radianceseeker
Posts: 93 +0
S3 PNRPAutoReg; C:\Windows\system32\p2psvc.dll [836608 2009-04-10] (Microsoft Corporation) [File not signed]
S3 PNRPAutoReg; C:\Windows\SysWOW64\p2psvc.dll [644608 2009-04-10] (Microsoft Corporation) [File not signed]
S3 PNRPsvc; C:\Windows\system32\p2psvc.dll [836608 2009-04-10] (Microsoft Corporation) [File not signed]
S3 PNRPsvc; C:\Windows\SysWOW64\p2psvc.dll [644608 2009-04-10] (Microsoft Corporation) [File not signed]
R2 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [533504 2009-04-10] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [178176 2009-04-10] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [11264 2011-11-16] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [284160 2008-01-20] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [98304 2008-01-20] (Microsoft Corporation) [File not signed]
R3 RasMan; C:\Windows\System32\rasmans.dll [309760 2009-04-10] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [88064 2008-01-20] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [68608 2008-01-20] (Microsoft Corporation) [File not signed]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [206848 2009-04-10] (Microsoft Corporation) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
S3 RpcLocator; C:\Windows\system32\locator.exe [8704 2006-11-02] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [719872 2009-04-10] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [11264 2011-11-16] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [147968 2009-04-10] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\SysWOW64\SCardSvr.dll [95232 2009-04-10] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\Windows\system32\schedsvc.dll [855040 2010-11-06] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [49664 2009-04-10] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [128000 2008-01-20] (Microsoft Corporation) [File not signed]
R2 seclogon; C:\Windows\system32\seclogon.dll [28672 2008-01-20] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [61952 2008-01-20] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\SysWOW64\sens.dll [47104 2008-01-20] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [74752 2008-01-20] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [84992 2008-01-20] (Microsoft Corporation) [File not signed]
R2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [821000 2008-10-03] (Trend Micro Inc.)
S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [342016 2008-01-20] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [302080 2009-07-10] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [247808 2009-07-10] (Microsoft Corporation) [File not signed]
R2 slsvc; C:\Windows\system32\SLsvc.exe [2582016 2009-04-10] (Microsoft Corporation) [File not signed]
S3 SLUINotify; C:\Windows\system32\SLUINotify.dll [73216 2009-04-10] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2006-11-02] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [273920 2010-08-17] (Microsoft Corporation) [File not signed]
S4 SQLAgent$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
S4 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [185856 2008-01-20] (Microsoft Corporation) [File not signed]
R3 SstpSvc; C:\Windows\system32\sstpsvc.dll [141312 2008-01-20] (Microsoft Corporation) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_f86438be\STacSV64.exe [246272 2008-06-26] (IDT, Inc.) [File not signed]
R2 stisvc; C:\Windows\System32\wiaservc.dll [572416 2009-04-10] (Microsoft Corporation) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [480768 2009-04-10] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [886784 2009-04-10] (Microsoft Corporation) [File not signed]
R2 TabletInputService; C:\Windows\System32\TabSvc.dll [84992 2006-11-02] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\Windows\System32\tapisrv.dll [318976 2009-04-10] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242688 2009-04-10] (Microsoft Corporation) [File not signed]
S2 TBS; C:\Windows\System32\tbssvc.dll [65536 2008-01-20] (Microsoft Corporation) [File not signed]
R2 TermService; C:\Windows\System32\termsrv.dll [548352 2014-10-09] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\shsvcs.dll [302080 2009-07-10] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\SysWOW64\shsvcs.dll [247808 2009-07-10] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [37888 2008-01-20] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [117248 2008-01-20] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [42496 2009-04-10] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2008-01-20] (Microsoft Corporation) [File not signed]
S4 upnphost; C:\Windows\System32\upnphost.dll [344576 2008-01-20] (Microsoft Corporation) [File not signed]
S4 upnphost; C:\Windows\SysWOW64\upnphost.dll [259072 2008-01-20] (Microsoft Corporation) [File not signed]
R2 UxSms; C:\Windows\System32\uxsms.dll [32768 2009-04-10] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [454656 2009-04-10] (Microsoft Corporation) [File not signed]
S3 VSS; C:\Windows\system32\vssvc.exe [1433600 2009-04-10] (Microsoft Corporation) [File not signed]
R2 W32Time; C:\Windows\system32\w32time.dll [372736 2009-04-10] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [581120 2009-04-10] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [413696 2009-04-10] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [39936 2006-11-02] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32256 2006-11-02] (Microsoft Corporation) [File not signed]
S3 WdiServiceHost; C:\Windows\system32\wdi.dll [81920 2008-01-20] (Microsoft Corporation) [File not signed]
S3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [73728 2008-01-20] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [81920 2008-01-20] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [73728 2008-01-20] (Microsoft Corporation) [File not signed]
R2 WebClient; C:\Windows\System32\webclnt.dll [218624 2009-04-10] (Microsoft Corporation) [File not signed]
R2 WebClient; C:\Windows\SysWOW64\webclnt.dll [199680 2009-04-10] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [232960 2009-10-09] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [85504 2006-11-02] (Microsoft Corporation) [File not signed]
R2 WerSvc; C:\Windows\System32\WerSvc.dll [120832 2008-01-20] (Microsoft Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Corporation)
S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [442368 2011-11-16] (Microsoft Corporation) [File not signed]
S3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [377344 2011-11-16] (Microsoft Corporation) [File not signed]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [221696 2009-04-10] (Microsoft Corporation) [File not signed]
S4 WinRM; C:\Windows\system32\WsmSvc.dll [2050048 2009-10-09] (Microsoft Corporation) [File not signed]
S4 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1181696 2009-10-09] (Microsoft Corporation) [File not signed]
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [615936 2009-07-11] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [209920 2009-04-10] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1216000 2008-01-20] (Microsoft Corporation) [File not signed]
R2 WPCSvc; C:\Windows\System32\wpcsvc.dll [173568 2008-01-20] (Microsoft Corporation) [File not signed]
R2 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [140288 2009-04-10] (Microsoft Corporation) [File not signed]
R2 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [107008 2009-09-30] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\Windows\System32\wscsvc.dll [74752 2009-04-10] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\Windows\system32\SearchIndexer.exe [597504 2009-04-10] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [441344 2009-04-10] (Microsoft Corporation) [File not signed]
R2 WSWNDA3100; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [272864 2010-08-19] ()
