SpyHunter [version: 4.23.2.4686, defs version: 2016.07.25v01] scan log. 2016-08-29 09:22. Scan mode: default THREATS ========================================================================================= firstsputnik.ru:Preferences C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Preferences 24 MBR infection/rootkit C 23 UNKNOWN OBJECTS ========================================================================================= No unknown objects were found. SAFE OBJECTS ========================================================================================= AmIcoSinglun.exe C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe 237568 01e60fee382dcb512aca93d31d6bd954 15 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::AmIcoSinglun igfxtray.exe C:\Windows\system32\igfxtray.exe 136216 230bf3122ed0be6e27786fb48ebdc6e7 15 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::IgfxTray hkcmd.exe C:\Windows\system32\hkcmd.exe 171032 d28271ee305f834ba7ce75f44604ff39 3 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::HotKeysCmds igfxpers.exe C:\Windows\system32\igfxpers.exe 170520 6c94fa24af3ccc16e8e9c37bd80d77b5 3 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::Persistence IAStorIcon.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 284696 bb390eafef93758463d7ca1e1b488a41 15 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::IAStorIcon jusched.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe 335232 3fdca1f725ca8e367b9dbbc43f983423 15 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::SunJavaUpdateSched BCSSync.exe C:\Program Files\Microsoft Office\Office14\BCSSync.exe 89184 187f4c75a89e3f412322c94526320074 15 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::BCSSync msseces.exe C:\Program Files\Microsoft Security Client\msseces.exe 978520 bbd1ba710a00842064ba038570c13cb2 15 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::MSC sttray.exe C:\Program Files\IDT\WDM\sttray.exe 1704028 ce34f8fa06732105d35e1c76879c53c2 15 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::SysTrayApp SynTPEnh.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 2490096 70e129f9b279e4ab8f01c892d85b8f1d 15 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::SynTPEnh USBSafelyRemove.exe C:\Program Files\USB Safely Remove\USBSafelyRemove.exe 3519488 7fbb16bd60397e658c9a89d68e7519c5 15 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::USB Safely Remove Skype.exe C:\Program Files\Skype\Phone\Skype.exe 31346784 369a6eb70e9309cecdfaf94d1a187f54 15 -> HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::Skype clbcatq.dll C:\Windows\system32\clbcatq.dll 522240 ff5688d309347f2720911d8796912834 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::clbcatq ole32.dll C:\Windows\system32\ole32.dll 1414144 928cf7268086631f54c3d8e17238c6dd 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::ole32 advapi32.dll C:\Windows\system32\advapi32.dll 640512 d67472125471784de7147946eda25feb 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::advapi32 COMDLG32.dll C:\Windows\system32\COMDLG32.dll 485888 d1de1eafde97be41cf6585027ff3e732 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::COMDLG32 gdi32.dll C:\Windows\system32\gdi32.dll 305152 dbf9369d554a229db0d554bb95a4b0aa 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::gdi32 IERTUTIL.dll C:\Windows\system32\IERTUTIL.dll 2278400 52b4decdc70b8758380d37ea2cdd4254 3 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::IERTUTIL IMAGEHLP.dll C:\Windows\system32\IMAGEHLP.dll 159232 e7b9d5ff20ffdd4aae2ef1d1b8c27a37 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::IMAGEHLP IMM32.dll C:\Windows\system32\IMM32.dll 118272 4a8e2f20809cc161107faa94f6cf2685 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::IMM32 kernel32.dll C:\Windows\system32\kernel32.dll 868352 f74ffa7654702f81884bdb41eb80dac2 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::kernel32 LPK.dll C:\Windows\system32\LPK.dll 26624 dd16c06b79da2fbd422e87923c6c0c9d 3 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::LPK MSCTF.dll C:\Windows\system32\MSCTF.dll 828928 84b460bb65567ed42dd605fa044db370 3 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::MSCTF MSVCRT.dll C:\Windows\system32\MSVCRT.dll 690688 9dc80a8aaaaac397bdab3c67165a824e 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::MSVCRT NORMALIZ.dll C:\Windows\system32\NORMALIZ.dll 2048 9c278785347bcc991f8ea2999d90f58d 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::NORMALIZ NSI.dll C:\Windows\system32\NSI.dll 8704 6377051c63d5552a311935c67e9fdfdc 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::NSI OLEAUT32.dll C:\Windows\system32\OLEAUT32.dll 571904 a208dac2932649cff82a6a684d8bb1f6 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::OLEAUT32 PSAPI.DLL C:\Windows\system32\PSAPI.DLL 6144 a543ac1f7138376d778d630a35fcbc4c 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::PSAPI rpcrt4.dll C:\Windows\system32\rpcrt4.dll 654336 c9059ef0c94c55c0da9cacee160a5f66 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::rpcrt4 sechost.dll C:\Windows\system32\sechost.dll 92160 cfc97f07904067a1e5fae195d534da3a 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::sechost Setupapi.dll C:\Windows\system32\Setupapi.dll 1667584 10fb16b50affda6d44588f3c445dc273 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::Setupapi SHELL32.dll C:\Windows\system32\SHELL32.dll 12875264 340eecb781e6c06a6171b3068da208ad 3 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::SHELL32 SHLWAPI.dll C:\Windows\system32\SHLWAPI.dll 350208 8cc3c111d653e96f3ea1590891491d71 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::SHLWAPI URLMON.dll C:\Windows\system32\URLMON.dll 1311232 b35c35c55fed3dd7f995c77f63cbc29b 3 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::URLMON user32.dll C:\Windows\system32\user32.dll 811520 f1dd3acaee5e6b4bbc69bc6df75cef66 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::user32 USP10.dll C:\Windows\system32\USP10.dll 626688 a5f833506bf6a1b5d693e1499dee2444 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::USP10 WININET.dll C:\Windows\system32\WININET.dll 1888256 ea6ea6912f27f05c61d8d747517eb47e 3 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::WININET WLDAP32.dll C:\Windows\system32\WLDAP32.dll 269824 a8bb45f9ecad993461e0fef8e2a99152 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::WLDAP32 WS2_32.dll C:\Windows\system32\WS2_32.dll 206848 7ff15a4f092cd4a96055ba69f903e3e9 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::WS2_32 difxapi.dll C:\Windows\system32\difxapi.dll 315904 070c5b9d3006602a07757179d9b56f5d 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::DifxApi explorer.exe C:\Windows\explorer.exe 2616320 8b88ebbb05a0e56b7dcc708498c02b3e 15 -> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon::Shell userinit.exe C:\Windows\system32\userinit.exe 26624 9fcf19dfe8e2d11b0d0855a389d4dbe6 15 -> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon::Userinit SystemPropertiesPerformance.exe C:\Windows\system32\SystemPropertiesPerformance.exe 81920 1969a81ca0cfaf3dc732c89b38854997 15 -> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon::VmApplet credssp.dll C:\Windows\system32\credssp.dll 17408 30f5b3e28636009a0b194057aae4392a 3 -> HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders::SecurityProviders iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe 815272 e931c01e7dd7cec0bd26cd1b9da967a3 15 -> HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command::(Default) firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe 376944 f51d682701b303ed6cc5474ce5fa5aaa 15 -> HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command::(Default) igfxdev.dll C:\Windows\system32\igfxdev.dll 228864 068e776b588f3981a88836f51f0641b7 3 -> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui unregmp2.exe C:\Windows\system32\unregmp2.exe 278528 7ca00998c1aaf913ac089e29db746037 15 -> HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95} -> HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6} regsvr32.exe C:\Windows\system32\regsvr32.exe 14848 432be6cf7311062633459eef6b242fb5 15 -> HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED} cmd.exe C:\Windows\system32\cmd.exe 302592 ad7b9c14083b52bc532fba5948342b98 15 -> HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} WinMail.exe C:\Program Files\Windows Mail\WinMail.exe 396800 2bf10b03f6845661ed8bd58a8cb34b2f 15 -> HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C} ie4uinit.exe C:\Windows\System32\ie4uinit.exe 684544 97f98251ac65657a07673e64aa31519f 3 -> HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383} mscories.dll C:\Windows\system32\mscories.dll 81560 d5d5bbf6aa45d820baa0bd1303b8aaf6 15 -> HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820} chrmstp.exe C:\Program Files\Google\Chrome\Application\41.0.2272.89\Installer\chrmstp.exe 1061704 d4663df03ef2025dc1b15282d74ff56c 3 -> HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} localspl.dll C:\Windows\system32\localspl.dll 769024 74af6aa2e8b3180aadae5fe8813cb1cd 15 -> HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\Local Port FXSMON.DLL C:\Windows\system32\FXSMON.DLL 39424 126f8331bd023178c7f0ef2f5ede16b3 15 -> HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\Microsoft Shared Fax Monitor tcpmon.dll C:\Windows\system32\tcpmon.dll 148992 b390c1d825c7687493bede237c6c2f25 15 -> HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\Standard TCP/IP Port usbmon.dll C:\Windows\system32\usbmon.dll 34304 923cdd30092db73ec4a0ebcddd16c686 15 -> HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\USB Monitor WSDMon.dll C:\Windows\system32\WSDMon.dll 185344 a8eb761de499242becf153b2b34f020e 15 -> HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\WSD Port 1394ohci.sys C:\Windows\System32\drivers\1394ohci.sys 164864 1b133875b8aa8ac48969bd3458afe9f5 15 -> HKLM\SYSTEM\CurrentControlSet\Services\1394ohci Accelerometer.sys C:\Windows\System32\drivers\Accelerometer.sys 37696 943297aa998ea2b4a4e9e9daa9954729 3 -> HKLM\SYSTEM\CurrentControlSet\Services\Accelerometer ACPI.sys C:\Windows\System32\drivers\ACPI.sys 274304 cea80c80bed809aa0da6febc04733349 15 -> HKLM\SYSTEM\CurrentControlSet\Services\ACPI acpipmi.sys C:\Windows\System32\drivers\acpipmi.sys 10240 1efbc664abff416d1d07db115dcb264f 15 -> HKLM\SYSTEM\CurrentControlSet\Services\AcpiPmi FlashPlayerUpdateService.exe C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 268464 b0fe8d243a4ec6727d7ec5019c4b26b1 3 -> HKLM\SYSTEM\CurrentControlSet\Services\AdobeFlashPlayerUpdateSvc -> Scheduled Tasks\Adobe Flash Player Updater adp94xx.sys C:\Windows\System32\drivers\adp94xx.sys 422976 21e785ebd7dc90a06391141aac7892fb 15 -> HKLM\SYSTEM\CurrentControlSet\Services\adp94xx adpahci.sys C:\Windows\System32\drivers\adpahci.sys 297552 0c676bc278d5b59ff5abd57bbe9123f2 15 -> HKLM\SYSTEM\CurrentControlSet\Services\adpahci adpu320.sys C:\Windows\System32\drivers\adpu320.sys 146512 7c7b5ee4b7b822ec85321fe23a27db33 15 -> HKLM\SYSTEM\CurrentControlSet\Services\adpu320 svchost.exe C:\Windows\system32\svchost.exe 20992 54a47f6b5e09a77e61649109c6a08866 15 -> HKLM\SYSTEM\CurrentControlSet\Services\AeLookupSvc -> HKLM\SYSTEM\CurrentControlSet\Services\AppIDSvc -> HKLM\SYSTEM\CurrentControlSet\Services\Appinfo -> HKLM\SYSTEM\CurrentControlSet\Services\AppMgmt -> HKLM\SYSTEM\CurrentControlSet\Services\AudioEndpointBuilder -> HKLM\SYSTEM\CurrentControlSet\Services\Audiosrv -> HKLM\SYSTEM\CurrentControlSet\Services\AxInstSV -> HKLM\SYSTEM\CurrentControlSet\Services\BDESVC -> HKLM\SYSTEM\CurrentControlSet\Services\BFE -> HKLM\SYSTEM\CurrentControlSet\Services\BITS -> HKLM\SYSTEM\CurrentControlSet\Services\Browser -> HKLM\SYSTEM\CurrentControlSet\Services\bthserv -> HKLM\SYSTEM\CurrentControlSet\Services\CertPropSvc -> HKLM\SYSTEM\CurrentControlSet\Services\CryptSvc -> HKLM\SYSTEM\CurrentControlSet\Services\CscService -> HKLM\SYSTEM\CurrentControlSet\Services\DcomLaunch -> HKLM\SYSTEM\CurrentControlSet\Services\defragsvc -> HKLM\SYSTEM\CurrentControlSet\Services\Dhcp -> HKLM\SYSTEM\CurrentControlSet\Services\Dnscache -> HKLM\SYSTEM\CurrentControlSet\Services\dot3svc -> HKLM\SYSTEM\CurrentControlSet\Services\DPS -> HKLM\SYSTEM\CurrentControlSet\Services\EapHost -> HKLM\SYSTEM\CurrentControlSet\Services\eventlog -> HKLM\SYSTEM\CurrentControlSet\Services\EventSystem -> HKLM\SYSTEM\CurrentControlSet\Services\fdPHost -> HKLM\SYSTEM\CurrentControlSet\Services\FDResPub -> HKLM\SYSTEM\CurrentControlSet\Services\FontCache -> HKLM\SYSTEM\CurrentControlSet\Services\gpsvc -> HKLM\SYSTEM\CurrentControlSet\Services\hidserv -> HKLM\SYSTEM\CurrentControlSet\Services\hkmsvc -> HKLM\SYSTEM\CurrentControlSet\Services\HomeGroupListener -> HKLM\SYSTEM\CurrentControlSet\Services\HomeGroupProvider -> HKLM\SYSTEM\CurrentControlSet\Services\IKEEXT -> HKLM\SYSTEM\CurrentControlSet\Services\IPBusEnum -> HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc -> HKLM\SYSTEM\CurrentControlSet\Services\KtmRm -> HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer -> HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation -> HKLM\SYSTEM\CurrentControlSet\Services\lltdsvc -> HKLM\SYSTEM\CurrentControlSet\Services\lmhosts -> HKLM\SYSTEM\CurrentControlSet\Services\Mcx2Svc -> HKLM\SYSTEM\CurrentControlSet\Services\MMCSS -> HKLM\SYSTEM\CurrentControlSet\Services\MpsSvc -> HKLM\SYSTEM\CurrentControlSet\Services\MSiSCSI -> HKLM\SYSTEM\CurrentControlSet\Services\napagent -> HKLM\SYSTEM\CurrentControlSet\Services\Netman -> HKLM\SYSTEM\CurrentControlSet\Services\netprofm -> HKLM\SYSTEM\CurrentControlSet\Services\NlaSvc -> HKLM\SYSTEM\CurrentControlSet\Services\nsi -> HKLM\SYSTEM\CurrentControlSet\Services\p2pimsvc -> HKLM\SYSTEM\CurrentControlSet\Services\p2psvc -> HKLM\SYSTEM\CurrentControlSet\Services\PcaSvc -> HKLM\SYSTEM\CurrentControlSet\Services\PeerDistSvc -> HKLM\SYSTEM\CurrentControlSet\Services\pla -> HKLM\SYSTEM\CurrentControlSet\Services\PlugPlay -> HKLM\SYSTEM\CurrentControlSet\Services\PNRPAutoReg -> HKLM\SYSTEM\CurrentControlSet\Services\PNRPsvc -> HKLM\SYSTEM\CurrentControlSet\Services\PolicyAgent -> HKLM\SYSTEM\CurrentControlSet\Services\Power -> HKLM\SYSTEM\CurrentControlSet\Services\ProfSvc -> HKLM\SYSTEM\CurrentControlSet\Services\QWAVE -> HKLM\SYSTEM\CurrentControlSet\Services\RasAuto -> HKLM\SYSTEM\CurrentControlSet\Services\RasMan -> HKLM\SYSTEM\CurrentControlSet\Services\RemoteAccess -> HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry -> HKLM\SYSTEM\CurrentControlSet\Services\RpcEptMapper -> HKLM\SYSTEM\CurrentControlSet\Services\RpcSs -> HKLM\SYSTEM\CurrentControlSet\Services\SCardSvr -> HKLM\SYSTEM\CurrentControlSet\Services\Schedule -> HKLM\SYSTEM\CurrentControlSet\Services\SCPolicySvc -> HKLM\SYSTEM\CurrentControlSet\Services\SDRSVC -> HKLM\SYSTEM\CurrentControlSet\Services\seclogon -> HKLM\SYSTEM\CurrentControlSet\Services\SENS -> HKLM\SYSTEM\CurrentControlSet\Services\SensrSvc -> HKLM\SYSTEM\CurrentControlSet\Services\SessionEnv -> HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess -> HKLM\SYSTEM\CurrentControlSet\Services\ShellHWDetection -> HKLM\SYSTEM\CurrentControlSet\Services\sppuinotify -> HKLM\SYSTEM\CurrentControlSet\Services\SSDPSRV -> HKLM\SYSTEM\CurrentControlSet\Services\SstpSvc -> HKLM\SYSTEM\CurrentControlSet\Services\StiSvc -> HKLM\SYSTEM\CurrentControlSet\Services\swprv -> HKLM\SYSTEM\CurrentControlSet\Services\SysMain -> HKLM\SYSTEM\CurrentControlSet\Services\TabletInputService -> HKLM\SYSTEM\CurrentControlSet\Services\TapiSrv -> HKLM\SYSTEM\CurrentControlSet\Services\TBS -> HKLM\SYSTEM\CurrentControlSet\Services\TermService -> HKLM\SYSTEM\CurrentControlSet\Services\Themes -> HKLM\SYSTEM\CurrentControlSet\Services\THREADORDER -> HKLM\SYSTEM\CurrentControlSet\Services\TrkWks -> HKLM\SYSTEM\CurrentControlSet\Services\UmRdpService -> HKLM\SYSTEM\CurrentControlSet\Services\upnphost -> HKLM\SYSTEM\CurrentControlSet\Services\UxSms -> HKLM\SYSTEM\CurrentControlSet\Services\W32Time -> HKLM\SYSTEM\CurrentControlSet\Services\WbioSrvc -> HKLM\SYSTEM\CurrentControlSet\Services\wcncsvc -> HKLM\SYSTEM\CurrentControlSet\Services\WcsPlugInService -> HKLM\SYSTEM\CurrentControlSet\Services\WdiServiceHost -> HKLM\SYSTEM\CurrentControlSet\Services\WdiSystemHost -> HKLM\SYSTEM\CurrentControlSet\Services\WebClient -> HKLM\SYSTEM\CurrentControlSet\Services\Wecsvc -> HKLM\SYSTEM\CurrentControlSet\Services\wercplsupport -> HKLM\SYSTEM\CurrentControlSet\Services\WerSvc -> HKLM\SYSTEM\CurrentControlSet\Services\WinDefend -> HKLM\SYSTEM\CurrentControlSet\Services\WinHttpAutoProxySvc -> HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt -> HKLM\SYSTEM\CurrentControlSet\Services\WinRM -> HKLM\SYSTEM\CurrentControlSet\Services\Wlansvc -> HKLM\SYSTEM\CurrentControlSet\Services\WPCSvc -> HKLM\SYSTEM\CurrentControlSet\Services\WPDBusEnum -> HKLM\SYSTEM\CurrentControlSet\Services\wscsvc -> HKLM\SYSTEM\CurrentControlSet\Services\wuauserv -> HKLM\SYSTEM\CurrentControlSet\Services\wudfsvc -> HKLM\SYSTEM\CurrentControlSet\Services\WwanSvc aelupsvc.dll C:\Windows\System32\aelupsvc.dll 62464 8b5eefeec1e6d1a72a06c526628ad161 15 -> HKLM\SYSTEM\CurrentControlSet\Services\AeLookupSvc\Parameters aestsrv.exe C:\Program Files\IDT\WDM\aestsrv.exe 81920 827dbc22c96eecf6d36a13162fabafd3 3 -> HKLM\SYSTEM\CurrentControlSet\Services\AESTFilters afd.sys C:\Windows\System32\drivers\afd.sys 338944 d0b388da1d111a34366e04eb4a5dd156 15 -> HKLM\SYSTEM\CurrentControlSet\Services\AFD agp440.sys C:\Windows\System32\drivers\agp440.sys 53312 507812c3054c21cef746b6ee3d04dd6e 15 -> HKLM\SYSTEM\CurrentControlSet\Services\agp440 djsvs.sys C:\Windows\System32\drivers\djsvs.sys 70720 8b30250d573a8f6b4bd23195160d8707 15 -> HKLM\SYSTEM\CurrentControlSet\Services\aic78xx alg.exe C:\Windows\System32\alg.exe 59392 18a54e132947cd98fea9accc57f98f13 15 -> HKLM\SYSTEM\CurrentControlSet\Services\ALG aliide.sys C:\Windows\System32\drivers\aliide.sys 14400 0d40bcf52ea90fc7df2aeab6503dea44 15 -> HKLM\SYSTEM\CurrentControlSet\Services\aliide atiesrxx.exe C:\Windows\system32\atiesrxx.exe 176128 f0a4e714fb8b65721d3a06dd702304f0 15 -> HKLM\SYSTEM\CurrentControlSet\Services\AMD External Events Utility amdagp.sys C:\Windows\System32\drivers\amdagp.sys 53312 3c6600a0696e90a463771c7422e23ab5 15 -> HKLM\SYSTEM\CurrentControlSet\Services\amdagp amdide.sys C:\Windows\System32\drivers\amdide.sys 14912 cd5914170297126b6266860198d1d4f0 15 -> HKLM\SYSTEM\CurrentControlSet\Services\amdide amdk8.sys C:\Windows\System32\drivers\amdk8.sys 55296 00dda200d71bac534bf56a9db5dfd666 15 -> HKLM\SYSTEM\CurrentControlSet\Services\AmdK8 atikmdag.sys C:\Windows\System32\drivers\atikmdag.sys 6380544 c34523ce979f5520ebcd204f9cda899e 3 -> HKLM\SYSTEM\CurrentControlSet\Services\amdkmdag atikmpag.sys C:\Windows\System32\drivers\atikmpag.sys 222208 b4d7145a6ed40471c794d980f505d621 3 -> HKLM\SYSTEM\CurrentControlSet\Services\amdkmdap amdppm.sys C:\Windows\System32\drivers\amdppm.sys 52736 3cbf30f5370fda40dd3e87df38ea53b6 15 -> HKLM\SYSTEM\CurrentControlSet\Services\AmdPPM amdsata.sys C:\Windows\System32\drivers\amdsata.sys 80256 d320bf87125326f996d4904fe24300fc 15 -> HKLM\SYSTEM\CurrentControlSet\Services\amdsata amdsbs.sys C:\Windows\System32\drivers\amdsbs.sys 159312 ea43af0c423ff267355f74e7a53bdaba 15 -> HKLM\SYSTEM\CurrentControlSet\Services\amdsbs amdxata.sys C:\Windows\System32\drivers\amdxata.sys 22400 46387fb17b086d16dea267d5be23a2f2 15 -> HKLM\SYSTEM\CurrentControlSet\Services\amdxata appid.sys C:\Windows\System32\drivers\appid.sys 50176 81f97d8f8b3fb94a451cc6f7cf8b2965 3 -> HKLM\SYSTEM\CurrentControlSet\Services\AppID appidsvc.dll C:\Windows\System32\appidsvc.dll 27648 f5090f8fa6757c58e17baeaa86093636 3 -> HKLM\SYSTEM\CurrentControlSet\Services\AppIDSvc\Parameters appinfo.dll C:\Windows\System32\appinfo.dll 47104 eacfdf31921f51c097629f1f3c9129b4 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Appinfo\Parameters appmgmts.dll C:\Windows\System32\appmgmts.dll 149504 a45d184df6a8803da13a0b329517a64a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\AppMgmt\Parameters arc.sys C:\Windows\System32\drivers\arc.sys 76368 2932004f49677bd84dbc72edb754ffb3 15 -> HKLM\SYSTEM\CurrentControlSet\Services\arc arcsas.sys C:\Windows\System32\drivers\arcsas.sys 86608 5d6f36c46fd283ae1b57bd2e9feb0bc7 15 -> HKLM\SYSTEM\CurrentControlSet\Services\arcsas aspnet_state.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 45744 537b2948976f5d9b5767b74a63ebb395 3 -> HKLM\SYSTEM\CurrentControlSet\Services\aspnet_state asyncmac.sys C:\Windows\System32\drivers\asyncmac.sys 17920 add2ade1c2b285ab8378d2daaf991481 15 -> HKLM\SYSTEM\CurrentControlSet\Services\AsyncMac atapi.sys C:\Windows\System32\drivers\atapi.sys 21584 338c86357871c167a96ab976519bf59e 15 -> HKLM\SYSTEM\CurrentControlSet\Services\atapi AtihdW73.sys C:\Windows\System32\drivers\AtihdW73.sys 77824 04f1a13265313c0e0a4f9d8c2cdc0f76 15 -> HKLM\SYSTEM\CurrentControlSet\Services\AtiHDAudioService AtiHdmi.sys C:\Windows\System32\drivers\AtiHdmi.sys 108560 8df873d0587596c1d35a9cececc61da1 3 -> HKLM\SYSTEM\CurrentControlSet\Services\AtiHdmiService Audiosrv.dll C:\Windows\System32\Audiosrv.dll 475136 c1619a13b10cac5038bf7129f57d8de3 3 -> HKLM\SYSTEM\CurrentControlSet\Services\AudioEndpointBuilder\Parameters -> HKLM\SYSTEM\CurrentControlSet\Services\Audiosrv\Parameters AxInstSV.dll C:\Windows\System32\AxInstSV.dll 88064 6e30d02aac9cac84f421622e3a2f6178 15 -> HKLM\SYSTEM\CurrentControlSet\Services\AxInstSV\Parameters bxvbdx.sys C:\Windows\System32\drivers\bxvbdx.sys 430080 1a231abec60fd316ec54c66715543cec 15 -> HKLM\SYSTEM\CurrentControlSet\Services\b06bdrv b57nd60x.sys C:\Windows\System32\drivers\b57nd60x.sys 229888 bd8869eb9cde6bbe4508d869929869ee 15 -> HKLM\SYSTEM\CurrentControlSet\Services\b57nd60x bcmwl6.sys C:\Windows\System32\drivers\bcmwl6.sys 4270288 77c3cf56eb900c186741c591f95800a0 3 -> HKLM\SYSTEM\CurrentControlSet\Services\BCM43XX bdesvc.dll C:\Windows\System32\bdesvc.dll 76800 ee1e9c3bb8228ae423dd38db69128e71 15 -> HKLM\SYSTEM\CurrentControlSet\Services\BDESVC\Parameters bfe.dll C:\Windows\System32\bfe.dll 494592 1e2bac209d184bb851e1a187d8a29136 15 -> HKLM\SYSTEM\CurrentControlSet\Services\BFE\Parameters qmgr.dll C:\Windows\System32\qmgr.dll 585728 e585445d5021971fae10393f0f1c3961 15 -> HKLM\SYSTEM\CurrentControlSet\Services\BITS\Parameters blbdrive.sys C:\Windows\System32\drivers\blbdrive.sys 35328 2287078ed48fcfc477b05b20cf38f36f 15 -> HKLM\SYSTEM\CurrentControlSet\Services\blbdrive bowser.sys C:\Windows\System32\drivers\bowser.sys 69632 8f2da3028d5fcbd1a060a3de64cd6506 15 -> HKLM\SYSTEM\CurrentControlSet\Services\bowser BrFiltLo.sys C:\Windows\System32\drivers\BrFiltLo.sys 13568 9f9acc7f7ccde8a15c282d3f88b43309 15 -> HKLM\SYSTEM\CurrentControlSet\Services\BrFiltLo BrFiltUp.sys C:\Windows\System32\drivers\BrFiltUp.sys 5248 56801ad62213a41f6497f96dee83755a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\BrFiltUp browser.dll C:\Windows\System32\browser.dll 102912 3daa727b5b0a45039b0e1c9a211b8400 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Browser\Parameters Brserid.sys C:\Windows\System32\drivers\Brserid.sys 272128 845b8ce732e67f3b4133164868c666ea 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Brserid BrSerWdm.sys C:\Windows\System32\drivers\BrSerWdm.sys 62336 203f0b1e73adadbbb7b7b1fabd901f6b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\BrSerWdm BrUsbMdm.sys C:\Windows\System32\drivers\BrUsbMdm.sys 12160 bd456606156ba17e60a04e18016ae54b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\BrUsbMdm BrUsbSer.sys C:\Windows\System32\drivers\BrUsbSer.sys 11904 af72ed54503f717a43268b3cc5faec2e 15 -> HKLM\SYSTEM\CurrentControlSet\Services\BrUsbSer BthEnum.sys C:\Windows\System32\drivers\BthEnum.sys 34816 2865a5c8e98c70c605f417908cebb3a4 15 -> HKLM\SYSTEM\CurrentControlSet\Services\BthEnum bthmodem.sys C:\Windows\System32\drivers\bthmodem.sys 56320 ed3df7c56ce0084eb2034432fc56565a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\BTHMODEM bthpan.sys C:\Windows\System32\drivers\bthpan.sys 93696 ad1872e5829e8a2c3b5b4b641c3eab0e 15 -> HKLM\SYSTEM\CurrentControlSet\Services\BthPan BTHport.sys C:\Windows\System32\drivers\BTHport.sys 393728 1153de2e4f5941e10c399cb5592f78a1 3 -> HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT bthserv.dll C:\Windows\system32\bthserv.dll 64512 1df19c96eef6c29d1c3e1a8678e07190 15 -> HKLM\SYSTEM\CurrentControlSet\Services\bthserv\Parameters BTHUSB.sys C:\Windows\System32\drivers\BTHUSB.sys 60416 c81e9413a25a439f436b1d4b6a0cf9e9 3 -> HKLM\SYSTEM\CurrentControlSet\Services\BTHUSB cdfs.sys C:\Windows\System32\drivers\cdfs.sys 70656 77ea11b065e0a8ab902d78145ca51e10 15 -> HKLM\SYSTEM\CurrentControlSet\Services\cdfs cdrom.sys C:\Windows\System32\drivers\cdrom.sys 108544 be167ed0fdb9c1fa1133953c18d5a6c9 15 -> HKLM\SYSTEM\CurrentControlSet\Services\cdrom certprop.dll C:\Windows\System32\certprop.dll 67584 319c6b309773d063541d01df8ac6f55f 15 -> HKLM\SYSTEM\CurrentControlSet\Services\CertPropSvc\Parameters -> HKLM\SYSTEM\CurrentControlSet\Services\SCPolicySvc\Parameters circlass.sys C:\Windows\System32\drivers\circlass.sys 37888 3fe3fe94a34df6fb06e6418d0f6a0060 15 -> HKLM\SYSTEM\CurrentControlSet\Services\circlass CisUtMonitor.sys C:\Windows\System32\drivers\CisUtMonitor.sys 27600 03809544b21d43b1f40de67215d4153a 3 -> HKLM\SYSTEM\CurrentControlSet\Services\CisUtMonitor CLFS.sys C:\Windows\system32\CLFS.sys 249408 635181e0e9bbf16871bf5380d71db02d 15 -> HKLM\SYSTEM\CurrentControlSet\Services\CLFS mscorsvw.exe C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 67224 f13ec8a783e0cb0d6dc26a3ca848b7b8 15 -> HKLM\SYSTEM\CurrentControlSet\Services\clr_optimization_v2.0.50727_32 mscorsvw.