[SOLVED] Win7 Crippled by KB4519976 and KB4525235

elmendorf764 · Dec 8, 2019

This is my first post here. I'm hoping somebody can help me avoid a reinstall of my Win7 Ultimate x64 installation, which would be rather lengthy.

Let me say up front that I have double and triple checked the RAM (using Windows diagnostic on Win7 Repair Disk) and the hard drives on my laptop (using chkdsk and CrystalDisk Info) and the hardware checks out fine.

So the problem is this: My laptop is stuck in the dreaded black screen of death at Windows login, both in regular and safe mode. The only thing that appears on my screen is the mouse cursor. The hard drive activity light is on for about 30 seconds or so, then goes out. The mouse cursor stays on the screen and I can move it, but the login screen never appears. This happens in BOTH regular mode and safe mode.

How I got to this point: The laptop was running fine a few days ago. I ran Windows update and Windows installed KB4519976. The system then refused to boot, putting me in an endless loop of saying that Windows update failed to install the update. It would continuously attempt to uninstall the update, both in regular and safe mode. It would fail every time.

I then booted from the Win7 repair disk and attempted a system restore. The restore worked, and I rebooted and this time I successfully got to the login screen. I logged in successfully. "Yay," I thought. Everything was working fine. So the next day, I ran Windows update and it informed me that a critical update, KB4525235, was available. I installed it.

Now the Win7 partition is stuff in the black screen with the mouse cursor. Safe mode has the same problem. No login screen, and the Win7 repair disk says it finds nothing wrong.

I used the repair disk and ran sfc /scannow from the command prompt. It cranked along for about 20 minutes, then told me that it fixed some problems but not all of them. I looked at the CBS.log file containing the errors it couldn't fix. It is a very large log file, about 21 MB. The log is mostly Greek to me, but KB4519976 and KB4525235 are referenced all over the place in the log. It seems those two updates corrupted things.

I tried to upload the CBS.log file, but sysnative.com informs me that the file is too large.

Any advice would be most appreciated. Yes, I could reinstall my WIN7 installation. But I'd rather beat the problem by fixing it, not reinstalling.

Sysnative Windows Update · Dec 8, 2019

Hello and welcome!

Can you please upload the CBS.log to a file sharing service like Dropbox and post a link for me?

elmendorf764 · Dec 8, 2019

Thanks for the fast reply. Here is the link to the log:

CBS.log

Sysnative Windows Update · Dec 8, 2019

Thank you. It seems that the updates have failed the configuration process and instead of just reverting back, they created a mess.

Please do the following, so I can gather more info:

On a clean machine, please download Farbar Recovery Scan Tool and save it to a flash drive.

Note: You need to download the version compatible with your machine i.e. 32-bit or 64-bit.

Plug the flashdrive into the infected PC.
Enter System Recovery Environment Command Prompt:

Instructions for Windows 10
Instructions for Windows 8
Instructions for Windows 7
Once in the Command Prompt:
- In the command window type in notepad and press Enter.
- The notepad opens. Under File menu select Open.
- Select "Computer" and find your flash drive letter and close the notepad.
- In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
  Note: Replace letter e with the drive letter of your flash drive.
- The tool will start to run.
- When the tool opens click Yes to disclaimer.
- Press Scan button.
- It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