R2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-25] (Microsoft Corporation) [File not signed]
R2 XAudioService; C:\Windows\system32\DRIVERS\xaudio64.exe [412672 2008-07-02] (Conexant Systems, Inc.) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AFD; C:\Windows\system32\drivers\afd.sys [404992 2014-05-30] (Microsoft Corporation) [File not signed]
S4 AmdK8; C:\Windows\system32\drivers\amdk8.sys [50688 2008-01-20] (Microsoft Corporation) [File not signed]
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [9319936 2011-04-20] (ATI Technologies Inc.) [File not signed]
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [306176 2011-04-20] (Advanced Micro Devices, Inc.) [File not signed]
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [22016 2008-01-20] (Microsoft Corporation) [File not signed]
S4 blbdrive; C:\Windows\system32\drivers\blbdrive.sys [55296 2008-01-20] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-18] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\drivers\brfiltlo.sys [18432 2006-09-18] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\drivers\brfiltup.sys [8704 2006-09-18] (Brother Industries, Ltd.) [File not signed]
S4 Brserid; C:\Windows\system32\drivers\brserid.sys [86528 2006-11-02] (Brother Industries Ltd.) [File not signed]
S4 BrSerWdm; C:\Windows\system32\drivers\brserwdm.sys [47104 2006-09-18] (Brother Industries Ltd.) [File not signed]
S4 BrUsbMdm; C:\Windows\system32\drivers\brusbmdm.sys [14976 2006-09-18] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\system32\drivers\brusbser.sys [14720 2006-09-19] (Brother Industries Ltd.) [File not signed]
S4 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [50688 2006-11-02] (Microsoft Corporation) [File not signed]
R3 CAXHWBS2; C:\Windows\System32\DRIVERS\CAXHWBS2.sys [411136 2008-07-02] (Conexant Systems, Inc.) [File not signed]
R4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [90624 2008-01-20] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [79872 2009-04-10] (Microsoft Corporation) [File not signed]
S4 circlass; C:\Windows\system32\drivers\circlass.sys [41984 2008-01-20] (Microsoft Corporation) [File not signed]
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [19840 2010-04-09] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [233040 2010-04-09] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [33208 2010-04-09] (COMODO)
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [97792 2011-04-14] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [6144 2008-01-20] (Microsoft Corporation) [File not signed]
S3 E1G60; C:\Windows\System32\DRIVERS\E1G6032E.sys [146176 2008-01-20] (Intel Corporation) [File not signed]
S4 ErrDev; C:\Windows\system32\drivers\errdev.sys [8704 2008-01-20] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [187904 2009-04-10] (Microsoft Corporation) [File not signed]
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [198656 2014-09-04] (Microsoft Corporation) [File not signed]
S4 fdc; C:\Windows\System32\DRIVERS\fdc.sys [29696 2008-01-20] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [33280 2008-01-20] (Microsoft Corporation) [File not signed]
S4 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [24576 2008-01-20] (Microsoft Corporation) [File not signed]
U1 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [16384 2012-02-29] (Microsoft Corporation) [File not signed]
R3 HCW85BDA; C:\Windows\System32\drivers\HCW85BDA.sys [1708800 2009-07-14] (Hauppauge Computer Works) [File not signed]
S4 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-03-05] (Hauppauge Computer Works, Inc.) [File not signed]
R3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [275456 2009-04-10] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [948736 2009-04-10] (Microsoft Corporation) [File not signed]
S4 HidBth; C:\Windows\system32\drivers\hidbth.sys [34304 2006-11-02] (Microsoft Corporation) [File not signed]
S4 HidIr; C:\Windows\system32\drivers\hidir.sys [25600 2006-11-02] (Microsoft Corporation) [File not signed]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [15872 2009-04-10] (Microsoft Corporation) [File not signed]
R3 HSF_DPV; C:\Windows\System32\DRIVERS\CAX_DPV.sys [1487872 2008-07-02] (Conexant Systems, Inc.) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [620032 2010-02-20] (Microsoft Corporation) [File not signed]
S4 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [64000 2008-01-20] (Microsoft Corporation) [File not signed]
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [84696 2010-04-09] (COMODO)
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [48128 2008-01-20] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [67584 2009-04-10] (Microsoft Corporation) [File not signed]
S4 IPMIDRV; C:\Windows\system32\drivers\ipmidrv.sys [76288 2008-01-20] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\DRIVERS\ipnat.sys [115712 2008-01-20] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17408 2008-01-20] (Microsoft Corporation) [File not signed]
R1 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [22528 2009-04-10] (Microsoft Corporation) [File not signed]
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20864 2008-01-20] (Microsoft Corporation) [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [59392 2008-01-20] (Microsoft Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [109568 2008-01-20] (Microsoft Corporation) [File not signed]
R2 mdmxsdk; C:\Windows\System32\DRIVERS\mdmxsdk.sys [17024 2008-07-02] (Conexant) [File not signed]
R3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2008-01-20] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [49152 2008-01-20] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [19968 2008-01-20] (Microsoft Corporation) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [81408 2008-01-20] (Microsoft Corporation) [File not signed]
R3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [139264 2009-04-10] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [135680 2011-04-29] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [275456 2011-07-06] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [107008 2011-04-29] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11008 2008-01-20] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7040 2006-11-02] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6656 2006-11-02] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [7936 2008-01-20] (Microsoft Corporation) [File not signed]
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [187392 2009-04-10] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2008-01-20] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [22016 2008-01-20] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [169472 2009-04-10] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2008-01-20] (Microsoft Corporation) [File not signed]
R1 netbt; C:\Windows\System32\DRIVERS\netbt.sys [248320 2009-04-10] (Microsoft Corporation) [File not signed]
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [709632 2007-12-14] (Ralink Technology Corp.) [File not signed]
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24064 2008-01-20] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2006-11-02] (Microsoft Corporation) [File not signed]
R3 ohci1394; C:\Windows\System32\DRIVERS\ohci1394.sys [72448 2009-04-10] (Microsoft Corporation) [File not signed]
S4 Parport; C:\Windows\system32\drivers\parport.sys [96768 2006-11-02] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [712704 2006-10-23] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [98816 2009-04-10] (Microsoft Corporation) [File not signed]
S4 Processor; C:\Windows\system32\drivers\processr.sys [47104 2008-01-20] (Microsoft Corporation) [File not signed]
R1 PSched; C:\Windows\System32\DRIVERS\pacer.sys [94208 2009-04-10] (Microsoft Corporation) [File not signed]
S3 PTDUBus; C:\Windows\System32\DRIVERS\PTDUBus.sys [70672 2009-08-12] (DEVGURU Co., LTD.)