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 103608 f5ab4d2e36625f355e81539239765107 15 -> HKLM\SYSTEM\CurrentControlSet\Services\clr_optimization_v4.0.30319_32 CmBatt.sys C:\Windows\System32\drivers\CmBatt.sys 14080 dea805815e587dad1dd2c502220b5616 15 -> HKLM\SYSTEM\CurrentControlSet\Services\CmBatt cmdide.sys C:\Windows\System32\drivers\cmdide.sys 15952 c537b1db64d495b9b4717b4d6d9edbf2 15 -> HKLM\SYSTEM\CurrentControlSet\Services\cmdide cng.sys C:\Windows\System32\drivers\cng.sys 370488 3051724f223ea48968b19567de2a81f4 3 -> HKLM\SYSTEM\CurrentControlSet\Services\CNG compbatt.sys C:\Windows\System32\drivers\compbatt.sys 19024 a6023d3823c37043986713f118a89bee 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Compbatt CompositeBus.sys C:\Windows\System32\drivers\CompositeBus.sys 31232 cbe8c58a8579cfe5fccf809e6f114e89 15 -> HKLM\SYSTEM\CurrentControlSet\Services\CompositeBus dllhost.exe C:\Windows\system32\dllhost.exe 7168 a63dc5c2ea944e6657203e0c8edeaf61 15 -> HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp crcdisk.sys C:\Windows\System32\drivers\crcdisk.sys 22096 2c4ebcfc84a9b44f209dff6c6e6c61d1 15 -> HKLM\SYSTEM\CurrentControlSet\Services\crcdisk cryptsvc.dll C:\Windows\system32\cryptsvc.dll 143872 49474b3e37969af4b5c076f42b623aff 3 -> HKLM\SYSTEM\CurrentControlSet\Services\CryptSvc\Parameters csc.sys C:\Windows\System32\drivers\csc.sys 388096 3c2177a897b4ca2788c6fb0c3fd81d4b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\CSC cscsvc.dll C:\Windows\System32\cscsvc.dll 546304 15f93b37f6801943360d9eb42485d5d3 15 -> HKLM\SYSTEM\CurrentControlSet\Services\CscService\Parameters rpcss.dll C:\Windows\system32\rpcss.dll 376832 7660f01d3b38aca1747e397d21d790af 15 -> HKLM\SYSTEM\CurrentControlSet\Services\DcomLaunch\Parameters -> HKLM\SYSTEM\CurrentControlSet\Services\RpcSs\Parameters defragsvc.dll C:\Windows\System32\defragsvc.dll 218624 8d6e10a2d9a5eed59562d9b82cf804e1 15 -> HKLM\SYSTEM\CurrentControlSet\Services\defragsvc\Parameters dfsc.sys C:\Windows\System32\drivers\dfsc.sys 78336 f024449c97ec1e464aaffda18593db88 15 -> HKLM\SYSTEM\CurrentControlSet\Services\DfsC dhcpcore.dll C:\Windows\system32\dhcpcore.dll 254464 e9e01eb683c132f7fa27cd607b8a2b63 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Dhcp\Parameters discache.sys C:\Windows\System32\drivers\discache.sys 32256 1a050b0274bfb3890703d490f330c0da 15 -> HKLM\SYSTEM\CurrentControlSet\Services\discache disk.sys C:\Windows\System32\drivers\disk.sys 57424 565003f326f99802e68ca78f2a68e9ff 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Disk dmvsc.sys C:\Windows\System32\drivers\dmvsc.sys 62464 2a958ef85db1b61ffca65044fa4bce9e 15 -> HKLM\SYSTEM\CurrentControlSet\Services\dmvsc dnsrslvr.dll C:\Windows\System32\dnsrslvr.dll 132608 33ef4861f19a0736b11314aad9ae28d0 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters dot3svc.dll C:\Windows\System32\dot3svc.dll 214016 366ba8fb4b7bb7435e3b9eacb3843f67 15 -> HKLM\SYSTEM\CurrentControlSet\Services\dot3svc\Parameters dps.dll C:\Windows\system32\dps.dll 144384 8ec04ca86f1d68da9e11952eb85973d6 15 -> HKLM\SYSTEM\CurrentControlSet\Services\DPS\Parameters drmkaud.sys C:\Windows\System32\drivers\drmkaud.sys 5120 b918e7c5f9bf77202f89e1a9539f2eb4 15 -> HKLM\SYSTEM\CurrentControlSet\Services\drmkaud dxgkrnl.sys C:\Windows\System32\drivers\dxgkrnl.sys 730048 3583a5a8cc2e682bffbd4630d0fec08b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\DXGKrnl eapsvc.dll C:\Windows\System32\eapsvc.dll 98304 8600142fa91c1b96367d3300ad0f3f3a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\EapHost\Parameters evbdx.sys C:\Windows\System32\drivers\evbdx.sys 3100160 024e1b5cac09731e4d868e64dbfb4ab0 15 -> HKLM\SYSTEM\CurrentControlSet\Services\ebdrv lsass.exe C:\Windows\System32\lsass.exe 22528 f65f365ac0d1657917efdb52445c848b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\EFS -> HKLM\SYSTEM\CurrentControlSet\Services\KeyIso -> HKLM\SYSTEM\CurrentControlSet\Services\Netlogon -> HKLM\SYSTEM\CurrentControlSet\Services\ProtectedStorage -> HKLM\SYSTEM\CurrentControlSet\Services\SamSs -> HKLM\SYSTEM\CurrentControlSet\Services\VaultSvc ehRecvr.exe C:\Windows\ehome\ehRecvr.exe 556544 a8c362018efc87beb013ee28f29c0863 15 -> HKLM\SYSTEM\CurrentControlSet\Services\ehRecvr ehsched.exe C:\Windows\ehome\ehsched.exe 94720 d389bff34f80caede417bf9d1507996a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\ehSched elxstor.sys C:\Windows\System32\drivers\elxstor.sys 453712 0ed67910c8c326796faa00b2bf6d9d3c 15 -> HKLM\SYSTEM\CurrentControlSet\Services\elxstor errdev.sys C:\Windows\System32\drivers\errdev.sys 7168 8fc3208352dd3912c94367a206ab3f11 15 -> HKLM\SYSTEM\CurrentControlSet\Services\ErrDev EsgScanner.sys C:\Windows\System32\drivers\EsgScanner.sys 19984 01ce484ff6d70a39479bc6d619de7ed6 15 -> HKLM\SYSTEM\CurrentControlSet\Services\EsgScanner es.dll C:\Windows\system32\es.dll 271360 f6916efc29d9953d5d0df06882ae8e16 15 -> HKLM\SYSTEM\CurrentControlSet\Services\EventSystem\Parameters fxssvc.exe C:\Windows\system32\fxssvc.exe 523264 967ea5b213e9984cbe270205df37755b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Fax fdc.sys C:\Windows\System32\drivers\fdc.sys 25088 e817a017f82df2a1f8cfdbda29388b29 15 -> HKLM\SYSTEM\CurrentControlSet\Services\fdc fdPHost.dll C:\Windows\system32\fdPHost.dll 12800 f3222c893bd2f5821a0179e5c71e88fb 15 -> HKLM\SYSTEM\CurrentControlSet\Services\fdPHost\Parameters fdrespub.dll C:\Windows\system32\fdrespub.dll 28160 7dbe8cbfe79efbdeb98c9fb08d3a9a5b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\FDResPub\Parameters fileinfo.sys C:\Windows\System32\drivers\fileinfo.sys 58448 6cf00369c97f3cf563be99be983d13d8 15 -> HKLM\SYSTEM\CurrentControlSet\Services\FileInfo filetrace.sys C:\Windows\System32\drivers\filetrace.sys 28160 42c51dc94c91da21cb9196eb64c45db9 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Filetrace flpydisk.sys C:\Windows\System32\drivers\flpydisk.sys 19968 87907aa70cb3c56600f1c2fb8841579b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\flpydisk fltmgr.sys C:\Windows\System32\drivers\fltmgr.sys 198208 7520ec808e0c35e0ee6f841294316653 15 -> HKLM\SYSTEM\CurrentControlSet\Services\FltMgr FntCache.dll C:\Windows\system32\FntCache.dll 906240 e12c4928b32ace04610259647f072635 15 -> HKLM\SYSTEM\CurrentControlSet\Services\FontCache\Parameters PresentationFontCache.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 42856 e56f39f6b7fda0ac77a79b0fd3de1a2f 15 -> HKLM\SYSTEM\CurrentControlSet\Services\FontCache3.0.0.0 FsDepends.sys C:\Windows\System32\drivers\FsDepends.sys 46160 1a16b57943853e598cff37fe2b8cbf1d 15 -> HKLM\SYSTEM\CurrentControlSet\Services\FsDepends fvevol.sys C:\Windows\System32\drivers\fvevol.sys 196328 e306a24d9694c724fa2491278bf50fdb 15 -> HKLM\SYSTEM\CurrentControlSet\Services\fvevol gagp30kx.sys C:\Windows\System32\drivers\gagp30kx.sys 57936 65ee0c7a58b65e74ae05637418153938 15 -> HKLM\SYSTEM\CurrentControlSet\Services\gagp30kx gpsvc.dll C:\Windows\System32\gpsvc.dll 593408 e897eaf5ed6ba41e081060c9b447a673 15 -> HKLM\SYSTEM\CurrentControlSet\Services\gpsvc\Parameters GoogleUpdate.exe C:\Program Files\Google\Update\GoogleUpdate.exe 116648 506708142bc63daba64f2d3ad1dcd5bf 15 -> HKLM\SYSTEM\CurrentControlSet\Services\gupdate -> HKLM\SYSTEM\CurrentControlSet\Services\gupdatem -> Scheduled Tasks\GoogleUpdateTaskMachineCore -> Scheduled Tasks\GoogleUpdateTaskMachineUA hcw85cir.sys C:\Windows\System32\drivers\hcw85cir.sys 26624 c44e3c2bab6837db337ddee7544736db 15 -> HKLM\SYSTEM\CurrentControlSet\Services\hcw85cir HdAudio.sys C:\Windows\System32\drivers\HdAudio.sys 304128 a5ef29d5315111c80a5c1abad14c8972 15 -> HKLM\SYSTEM\CurrentControlSet\Services\HdAudAddService HDAudBus.sys C:\Windows\System32\drivers\HDAudBus.sys 108544 9036377b8a6c15dc2eec53e489d159b5 15 -> HKLM\SYSTEM\CurrentControlSet\Services\HDAudBus HECI.sys C:\Windows\System32\drivers\HECI.sys 41088 a88485dc6a7136c10d9a6c7e38fdfe3c 3 -> HKLM\SYSTEM\CurrentControlSet\Services\HECI HidBatt.sys C:\Windows\System32\drivers\HidBatt.sys 21504 1d58a7f3e11a9731d0eaaaa8405acc36 15 -> HKLM\SYSTEM\CurrentControlSet\Services\HidBatt hidbth.sys C:\Windows\System32\drivers\hidbth.sys 91136 89448f40e6df260c206a193a4683ba78 15 -> HKLM\SYSTEM\CurrentControlSet\Services\HidBth hidir.sys C:\Windows\System32\drivers\hidir.sys 37888 cf50b4cf4a4f229b9f3c08351f99ca5e 15 -> HKLM\SYSTEM\CurrentControlSet\Services\HidIr hidserv.dll C:\Windows\system32\hidserv.dll 49152 2bc6f6a1992b3a77f5f41432ca6b3b6b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\hidserv\Parameters hidusb.sys C:\Windows\System32\drivers\hidusb.sys 24064 10c19f8290891af023eaec0832e1eb4d 15 -> HKLM\SYSTEM\CurrentControlSet\Services\HidUsb kmsvc.dll C:\Windows\system32\kmsvc.dll 71168 196b4e3f4cccc24af836ce58facbb699 15 -> HKLM\SYSTEM\CurrentControlSet\Services\hkmsvc\Parameters ListSvc.dll C:\Windows\system32\ListSvc.dll 194560 6658f4404de03d75fe3ba09f7aba6a30 15 -> HKLM\SYSTEM\CurrentControlSet\Services\HomeGroupListener\Parameters provsvc.dll C:\Windows\system32\provsvc.dll 165376 dbc02d918fff1cad628acbe0c0eaa8e8 15 -> HKLM\SYSTEM\CurrentControlSet\Services\HomeGroupProvider\Parameters hpdskflt.sys C:\Windows\System32\drivers\hpdskflt.sys 27968 91ab80156f5df5b1495a687e5047961b 3 -> HKLM\SYSTEM\CurrentControlSet\Services\hpdskflt HpSAMD.sys C:\Windows\System32\drivers\HpSAMD.sys 67152 295fdc419039090eb8b49ffdbb374549 15 -> HKLM\SYSTEM\CurrentControlSet\Services\HpSAMD Hpservice.exe C:\Windows\system32\Hpservice.exe 27968 361069d78e96f27647ea99a5a5789dc3 15 -> HKLM\SYSTEM\CurrentControlSet\Services\hpsrv HPSupportSolutionsFrameworkService.exe C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe 89864 b6639bf8236bdd3427b10c581332be71 15 -> HKLM\SYSTEM\CurrentControlSet\Services\HPSupportSolutionsFrameworkService HTTP.sys C:\Windows\System32\drivers\HTTP.sys 513536 871917b07a141bff43d76d8844d48106 15 -> HKLM\SYSTEM\CurrentControlSet\Services\HTTP hwpolicy.sys C:\Windows\System32\drivers\hwpolicy.sys 14208 0c4e035c7f105f1299258c90886c64c5 15 -> HKLM\SYSTEM\CurrentControlSet\Services\hwpolicy i8042prt.sys C:\Windows\System32\drivers\i8042prt.sys 80896 f151f0bdc47f4a28b1b20a0818ea36d6 15 -> HKLM\SYSTEM\CurrentControlSet\Services\i8042prt iaStor.sys C:\Windows\System32\drivers\iaStor.sys 435736 eb3a2c773e202ced30595bbfad24febf 3 -> HKLM\SYSTEM\CurrentControlSet\Services\iaStor IAStorDataMgrSvc.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 13336 1e7999fe262b0a5fb84485c3a9ad06f1 15 -> HKLM\SYSTEM\CurrentControlSet\Services\IAStorDataMgrSvc iaStorV.sys C:\Windows\System32\drivers\iaStorV.sys 332160 5cd5f9a5444e6cdcb0ac89bd62d8b76e 15 -> HKLM\SYSTEM\CurrentControlSet\Services\iaStorV infocard.exe C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 879248 3e9213a2a050bf429e91898c90f8b4e3 15 -> HKLM\SYSTEM\CurrentControlSet\Services\idsvc IEEtwCollector.exe C:\Windows\system32\IEEtwCollector.exe 102912 87e5dc0badc63a6e92a3c7a896b8c15e 3 -> HKLM\SYSTEM\CurrentControlSet\Services\IEEtwCollectorService igdkmd32.sys C:\Windows\System32\drivers\igdkmd32.sys 9023488 db7413cf09d74231720f78737dcf4188 3 -> HKLM\SYSTEM\CurrentControlSet\Services\igfx iirsp.sys C:\Windows\System32\drivers\iirsp.sys 41040 4173ff5708f3236cf25195fecd742915 15 -> HKLM\SYSTEM\CurrentControlSet\Services\iirsp ikeext.dll C:\Windows\System32\ikeext.dll 679424 b9c54120f46392100478f58f374e5709 15 -> HKLM\SYSTEM\CurrentControlSet\Services\IKEEXT\Parameters Impcd.sys C:\Windows\System32\drivers\Impcd.sys 132480 e3c36ac5ae87ec970ae8ea2a93d59ae1 3 -> HKLM\SYSTEM\CurrentControlSet\Services\Impcd intelide.sys C:\Windows\System32\drivers\intelide.sys 15424 a0f12f2c9ba6c72f3987ce780e77c130 15 -> HKLM\SYSTEM\CurrentControlSet\Services\intelide igdpmd32.sys C:\Windows\System32\drivers\igdpmd32.sys 9023488 db7413cf09d74231720f78737dcf4188 3 -> HKLM\SYSTEM\CurrentControlSet\Services\intelkmd intelppm.sys C:\Windows\System32\drivers\intelppm.sys 53760 3b514d27bfc4accb4037bc6685f766e0 15 -> HKLM\SYSTEM\CurrentControlSet\Services\intelppm ipbusenum.dll C:\Windows\system32\ipbusenum.dll 78848 acb364b9075a45c0736e5c47be5cae19 15 -> HKLM\SYSTEM\CurrentControlSet\Services\IPBusEnum\Parameters ipfltdrv.sys C:\Windows\System32\drivers\ipfltdrv.sys 58880 709d1761d3b19a932ff0238ea6d50200 15 -> HKLM\SYSTEM\CurrentControlSet\Services\IpFilterDriver iphlpsvc.dll C:\Windows\System32\iphlpsvc.dll 499712 58f67245d041fbe7af88f4eaf79df0fa 15 -> HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters IPMIDrv.sys C:\Windows\System32\drivers\IPMIDrv.sys 65536 4bd7134618c1d2a27466a099062547bf 15 -> HKLM\SYSTEM\CurrentControlSet\Services\IPMIDRV ipnat.sys C:\Windows\System32\drivers\ipnat.sys 101888 a5fa468d67abcdaa36264e463a7bb0cd 15 -> HKLM\SYSTEM\CurrentControlSet\Services\IPNAT irenum.sys C:\Windows\System32\drivers\irenum.sys 13824 42996cff20a3084a56017b7902307e9f 15 -> HKLM\SYSTEM\CurrentControlSet\Services\IRENUM isapnp.sys C:\Windows\System32\drivers\isapnp.sys 46656 1f32bb6b38f62f7df1a7ab7292638a35 15 -> HKLM\SYSTEM\CurrentControlSet\Services\isapnp msiscsi.sys C:\Windows\System32\drivers\msiscsi.sys 234432 eb34ce31fabd4dc4343fd2ad16d2caf9 15 -> HKLM\SYSTEM\CurrentControlSet\Services\iScsiPrt kbdclass.sys C:\Windows\System32\drivers\kbdclass.sys 42576 adef52ca1aeae82b50df86b56413107e 15 -> HKLM\SYSTEM\CurrentControlSet\Services\kbdclass kbdhid.sys C:\Windows\System32\drivers\kbdhid.sys 28160 9e3ced91863e6ee98c24794d05e27a71 15 -> HKLM\SYSTEM\CurrentControlSet\Services\kbdhid ksecdd.sys C:\Windows\System32\drivers\ksecdd.sys 67512 4dac97cf81fae4b2988aef0df40d04ae 3 -> HKLM\SYSTEM\CurrentControlSet\Services\KSecDD ksecpkg.sys C:\Windows\System32\drivers\ksecpkg.sys 137656 9eed5e0b7bf784c491c2289a09920bda 3 -> HKLM\SYSTEM\CurrentControlSet\Services\KSecPkg msdtckrm.dll C:\Windows\system32\msdtckrm.dll 308736 89a7b9cc98d0d80c6f31b91c0a310fcd 15 -> HKLM\SYSTEM\CurrentControlSet\Services\KtmRm\Parameters srvsvc.dll C:\Windows\system32\srvsvc.dll 168960 d64af876d53eca3668bb97b51b4e70ab 15 -> HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters wkssvc.dll C:\Windows\System32\wkssvc.dll 84480 58405e4f68ba8e4057c6e914f326aba2 15 -> HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters lltdio.sys C:\Windows\System32\drivers\lltdio.sys 48128 f7611ec07349979da9b0ae1f18ccc7a6 15 -> HKLM\SYSTEM\CurrentControlSet\Services\lltdio lltdsvc.dll C:\Windows\System32\lltdsvc.dll 189952 5700673e13a2117fa3b9020c852c01e2 15 -> HKLM\SYSTEM\CurrentControlSet\Services\lltdsvc\Parameters lmhsvc.dll C:\Windows\System32\lmhsvc.dll 18432 55ca01ba19d0006c8f2639b6c045e08b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\lmhosts\Parameters LMS.exe C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 325656 25884ca77f8d926b69167bc231d3726e 15 -> HKLM\SYSTEM\CurrentControlSet\Services\LMS lsi_fc.sys C:\Windows\System32\drivers\lsi_fc.sys 95824 eb119a53ccf2acc000ac71b065b78fef 15 -> HKLM\SYSTEM\CurrentControlSet\Services\LSI_FC lsi_sas.sys C:\Windows\System32\drivers\lsi_sas.sys 89168 8ade1c877256a22e49b75d1cc9161f9c 15 -> HKLM\SYSTEM\CurrentControlSet\Services\LSI_SAS lsi_sas2.sys C:\Windows\System32\drivers\lsi_sas2.sys 54864 dc9dc3d3daa0e276fd2ec262e38b11e9 15 -> HKLM\SYSTEM\CurrentControlSet\Services\LSI_SAS2 lsi_scsi.sys C:\Windows\System32\drivers\lsi_scsi.sys 96848 0a036c7d7cab643a7f07135ac47e0524 15 -> HKLM\SYSTEM\CurrentControlSet\Services\LSI_SCSI luafv.sys C:\Windows\System32\drivers\luafv.sys 86528 6703e366cc18d3b6e534f5cf7df39cee 15 -> HKLM\SYSTEM\CurrentControlSet\Services\luafv Mcx2Svc.dll C:\Windows\system32\Mcx2Svc.dll 68096 bfb9ee8ee977efe85d1a3105abef6dd1 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Mcx2Svc\Parameters megasas.sys C:\Windows\System32\drivers\megasas.sys 30800 0fff5b045293002ab38eb1fd1fc2fb74 15 -> HKLM\SYSTEM\CurrentControlSet\Services\megasas