elmendorf764 · Dec 8, 2019

That FRST is a nifty little tool. Here is the report it generated from my troubled WIN7 partition:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2019
Ran by SYSTEM on MININT-OAQJM4A (08-12-2019 21:51:10)
Running from l:\
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet002
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [4479136 2010-12-29] (Dell Inc -> Dell Inc.)
HKLM\...\Run: [Everything] => C:\Program Files\JPSoft\TCMD19_x64\Everything.exe [1832688 2015-11-24] (JP Software -> )
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [92808 2013-01-22] (Sensible Vision, Inc. -> Sensible Vision )
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6260544 2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\...\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe [296960 2019-09-16] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\mjfoxtrot\...\Run: [AdobeBridge] => [X]
HKU\mjfoxtrot\...\Run: [Konni Symbol Autostart] => [X]
HKU\mjfoxtrot\...\Run: [WinFLTray] => C:\Windows\SysWow64\WinFLTray.ex
HKU\mjfoxtrot\...\Run: [FLBackup] => C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.ex
HKU\mjfoxtrot\...\Run: [JumiController] => [X]
HKU\mjfoxtrot\...\Run: [AutoHideDesktopIcons] => C:\ProgramsMJ\autohide_desktop_icons\AutoHideDesktopIcons.exe [43520 2016-01-24] (Nenad Hrg (SoftwareOK.com))
HKU\mjfoxtrot\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [15792904 2019-12-02] (Shenzhen RedFox Project Technology Co.,Ltd. -> RedFox)
HKU\mjfoxtrot\...\Run: [BeDeamon] => C:\Program Files\BeDeamon\BeDeamon.exe [668160 2015-07-24] (Bkg'97)
HKU\mjfoxtrot\...\Run: [1Password] => C:\Users\mjfoxtrot\AppData\Local\1password\app\7\1Password.exe [5358416 2019-09-11] (AgileBits Inc. -> AgileBits Inc.)
HKU\mjfoxtrot\...\RunOnce: [Application Restart #2] => C:\ProgramsMJ\portableapps\PortableApps\GoogleChromePortable\App\Chrome-bin\chrome.exe [1533424 2019-11-15] (Google LLC -> Google LLC)
HKU\mjfoxtrot\...\Policies\Explorer: [NoLogoff] 0
HKU\mjfoxtrot\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\MATRIX~1.SCR [3013120 2009-02-09] (KellySoftware)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [170360 2017-05-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\Jaksta\AC\x64\jaudcap.dll => C:\Windows\Jaksta\AC\x64\jaudcap.dll [312096 2015-06-26] (Jaksta Technologies Pty Ltd -> Jaksta Technologies Pty Ltd)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148200 2017-05-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: hplun.dll => C:\Windows\SysWOW64\hplun.dll [43520 2013-09-25] (Jetico, Inc.)
AppInit_DLLs-x32: , C:\Windows\Jaksta\AC\x86\jaudcap.dll => C:\Windows\Jaksta\AC\x86\jaudcap.dll [264992 2015-06-26] (Jaksta Technologies Pty Ltd -> Jaksta Technologies Pty Ltd)
Lsa: [Authentication Packages] msv1_0 BvLsa
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk [2016-03-18]
ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works Inc. -> Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk [2015-03-06]
ShortcutTarget: HDDHealth.lnk -> C:\Program Files (x86)\HDD Health\hddhealth.exe (Aleksey Cherkasskiy -> PANTERASoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2018-09-25]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\Users\mjfoxtrot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Famulus.lnk [2019-12-03]
ShortcutTarget: Famulus.lnk -> C:\ProgramsMJ\famulus\Famulus.exe ()
BootExecute: äbddel.exbddel.exe
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicyScripts\User: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {097709CD-B154-4CB4-AD28-938E6888CF70} - System32\Tasks\WpsUpdateTask_mjfoxtrot => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe [481128 2015-12-29] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {09BBF0FE-4429-4134-9CB5-2A2C4BB77344} - System32\Tasks\{AEFB1B62-663E-46CE-99EE-DD09714ACBD8} => C:\Windows\system32\pcalua.exe -a "V:\Latest Keepers\Remote Control\MX-850\Upgradeable\MX900Setup.exe" -d "V:\Latest Keepers\Remote Control\MX-850\Upgradeable"
Task: {0C6369F9-91C1-4654-967B-C8A7BC8A246D} - System32\Tasks\{1878E383-EDEB-4355-BCE2-2304E0E82809} => C:\Windows\system32\pcalua.exe -a C:\Users\mjfoxtrot\Desktop\MpegDancer_1.2.1.exe -d C:\Users\mjfoxtrot\Desktop
Task: {0F38A599-A062-4BFD-8C3B-D129722808F7} - System32\Tasks\AdobeAAMUpdater-1.0-SOXBRAIN-mjfoxtrot => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {157DC47E-A829-407A-9F27-935C36FFEB3B} - System32\Tasks\{E17887F1-4C8B-4BF1-90CD-05CB7AA645D5} => C:\Program Files\Adobe\Adobe Media Encoder CS6\Adobe Media Encoder.exe [2061480 2012-03-16] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {18CCADA9-4105-4051-A18C-942E3B9561BA} - System32\Tasks\Update\Rahozz => C:\Windows\Temp\taskhost.exe <==== ATTENTION