S3 PTDUMdm; C:\Windows\System32\DRIVERS\PTDUMdm.sys [173456 2009-08-12] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 PTDUVsp; C:\Windows\System32\DRIVERS\PTDUVsp.sys [173456 2009-08-12] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 PTDUWFLT; C:\Windows\System32\DRIVERS\PTDUWFLT.sys [12688 2009-08-12] (DEVGURU Co., LTD.)
S3 PTDUWWAN; C:\Windows\System32\DRIVERS\PTDUWWAN.sys [141840 2009-08-12] (DEVGURU Co., LTD.)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2008-01-20] (Microsoft Corporation) [File not signed]
S3 R300; C:\Windows\System32\DRIVERS\atikmdag.sys [9319936 2011-04-20] (ATI Technologies Inc.) [File not signed]
R1 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2008-01-20] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [124928 2009-04-10] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [50176 2009-04-10] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [78336 2009-04-10] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [287744 2009-04-10] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7168 2008-01-20] (Microsoft Corporation) [File not signed]
S4 rdpdr; C:\Windows\system32\drivers\rdpdr.sys [314368 2008-01-20] (Microsoft Corporation) [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7168 2008-01-20] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [75776 2008-01-20] (Microsoft Corporation) [File not signed]
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2006-09-29] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 Serenum; C:\Windows\system32\drivers\serenum.sys [23040 2006-11-02] (Microsoft Corporation) [File not signed]
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2006-11-02] (Microsoft Corporation) [File not signed]
S4 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2008-01-20] (Microsoft Corporation) [File not signed]
S4 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14848 2008-01-20] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [14336 2008-01-20] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [13824 2008-01-20] (Microsoft Corporation) [File not signed]
S4 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16384 2006-11-02] (Microsoft Corporation) [File not signed]
R1 Smb; C:\Windows\System32\DRIVERS\smb.sys [88064 2009-04-10] (Microsoft Corporation) [File not signed]
S3 SMSIVZAM5X64; D:\app\Verizon Wireless\VZAccess Manager\SMSIVZAM5X64.SYS [43032 2009-05-25] (Smith Micro Inc.)
R0 snapman380; C:\Windows\System32\DRIVERS\snman380.sys [237600 2009-08-10] (Acronis)
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [450560 2011-02-18] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [176128 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [145920 2011-04-29] (Microsoft Corporation) [File not signed]
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [457216 2008-06-26] (IDT, Inc.) [File not signed]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [40448 2014-04-04] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [16384 2008-01-20] (Microsoft Corporation) [File not signed]
R0 tdrpman140; C:\Windows\System32\DRIVERS\tdrpm140.sys [1580576 2009-08-10] (Acronis)
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [29696 2008-01-20] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [94720 2009-04-10] (Microsoft Corporation) [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [29184 2013-06-15] (Microsoft Corporation) [File not signed]
R3 tunmp; C:\Windows\System32\DRIVERS\tunmp.sys [18432 2008-01-20] (Microsoft Corporation) [File not signed]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [29696 2010-02-18] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [299008 2009-04-10] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [41984 2008-01-20] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [95744 2013-06-28] (Microsoft Corporation) [File not signed]
S4 usbcir; C:\Windows\system32\drivers\usbcir.sys [79360 2006-11-02] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [49664 2009-04-10] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [274944 2013-06-28] (Microsoft Corporation) [File not signed]
S4 usbohci; C:\Windows\system32\drivers\usbohci.sys [24064 2006-11-02] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [24064 2008-01-20] (Microsoft Corporation) [File not signed]
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [77824 2009-04-10] (Microsoft Corporation) [File not signed]
R3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [29184 2011-05-05] (Microsoft Corporation) [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2008-01-20] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [28672 2008-01-20] (Microsoft Corporation) [File not signed]
S4 WacomPen; C:\Windows\system32\drivers\wacompen.sys [26624 2006-11-02] (Microsoft Corporation) [File not signed]
S3 Wanarp; C:\Windows\System32\DRIVERS\wanarp.sys [86528 2009-04-10] (Microsoft Corporation) [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [86528 2009-04-10] (Microsoft Corporation) [File not signed]
R3 winachsf; C:\Windows\System32\DRIVERS\CAX_CNXT.sys [740864 2008-07-02] (Conexant Systems, Inc.) [File not signed]
S4 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2008-01-20] (Microsoft Corporation) [File not signed]
S3 WpdUsb; C:\Windows\System32\DRIVERS\wpdusb.sys [46592 2009-09-30] (Microsoft Corporation) [File not signed]
R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [20992 2008-01-20] (Microsoft Corporation) [File not signed]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-25] (Microsoft Corporation) [File not signed]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation) [File not signed]
R2 XAudio; C:\Windows\System32\DRIVERS\xaudio64.sys [10240 2008-07-02] (Conexant Systems, Inc.) [File not signed]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-14 23:00 - 2015-04-14 23:11 - 01021276 _____ () C:\Users\thewaves\Desktop\FRST.txt
2015-04-14 23:00 - 2015-04-14 23:10 - 00000000 ____D () C:\FRST
2015-04-14 22:59 - 2015-04-14 22:59 - 02096640 _____ (Farbar) C:\Users\thewaves\Desktop\FRST64.exe
2015-04-14 22:56 - 2015-04-14 22:56 - 01136128 _____ (Farbar) C:\Users\thewaves\Desktop\FRST.exe
2015-04-01 19:34 - 2015-04-01 19:34 - 00001275 _____ () C:\Users\thewaves\.recently-used.xbel
2015-03-30 19:58 - 2015-03-30 20:12 - 00000641 _____ () C:\Users\Public\Desktop\fx40nightly.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-14 23:10 - 2009-04-10 09:56 - 01751627 _____ () C:\Windows\WindowsUpdate.log