MegaSR.sys C:\Windows\System32\drivers\MegaSR.sys 235584 dcbab2920c75f390caf1d29f675d03d6 15 -> HKLM\SYSTEM\CurrentControlSet\Services\MegaSR mmcss.dll C:\Windows\system32\mmcss.dll 49664 146b6f43a673379a3c670e86d89be5ea 15 -> HKLM\SYSTEM\CurrentControlSet\Services\MMCSS\Parameters -> HKLM\SYSTEM\CurrentControlSet\Services\THREADORDER\Parameters modem.sys C:\Windows\System32\drivers\modem.sys 31744 f001861e5700ee84e2d4e52c712f4964 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Modem monitor.sys C:\Windows\System32\drivers\monitor.sys 23552 79d10964de86b292320e9dfe02282a23 15 -> HKLM\SYSTEM\CurrentControlSet\Services\monitor mouclass.sys C:\Windows\System32\drivers\mouclass.sys 41552 fb18cc1d4c2e716b6b903b0ac0cc0609 15 -> HKLM\SYSTEM\CurrentControlSet\Services\mouclass mouhid.sys C:\Windows\System32\drivers\mouhid.sys 26112 2c388d2cd01c9042596cf3c8f3c7b24d 15 -> HKLM\SYSTEM\CurrentControlSet\Services\mouhid mountmgr.sys C:\Windows\System32\drivers\mountmgr.sys 78784 644905a19d0f37f2233dfce53bc4bc19 3 -> HKLM\SYSTEM\CurrentControlSet\Services\mountmgr maintenanceservice.exe C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 148080 81e8af6407ec3f41908fe37f054353ea 3 -> HKLM\SYSTEM\CurrentControlSet\Services\MozillaMaintenance MpFilter.sys C:\Windows\System32\drivers\MpFilter.sys 239224 7d2484c4995a3db47345efed2a0b579e 3 -> HKLM\SYSTEM\CurrentControlSet\Services\MpFilter mpio.sys C:\Windows\System32\drivers\mpio.sys 130432 2d699fb6e89ce0d8da14ecc03b3edfe0 15 -> HKLM\SYSTEM\CurrentControlSet\Services\mpio mpsdrv.sys C:\Windows\System32\drivers\mpsdrv.sys 60416 ad2723a7b53dd1aacae6ad8c0bfbf4d0 15 -> HKLM\SYSTEM\CurrentControlSet\Services\mpsdrv mpssvc.dll C:\Windows\system32\mpssvc.dll 566272 9835584e999d25004e1ee8e5f3e3b881 15 -> HKLM\SYSTEM\CurrentControlSet\Services\MpsSvc\Parameters mrxdav.sys C:\Windows\System32\drivers\mrxdav.sys 116224 03f899f521d2aaed1c55008f734df252 15 -> HKLM\SYSTEM\CurrentControlSet\Services\MRxDAV mrxsmb.sys C:\Windows\System32\drivers\mrxsmb.sys 123904 5d16c921e3671636c0eba3bbaac5fd25 15 -> HKLM\SYSTEM\CurrentControlSet\Services\mrxsmb mrxsmb10.sys C:\Windows\System32\drivers\mrxsmb10.sys 223744 6d17a4791aca19328c685d256349fefc 15 -> HKLM\SYSTEM\CurrentControlSet\Services\mrxsmb10 mrxsmb20.sys C:\Windows\System32\drivers\mrxsmb20.sys 96768 b81f204d146000be76651a50670a5e9e 15 -> HKLM\SYSTEM\CurrentControlSet\Services\mrxsmb20 msahci.sys C:\Windows\System32\drivers\msahci.sys 28032 012c5f4e9349e711e11e0f19a8589f0a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\msahci msdsm.sys C:\Windows\System32\drivers\msdsm.sys 116096 55055f8ad8be27a64c831322a780a228 15 -> HKLM\SYSTEM\CurrentControlSet\Services\msdsm msdtc.exe C:\Windows\System32\msdtc.exe 134144 e1bce74a3bd9902b72599c0192a07e27 15 -> HKLM\SYSTEM\CurrentControlSet\Services\MSDTC mshidkmdf.sys C:\Windows\System32\drivers\mshidkmdf.sys 4096 3e1e5767043c5af9367f0056295e9f84 15 -> HKLM\SYSTEM\CurrentControlSet\Services\mshidkmdf msisadrv.sys C:\Windows\System32\drivers\msisadrv.sys 13888 0a4e5757ae09fa9622e3158cc1aef114 15 -> HKLM\SYSTEM\CurrentControlSet\Services\msisadrv iscsiexe.dll C:\Windows\system32\iscsiexe.dll 114688 90f7d9e6b6f27e1a707d4a297f077828 15 -> HKLM\SYSTEM\CurrentControlSet\Services\MSiSCSI\Parameters msiexec.exe C:\Windows\system32\msiexec.exe 73216 eee470f2a771fc0b543bdeef74fceca0 15 -> HKLM\SYSTEM\CurrentControlSet\Services\msiserver MSKSSRV.sys C:\Windows\System32\drivers\MSKSSRV.sys 8320 8c0860d6366aaffb6c5bb9df9448e631 15 -> HKLM\SYSTEM\CurrentControlSet\Services\MSKSSRV MsMpEng.exe C:\Program Files\Microsoft Security Client\MsMpEng.exe 22184 f26f7a5b18c717e57e3b6b306abec00b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\MsMpSvc MSPCLOCK.sys C:\Windows\System32\drivers\MSPCLOCK.sys 5888 3ea8b949f963562cedbb549eac0c11ce 15 -> HKLM\SYSTEM\CurrentControlSet\Services\MSPCLOCK MSPQM.sys C:\Windows\System32\drivers\MSPQM.sys 5504 f456e973590d663b1073e9c463b40932 15 -> HKLM\SYSTEM\CurrentControlSet\Services\MSPQM mssmbios.sys C:\Windows\System32\drivers\mssmbios.sys 28240 fc6b9ff600cc585ea38b12589bd4e246 15 -> HKLM\SYSTEM\CurrentControlSet\Services\mssmbios MSTEE.sys C:\Windows\System32\drivers\MSTEE.sys 6144 b42c6b921f61a6e55159b8be6cd54a36 15 -> HKLM\SYSTEM\CurrentControlSet\Services\MSTEE MTConfig.sys C:\Windows\System32\drivers\MTConfig.sys 12288 33599130f44e1f34631cea241de8ac84 15 -> HKLM\SYSTEM\CurrentControlSet\Services\MTConfig mup.sys C:\Windows\System32\drivers\mup.sys 49728 159fad02f64e6381758c990f753bcc80 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Mup qagentRT.dll C:\Windows\system32\qagentRT.dll 330240 61d57a5d7c6d9afe10e77dae6e1b445e 15 -> HKLM\SYSTEM\CurrentControlSet\Services\napagent\Parameters nwifi.sys C:\Windows\System32\drivers\nwifi.sys 267264 26384429fcd85d83746f63e798ab1480 15 -> HKLM\SYSTEM\CurrentControlSet\Services\NativeWifiP ndis.sys C:\Windows\System32\drivers\ndis.sys 712048 8c9c922d71f1cd4def73f186416b7896 3 -> HKLM\SYSTEM\CurrentControlSet\Services\NDIS ndiscap.sys C:\Windows\System32\drivers\ndiscap.sys 27136 0e1787aa6c9191d3d319e8bafe86f80c 15 -> HKLM\SYSTEM\CurrentControlSet\Services\NdisCap ndistapi.sys C:\Windows\System32\drivers\ndistapi.sys 20992 e4a8aec125a2e43a9e32afeea7c9c888 15 -> HKLM\SYSTEM\CurrentControlSet\Services\NdisTapi ndisuio.sys C:\Windows\System32\drivers\ndisuio.sys 46080 d8a65dafb3eb41cbb622745676fcd072 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Ndisuio ndiswan.sys C:\Windows\System32\drivers\ndiswan.sys 118784 38fbe267e7e6983311179230facb1017 15 -> HKLM\SYSTEM\CurrentControlSet\Services\NdisWan netbios.sys C:\Windows\System32\drivers\netbios.sys 36352 80b275b1ce3b0e79909db7b39af74d51 15 -> HKLM\SYSTEM\CurrentControlSet\Services\NetBIOS netbt.sys C:\Windows\System32\drivers\netbt.sys 187904 280122ddcf04b378edd1ad54d71c1e54 15 -> HKLM\SYSTEM\CurrentControlSet\Services\NetBT netman.dll C:\Windows\System32\netman.dll 280576 7cccfca7510684768da22092d1fa4db2 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Netman\Parameters SMSvcHost.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 139944 e58808846b62041bfb05395e1ced6499 15 -> HKLM\SYSTEM\CurrentControlSet\Services\NetMsmqActivator -> HKLM\SYSTEM\CurrentControlSet\Services\NetPipeActivator -> HKLM\SYSTEM\CurrentControlSet\Services\NetTcpActivator -> HKLM\SYSTEM\CurrentControlSet\Services\NetTcpPortSharing netprofm.dll C:\Windows\System32\netprofm.dll 360448 8c338238c16777a802d6a9211eb2ba50 15 -> HKLM\SYSTEM\CurrentControlSet\Services\netprofm\Parameters nfrd960.sys C:\Windows\System32\drivers\nfrd960.sys 44624 1d85c4b390b0ee09c7a46b91efb2c097 15 -> HKLM\SYSTEM\CurrentControlSet\Services\nfrd960 NisDrvWFP.sys C:\Windows\System32\drivers\NisDrvWFP.sys 95408 94b8279fc0e27a8253944dfa47fc4a83 3 -> HKLM\SYSTEM\CurrentControlSet\Services\NisDrv NisSrv.exe C:\Program Files\Microsoft Security Client\NisSrv.exe 284472 1452f52471f2dc1515dd6c35b42ff06e 15 -> HKLM\SYSTEM\CurrentControlSet\Services\NisSrv nlasvc.dll C:\Windows\System32\nlasvc.dll 242688 f115c5cd29e512f18bd7138a094b77e5 15 -> HKLM\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters nsisvc.dll C:\Windows\system32\nsisvc.dll 19456 ba387e955e890c8a88306d9b8d06bf17 15 -> HKLM\SYSTEM\CurrentControlSet\Services\nsi\Parameters nsiproxy.sys C:\Windows\System32\drivers\nsiproxy.sys 16896 e9a0a4d07e53d8fea2bb8387a3293c58 15 -> HKLM\SYSTEM\CurrentControlSet\Services\nsiproxy nvraid.sys C:\Windows\System32\drivers\nvraid.sys 117120 b3e25ee28883877076e0e1ff877d02e0 15 -> HKLM\SYSTEM\CurrentControlSet\Services\nvraid nvstor.sys C:\Windows\System32\drivers\nvstor.sys 143744 4380e59a170d88c4f1022eff6719a8a4 15 -> HKLM\SYSTEM\CurrentControlSet\Services\nvstor nv_agp.sys C:\Windows\System32\drivers\nv_agp.sys 105024 5a0983915f02bae73267cc2a041f717d 15 -> HKLM\SYSTEM\CurrentControlSet\Services\nv_agp ohci1394.sys C:\Windows\System32\drivers\ohci1394.sys 62464 08a70a1f2cdde9bb49b885cb817a66eb 15 -> HKLM\SYSTEM\CurrentControlSet\Services\ohci1394 OSE.EXE C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 149352 9d10f99a6712e28f8acd5641e3a7ea6b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\ose OSPPSVC.EXE C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 4640000 358a9cca612c68eb2f07ddad4ce1d8d7 15 -> HKLM\SYSTEM\CurrentControlSet\Services\osppsvc pnrpsvc.dll C:\Windows\system32\pnrpsvc.dll 269824 82a8521ddc60710c3d3d3e7325209bec 15 -> HKLM\SYSTEM\CurrentControlSet\Services\p2pimsvc\Parameters -> HKLM\SYSTEM\CurrentControlSet\Services\PNRPsvc\Parameters p2psvc.dll C:\Windows\system32\p2psvc.dll 327680 59c3ddd501e39e006dac31bf55150d91 15 -> HKLM\SYSTEM\CurrentControlSet\Services\p2psvc\Parameters parport.sys C:\Windows\System32\drivers\parport.sys 79360 2ea877ed5dd9713c5ac74e8ea7348d14 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Parport partmgr.sys C:\Windows\System32\drivers\partmgr.sys 56176 3f34a1b4c5f6475f320c275e63afce9b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\partmgr parvdm.sys C:\Windows\System32\drivers\parvdm.sys 8704 eb0a59f29c19b86479d36b35983daadc 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Parvdm pcasvc.dll C:\Windows\System32\pcasvc.dll 157184 52954be460ec6c54c0acb2b3b126ffc6 3 -> HKLM\SYSTEM\CurrentControlSet\Services\PcaSvc\Parameters pci.sys C:\Windows\System32\drivers\pci.sys 153984 673e55c3498eb970088e812ea820aa8f 15 -> HKLM\SYSTEM\CurrentControlSet\Services\pci pciide.sys C:\Windows\System32\drivers\pciide.sys 12368 afe86f419014db4e5593f69ffe26ce0a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\pciide pcmcia.sys C:\Windows\System32\drivers\pcmcia.sys 180288 f396431b31693e71e8a80687ef523506 15 -> HKLM\SYSTEM\CurrentControlSet\Services\pcmcia pcw.sys C:\Windows\System32\drivers\pcw.sys 43088 250f6b43d2b613172035c6747aeeb19f 15 -> HKLM\SYSTEM\CurrentControlSet\Services\pcw peauth.sys C:\Windows\System32\drivers\peauth.sys 593920 aebc369f7dc72ab3f5b9bdf34fa0d43f 3 -> HKLM\SYSTEM\CurrentControlSet\Services\PEAUTH peerdistsvc.dll C:\Windows\system32\peerdistsvc.dll 1004544 af4d64d2a57b9772cf3801950b8058a6 15 -> HKLM\SYSTEM\CurrentControlSet\Services\PeerDistSvc\Parameters pla.dll C:\Windows\system32\pla.dll 1508864 414bba67a3ded1d28437eb66aeb8a720 15 -> HKLM\SYSTEM\CurrentControlSet\Services\pla\Parameters umpnpmgr.dll C:\Windows\system32\umpnpmgr.dll 293376 ec7bc28d207da09e79b3e9faf8b232ca 15 -> HKLM\SYSTEM\CurrentControlSet\Services\PlugPlay\Parameters pnrpauto.dll C:\Windows\system32\pnrpauto.dll 20480 63ff8572611249931eb16bb8eed6afc8 15 -> HKLM\SYSTEM\CurrentControlSet\Services\PNRPAutoReg\Parameters ipsecsvc.dll C:\Windows\System32\ipsecsvc.dll 350208 53946b69ba0836bd95b03759530c81ec 15 -> HKLM\SYSTEM\CurrentControlSet\Services\PolicyAgent\Parameters umpo.dll C:\Windows\system32\umpo.dll 119808 f87d30e72e03d579a5199ccb3831d6ea 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Power\Parameters raspptp.sys C:\Windows\System32\drivers\raspptp.sys 73728 631e3e205ad6d86f2aed6a4a8e69f2db 15 -> HKLM\SYSTEM\CurrentControlSet\Services\PptpMiniport processr.sys C:\Windows\System32\drivers\processr.sys 52224 85b1e3a0c7585bc4aae6899ec6fcf011 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Processor profsvc.dll C:\Windows\system32\profsvc.dll 164864 fd9692a3d31e021207d3c2a9dddc2be3 15 -> HKLM\SYSTEM\CurrentControlSet\Services\ProfSvc\Parameters pacer.sys C:\Windows\System32\drivers\pacer.sys 104448 6270ccae2a86de6d146529fe55b3246a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Psched ql2300.sys C:\Windows\System32\drivers\ql2300.sys 1383488 ab95ecf1f6659a60ddc166d8315b0751 15 -> HKLM\SYSTEM\CurrentControlSet\Services\ql2300 ql40xx.sys C:\Windows\System32\drivers\ql40xx.sys 106064 b4dd51dd25182244b86737dc51af2270 15 -> HKLM\SYSTEM\CurrentControlSet\Services\ql40xx qwave.dll C:\Windows\system32\qwave.dll 210944 31ac809e7707eb580b2bdb760390765a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\QWAVE\Parameters qwavedrv.sys C:\Windows\System32\drivers\qwavedrv.sys 31744 584078ca1b95ca72df2a27c336f9719d 15 -> HKLM\SYSTEM\CurrentControlSet\Services\QWAVEdrv rasacd.sys C:\Windows\System32\drivers\rasacd.sys 11776 30a81b53c766d0133bb86d234e5556ab 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RasAcd AgileVpn.sys C:\Windows\System32\drivers\AgileVpn.sys 49152 57ec4aef73660166074d8f7f31c0d4fd 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RasAgileVpn rasauto.dll C:\Windows\System32\rasauto.dll 90624 a60f1839849c0c00739787fd5ec03f13 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RasAuto\Parameters rasl2tp.sys C:\Windows\System32\drivers\rasl2tp.sys 78848 d9f91eafec2815365cbe6d167e4e332a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Rasl2tp rasmans.dll C:\Windows\System32\rasmans.dll 286208 cb9e04dc05eacf5b9a36ca276d475006 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RasMan\Parameters raspppoe.sys C:\Windows\System32\drivers\raspppoe.sys 77824 0fe8b15916307a6ac12bfb6a63e45507 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RasPppoe rassstp.sys C:\Windows\System32\drivers\rassstp.sys 75264 44101f495a83ea6401d886e7fd70096b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RasSstp rdbss.sys C:\Windows\System32\drivers\rdbss.sys 242688 d528bc58a489409ba40334ebf96a311b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\rdbss rdpbus.sys C:\Windows\System32\drivers\rdpbus.sys 18944 0d8f05481cb76e70e1da06ee9f0da9df 15 -> HKLM\SYSTEM\CurrentControlSet\Services\rdpbus RDPCDD.sys C:\Windows\System32\drivers\RDPCDD.sys 6656 23dae03f29d253ae74c44f99e515f9a1 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RDPCDD rdpdr.sys C:\Windows\System32\drivers\rdpdr.sys 133632 b973fcfc50dc1434e1970a146f7e3885 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RDPDR rdpencdd.sys C:\Windows\System32\drivers\rdpencdd.sys 6656 