:03 - 00002375 _____ C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-28 19:16 - 2017-01-04 19:03 - 00000000 ___RD C:\Users\Christian\OneDrive
2017-02-28 19:16 - 2017-01-04 02:56 - 00003298 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-28 19:15 - 2010-01-31 16:00 - 00000000 ____D C:\Users\Christian\Downloads\OpenHardwareMonitor
2017-02-26 19:21 - 2017-01-18 18:56 - 00281032 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2017-02-26 19:21 - 2017-01-18 18:45 - 00281032 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-02-25 19:27 - 2017-01-17 17:31 - 00000000 ____D C:\Windows\system32\MRT
2017-02-25 19:26 - 2017-01-17 17:31 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-25 14:12 - 2017-01-18 18:45 - 00281032 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2017-02-25 12:12 - 2017-01-22 13:52 - 00000000 ____D C:\Users\Christian\Documents\The Witcher 3
2017-02-22 19:21 - 2016-07-16 05:36 - 00000000 ____D C:\Windows\CbsTemp
2017-02-18 07:56 - 2017-01-17 20:33 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2017-02-17 20:18 - 2017-01-17 21:13 - 00003134 _____ C:\Windows\System32\Tasks\RTSS
2017-02-15 20:07 - 2016-07-16 05:45 - 00000000 ____D C:\Windows\INF
2017-02-10 07:38 - 2017-01-04 18:59 - 00206480 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-06 20:34 - 2017-01-04 02:59 - 00000000 ____D C:\Users\Christian\AppData\Local\Google
2017-02-06 18:47 - 2017-01-04 02:58 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 13:48 - 2016-07-16 05:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-06 13:48 - 2016-07-16 05:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-02 18:18 - 2017-01-04 04:09 - 00000000 ____D C:\Users\Christian\AppData\LocalLow\AMD
2017-02-02 18:15 - 2017-01-04 03:00 - 00000000 ____D C:\AMD
2017-02-01 18:07 - 2017-01-04 19:02 - 00000000 ____D C:\Users\Christian\AppData\Local\Packages

==================== Files in the root of some directories =======

2017-02-09 17:11 - 2017-02-09 18:18 - 0000469 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2017-02-02 18:14 - 2017-02-02 18:14 - 0000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-22 19:21

==================== End of FRST.txt ============================

Addition.txt

Link to post
Share on other sites

  • Root Admin

Hello @moosology and :welcome:

Please run the following for me.

Please download Malwarebytes Anti-Rootkit from HERE
If needed there is a self help tutorial here: MBAR tutorial

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

Link to post
Share on other sites

  • Root Admin

Please run the following steps and post back the logs when ready and we'll see if these scans find any further issues or not.

STEP 01
Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus

STEP 02

adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your Desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan.
  • When finished, please click Clean.
  • Your PC should reboot now.
  • After reboot, logfile will be opened. Copy its content into your next reply.

Note: Reports will be saved in your system partition, usually at C:\Adwcleaner

STEP 03
Download Sophos Free Virus Removal Tool and save it to your desktop.
 

  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View Log file (bottom left-hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found, please confirm that result.

STEP 04
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here.
  • Please attach the Additions.txt log to your reply as well.

 

Thanks

Link to post
Share on other sites

  • Root Admin

Please Run TFC by OldTimer to clear temporary files:

  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 

Let's also update your Malwarebytes to the latest version using the clean removal method.

 

Please read the following topic and then run the Malwarebytes Clean Removal tool mb-clean

https://forums.malwarebytes.com/topic/196955-malwarebytes-mb-clean-tool/

The download link for the tool is:  https://downloads.malwarebytes.com/file/mb_clean


Restart the computer when done and reinstall Malwarebytes 3 with the latest build again.

Here is the link for the latest installer

https://downloads.malwarebytes.com/file/mb3/


Thank you

Ron

 

Link to post
Share on other sites

  • Root Admin

We can scan your system for infections or other possible issues if you like

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.