2015-04-14 22:37 - 2006-11-02 10:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-14 22:37 - 2006-11-02 10:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-14 22:15 - 2011-04-20 07:09 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-14 20:43 - 2006-11-02 07:46 - 00851418 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-14 20:37 - 2011-04-20 07:09 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-14 20:37 - 2006-11-02 10:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-14 20:35 - 2006-11-02 10:42 - 00032618 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-14 17:25 - 2012-09-11 09:41 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 17:25 - 2011-08-18 05:09 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-14 17:22 - 2009-08-10 20:51 - 00000000 ____D () C:\Users\thewaves\AppData\Roaming\vlc
2015-04-13 15:35 - 2009-09-20 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voobly
2015-04-11 08:58 - 2009-08-10 20:57 - 00000000 ____D () C:\Users\thewaves\.VirtualBox
2015-04-06 22:12 - 2010-06-30 15:02 - 00000600 _____ () C:\Users\thewaves\AppData\Local\PUTTY.RND
2015-04-06 18:26 - 2012-06-26 07:17 - 00000000 ____D () C:\mozilla-central
2015-04-01 19:34 - 2009-08-10 17:03 - 00000000 ____D () C:\Users\thewaves
2015-03-30 14:59 - 2010-07-31 06:20 - 00000000 ____D () C:\Users\thewaves\AppData\Roaming\TortoiseHg
==================== Files in the root of some directories =======
2011-11-27 20:24 - 2014-04-07 22:00 - 0000680 _____ () C:\Users\thewaves\AppData\Local\d3d9caps.dat
2010-06-06 05:54 - 2010-06-06 05:54 - 0000732 _____ () C:\Users\thewaves\AppData\Local\d3d9caps64.dat
2009-08-11 09:09 - 2015-02-02 20:12 - 0091136 _____ () C:\Users\thewaves\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-06-17 08:41 - 2010-06-17 08:42 - 0230564 _____ () C:\Users\thewaves\AppData\Local\dd_ATL90SP1_KB973924MSI005F.txt
2010-06-17 08:41 - 2010-06-17 08:42 - 0012688 _____ () C:\Users\thewaves\AppData\Local\dd_ATL90SP1_KB973924UI005F.txt
2010-06-16 12:14 - 2010-06-16 16:07 - 0299854 _____ () C:\Users\thewaves\AppData\Local\dd_depcheck_VC_EXP_90.txt
2010-06-16 12:14 - 2010-06-16 12:14 - 0000002 _____ () C:\Users\thewaves\AppData\Local\dd_error_vc_xcor_90.txt
2010-06-16 12:43 - 2010-06-16 12:43 - 1214622 _____ () C:\Users\thewaves\AppData\Local\dd_ExpRemoteDbg_x64_MSI6AF6.txt
2010-06-16 12:14 - 2010-06-16 16:09 - 0686484 _____ () C:\Users\thewaves\AppData\Local\dd_install_vc_xcor_90.txt
2010-06-16 12:47 - 2010-06-16 12:47 - 0397158 _____ () C:\Users\thewaves\AppData\Local\dd_SharedManagementObjects_MSI6E50.txt
2010-06-16 12:47 - 2010-06-16 12:47 - 0181772 _____ () C:\Users\thewaves\AppData\Local\dd_SQLSysClrTypes_msi6E4A.txt
2009-11-12 10:42 - 2009-11-12 10:43 - 0430662 _____ () C:\Users\thewaves\AppData\Local\dd_vcredistMSI21C4.txt
2009-12-20 06:12 - 2009-12-20 06:12 - 0347390 _____ () C:\Users\thewaves\AppData\Local\dd_vcredistMSI6C80.txt
2009-11-12 10:42 - 2009-11-12 10:43 - 0011418 _____ () C:\Users\thewaves\AppData\Local\dd_vcredistUI21C4.txt
2009-12-20 06:12 - 2009-12-20 06:13 - 0011170 _____ () C:\Users\thewaves\AppData\Local\dd_vcredistUI6C80.txt
2010-06-16 12:42 - 2010-06-16 12:43 - 0436236 _____ () C:\Users\thewaves\AppData\Local\dd_VC_Red_MSI6AC1.txt
2010-06-16 12:43 - 2010-06-16 12:44 - 5362100 _____ () C:\Users\thewaves\AppData\Local\dd_WinSDK_Build_x64_MSI6B1D.txt
2010-06-16 12:44 - 2010-06-16 12:44 - 0223314 _____ () C:\Users\thewaves\AppData\Local\dd_WinSDK_ExpTools_x64_MSI6B9F.txt
2010-06-16 12:44 - 2010-06-16 12:44 - 0202590 _____ () C:\Users\thewaves\AppData\Local\dd_WinSDK_Win32ExpTools_x64_MSI6BA9.txt
2010-06-30 15:02 - 2015-04-06 22:12 - 0000600 _____ () C:\Users\thewaves\AppData\Local\PUTTY.RND
2015-01-31 20:00 - 2015-01-31 20:00 - 0000763 _____ () C:\Users\thewaves\AppData\Local\recently-used.xbel
2010-06-16 12:14 - 2010-06-16 16:09 - 0008476 _____ () C:\Users\thewaves\AppData\Local\uxeventlog.txt
2010-06-16 16:07 - 2010-06-16 16:08 - 7489658 _____ () C:\Users\thewaves\AppData\Local\VSMsiLog0708.txt
2010-06-16 12:44 - 2010-06-16 12:47 - 10611048 _____ () C:\Users\thewaves\AppData\Local\VSMsiLog6BD7.txt
Some content of TEMP:
====================
C:\Users\thewaves\AppData\Local\Temp\GoodPlugin.exe
C:\Users\thewaves\AppData\Local\Temp\GURBB.exe
C:\Users\thewaves\AppData\Local\Temp\GURFEB8.exe
C:\Users\thewaves\AppData\Local\Temp\mirc635.exe
C:\Users\thewaves\AppData\Local\Temp\pyl9391.tmp.exe
C:\Users\thewaves\AppData\Local\Temp\pylB20A.tmp.exe
C:\Users\thewaves\AppData\Local\Temp\RLYLLO.exe
C:\Users\thewaves\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-14 20:43
==================== End Of Log ============================
S3 PNRPAutoReg; C:\Windows\SysWOW64\p2psvc.dll [644608 2009-04-10] (Microsoft Corporation) [File not signed]
S3 PNRPsvc; C:\Windows\system32\p2psvc.dll [836608 2009-04-10] (Microsoft Corporation) [File not signed]
S3 PNRPsvc; C:\Windows\SysWOW64\p2psvc.dll [644608 2009-04-10] (Microsoft Corporation) [File not signed]
R2 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [533504 2009-04-10] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [178176 2009-04-10] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [11264 2011-11-16] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [284160 2008-01-20] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [98304 2008-01-20] (Microsoft Corporation) [File not signed]
R3 RasMan; C:\Windows\System32\rasmans.dll [309760 2009-04-10] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [88064 2008-01-20] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [68608 2008-01-20] (Microsoft Corporation) [File not signed]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [206848 2009-04-10] (Microsoft Corporation) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
S3 RpcLocator; C:\Windows\system32\locator.exe [8704 2006-11-02] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [719872 2009-04-10] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [11264 2011-11-16] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [147968 2009-04-10] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\SysWOW64\SCardSvr.dll [95232 2009-04-10] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\Windows\system32\schedsvc.dll [855040 2010-11-06] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [49664 2009-04-10] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [128000 2008-01-20] (Microsoft Corporation) [File not signed]
R2 seclogon; C:\Windows\system32\seclogon.dll [28672 2008-01-20] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [61952 2008-01-20] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\SysWOW64\sens.dll [47104 2008-01-20] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [74752 2008-01-20] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [84992 2008-01-20] (Microsoft Corporation) [File not signed]
R2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [821000 2008-10-03] (Trend Micro Inc.)