5a53ca1598dd4156d44196d200c94b8a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RDPENCDD rdprefmp.sys C:\Windows\System32\drivers\rdprefmp.sys 7168 44b0a53cd4f27d50ed461dae0c0b4e1f 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RDPREFMP rdpvideominiport.sys C:\Windows\System32\drivers\rdpvideominiport.sys 14848 65375df758ca1872ab7ebbba457fd5e6 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RdpVideoMiniport rdyboost.sys C:\Windows\System32\drivers\rdyboost.sys 173440 518395321dc96fe2c9f0e96ac743b656 15 -> HKLM\SYSTEM\CurrentControlSet\Services\rdyboost mprdim.dll C:\Windows\System32\mprdim.dll 75264 7b5e1419717fac363a31cc302895217a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters regsvc.dll C:\Windows\system32\regsvc.dll 112640 cb9a8683f4ef2bf99e123d79950d7935 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters rfcomm.sys C:\Windows\System32\drivers\rfcomm.sys 129536 cb928d9e6daf51879dd6ba8d02f01321 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RFCOMM RpcEpMap.dll C:\Windows\System32\RpcEpMap.dll 43520 78d072f35bc45d9e4e1b61895c152234 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RpcEptMapper\Parameters locator.exe C:\Windows\system32\locator.exe 9216 94d36c0e44677dd26981d2bfeef2a29d 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RpcLocator rspndr.sys C:\Windows\System32\drivers\rspndr.sys 60928 032b0d36ad92b582d869879f5af5b928 15 -> HKLM\SYSTEM\CurrentControlSet\Services\rspndr Rt86win7.sys C:\Windows\System32\drivers\Rt86win7.sys 721112 e244029c92d7ef048bd7adbc7d759b58 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RTL8167 vms3cap.sys C:\Windows\System32\drivers\vms3cap.sys 5632 7fa7f2e249a5dcbb7970630e15e1f482 15 -> HKLM\SYSTEM\CurrentControlSet\Services\s3cap sbp2port.sys C:\Windows\System32\drivers\sbp2port.sys 85376 05d860da1040f111503ac416ccef2bca 15 -> HKLM\SYSTEM\CurrentControlSet\Services\sbp2port SCardSvr.dll C:\Windows\System32\SCardSvr.dll 132608 8fc518ffe9519c2631d37515a68009c4 15 -> HKLM\SYSTEM\CurrentControlSet\Services\SCardSvr\Parameters scfilter.sys C:\Windows\System32\drivers\scfilter.sys 26624 0693b5ec673e34dc147e195779a4dcf6 15 -> HKLM\SYSTEM\CurrentControlSet\Services\scfilter schedsvc.dll C:\Windows\system32\schedsvc.dll 750592 a04bb13f8a72f8b6e8b4071723e4e336 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Schedule\Parameters SDRSVC.dll C:\Windows\System32\SDRSVC.dll 125952 08236c4bce5edd0a0318a438af28e0f7 15 -> HKLM\SYSTEM\CurrentControlSet\Services\SDRSVC\Parameters seclogon.dll C:\Windows\system32\seclogon.dll 21504 a59b3a4442c52060cc7a85293aa3546f 15 -> HKLM\SYSTEM\CurrentControlSet\Services\seclogon\Parameters sens.dll C:\Windows\System32\sens.dll 49664 dcb7fcdcc97f87360f75d77425b81737 15 -> HKLM\SYSTEM\CurrentControlSet\Services\SENS\Parameters sensrsvc.dll C:\Windows\system32\sensrsvc.dll 25088 50087fe1ee447009c9cc2997b90de53f 15 -> HKLM\SYSTEM\CurrentControlSet\Services\SensrSvc\Parameters serenum.sys C:\Windows\System32\drivers\serenum.sys 17920 9ad8b8b515e3df6acd4212ef465de2d1 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Serenum serial.sys C:\Windows\System32\drivers\serial.sys 83456 5fb7fcea0490d821f26f39cc5ea3d1e2 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Serial sermouse.sys C:\Windows\System32\drivers\sermouse.sys 19968 79bffb520327ff916a582dfea17aa813 15 -> HKLM\SYSTEM\CurrentControlSet\Services\sermouse sessenv.dll C:\Windows\system32\sessenv.dll 113664 4ae380f39a0032eab7dd953030b26d28 15 -> HKLM\SYSTEM\CurrentControlSet\Services\SessionEnv\Parameters sffdisk.sys C:\Windows\System32\drivers\sffdisk.sys 11264 9f976e1eb233df46fce808d9dea3eb9c 15 -> HKLM\SYSTEM\CurrentControlSet\Services\sffdisk sffp_mmc.sys C:\Windows\System32\drivers\sffp_mmc.sys 12288 932a68ee27833cfd57c1639d375f2731 15 -> HKLM\SYSTEM\CurrentControlSet\Services\sffp_mmc sffp_sd.sys C:\Windows\System32\drivers\sffp_sd.sys 12800 6d4ccaedc018f1cf52866bbbaa235982 15 -> HKLM\SYSTEM\CurrentControlSet\Services\sffp_sd sfloppy.sys C:\Windows\System32\drivers\sfloppy.sys 13824 db96666cc8312ebc45032f30b007a547 15 -> HKLM\SYSTEM\CurrentControlSet\Services\sfloppy ipnathlp.dll C:\Windows\System32\ipnathlp.dll 300544 d1a079a0de2ea524513b6930c24527a2 15 -> HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters shsvcs.dll C:\Windows\System32\shsvcs.dll 328192 414da952a35bf5d50192e28263b40577 15 -> HKLM\SYSTEM\CurrentControlSet\Services\ShellHWDetection\Parameters sisagp.sys C:\Windows\System32\drivers\sisagp.sys 52304 2565cac0dc9fe0371bdce60832582b2e 15 -> HKLM\SYSTEM\CurrentControlSet\Services\sisagp SiSRaid2.sys C:\Windows\System32\drivers\SiSRaid2.sys 40016 a9f0486851becb6dda1d89d381e71055 15 -> HKLM\SYSTEM\CurrentControlSet\Services\SiSRaid2 sisraid4.sys C:\Windows\System32\drivers\sisraid4.sys 77888 3727097b55738e2f554972c3be5bc1aa 15 -> HKLM\SYSTEM\CurrentControlSet\Services\SiSRaid4 Updater.exe C:\Program Files\Skype\Updater\Updater.exe 315488 a9c057a9463c25490cf99ea8df8a4b35 15 -> HKLM\SYSTEM\CurrentControlSet\Services\SkypeUpdate smb.sys C:\Windows\System32\drivers\smb.sys 71168 3e21c083b8a01cb70ba1f09303010fce 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Smb Smb_driver_Intel.sys C:\Windows\System32\drivers\Smb_driver_Intel.sys 28656 8ac3284e05aded141eefac76705ac213 3 -> HKLM\SYSTEM\CurrentControlSet\Services\SmbDrvI snmptrap.exe C:\Windows\System32\snmptrap.exe 12800 6a984831644eca1a33ffeae4126f4f37 15 -> HKLM\SYSTEM\CurrentControlSet\Services\SNMPTRAP spoolsv.exe C:\Windows\System32\spoolsv.exe 317440 9aea093b8f9c37cf45538382caba2475 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Spooler sppsvc.exe C:\Windows\system32\sppsvc.exe 3179520 cf87a1de791347e75b98885214ced2b8 15 -> HKLM\SYSTEM\CurrentControlSet\Services\sppsvc sppuinotify.dll C:\Windows\system32\sppuinotify.dll 53760 b0180b20b065d89232a78a40fe56eaa6 15 -> HKLM\SYSTEM\CurrentControlSet\Services\sppuinotify\Parameters SH4Service.exe C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe 771456 b785670e201b2ca20e91bf8d7b0d4d2a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service srv.sys C:\Windows\System32\drivers\srv.sys 311808 e4c2764065d66ea1d2d3ebc28fe99c46 15 -> HKLM\SYSTEM\CurrentControlSet\Services\srv srv2.sys C:\Windows\System32\drivers\srv2.sys 310272 03f0545bd8d4c77fa0ae1ceedfcc71ab 15 -> HKLM\SYSTEM\CurrentControlSet\Services\srv2 srvnet.sys C:\Windows\System32\drivers\srvnet.sys 114688 be6bd660caa6f291ae06a718a4fa8abc 15 -> HKLM\SYSTEM\CurrentControlSet\Services\srvnet ssdpsrv.dll C:\Windows\System32\ssdpsrv.dll 162816 d887c9fd02ac9fa880f6e5027a43e118 15 -> HKLM\SYSTEM\CurrentControlSet\Services\SSDPSRV\Parameters sstpsvc.dll C:\Windows\system32\sstpsvc.dll 90112 d318f23be45d5e3a107469eb64815b50 15 -> HKLM\SYSTEM\CurrentControlSet\Services\SstpSvc\Parameters STacSV.exe C:\Program Files\IDT\WDM\STacSV.exe 311378 422ad0a2f29ba5b739b3b0d2b69b6642 15 -> HKLM\SYSTEM\CurrentControlSet\Services\STacSV stexstor.sys C:\Windows\System32\drivers\stexstor.sys 21072 db32d325c192b801df274bfd12a7e72b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\stexstor stwrt.sys C:\Windows\System32\drivers\stwrt.sys 458240 abd14a993c016ec7cc73ab7f79088961 3 -> HKLM\SYSTEM\CurrentControlSet\Services\STHDA wiaservc.dll C:\Windows\System32\wiaservc.dll 463360 e1fb3706030fb4578a0d72c2fc3689e4 15 -> HKLM\SYSTEM\CurrentControlSet\Services\StiSvc\Parameters vmstorfl.sys C:\Windows\System32\drivers\vmstorfl.sys 40704 472af0311073dceceaa8fa18ba2bdf89 15 -> HKLM\SYSTEM\CurrentControlSet\Services\storflt storvsc.sys C:\Windows\System32\drivers\storvsc.sys 28032 dcaffd62259e0bdb433dd67b5bb37619 15 -> HKLM\SYSTEM\CurrentControlSet\Services\storvsc swenum.sys C:\Windows\System32\drivers\swenum.sys 12240 e58c78a848add9610a4db6d214af5224 15 -> HKLM\SYSTEM\CurrentControlSet\Services\swenum swprv.dll C:\Windows\System32\swprv.dll 313856 a28bd92df340e57b024ba433165d34d7 15 -> HKLM\SYSTEM\CurrentControlSet\Services\swprv\Parameters Synth3dVsc.sys C:\Windows\System32\drivers\Synth3dVsc.sys 77184 f2ad8960812fd111e20e84659ef19d43 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Synth3dVsc SynTP.sys C:\Windows\System32\drivers\SynTP.sys 433904 0f64b5b10833b7347aece3afc7b3f105 3 -> HKLM\SYSTEM\CurrentControlSet\Services\SynTP SynTPEnhService.exe C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe 192240 252d85cf8a56da289580b3203d79983b 3 -> HKLM\SYSTEM\CurrentControlSet\Services\SynTPEnhService sysmain.dll C:\Windows\system32\sysmain.dll 1159168 36650d618ca34c9d357dfd3d89b2c56f 15 -> HKLM\SYSTEM\CurrentControlSet\Services\SysMain\Parameters TabSvc.dll C:\Windows\System32\TabSvc.dll 73216 763fecdc3d30c815fe72dd57936c6cd1 15 -> HKLM\SYSTEM\CurrentControlSet\Services\TabletInputService\Parameters tapisrv.dll C:\Windows\System32\tapisrv.dll 242176 613bf4820361543956909043a265c6ac 15 -> HKLM\SYSTEM\CurrentControlSet\Services\TapiSrv\Parameters tbssvc.dll C:\Windows\System32\tbssvc.dll 55808 b799d9fdb26111737f58288d8dc172d9 15 -> HKLM\SYSTEM\CurrentControlSet\Services\TBS\Parameters tcpip.sys C:\Windows\System32\drivers\tcpip.sys 1294272 5579dd18546999f5d0ec39d018726c6b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Tcpip -> HKLM\SYSTEM\CurrentControlSet\Services\TCPIP6 tcpipreg.sys C:\Windows\System32\drivers\tcpipreg.sys 35328 3eebd3bd93da46a26e89893c7ab2ff3b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\tcpipreg tdpipe.sys C:\Windows\System32\drivers\tdpipe.sys 18432 1cb91b2bd8f6dd367dfc2ef26fd751b2 15 -> HKLM\SYSTEM\CurrentControlSet\Services\TDPIPE tdtcp.sys C:\Windows\System32\drivers\tdtcp.sys 24576 2c2c5afe7ee4f620d69c23c0617651a8 15 -> HKLM\SYSTEM\CurrentControlSet\Services\TDTCP tdx.sys C:\Windows\System32\drivers\tdx.sys 74752 7fe680a3dfa421c4a8e4879ae4c5aab0 15 -> HKLM\SYSTEM\CurrentControlSet\Services\tdx termdd.sys C:\Windows\System32\drivers\termdd.sys 53120 04dbf4b01ea4bf25a9a3e84affac9b20 15 -> HKLM\SYSTEM\CurrentControlSet\Services\TermDD terminpt.sys C:\Windows\System32\drivers\terminpt.sys 24064 e951866bac5a23403f62a349edbb6eeb 15 -> HKLM\SYSTEM\CurrentControlSet\Services\terminpt termsrv.dll C:\Windows\System32\termsrv.dll 523776 fcfd4f50419b4bc72e80066da10d2e54 15 -> HKLM\SYSTEM\CurrentControlSet\Services\TermService\Parameters themeservice.dll C:\Windows\system32\themeservice.dll 37376 dde5d20e6cc5d20906aba3b5792bd1ff 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Themes\Parameters trkwks.dll C:\Windows\System32\trkwks.dll 77312 4792c0378db99a9bc2ae2de6cfff0c3a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\TrkWks\Parameters TrustedInstaller.exe C:\Windows\servicing\TrustedInstaller.exe 204800 2c49b175aee1d4364b91b531417fe583 15 -> HKLM\SYSTEM\CurrentControlSet\Services\TrustedInstaller tssecsrv.sys C:\Windows\System32\drivers\tssecsrv.sys 31232 6c5139e4283249518f7743d7043775b3 15 -> HKLM\SYSTEM\CurrentControlSet\Services\tssecsrv tsusbflt.sys C:\Windows\System32\drivers\tsusbflt.sys 49152 c6a5fbd4977305e1fa23e02c042db463 15 -> HKLM\SYSTEM\CurrentControlSet\Services\TsUsbFlt TsUsbGD.sys C:\Windows\System32\drivers\TsUsbGD.sys 27136 57c527af84748b5c2f5178c499c0b81f 15 -> HKLM\SYSTEM\CurrentControlSet\Services\TsUsbGD tsusbhub.sys C:\Windows\System32\drivers\tsusbhub.sys 112640 045acb987c650d8186c6b4a692223860 15 -> HKLM\SYSTEM\CurrentControlSet\Services\tsusbhub tunnel.sys C:\Windows\System32\drivers\tunnel.sys 108544 b2fa25d9b17a68bb93d58b0556e8c90d 15 -> HKLM\SYSTEM\CurrentControlSet\Services\tunnel uagp35.sys C:\Windows\System32\drivers\uagp35.sys 55888 750fbcb269f4d7dd2e420c56b795db6d 15 -> HKLM\SYSTEM\CurrentControlSet\Services\uagp35 udfs.sys C:\Windows\System32\drivers\udfs.sys 246784 ee43346c7e4b5e63e54f927babbb32ff 15 -> HKLM\SYSTEM\CurrentControlSet\Services\udfs UI0Detect.exe C:\Windows\system32\UI0Detect.exe 35840 8344fd4fce927880aa1aa7681d4927e5 15 -> HKLM\SYSTEM\CurrentControlSet\Services\UI0Detect uliagpkx.sys C:\Windows\System32\drivers\uliagpkx.sys 57424 44e8048ace47befbfdc2e9be4cbc8880 15 -> HKLM\SYSTEM\CurrentControlSet\Services\uliagpkx umbus.sys C:\Windows\System32\drivers\umbus.sys 39936 d295bed4b898f0fd999fcfa9b32b071b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\umbus umpass.sys C:\Windows\System32\drivers\umpass.sys 8192 7550ad0c6998ba1cb4843e920ee0feac 15 -> HKLM\SYSTEM\CurrentControlSet\Services\UmPass umrdp.dll C:\Windows\System32\umrdp.dll 171008 409994a8eaceee4e328749c0353527a0 15 -> HKLM\SYSTEM\CurrentControlSet\Services\UmRdpService\Parameters UnlockerDriver5.sys \??\C:\Program Files\Unlocker\UnlockerDriver5.sys 4096 bb879dcfd22926efbeb3298129898cbb 15 -> HKLM\SYSTEM\CurrentControlSet\Services\UnlockerDriver5 UNS.exe C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 2533400 2b971a72c0d6bd8a710e2748353773dd 15 -> HKLM\SYSTEM\CurrentControlSet\Services\UNS upnphost.dll C:\Windows\System32\upnphost.dll 266752 833fbb672460efce8011d262175fad33 15 -> HKLM\SYSTEM\CurrentControlSet\Services\upnphost\Parameters usbccgp.sys C:\Windows\System32\drivers\usbccgp.sys 76288 0803fba9fe829d61ae26ec0bcc910c46 15 -> HKLM\SYSTEM\CurrentControlSet\Services\usbccgp usbcir.sys C:\Windows\System32\drivers\usbcir.sys 86016 2352ab5f9f8f097bf9d41d5a4718a041 15 -> HKLM\SYSTEM\CurrentControlSet\Services\usbcir usbehci.sys C:\Windows\System32\drivers\usbehci.sys 43520 d40855f89b69305140bbd7e9a3ba2da6 15 -> HKLM\SYSTEM\CurrentControlSet\Services\usbehci usbhub.sys C:\Windows\System32\drivers\usbhub.sys 258560 edf2df71c4f1e13a6ac75f5224de655a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\usbhub usbohci.sys C:\Windows\System32\drivers\usbohci.sys 20480 9828c8d14cc2676421778f0de638cf97 15 -> HKLM\SYSTEM\CurrentControlSet\Services\usbohci usbprint.sys C:\Windows\System32\drivers\usbprint.sys 19968 797d862fe0875e75c7cc4c1ad7b30252 15 -> HKLM\SYSTEM\CurrentControlSet\Services\usbprint USBSRService.exe C:\Program Files\USB Safely Remove\USBSRService.exe 257880 9eab14398771be7d26a4145764248c81 15 -> HKLM\SYSTEM\CurrentControlSet\Services\USBSafelyRemoveService USBSTOR.SYS C:\Windows\System32\drivers\USBSTOR.SYS 76288 f991ab9cc6b908db552166768176896a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\USBSTOR usbuhci.sys C:\Windows\System32\drivers\usbuhci.sys 24064 800aabfd625eeff899f7e5496bde37ab 15 -> HKLM\SYSTEM\CurrentControlSet\Services\usbuhci usbvideo.sys C:\Windows\System32\drivers\usbvideo.sys 146816 de014425522610bedca3821bb8c0f1d5 15 -> HKLM\SYSTEM\CurrentControlSet\Services\usbvideo uxsms.dll C:\Windows\System32\uxsms.dll 29696 081e6e1c91aec36758902a9f727cd23c 15 -> HKLM\SYSTEM\CurrentControlSet\Services\UxSms\Parameters valWBFPolicyService.exe C:\Windows\system32\valWBFPolicyService.exe 29184 0367dca4ece4116a58608e0e9451424a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\valWBFPolicyService vdrvroot.sys C:\Windows\System32\drivers\vdrvroot.sys 32832 a059c4c3edb09e07d21a8e5c0aabd3cb 15 -> HKLM\SYSTEM\CurrentControlSet\Services\vdrvroot vds.exe C:\Windows\System32\vds.exe 453632 c3cd30495687c2a2f66a65ca6fd89be9 15 -> HKLM\SYSTEM\CurrentControlSet\Services\vds vgapnp.sys C:\Windows\System32\drivers\vgapnp.sys 26112 17c408214ea61696cec9c66e388b14f3 15 -> HKLM\SYSTEM\CurrentControlSet\Services\vga vga.sys C:\Windows\System32\drivers\vga.sys 25088 8e38096ad5c8570a6f1570a61e251561 15 -> HKLM\SYSTEM\CurrentControlSet\Services\VgaSave vhdmp.sys C:\Windows\System32\drivers\vhdmp.sys 160128 5461686cca2fda57b024547733ab42e3 15 -> HKLM\SYSTEM\CurrentControlSet\Services\vhdmp viaagp.sys C:\Windows\System32\drivers\viaagp.sys 53328 c829317a37b4bea8f39735d4b076e923 15 -> HKLM\SYSTEM\CurrentControlSet\Services\viaagp viac7.sys C:\Windows\System32\drivers\viac7.sys 52736 e02f079a6aa107f06b16549c6e5c7b74 15 -> HKLM\SYSTEM\CurrentControlSet\Services\ViaC7 viaide.sys C:\Windows\System32\drivers\viaide.sys 16976 e43574f6a56a0ee11809b48c09e4fd3c 15 -> HKLM\SYSTEM\CurrentControlSet\Services\viaide vmbus.sys C:\Windows\System32\drivers\vmbus.sys 175360 c2f2911156fdc7817c52829c86da494e 15 -> HKLM\SYSTEM\CurrentControlSet\Services\vmbus VMBusHID.sys C:\Windows\System32\drivers\VMBusHID.sys 17920 d4d77455211e204f370d08f4963063ce 15 -> HKLM\SYSTEM\CurrentControlSet\Services\VMBusHID volmgr.sys C:\Windows\System32\drivers\volmgr.sys 53120 4c63e00f2f4b5f86ab48a58cd990f212 15 -> HKLM\SYSTEM\CurrentControlSet\Services\volmgr volmgrx.sys C:\Windows\System32\drivers\volmgrx.sys 297040 b5bb72067ddddbbfb04b2f89ff8c3c87 15 -> HKLM\SYSTEM\CurrentControlSet\Services\volmgrx volsnap.sys C:\Windows\System32\drivers\volsnap.sys 245632 f497f67932c6fa693d7de2780631cfe7 15 -> HKLM\SYSTEM\CurrentControlSet\Services\volsnap vsmraid.sys C:\Windows\System32\drivers\vsmraid.sys 141904 9dfa0cc2f8855a04816729651175b631 15 -> HKLM\SYSTEM\CurrentControlSet\Services\vsmraid vssvc.exe C:\Windows\system32\vssvc.exe 1025536 209a3b1901b83aeb8527ed211cce9e4c 15 -> HKLM\SYSTEM\CurrentControlSet\Services\VSS vwifibus.sys C:\Windows\System32\drivers\vwifibus.sys 19968 90567b1e658001e79d7c8bbd3dde5aa6 15 -> HKLM\SYSTEM\CurrentControlSet\Services\vwifibus vwififlt.sys C:\Windows\System32\drivers\vwififlt.sys 48128 7090d3436eeb4e7da3373090a23448f7 15 -> HKLM\SYSTEM\CurrentControlSet\Services\vwififlt vwifimp.sys C:\Windows\System32\drivers\vwifimp.sys 14336 a3f04cbea6c2a10e6cb01f8b47611882 15 -> HKLM\SYSTEM\CurrentControlSet\Services\vwifimp w32time.dll C:\Windows\system32\w32time.dll 288768 55187fd710e27d5095d10a472c8baf1c 15 -> HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Parameters wacompen.sys C:\Windows\System32\drivers\wacompen.sys 21632 de3721e89c653aa281428c8a69745d90 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WacomPen wanarp.sys C:\Windows\System32\drivers\wanarp.sys 63488 3c3c78515f5ab448b022bdf5b8ffdd2e 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WANARP -> HKLM\SYSTEM\CurrentControlSet\Services\Wanarpv6 wbengine.exe C:\Windows\system32\wbengine.exe 1203200 691e3285e53dca558e1a84667f13e15a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\wbengine wbiosrvc.dll C:\Windows\System32\wbiosrvc.dll 151552 9614b5d29dc76ac3c29f6d2d3aa70e67 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WbioSrvc\Parameters wcncsvc.dll C:\Windows\System32\wcncsvc.dll 276992 34eee0dfaadb4f691d6d5308a51315dc 15 -> HKLM\SYSTEM\CurrentControlSet\Services\wcncsvc\Parameters WcsPlugInService.dll C:\Windows\System32\WcsPlugInService.dll 32768 5d930b6357a6d2af4d7653bdabbf352f 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WcsPlugInService\Parameters wd.sys C:\Windows\System32\drivers\wd.sys 19024 1112a9badacb47b7c0bb0392e3158dff 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Wd Wdf01000.sys C:\Windows\System32\drivers\Wdf01000.sys 527064 25944d2cc49e0a6c581d02a74b7d6645 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Wdf01000 wdi.dll C:\Windows\system32\wdi.dll 76800 dde994e9159497d0d5ab2cdf66d1ead6 3 -> HKLM\SYSTEM\CurrentControlSet\Services\WdiServiceHost\Parameters -> HKLM\SYSTEM\CurrentControlSet\Services\WdiSystemHost\Parameters webclnt.dll C:\Windows\System32\webclnt.dll 205824 75e8ebd7040ce238684333f97014762a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WebClient\Parameters wecsvc.dll C:\Windows\system32\wecsvc.dll 147968 760f0afe937a77cff27153206534f275 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Wecsvc\Parameters wercplsupport.dll C:\Windows\System32\wercplsupport.dll 61440 ac804569bb2364fb6017370258a4091b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\wercplsupport\Parameters WerSvc.dll C:\Windows\System32\WerSvc.dll 65024 08e420d873e4fd85241ee2421b02c4a4 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WerSvc\Parameters wfplwf.sys C:\Windows\System32\drivers\wfplwf.sys 9728 8b9a943f3b53861f2bfaf6c186168f79 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WfpLwf wimmount.sys C:\Windows\System32\drivers\wimmount.sys 19008 5cf95b35e59e2a38023836fff31be64c 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WIMMount mpsvc.dll C:\Program Files\Windows Defender\mpsvc.dll 680960 082cf481f659fae0de51ad060881eb47 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WinDefend\Parameters winhttp.dll C:\Windows\system32\winhttp.dll 351232 ca9f7888b524d8100b977c81f44c3234 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WinHttpAutoProxySvc\Parameters WMIsvc.dll C:\Windows\system32\wbem\WMIsvc.dll 168960 f62e510b6ad4c21eb9fe8668ed251826 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt\Parameters WinRing0.sys \??\C:\Program Files\BatteryCare\WinRing0.sys 14416 845af1ba23c8d5e64def61bcc441604c 3 -> HKLM\SYSTEM\CurrentControlSet\Services\WinRing0_1_2_0 WsmSvc.dll C:\Windows\system32\WsmSvc.dll 1177088 1de9bd23afa36150586c732d876d9b74 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WinRM\Parameters WinUSB.sys C:\Windows\System32\drivers\WinUSB.sys 35968 a67e5f9a400f3bd1be3d80613b45f708 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WinUsb BootTime.exe C:\Program Files\Wise\Wise Care 365\BootTime.exe 580232 a7c993f86be5af035de06df9160d7008 3 -> HKLM\SYSTEM\CurrentControlSet\Services\WiseBootAssistant WiseHDInfo32.dll \??\C:\Windows\WiseHDInfo32.dll 11816 ca24f4b849af337e77c0be3fa15a4019 3 -> HKLM\SYSTEM\CurrentControlSet\Services\WiseHDInfo WiseTDIFw.sys \??\C:\Windows\WiseTDIFw.sys 41512 67043cdaed3a29b809a7f8692ecbf8a8 3 -> HKLM\SYSTEM\CurrentControlSet\Services\WiseTDIFw wlansvc.dll C:\Windows\System32\wlansvc.dll 829440 16935c98ff639d185086a3529b1f2067 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Wlansvc\Parameters wmiacpi.sys C:\Windows\System32\drivers\wmiacpi.sys 11264 0217679b8fca58714c3bf2726d2ca84e 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WmiAcpi WmiApSrv.exe C:\Windows\system32\wbem\WmiApSrv.exe 136192 6eb6b66517b048d87dc1856ddf1f4c3f 15 -> HKLM\SYSTEM\CurrentControlSet\Services\wmiApSrv wmpnetwk.exe C:\Program Files\Windows Media Player\wmpnetwk.exe 1121792 3b40d3a61aa8c21b88ae57c58ab3122e 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WMPNetworkSvc wpcsvc.dll C:\Windows\System32\wpcsvc.dll 10752 a2f0ec770a92f2b3f9de6d518e11409c 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WPCSvc\Parameters wpdbusenum.dll C:\Windows\system32\wpdbusenum.dll 85504 aa53356d60af47eacc85bc617a4f3f66 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WPDBusEnum\Parameters ws2ifsl.sys C:\Windows\System32\drivers\ws2ifsl.sys 16384 6db3276587b853bf886b69528fdb048c 15 -> HKLM\SYSTEM\CurrentControlSet\Services\ws2ifsl wscsvc.dll C:\Windows\System32\wscsvc.dll 73728 6f5d49efe0e7164e03ae773a3fe25340 15 -> HKLM\SYSTEM\CurrentControlSet\Services\wscsvc\Parameters SearchIndexer.exe C:\Windows\system32\SearchIndexer.exe 427520 236f286e103fd44bd85fdd93097fd5dd 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WSearch wuaueng.dll C:\Windows\system32\wuaueng.dll 1973728 d9b0134913e5ef007af82a418c503322 15 -> HKLM\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters WudfPf.sys C:\Windows\System32\drivers\WudfPf.sys 66560 06e6f32c8d0a3f66d956f57b43a2e070 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WudfPf WUDFRd.sys C:\Windows\System32\drivers\WUDFRd.sys 155136 867c301e8b790040ae9cf6486e8041df 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WUDFRd WUDFSvc.dll C:\Windows\System32\WUDFSvc.dll 73216 fe47b7bc8ea320c2d9b5e5bf6e303765 15 -> HKLM\SYSTEM\CurrentControlSet\Services\wudfsvc\Parameters wwansvc.dll C:\Windows\System32\wwansvc.dll 185344 7cc38741b8f68f1e0d5d79da6123666a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WwanSvc\Parameters ssv.dll C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll 460712 0bed6740a90593c4894ebaf1e7aaff27 3 -> HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} URLREDIR.DLL C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL 562904 e04a1418b6caa33ef61f7b4ae826fc94 15 -> HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} jp2ssv.dll C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll 172968 3a6c4a891cfff80bb708b9b62075f11e 3 -> HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} ieframe.dll C:\Windows\System32\ieframe.dll 12827648 e868396bc5f8957a9e39bd9a28ea814d 3 -> HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks::{CFBFAE00-17A6-11D0-99CB-00C04FD64497} NLAapi.dll C:\Windows\system32\NLAapi.dll 52224 50e0dd0a5b8d8bc353578f2f73926697 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001 napinsp.dll C:\Windows\system32\napinsp.dll 52224 0b7e85364cb878e2ad531db7b601a9e5 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002 pnrpnsp.dll C:\Windows\system32\pnrpnsp.dll 65024 5cf640eddb1e40a5ab1bb743bcdec610 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004 mswsock.dll C:\Windows\System32\mswsock.dll 231424 e94c583cde2348950155f2af2876f34d 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000018 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000019 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000020 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000021 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000022 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000023 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000024 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000025 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000026 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000027 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000028 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000029 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000030 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000031 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000032 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000033 winrnr.dll C:\Windows\System32\winrnr.dll 20992 5df5d8cfd9b9573fa3b2c89d9061a240 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006 wshbth.dll C:\Windows\system32\wshbth.dll 36352 ac122407b29378ff9646f03404ac7c54 3 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000007 BatteryCare.exe C:\Program Files\BatteryCare\BatteryCare.exe 788992 0b33f63b110cc610ed6ea77bd807a245 15 -> Scheduled Tasks\BatteryCareAuto CCleaner.exe C:\Program Files\CCleaner\CCleaner.exe 5503768 2b24f194fc5b657397ecb2923a68350e 15 -> Scheduled Tasks\CCleanerSkipUAC DriverBooster.exe C:\Program Files\IObit\Driver Booster\DriverBooster.exe 4363072 92eebef2ab77d512d41aa8ec0077fae0 3 -> Scheduled Tasks\Driver Booster SkipUAC (МАКС) AutoUpdate.exe C:\Program Files\IObit\Driver Booster\AutoUpdate.exe 1439040 ad613de74a1a3df1082ef684407155a0 3 -> Scheduled Tasks\Driver Booster Update CodecTweakTool.exe C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe 1173504 2a5c656b0a364580e578b26eae2ee889 15 -> Scheduled Tasks\klcp_update Spyhunter4.exe C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe 7125376 fd947f1cbb022c1dc138013049f5e33a 15 -> Scheduled Tasks\SpyHunter4Startup PowerDVD12Agent.exe C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe 377880 dcf4a14519efa6aac557218a939b05ad 15 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::PowerDVD12Agent UIExec.exe C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe 156448 84a459bb89031d7a662769e2ec73c930 15 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::UIExec AvastUI.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe 8900328 70050353213574b62ca9ec28f65f2f3e 3 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::AvastUI.exe CheckNDISPort_df.exe C:\Program Files (x86)\Hostless Modem\USB device MF63\CheckNDISPort_df.exe 459008 add615d090dd8266cb671aab5611d34f 15 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::CheckNDISPortF0acE3 CancelAutoPlay_df.exe C:\Program Files (x86)\Hostless Modem\USB device MF63\CancelAutoPlay_df.exe 446208 3ec4124a4c86f1ed41641c47ded12e43 15 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::CancelAutoPlay_df APSDaemon.