S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [342016 2008-01-20] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [302080 2009-07-10] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [247808 2009-07-10] (Microsoft Corporation) [File not signed]
R2 slsvc; C:\Windows\system32\SLsvc.exe [2582016 2009-04-10] (Microsoft Corporation) [File not signed]
S3 SLUINotify; C:\Windows\system32\SLUINotify.dll [73216 2009-04-10] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2006-11-02] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [273920 2010-08-17] (Microsoft Corporation) [File not signed]
S4 SQLAgent$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
S4 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [185856 2008-01-20] (Microsoft Corporation) [File not signed]
R3 SstpSvc; C:\Windows\system32\sstpsvc.dll [141312 2008-01-20] (Microsoft Corporation) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_f86438be\STacSV64.exe [246272 2008-06-26] (IDT, Inc.) [File not signed]
R2 stisvc; C:\Windows\System32\wiaservc.dll [572416 2009-04-10] (Microsoft Corporation) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [480768 2009-04-10] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [886784 2009-04-10] (Microsoft Corporation) [File not signed]
R2 TabletInputService; C:\Windows\System32\TabSvc.dll [84992 2006-11-02] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\Windows\System32\tapisrv.dll [318976 2009-04-10] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242688 2009-04-10] (Microsoft Corporation) [File not signed]
S2 TBS; C:\Windows\System32\tbssvc.dll [65536 2008-01-20] (Microsoft Corporation) [File not signed]
R2 TermService; C:\Windows\System32\termsrv.dll [548352 2014-10-09] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\shsvcs.dll [302080 2009-07-10] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\SysWOW64\shsvcs.dll [247808 2009-07-10] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [37888 2008-01-20] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [117248 2008-01-20] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [42496 2009-04-10] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2008-01-20] (Microsoft Corporation) [File not signed]
S4 upnphost; C:\Windows\System32\upnphost.dll [344576 2008-01-20] (Microsoft Corporation) [File not signed]
S4 upnphost; C:\Windows\SysWOW64\upnphost.dll [259072 2008-01-20] (Microsoft Corporation) [File not signed]
R2 UxSms; C:\Windows\System32\uxsms.dll [32768 2009-04-10] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [454656 2009-04-10] (Microsoft Corporation) [File not signed]
S3 VSS; C:\Windows\system32\vssvc.exe [1433600 2009-04-10] (Microsoft Corporation) [File not signed]
R2 W32Time; C:\Windows\system32\w32time.dll [372736 2009-04-10] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [581120 2009-04-10] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [413696 2009-04-10] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [39936 2006-11-02] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32256 2006-11-02] (Microsoft Corporation) [File not signed]
S3 WdiServiceHost; C:\Windows\system32\wdi.dll [81920 2008-01-20] (Microsoft Corporation) [File not signed]
S3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [73728 2008-01-20] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [81920 2008-01-20] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [73728 2008-01-20] (Microsoft Corporation) [File not signed]
R2 WebClient; C:\Windows\System32\webclnt.dll [218624 2009-04-10] (Microsoft Corporation) [File not signed]
R2 WebClient; C:\Windows\SysWOW64\webclnt.dll [199680 2009-04-10] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [232960 2009-10-09] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [85504 2006-11-02] (Microsoft Corporation) [File not signed]
R2 WerSvc; C:\Windows\System32\WerSvc.dll [120832 2008-01-20] (Microsoft Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Corporation)
S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [442368 2011-11-16] (Microsoft Corporation) [File not signed]
S3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [377344 2011-11-16] (Microsoft Corporation) [File not signed]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [221696 2009-04-10] (Microsoft Corporation) [File not signed]
S4 WinRM; C:\Windows\system32\WsmSvc.dll [2050048 2009-10-09] (Microsoft Corporation) [File not signed]
S4 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1181696 2009-10-09] (Microsoft Corporation) [File not signed]
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [615936 2009-07-11] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [209920 2009-04-10] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1216000 2008-01-20] (Microsoft Corporation) [File not signed]
R2 WPCSvc; C:\Windows\System32\wpcsvc.dll [173568 2008-01-20] (Microsoft Corporation) [File not signed]
R2 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [140288 2009-04-10] (Microsoft Corporation) [File not signed]
R2 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [107008 2009-09-30] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\Windows\System32\wscsvc.dll [74752 2009-04-10] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\Windows\system32\SearchIndexer.exe [597504 2009-04-10] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [441344 2009-04-10] (Microsoft Corporation) [File not signed]
R2 WSWNDA3100; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [272864 2010-08-19] ()
R2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-25] (Microsoft Corporation) [File not signed]
R2 XAudioService; C:\Windows\system32\DRIVERS\xaudio64.exe [412672 2008-07-02] (Conexant Systems, Inc.) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AFD; C:\Windows\system32\drivers\afd.sys [404992 2014-05-30] (Microsoft Corporation) [File not signed]
S4 AmdK8; C:\Windows\system32\drivers\amdk8.sys [50688 2008-01-20] (Microsoft Corporation) [File not signed]
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [9319936 2011-04-20] (ATI Technologies Inc.) [File not signed]
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [306176 2011-04-20] (Advanced Micro Devices, Inc.) [File not signed]
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [22016 2008-01-20] (Microsoft Corporation) [File not signed]
S4 blbdrive; C:\Windows\system32\drivers\blbdrive.sys [55296 2008-01-20] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-18] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\drivers\brfiltlo.sys [18432 2006-09-18] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\drivers\brfiltup.sys [8704 2006-09-18] (Brother Industries, Ltd.) [File not signed]
S4 Brserid; C:\Windows\system32\drivers\brserid.sys [86528 2006-11-02] (Brother Industries Ltd.) [File not signed]
S4 BrSerWdm; C:\Windows\system32\drivers\brserwdm.sys [47104 2006-09-18] (Brother Industries Ltd.) [File not signed]
S4 BrUsbMdm; C:\Windows\system32\drivers\brusbmdm.sys [14976 2006-09-18] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\system32\drivers\brusbser.sys [14720 2006-09-19] (Brother Industries Ltd.) [File not signed]
S4 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [50688 2006-11-02] (Microsoft Corporation) [File not signed]
R3 CAXHWBS2; C:\Windows\System32\DRIVERS\CAXHWBS2.sys [411136 2008-07-02] (Conexant Systems, Inc.) [File not signed]
R4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [90624 2008-01-20] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [79872 2009-04-10] (Microsoft Corporation) [File not signed]
S4 circlass; C:\Windows\system32\drivers\circlass.sys [41984 2008-01-20] (Microsoft Corporation) [File not signed]
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [19840 2010-04-09] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [233040 2010-04-09] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [33208 2010-04-09] (COMODO)
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [97792 2011-04-14] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [6144 2008-01-20] (Microsoft Corporation) [File not signed]
S3 E1G60; C:\Windows\System32\DRIVERS\E1G6032E.sys [146176 2008-01-20] (Intel Corporation) [File not signed]
S4 ErrDev; C:\Windows\system32\drivers\errdev.sys [8704 2008-01-20] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [187904 2009-04-10] (Microsoft Corporation) [File not signed]
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [198656 2014-09-04] (Microsoft Corporation) [File not signed]
S4 fdc; C:\Windows\System32\DRIVERS\fdc.sys [29696 2008-01-20] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [33280 2008-01-20] (Microsoft Corporation) [File not signed]
S4 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [24576 2008-01-20] (Microsoft Corporation) [File not signed]
U1 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [16384 2012-02-29] (Microsoft Corporation) [File not signed]
R3 HCW85BDA; C:\Windows\System32\drivers\HCW85BDA.sys [1708800 2009-07-14] (Hauppauge Computer Works) [File not signed]
S4 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-03-05] (Hauppauge Computer Works, Inc.) [File not signed]
R3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [275456 2009-04-10] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [948736 2009-04-10] (Microsoft Corporation) [File not signed]
S4 HidBth; C:\Windows\system32\drivers\hidbth.sys [34304 2006-11-02] (Microsoft Corporation) [File not signed]
S4 HidIr; C:\Windows\system32\drivers\hidir.sys [25600 2006-11-02] (Microsoft Corporation) [File not signed]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [15872 2009-04-10] (Microsoft Corporation) [File not signed]
R3 HSF_DPV; C:\Windows\System32\DRIVERS\CAX_DPV.sys [1487872 2008-07-02] (Conexant Systems, Inc.) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [620032 2010-02-20] (Microsoft Corporation) [File not signed]
S4 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [64000 2008-01-20] (Microsoft Corporation) [File not signed]
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [84696 2010-04-09] (COMODO)
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [48128 2008-01-20] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [67584 2009-04-10] (Microsoft Corporation) [File not signed]
S4 IPMIDRV; C:\Windows\system32\drivers\ipmidrv.sys [76288 2008-01-20] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\DRIVERS\ipnat.sys [115712 2008-01-20] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17408 2008-01-20] (Microsoft Corporation) [File not signed]
R1 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [22528 2009-04-10] (Microsoft Corporation) [File not signed]
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20864 2008-01-20] (Microsoft Corporation) [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [59392 2008-01-20] (Microsoft Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [109568 2008-01-20] (Microsoft Corporation) [File not signed]
R2 mdmxsdk; C:\Windows\System32\DRIVERS\mdmxsdk.sys [17024 2008-07-02] (Conexant) [File not signed]
R3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2008-01-20] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [49152 2008-01-20] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [19968 2008-01-20] (Microsoft Corporation) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [81408 2008-01-20] (Microsoft Corporation) [File not signed]
R3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [139264 2009-04-10] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [135680 2011-04-29] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [275456 2011-07-06] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [107008 2011-04-29] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11008 2008-01-20] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7040 2006-11-02] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6656 2006-11-02] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [7936 2008-01-20] (Microsoft Corporation) [File not signed]
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [187392 2009-04-10] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2008-01-20] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [22016 2008-01-20] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [169472 2009-04-10] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2008-01-20] (Microsoft Corporation) [File not signed]
R1 netbt; C:\Windows\System32\DRIVERS\netbt.sys [248320 2009-04-10] (Microsoft Corporation) [File not signed]
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [709632 2007-12-14] (Ralink Technology Corp.) [File not signed]
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24064 2008-01-20] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2006-11-02] (Microsoft Corporation) [File not signed]
R3 ohci1394; C:\Windows\System32\DRIVERS\ohci1394.sys [72448 2009-04-10] (Microsoft Corporation) [File not signed]
S4 Parport; C:\Windows\system32\drivers\parport.sys [96768 2006-11-02] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [712704 2006-10-23] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [98816 2009-04-10] (Microsoft Corporation) [File not signed]
S4 Processor; C:\Windows\system32\drivers\processr.sys [47104 2008-01-20] (Microsoft Corporation) [File not signed]
R1 PSched; C:\Windows\System32\DRIVERS\pacer.sys [94208 2009-04-10] (Microsoft Corporation) [File not signed]
S3 PTDUBus; C:\Windows\System32\DRIVERS\PTDUBus.sys [70672 2009-08-12] (DEVGURU Co., LTD.)