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe 59720 61e4289e91e88c90478d7f4beb10dcf7 15 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::APSDaemon QTTask.exe C:\Program Files (x86)\QuickTime\QTTask.exe 421888 9accbc5891ba51b5b29c1a88f80d4ce3 15 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::QuickTime Task TrueImageMonitor.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe 7840568 55e4a8ae7c31f7eeaeecb0543f0f41e3 3 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::TrueImageMonitor.exe TibMounterMonitor.exe C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe 1104792 0558be304c0b3862323a070c13db7adb 15 -> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::AcronisTibMounterMonitor MediaDetector.exe C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe 286720 0912387d3b5414c7300e67a0663b8268 15 -> HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::BlazeServoTool WellPhone2.exe C:\Program Files (x86)\Nokia\Nokia Internet Modem\WellPhone2.exe 1962648 4b96694eca032728cdbcb9d307970a01 15 -> HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::Nokia Internet Modem ChomikBox.exe C:\Program Files (x86)\ChomikBox\ChomikBox.exe 6033408 8bf1bd4669f2c499ea466ed2c9505075 15 -> HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::ChomikBox gpupdate.exe C:\windows\system32\gpupdate.exe 16896 5a08d679c6b3e34afb29e0ab86deade0 15 -> HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::C PCSuite.exe C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe 1516632 5425b0e1a2fbee08e5fe3f8a54fe487f 15 -> HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::PC Suite Tray rpcrt4.dll C:\windows\system32\rpcrt4.dll 710144 128ec9879d462f89829e663417fe5dbd 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::rpcrt4 combase.dll C:\windows\system32\combase.dll 1374384 d47c2645c635d42ae5c1f5b2644ea093 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::combase gdiplus.dll C:\windows\system32\gdiplus.dll 1351168 8a073508726de4a69ed702a7a6082808 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::gdiplus IMAGEHLP.dll C:\windows\system32\IMAGEHLP.dll 70680 5aa28997f6a30eb196a5ab09f684b7be 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::IMAGEHLP MSVCRT.dll C:\windows\system32\MSVCRT.dll 780408 6eba4aa97ba64ceb363c1c8ce12214f9 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::MSVCRT SHLWAPI.dll C:\windows\system32\SHLWAPI.dll 263872 6cb5cff7f48b8e226523bf2e849aa6e5 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::SHLWAPI COMDLG32.dll C:\windows\system32\COMDLG32.dll 540672 6adef3cce9788849fa7f8d28a85b2833 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::COMDLG32 NORMALIZ.dll C:\windows\system32\NORMALIZ.dll 2560 00542019b2969529c5e9c68c83bd6f88 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::NORMALIZ PSAPI.DLL C:\windows\system32\PSAPI.DLL 16024 52ef8037a22f0eb0083aa29eac706495 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::PSAPI WLDAP32.dll C:\windows\system32\WLDAP32.dll 321024 bfc6f7889a9cff451a418862444b9f63 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::WLDAP32 ole32.dll C:\windows\system32\ole32.dll 1095488 2bdb085aa7eca65d1793d150cec960af 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::ole32 IMM32.dll C:\windows\system32\IMM32.dll 137728 62969a88de12fd62d59a6c7821a929bc 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::IMM32 MSCTF.dll C:\windows\system32\MSCTF.dll 1017936 f5c43bfe7ef27521ed25b912c9366cd9 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::MSCTF OLEAUT32.dll C:\windows\system32\OLEAUT32.dll 552632 9db8537c03be40548968c445fc595753 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::OLEAUT32 LPK.dll C:\windows\system32\LPK.dll 3072 32f9650cd23f6f36706e9ea23eccf484 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::LPK clbcatq.dll C:\windows\system32\clbcatq.dll 508680 a7ddbd5da334f3ba342eb828012fd1a5 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::clbcatq WS2_32.dll C:\windows\system32\WS2_32.dll 313488 428af7fa03ff09ce1cd373abfebad8a3 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::WS2_32 SHELL32.dll C:\windows\system32\SHELL32.dll 18722600 f51b727aff404ed8d730dfa069d88d7b 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::SHELL32 gdi32.dll C:\windows\system32\gdi32.dll 1064448 dbc4d46a7ddc14d1d1ed4b613f9e41a4 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::gdi32 difxapi.dll C:\windows\system32\difxapi.dll 347648 fc272944d1cac1f66ea8b2577245b827 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::DifxApi Setupapi.dll C:\windows\system32\Setupapi.dll 1767440 c500954647e81a00700d3767c2b3cc4b 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::Setupapi kernel32.dll C:\windows\system32\kernel32.dll 1036288 595653478434f2a8451eda55cd954ced 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::kernel32 advapi32.dll C:\windows\system32\advapi32.dll 490136 421d685787762bbae821159279b3000c 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::advapi32 user32.dll C:\windows\system32\user32.dll 1361408 a39251fae3189e1ae1f0df0884d37e2a 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::user32 NSI.dll C:\windows\system32\NSI.dll 19640 64a5d80882cf405f515a1a1d3f136b6a 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::NSI sechost.dll C:\windows\system32\sechost.dll 252024 3503f1397cb9bee0d9684a7ca4c1c315 15 -> HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls::sechost explorer.exe C:\windows\explorer.exe 2374784 acdbe1ed38167c8b01b8f63161bb2cea 15 -> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon::Shell userinit.exe C:\windows\system32\userinit.exe 21504 41636f77ad6d9a396ea34e4786b96f2b 15 -> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon::Userinit SystemPropertiesPerformance.exe C:\windows\system32\SystemPropertiesPerformance.exe 82944 790d3430e0ed59a70c0aaacfec979bdc 15 -> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon::VmApplet credssp.dll C:\windows\system32\credssp.dll 18944 feb2acc88d065311ce56e309cbd06232 15 -> HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders::SecurityProviders mshta.exe C:\Windows\SysWOW64\mshta.exe 13312 fc790dce2929cbdce9f407310c27a645 15 -> HKCR\htafile\shell\open\command::(Default) -> HKLM\SOFTWARE\Classes\htafile\shell\open\command::(Default) iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe 812688 0b219df6f397f076bc4df0249156d010 15 -> HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command::(Default) unregmp2.exe C:\windows\system32\unregmp2.exe 193536 e358d430a884638259587f87291ae20c 15 -> HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95} -> HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6} WinMail.exe C:\Program Files (x86)\Windows Mail\WinMail.exe 393728 a29fcfca10492abd47f063ade3070844 15 -> HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C} mscories.dll C:\Windows\SysWOW64\mscories.dll 81560 e5e8a1a77dfb74ad1b2ec09b0f7fc5af 15 -> HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820} schedul2.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe 1144752 4cc12eba59ada72254df56bb91ed31eb 3 -> HKLM\SYSTEM\CurrentControlSet\Services\AcrSch2Svc svchost.exe C:\windows\system32\svchost.exe 31552 425e22d9f5c01616afc92987791b19e9 15 -> HKLM\SYSTEM\CurrentControlSet\Services\AeLookupSvc -> HKLM\SYSTEM\CurrentControlSet\Services\AppIDSvc -> HKLM\SYSTEM\CurrentControlSet\Services\Appinfo -> HKLM\SYSTEM\CurrentControlSet\Services\AppReadiness -> HKLM\SYSTEM\CurrentControlSet\Services\AppXSvc -> HKLM\SYSTEM\CurrentControlSet\Services\AudioEndpointBuilder -> HKLM\SYSTEM\CurrentControlSet\Services\Audiosrv -> HKLM\SYSTEM\CurrentControlSet\Services\AxInstSV -> HKLM\SYSTEM\CurrentControlSet\Services\BDESVC -> HKLM\SYSTEM\CurrentControlSet\Services\BFE -> HKLM\SYSTEM\CurrentControlSet\Services\BITS -> HKLM\SYSTEM\CurrentControlSet\Services\BrokerInfrastructure -> HKLM\SYSTEM\CurrentControlSet\Services\Browser -> HKLM\SYSTEM\CurrentControlSet\Services\bthserv -> HKLM\SYSTEM\CurrentControlSet\Services\CertPropSvc -> HKLM\SYSTEM\CurrentControlSet\Services\CryptSvc -> HKLM\SYSTEM\CurrentControlSet\Services\DcomLaunch -> HKLM\SYSTEM\CurrentControlSet\Services\defragsvc -> HKLM\SYSTEM\CurrentControlSet\Services\DeviceAssociationService -> HKLM\SYSTEM\CurrentControlSet\Services\DeviceInstall -> HKLM\SYSTEM\CurrentControlSet\Services\Dhcp -> HKLM\SYSTEM\CurrentControlSet\Services\Dnscache -> HKLM\SYSTEM\CurrentControlSet\Services\dot3svc -> HKLM\SYSTEM\CurrentControlSet\Services\DPS -> HKLM\SYSTEM\CurrentControlSet\Services\DsmSvc -> HKLM\SYSTEM\CurrentControlSet\Services\Eaphost -> HKLM\SYSTEM\CurrentControlSet\Services\EventLog -> HKLM\SYSTEM\CurrentControlSet\Services\EventSystem -> HKLM\SYSTEM\CurrentControlSet\Services\fdPHost -> HKLM\SYSTEM\CurrentControlSet\Services\FDResPub -> HKLM\SYSTEM\CurrentControlSet\Services\fhsvc -> HKLM\SYSTEM\CurrentControlSet\Services\FontCache -> HKLM\SYSTEM\CurrentControlSet\Services\GhreringuwekCenter -> HKLM\SYSTEM\CurrentControlSet\Services\gpsvc -> HKLM\SYSTEM\CurrentControlSet\Services\hidserv -> HKLM\SYSTEM\CurrentControlSet\Services\hkmsvc -> HKLM\SYSTEM\CurrentControlSet\Services\HomeGroupListener -> HKLM\SYSTEM\CurrentControlSet\Services\HomeGroupProvider -> HKLM\SYSTEM\CurrentControlSet\Services\IKEEXT -> HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc -> HKLM\SYSTEM\CurrentControlSet\Services\KtmRm -> HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer -> HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation -> HKLM\SYSTEM\CurrentControlSet\Services\lfsvc -> HKLM\SYSTEM\CurrentControlSet\Services\lltdsvc -> HKLM\SYSTEM\CurrentControlSet\Services\lmhosts -> HKLM\SYSTEM\CurrentControlSet\Services\LSM -> HKLM\SYSTEM\CurrentControlSet\Services\MMCSS -> HKLM\SYSTEM\CurrentControlSet\Services\MpsSvc -> HKLM\SYSTEM\CurrentControlSet\Services\MSiSCSI -> HKLM\SYSTEM\CurrentControlSet\Services\napagent -> HKLM\SYSTEM\CurrentControlSet\Services\NcaSvc -> HKLM\SYSTEM\CurrentControlSet\Services\NcbService -> HKLM\SYSTEM\CurrentControlSet\Services\NcdAutoSetup -> HKLM\SYSTEM\CurrentControlSet\Services\Netman -> HKLM\SYSTEM\CurrentControlSet\Services\netprofm -> HKLM\SYSTEM\CurrentControlSet\Services\NlaSvc -> HKLM\SYSTEM\CurrentControlSet\Services\nsi -> HKLM\SYSTEM\CurrentControlSet\Services\p2pimsvc -> HKLM\SYSTEM\CurrentControlSet\Services\p2psvc -> HKLM\SYSTEM\CurrentControlSet\Services\PcaSvc -> HKLM\SYSTEM\CurrentControlSet\Services\pla -> HKLM\SYSTEM\CurrentControlSet\Services\PlugPlay -> HKLM\SYSTEM\CurrentControlSet\Services\PNRPAutoReg -> HKLM\SYSTEM\CurrentControlSet\Services\PNRPsvc -> HKLM\SYSTEM\CurrentControlSet\Services\PolicyAgent -> HKLM\SYSTEM\CurrentControlSet\Services\Power -> HKLM\SYSTEM\CurrentControlSet\Services\PrintNotify -> HKLM\SYSTEM\CurrentControlSet\Services\ProfSvc -> HKLM\SYSTEM\CurrentControlSet\Services\QWAVE -> HKLM\SYSTEM\CurrentControlSet\Services\RasAuto -> HKLM\SYSTEM\CurrentControlSet\Services\RasMan -> HKLM\SYSTEM\CurrentControlSet\Services\RemoteAccess -> HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry -> HKLM\SYSTEM\CurrentControlSet\Services\RpcEptMapper -> HKLM\SYSTEM\CurrentControlSet\Services\RpcSs -> HKLM\SYSTEM\CurrentControlSet\Services\SCardSvr -> HKLM\SYSTEM\CurrentControlSet\Services\ScDeviceEnum -> HKLM\SYSTEM\CurrentControlSet\Services\Schedule -> HKLM\SYSTEM\CurrentControlSet\Services\SCPolicySvc -> HKLM\SYSTEM\CurrentControlSet\Services\seclogon -> HKLM\SYSTEM\CurrentControlSet\Services\SENS -> HKLM\SYSTEM\CurrentControlSet\Services\SensrSvc -> HKLM\SYSTEM\CurrentControlSet\Services\SessionEnv -> HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess -> HKLM\SYSTEM\CurrentControlSet\Services\ShellHWDetection -> HKLM\SYSTEM\CurrentControlSet\Services\smphost -> HKLM\SYSTEM\CurrentControlSet\Services\SSDPSRV -> HKLM\SYSTEM\CurrentControlSet\Services\SstpSvc -> HKLM\SYSTEM\CurrentControlSet\Services\stisvc -> HKLM\SYSTEM\CurrentControlSet\Services\StorSvc -> HKLM\SYSTEM\CurrentControlSet\Services\svsvc -> HKLM\SYSTEM\CurrentControlSet\Services\swprv -> HKLM\SYSTEM\CurrentControlSet\Services\SysMain -> HKLM\SYSTEM\CurrentControlSet\Services\SystemEventsBroker -> HKLM\SYSTEM\CurrentControlSet\Services\TabletInputService -> HKLM\SYSTEM\CurrentControlSet\Services\TapiSrv -> HKLM\SYSTEM\CurrentControlSet\Services\TermService -> HKLM\SYSTEM\CurrentControlSet\Services\Themes -> HKLM\SYSTEM\CurrentControlSet\Services\THREADORDER -> HKLM\SYSTEM\CurrentControlSet\Services\TimeBroker -> HKLM\SYSTEM\CurrentControlSet\Services\TrkWks -> HKLM\SYSTEM\CurrentControlSet\Services\UmRdpService -> HKLM\SYSTEM\CurrentControlSet\Services\upnphost -> HKLM\SYSTEM\CurrentControlSet\Services\vmicguestinterface -> HKLM\SYSTEM\CurrentControlSet\Services\vmicheartbeat -> HKLM\SYSTEM\CurrentControlSet\Services\vmickvpexchange -> HKLM\SYSTEM\CurrentControlSet\Services\vmicrdv -> HKLM\SYSTEM\CurrentControlSet\Services\vmicshutdown -> HKLM\SYSTEM\CurrentControlSet\Services\vmictimesync -> HKLM\SYSTEM\CurrentControlSet\Services\vmicvss -> HKLM\SYSTEM\CurrentControlSet\Services\W32Time -> HKLM\SYSTEM\CurrentControlSet\Services\WbioSrvc -> HKLM\SYSTEM\CurrentControlSet\Services\Wcmsvc -> HKLM\SYSTEM\CurrentControlSet\Services\wcncsvc -> HKLM\SYSTEM\CurrentControlSet\Services\WcsPlugInService -> HKLM\SYSTEM\CurrentControlSet\Services\WdiServiceHost -> HKLM\SYSTEM\CurrentControlSet\Services\WdiSystemHost -> HKLM\SYSTEM\CurrentControlSet\Services\WebClient -> HKLM\SYSTEM\CurrentControlSet\Services\Wecsvc -> HKLM\SYSTEM\CurrentControlSet\Services\WEPHOSTSVC -> HKLM\SYSTEM\CurrentControlSet\Services\wercplsupport -> HKLM\SYSTEM\CurrentControlSet\Services\WerSvc -> HKLM\SYSTEM\CurrentControlSet\Services\WiaRpc -> HKLM\SYSTEM\CurrentControlSet\Services\WinHttpAutoProxySvc -> HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt -> HKLM\SYSTEM\CurrentControlSet\Services\WinRM -> HKLM\SYSTEM\CurrentControlSet\Services\WlanSvc -> HKLM\SYSTEM\CurrentControlSet\Services\wlidsvc -> HKLM\SYSTEM\CurrentControlSet\Services\workfolderssvc -> HKLM\SYSTEM\CurrentControlSet\Services\WPCSvc -> HKLM\SYSTEM\CurrentControlSet\Services\WPDBusEnum -> HKLM\SYSTEM\CurrentControlSet\Services\wscsvc -> HKLM\SYSTEM\CurrentControlSet\Services\WSService -> HKLM\SYSTEM\CurrentControlSet\Services\wuauserv -> HKLM\SYSTEM\CurrentControlSet\Services\wudfsvc -> HKLM\SYSTEM\CurrentControlSet\Services\WwanSvc AERTSr64.