S3 PTDUMdm; C:\Windows\System32\DRIVERS\PTDUMdm.sys [173456 2009-08-12] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 PTDUVsp; C:\Windows\System32\DRIVERS\PTDUVsp.sys [173456 2009-08-12] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 PTDUWFLT; C:\Windows\System32\DRIVERS\PTDUWFLT.sys [12688 2009-08-12] (DEVGURU Co., LTD.)
S3 PTDUWWAN; C:\Windows\System32\DRIVERS\PTDUWWAN.sys [141840 2009-08-12] (DEVGURU Co., LTD.)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2008-01-20] (Microsoft Corporation) [File not signed]
S3 R300; C:\Windows\System32\DRIVERS\atikmdag.sys [9319936 2011-04-20] (ATI Technologies Inc.) [File not signed]
R1 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2008-01-20] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [124928 2009-04-10] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [50176 2009-04-10] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [78336 2009-04-10] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [287744 2009-04-10] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7168 2008-01-20] (Microsoft Corporation) [File not signed]
S4 rdpdr; C:\Windows\system32\drivers\rdpdr.sys [314368 2008-01-20] (Microsoft Corporation) [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7168 2008-01-20] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [75776 2008-01-20] (Microsoft Corporation) [File not signed]
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2006-09-29] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 Serenum; C:\Windows\system32\drivers\serenum.sys [23040 2006-11-02] (Microsoft Corporation) [File not signed]
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2006-11-02] (Microsoft Corporation) [File not signed]
S4 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2008-01-20] (Microsoft Corporation) [File not signed]
S4 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14848 2008-01-20] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [14336 2008-01-20] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [13824 2008-01-20] (Microsoft Corporation) [File not signed]
S4 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16384 2006-11-02] (Microsoft Corporation) [File not signed]
R1 Smb; C:\Windows\System32\DRIVERS\smb.sys [88064 2009-04-10] (Microsoft Corporation) [File not signed]
S3 SMSIVZAM5X64; D:\app\Verizon Wireless\VZAccess Manager\SMSIVZAM5X64.SYS [43032 2009-05-25] (Smith Micro Inc.)
R0 snapman380; C:\Windows\System32\DRIVERS\snman380.sys [237600 2009-08-10] (Acronis)
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [450560 2011-02-18] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [176128 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [145920 2011-04-29] (Microsoft Corporation) [File not signed]
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [457216 2008-06-26] (IDT, Inc.) [File not signed]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [40448 2014-04-04] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [16384 2008-01-20] (Microsoft Corporation) [File not signed]
R0 tdrpman140; C:\Windows\System32\DRIVERS\tdrpm140.sys [1580576 2009-08-10] (Acronis)
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [29696 2008-01-20] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [94720 2009-04-10] (Microsoft Corporation) [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [29184 2013-06-15] (Microsoft Corporation) [File not signed]
R3 tunmp; C:\Windows\System32\DRIVERS\tunmp.sys [18432 2008-01-20] (Microsoft Corporation) [File not signed]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [29696 2010-02-18] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [299008 2009-04-10] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [41984 2008-01-20] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [95744 2013-06-28] (Microsoft Corporation) [File not signed]
S4 usbcir; C:\Windows\system32\drivers\usbcir.sys [79360 2006-11-02] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [49664 2009-04-10] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [274944 2013-06-28] (Microsoft Corporation) [File not signed]
S4 usbohci; C:\Windows\system32\drivers\usbohci.sys [24064 2006-11-02] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [24064 2008-01-20] (Microsoft Corporation) [File not signed]
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [77824 2009-04-10] (Microsoft Corporation) [File not signed]
R3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [29184 2011-05-05] (Microsoft Corporation) [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2008-01-20] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [28672 2008-01-20] (Microsoft Corporation) [File not signed]
S4 WacomPen; C:\Windows\system32\drivers\wacompen.sys [26624 2006-11-02] (Microsoft Corporation) [File not signed]
S3 Wanarp; C:\Windows\System32\DRIVERS\wanarp.sys [86528 2009-04-10] (Microsoft Corporation) [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [86528 2009-04-10] (Microsoft Corporation) [File not signed]
R3 winachsf; C:\Windows\System32\DRIVERS\CAX_CNXT.sys [740864 2008-07-02] (Conexant Systems, Inc.) [File not signed]
S4 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2008-01-20] (Microsoft Corporation) [File not signed]
S3 WpdUsb; C:\Windows\System32\DRIVERS\wpdusb.sys [46592 2009-09-30] (Microsoft Corporation) [File not signed]
R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [20992 2008-01-20] (Microsoft Corporation) [File not signed]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-25] (Microsoft Corporation) [File not signed]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation) [File not signed]
R2 XAudio; C:\Windows\System32\DRIVERS\xaudio64.sys [10240 2008-07-02] (Conexant Systems, Inc.) [File not signed]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-14 23:00 - 2015-04-14 23:11 - 01021276 _____ () C:\Users\thewaves\Desktop\FRST.txt
2015-04-14 23:00 - 2015-04-14 23:10 - 00000000 ____D () C:\FRST
2015-04-14 22:59 - 2015-04-14 22:59 - 02096640 _____ (Farbar) C:\Users\thewaves\Desktop\FRST64.exe
2015-04-14 22:56 - 2015-04-14 22:56 - 01136128 _____ (Farbar) C:\Users\thewaves\Desktop\FRST.exe
2015-04-01 19:34 - 2015-04-01 19:34 - 00001275 _____ () C:\Users\thewaves\.recently-used.xbel
2015-03-30 19:58 - 2015-03-30 20:12 - 00000641 _____ () C:\Users\Public\Desktop\fx40nightly.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-14 23:10 - 2009-04-10 09:56 - 01751627 _____ () C:\Windows\WindowsUpdate.log
2015-04-14 22:37 - 2006-11-02 10:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-14 22:37 - 2006-11-02 10:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-14 22:15 - 2011-04-20 07:09 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-14 20:43 - 2006-11-02 07:46 - 00851418 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-14 20:37 - 2011-04-20 07:09 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-14 20:37 - 2006-11-02 10:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-14 20:35 - 2006-11-02 10:42 - 00032618 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-14 17:25 - 2012-09-11 09:41 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 17:25 - 2011-08-18 05:09 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-14 17:22 - 2009-08-10 20:51 - 00000000 ____D () C:\Users\thewaves\AppData\Roaming\vlc
2015-04-13 15:35 - 2009-09-20 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voobly
2015-04-11 08:58 - 2009-08-10 20:57 - 00000000 ____D () C:\Users\thewaves\.VirtualBox
2015-04-06 22:12 - 2010-06-30 15:02 - 00000600 _____ () C:\Users\thewaves\AppData\Local\PUTTY.RND
2015-04-06 18:26 - 2012-06-26 07:17 - 00000000 ____D () C:\mozilla-central
2015-04-01 19:34 - 2009-08-10 17:03 - 00000000 ____D () C:\Users\thewaves
2015-03-30 14:59 - 2010-07-31 06:20 - 00000000 ____D () C:\Users\thewaves\AppData\Roaming\TortoiseHg
==================== Files in the root of some directories =======
2011-11-27 20:24 - 2014-04-07 22:00 - 0000680 _____ () C:\Users\thewaves\AppData\Local\d3d9caps.dat
2010-06-06 05:54 - 2010-06-06 05:54 - 0000732 _____ () C:\Users\thewaves\AppData\Local\d3d9caps64.dat
2009-08-11 09:09 - 2015-02-02 20:12 - 0091136 _____ () C:\Users\thewaves\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-06-17 08:41 - 2010-06-17 08:42 - 0230564 _____ () C:\Users\thewaves\AppData\Local\dd_ATL90SP1_KB973924MSI005F.txt
2010-06-17 08:41 - 2010-06-17 08:42 - 0012688 _____ () C:\Users\thewaves\AppData\Local\dd_ATL90SP1_KB973924UI005F.txt
2010-06-16 12:14 - 2010-06-16 16:07 - 0299854 _____ () C:\Users\thewaves\AppData\Local\dd_depcheck_VC_EXP_90.txt
2010-06-16 12:14 - 2010-06-16 12:14 - 0000002 _____ () C:\Users\thewaves\AppData\Local\dd_error_vc_xcor_90.txt
2010-06-16 12:43 - 2010-06-16 12:43 - 1214622 _____ () C:\Users\thewaves\AppData\Local\dd_ExpRemoteDbg_x64_MSI6AF6.txt
2010-06-16 12:14 - 2010-06-16 16:09 - 0686484 _____ () C:\Users\thewaves\AppData\Local\dd_install_vc_xcor_90.txt
2010-06-16 12:47 - 2010-06-16 12:47 - 0397158 _____ () C:\Users\thewaves\AppData\Local\dd_SharedManagementObjects_MSI6E50.txt
2010-06-16 12:47 - 2010-06-16 12:47 - 0181772 _____ () C:\Users\thewaves\AppData\Local\dd_SQLSysClrTypes_msi6E4A.txt
2009-11-12 10:42 - 2009-11-12 10:43 - 0430662 _____ () C:\Users\thewaves\AppData\Local\dd_vcredistMSI21C4.txt
2009-12-20 06:12 - 2009-12-20 06:12 - 0347390 _____ () C:\Users\thewaves\AppData\Local\dd_vcredistMSI6C80.txt
2009-11-12 10:42 - 2009-11-12 10:43 - 0011418 _____ () C:\Users\thewaves\AppData\Local\dd_vcredistUI21C4.txt
2009-12-20 06:12 - 2009-12-20 06:13 - 0011170 _____ () C:\Users\thewaves\AppData\Local\dd_vcredistUI6C80.txt
2010-06-16 12:42 - 2010-06-16 12:43 - 0436236 _____ () C:\Users\thewaves\AppData\Local\dd_VC_Red_MSI6AC1.txt
2010-06-16 12:43 - 2010-06-16 12:44 - 5362100 _____ () C:\Users\thewaves\AppData\Local\dd_WinSDK_Build_x64_MSI6B1D.txt
2010-06-16 12:44 - 2010-06-16 12:44 - 0223314 _____ () C:\Users\thewaves\AppData\Local\dd_WinSDK_ExpTools_x64_MSI6B9F.txt
2010-06-16 12:44 - 2010-06-16 12:44 - 0202590 _____ () C:\Users\thewaves\AppData\Local\dd_WinSDK_Win32ExpTools_x64_MSI6BA9.txt
2010-06-30 15:02 - 2015-04-06 22:12 - 0000600 _____ () C:\Users\thewaves\AppData\Local\PUTTY.RND
2015-01-31 20:00 - 2015-01-31 20:00 - 0000763 _____ () C:\Users\thewaves\AppData\Local\recently-used.xbel
2010-06-16 12:14 - 2010-06-16 16:09 - 0008476 _____ () C:\Users\thewaves\AppData\Local\uxeventlog.txt
2010-06-16 16:07 - 2010-06-16 16:08 - 7489658 _____ () C:\Users\thewaves\AppData\Local\VSMsiLog0708.txt
2010-06-16 12:44 - 2010-06-16 12:47 - 10611048 _____ () C:\Users\thewaves\AppData\Local\VSMsiLog6BD7.txt
Some content of TEMP:
====================
C:\Users\thewaves\AppData\Local\Temp\GoodPlugin.exe
C:\Users\thewaves\AppData\Local\Temp\GURBB.exe
C:\Users\thewaves\AppData\Local\Temp\GURFEB8.exe
C:\Users\thewaves\AppData\Local\Temp\mirc635.exe
C:\Users\thewaves\AppData\Local\Temp\pyl9391.tmp.exe
C:\Users\thewaves\AppData\Local\Temp\pylB20A.tmp.exe
C:\Users\thewaves\AppData\Local\Temp\RLYLLO.exe
C:\Users\thewaves\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-14 20:43
==================== End Of Log ============================