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 98208 d1e343bc00136ce03c4d403194d06a80 15 -> HKLM\SYSTEM\CurrentControlSet\Services\AERTFilters afcdpsrv.exe C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe 3886072 3b96c90111bf4154190c9eb55f87147d 15 -> HKLM\SYSTEM\CurrentControlSet\Services\afcdpsrv AvastSvc.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe 197128 8ef7c84bb20329d6dcac09cf6b19345a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\avast! Antivirus CLHNServiceForPowerDVD12.exe C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe 89864 60f552596839d83d995a7b4c01e49b44 15 -> HKLM\SYSTEM\CurrentControlSet\Services\CLHNServiceForPowerDVD12 dllhost.exe C:\windows\system32\dllhost.exe 17760 ee7c82b0d69f038245cecbce9ec45a9a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp DCCService.exe C:\Program Files (x86)\Dell Customer Connect\DCCService.exe 137968 84b7e11d6ac61d93722d602fd3a50287 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Dell Customer Connect DellDataVault.exe C:\Program Files\Dell\DellDataVault\DellDataVault.exe 2572024 e554163d138b79cd8c6edf73187fc635 15 -> HKLM\SYSTEM\CurrentControlSet\Services\DellDataVault DellDataVaultWiz.exe C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe 202488 d8f74b93897c8fdf2eaf4c99e30500a4 15 -> HKLM\SYSTEM\CurrentControlSet\Services\DellDataVaultWiz DellUpService.exe C:\Program Files (x86)\Dell Update\DellUpService.exe 237272 44c694c2b542db3cdaebdb1ff3233f4d 15 -> HKLM\SYSTEM\CurrentControlSet\Services\DellUpdate dhcpcore.dll C:\windows\system32\dhcpcore.dll 285696 e28501e3a241ddc5dc65382e55661b1d 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Dhcp\Parameters EsgScanner.sys EsgScanner.sys 19984 01ce484ff6d70a39479bc6d619de7ed6 15 -> HKLM\SYSTEM\CurrentControlSet\Services\EsgScanner es.dll C:\windows\system32\es.dll 329728 bc4e13afee0b35d87ce8f49ef5df5634 15 -> HKLM\SYSTEM\CurrentControlSet\Services\EventSystem\Parameters PresentationFontCache.exe C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 43696 1c52387bf5a127f5f3bfb31288f30d93 15 -> HKLM\SYSTEM\CurrentControlSet\Services\FontCache3.0.0.0 GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 154440 750446ed76a5d13e902174dddda1a62b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\gupdate -> HKLM\SYSTEM\CurrentControlSet\Services\gupdatem -> Scheduled Tasks\GoogleUpdateTaskMachineCore -> Scheduled Tasks\GoogleUpdateTaskMachineUA hidserv.dll C:\windows\system32\hidserv.dll 29696 06692feb8ebc5ad53ac6c610bc72f1c6 15 -> HKLM\SYSTEM\CurrentControlSet\Services\hidserv\Parameters provsvc.dll C:\windows\system32\provsvc.dll 321536 4fc945e08af63491afcc902c99046735 15 -> HKLM\SYSTEM\CurrentControlSet\Services\HomeGroupProvider\Parameters keyiso.dll C:\windows\system32\keyiso.dll 44032 8a585b561748e81103ad2804ebedc281 15 -> HKLM\SYSTEM\CurrentControlSet\Services\KeyIso\Parameters lbtserv.exe C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 357144 1d5c6790425cb6dbb1b3c2722c34e199 15 -> HKLM\SYSTEM\CurrentControlSet\Services\LBTServ GeofenceMonitorService.dll C:\windows\System32\GeofenceMonitorService.dll 357376 a54eb398bc2d792a0c603a97f7975fd8 15 -> HKLM\SYSTEM\CurrentControlSet\Services\lfsvc\Parameters lxczcoms.exe C:\windows\system32\lxczcoms.exe 537520 fa88d61278c6b73d50ec441fbd91d1fc 3 -> HKLM\SYSTEM\CurrentControlSet\Services\lxcz_device msiexec.exe C:\windows\system32\msiexec.exe 55808 e1d499c501dc2e1f8b451f1a43bfabed 15 -> HKLM\SYSTEM\CurrentControlSet\Services\msiserver netlogon.dll C:\windows\system32\netlogon.dll 688640 582918f96c2b7e1e3ae17d08db6dac41 15 -> HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters SMSvcHost.exe C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 139856 1092b3190e69e0c5ecbce90f171de047 15 -> HKLM\SYSTEM\CurrentControlSet\Services\NetTcpPortSharing ntk_PowerDVD12_64.sys C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys 84168 09cf155997b911029f38d9796ac224c1 3 -> HKLM\SYSTEM\CurrentControlSet\Services\ntk_PowerDVD12 OSE.EXE C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 178760 11e0b35479c895888ba3d7f619dcfff3 15 -> HKLM\SYSTEM\CurrentControlSet\Services\ose64 pccsmcfdx64.sys C:\Program Files (x86)\PC Connectivity Solution\pccsmcfdx64.sys 26112 3fde033dfb0d07f8b7d5c9a3044aa121 15 -> HKLM\SYSTEM\CurrentControlSet\Services\pccsmcfd perfhost.exe C:\windows\SysWow64\perfhost.exe 21504 8e3c640fff5a963f570233ae99c0fff3 15 -> HKLM\SYSTEM\CurrentControlSet\Services\PerfHost pla.dll C:\windows\system32\pla.dll 1477120 685a51594574da70a4305c7ade6f9649 15 -> HKLM\SYSTEM\CurrentControlSet\Services\pla\Parameters PrintConfig.dll C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll 2899968 3c96a45ca3403a276b0f045c448ec27b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\PrintNotify\Parameters qwave.dll C:\windows\system32\qwave.dll 256512 bc63cb1761aec25186c4e707c4a23ed4 15 -> HKLM\SYSTEM\CurrentControlSet\Services\QWAVE\Parameters mprdim.dll C:\windows\System32\mprdim.dll 177664 fe591904131230c3fb98e9f97aaabe4a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters RichVideo.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 253776 cbe300da6064c31f2ac4ed8a0722bef0 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RichVideo RichVideo64.exe C:\Program Files\CyberLink\Shared files\RichVideo64.exe 390672 c70f30ad0a519a53544129bd723cc5fb 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RichVideo64 RtkAudioService64.exe C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 246488 ddf3efb4ad226c61d0ada6e779e3d968 15 -> HKLM\SYSTEM\CurrentControlSet\Services\RtkAudioService ServiceLayer.exe C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe 724376 c3bb6cf8f9ee199005a2aae2815ad756 15 -> HKLM\SYSTEM\CurrentControlSet\Services\ServiceLayer sessenv.dll C:\windows\system32\sessenv.dll 280576 adc071e4f65bac3aef4807b23438472a 15 -> HKLM\SYSTEM\CurrentControlSet\Services\SessionEnv\Parameters SftService.exe C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe 1915408 dcd85fd151a8da5f6c27ab6c0326503f 15 -> HKLM\SYSTEM\CurrentControlSet\Services\SftService shsvcs.dll C:\windows\System32\shsvcs.dll 564736 ebe31f23bf3ef06ee08ce4ac4f26dc80 15 -> HKLM\SYSTEM\CurrentControlSet\Services\ShellHWDetection\Parameters Updater.exe C:\Program Files (x86)\Skype\Updater\Updater.exe 324224 6749ad471d1d44cbd1f30257c861f77b 3 -> HKLM\SYSTEM\CurrentControlSet\Services\SkypeUpdate smphost.dll C:\windows\System32\smphost.dll 11776 980d0cbae757eeb1c9b21deb4fa3b5f8 15 -> HKLM\SYSTEM\CurrentControlSet\Services\smphost\Parameters SH4Service.exe C:\Program Files\SpyHunter\SH4Service.exe 797352 219f61e488576f0bae6646a1fcb79ac4 15 -> HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service storsvc.dll C:\windows\system32\storsvc.dll 18944 01dc138af03b0df86044d29ba6fa20c8 15 -> HKLM\SYSTEM\CurrentControlSet\Services\StorSvc\Parameters SupportAssistAgent.exe C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe 31928 1957c598952fbe08193ee43a109fd3dd 3 -> HKLM\SYSTEM\CurrentControlSet\Services\SupportAssistAgent syncagentsrv.exe C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe 7150048 eb5cc9038c877bd546324fc5fdab686c 15 -> HKLM\SYSTEM\CurrentControlSet\Services\syncagentsrv tapisrv.dll C:\windows\System32\tapisrv.dll 248320 4fcdfa214133956b0da8358d366f536b 15 -> HKLM\SYSTEM\CurrentControlSet\Services\TapiSrv\Parameters TrustedInstaller.exe C:\windows\servicing\TrustedInstaller.exe 99840 887cc44830d3f367cad17a0ca7cca5c8 15 -> HKLM\SYSTEM\CurrentControlSet\Services\TrustedInstaller AssistantServices.exe C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe 274208 c46c4be1bab0f0669f6c21151bbda557 15 -> HKLM\SYSTEM\CurrentControlSet\Services\UI Assistant Service upnphost.dll C:\windows\System32\upnphost.dll 307200 b9ddaea3770b3752b6aa7191b5aa16aa 15 -> HKLM\SYSTEM\CurrentControlSet\Services\upnphost\Parameters WcsPlugInService.dll C:\windows\System32\WcsPlugInService.dll 34304 69059cd0abd70c3884117652e3b70431 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WcsPlugInService\Parameters wdi.dll C:\windows\system32\wdi.dll 80896 dacd90541cbf7de095801b05abb4f355 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WdiServiceHost\Parameters -> HKLM\SYSTEM\CurrentControlSet\Services\WdiSystemHost\Parameters webclnt.dll C:\windows\System32\webclnt.dll 198656 42a350b81e0e9a427d7366e1e8bfbadc 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WebClient\Parameters winhttp.dll C:\windows\system32\winhttp.dll 589312 984b3226c7a4cfc9fe91d7baca133d8d 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WinHttpAutoProxySvc\Parameters WsmSvc.dll C:\windows\system32\WsmSvc.dll 2030080 5b8d7f29ca815e6db156df9853f0472d 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WinRM\Parameters wpcsvc.dll C:\windows\System32\wpcsvc.dll 11264 d7c14b416fc4f76a596a01a76fc5f873 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WPCSvc\Parameters SearchIndexer.exe C:\windows\system32\SearchIndexer.exe 658432 b93a75eefb2818f790fa0d2ba536a339 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WSearch ZAM.exe C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe 13924080 83584144fda53e1e6ab82fb45de92734 3 -> HKLM\SYSTEM\CurrentControlSet\Services\ZAMSvc 000.fcl C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl 32456 529d9f6c9a3bb3e8450e6efaf24f9b7d 15 -> HKLM\SYSTEM\CurrentControlSet\Services\{73526619-C24F-470B-9BED-53D455FBB5C6} OCHelper.dll C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll 153240 12b9349f67ee85631497400ff950f8fd 3 -> HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} ClassicExplorer32.dll C:\Program Files\Classic Shell\ClassicExplorer32.dll 683200 fe71a27c66112f15175747ee5c9c8cc9 15 -> HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52} ssv.dll C:\Program Files (x86)\Java\jre7\bin\ssv.dll 462760 5f58e2969759892272d8313a23a4e962 15 -> HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} aswWebRepIE.dll C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll 716632 df86545cc5429f0f37fa379c532c0abe 15 -> HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} SetPointSmooth.dll C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll 364824 b80bff6e6ada3d7d3ce4f2b4eb14d005 3 -> HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333} GROOVEEX.DLL C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL 1729232 b5cb59726a8c4cd6ce2f49463f86f578 3 -> HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} jp2ssv.dll C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll 171944 9b8a7ceb7329e2907bff1bff30a67a99 3 -> HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} ClassicIEDLL_32.dll C:\Program Files\Classic Shell\ClassicIEDLL_32.dll 440512 9af92155ef948dffb471aa61f2642a83 15 -> HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4} ClassicIE_32.exe C:\Program Files\Classic Shell\ClassicIE_32.exe 105152 c506b78148c5d11ee16f5df51494b8e6 15 -> HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{56753E59-AF1D-4FBA-9E15-31557124ADA2} napinsp.dll C:\windows\system32\napinsp.dll 53760 8db30da1fa8620a5c4af53deb85194d8 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001 pnrpnsp.dll C:\windows\system32\pnrpnsp.dll 68096 4947b4c100be88c83f027d1c8dbc4b84 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003 NLAapi.dll C:\windows\system32\NLAapi.dll 64000 f604350906ce4e3f67d81384566de3e4 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004 mswsock.dll C:\windows\System32\mswsock.dll 270848 5b4ff009d24f73f6fc6eb4870a789843 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011 winrnr.dll C:\windows\System32\winrnr.dll 21504 8700883867fbd565bf6c2dae8b2d7810 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006 wshbth.dll C:\windows\system32\wshbth.dll 51200 f7ca5639a235a1e2071500b4d1fcc6f8 15 -> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000007 SuperFinder.exe C:\Users\Andrzej\Desktop\Super Finder XT v1.6.3.2\SuperFinder.exe 2447360 80a41b68cb31b1d140371562a0140d5b 15 -> C:\Users\Andrzej\Desktop\Super Finder XT v1.6.3.2\SuperFinder.exe SupportAssist.exe C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe 30904 567b27c306d9e4847b5945e36ce0c40a 3 -> Scheduled Tasks\Dell SupportAssistAgent AutoUpdate sessionchecker.exe C:\Program Files\Dell\SupportAssist\sessionchecker.exe 436696 261794bb84cd31263fc5135dbd35f04b 3 -> Scheduled Tasks\PCDEventLauncherTask uaclauncher.exe C:\Program Files\Dell\SupportAssist\uaclauncher.exe 1154008 74ba05580c91392ca2cf6b2ce42925b6 3 -> Scheduled Tasks\PCDoctorBackgroundMonitorTask launcher.exe C:\Program Files\AVAST Software\SZBrowser\launcher.exe 735736 5fa35d553be9d2279ecc0bd7a569a744 15 -> Scheduled Tasks\SafeZone scheduled Autoupdate 1470238239 SynTPEnh.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 2780400 e38b453152c9d62b0ef6f11fd0629f4a 15 -> Scheduled Tasks\Synaptics TouchPad Enhancements LaunchFinalMate.exe C:\Program Files (x86)\Aunsoft\Final Mate\LaunchFinalMate.exe 465920 1ef21c7eb90b4c20495ff88e0e64f006 2 -> HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run::LaunchFinalMate lxczlmpm.dll C:\windows\system32\lxczlmpm.dll 585728 07b801f4067c1d33490305a7bb6e9f15 2 -> HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\1200 Series Port