Task: {1B69C590-3E83-41F8-8CDF-C044A14D6357} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {1B7FACDE-9DBA-4C93-85AF-BC2D99B7D3AB} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {1F6935CD-7FB7-410B-ABEC-C9B340842A0F} - System32\Tasks\{7C722459-57DA-4003-8589-3E16C9937AD1} => C:\Windows\system32\pcalua.exe -a "C:\Users\mjfoxtrot\Downloads\Utilities and SDK for Subsystem for UNIX-based Applications_IA64.exe" -d C:\Users\mjfoxtrot\Desktop
Task: {25F75DCC-A8D5-4CD8-8DCD-6715C704D945} - System32\Tasks\FileSearchyPro_SkipUAC => C:\Program Files (x86)\FileSearchy Pro\FileSearchyPro.exe [363520 2014-10-27] ()
Task: {29468066-AD82-4D71-8F91-32E49916EC5B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-02] (Adobe Inc. -> Adobe)
Task: {2D46A21D-D011-4549-88D9-59149F7160AB} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [56704 2014-07-31] (TechSmith Corporation -> TechSmith Corporation)
Task: {33135E9D-0221-48CB-B1B4-249BF2DB01FD} - System32\Tasks\Cybertron\Privacy Eraser\SkipUAC_mjfoxtrot => C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser.exe [4325072 2015-02-25] (Cybertron Software Co., Ltd -> Cybertron Software, Co., Ltd.)
Task: {3DDDB82F-64F6-4E95-9B60-E973D30CAABE} - System32\Tasks\HP Photo Creations Communicator => C:\Users\mjfoxtrot\AppData\Roaming\HP Photo Creations\Communicator.exe [186368 2015-11-09] (Visan Industries -> )
Task: {408C3DF0-6196-4308-923A-52C221F30069} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728184 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {466C2DCA-81D0-4768-8732-A2F0B7E90969} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-07-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {48DE3B53-ED3A-495C-8BD5-439B540C3EB2} - System32\Tasks\{85AEB2DD-EDDB-46EB-BF30-03CD7F2AD31A} => C:\Windows\system32\pcalua.exe -a "C:\Users\mjfoxtrot\Downloads\bitRipperSetup (1).exe" -d C:\Users\mjfoxtrot\Downloads
Task: {50378D9F-4A16-4C5B-80AA-F032ADD8DF67} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [3673424 2014-07-21] (Nero AG -> Nero AG)
Task: {551C1EEF-7859-4655-961C-F73FCF808AEB} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [53648 2014-10-31] (Oracle America, Inc. -> Oracle Corporation)
Task: {5597E01D-6617-445D-ADF6-DD37F8F3618C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-07-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {59004F27-942C-49B9-8865-CD9E442E04AD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2017-07-24] (Apple Inc. -> Apple Inc.)
Task: {5CC45512-33C5-4650-90DF-9E18F7793904} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {646D4443-DE03-48A1-8665-B766A4CC1A76} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649336 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7AB1643C-6950-4A92-B895-D35E0C9C865A} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [257824 2013-07-18] (Intel® Services Manager -> Intel Corporation)
Task: {7D1E43E9-EB29-445B-A4E4-ACC58AF0AB1B} - System32\Tasks\{998BFCBA-1361-4E85-B93D-1ACE3604B652} => C:\Windows\system32\pcalua.exe -a "C:\Users\mjfoxtrot\Downloads\Utilities and SDK for Subsystem for UNIX-based Applications_AMD64.exe" -d C:\Users\mjfoxtrot\Desktop
Task: {86573740-3CD2-47C2-8D87-34CE2FA3C56B} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [773120 2014-09-03] (Oracle Corporation)
Task: {91386451-20F4-4DDD-8195-37F9BC319A2E} - System32\Tasks\Process Explorer-SOXBRAIN-mjfoxtrot => C:\PROCESSEXPLORER\PROCEXP.EXE [2694816 2016-01-28] (Microsoft Corporation -> Sysinternals - www.sysinternals.com)
Task: {A98E59E3-5400-4F9A-8AA3-06D0E4477F0A} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [257824 2013-07-18] (Intel® Services Manager -> Intel Corporation)
Task: {BB7BE5F2-E518-4383-8BD0-4F7F2F9F8F27} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {BDC75001-0381-4A03-93AF-159110090C2F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BE17742E-8269-4BEA-9CF3-B3F37220F44F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436856 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C630B73F-9974-4912-A629-530FE143E7B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {C8784E84-C643-44B9-92A7-710A88D2B56A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649336 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E16B6FE0-D6CC-4352-A947-CDEBF2B5F5F5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728184 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E8DEE5B4-46FC-4393-B5E0-B1B0D42D677A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-12-02] (Adobe Inc. -> Adobe)
Task: {E9CE3B79-41C5-48F2-9185-F1907CF50271} - System32\Tasks\{6C53E583-3688-4632-A8A4-C11BD9EFD6E1} => C:\Windows\system32\pcalua.exe -a "I:\Mike's Junk\Latest Keepers\Audio\Winamp\Winamp Mega\winamp plugins\older\Visualizers\Superscape MPEG Dancer\MpegDancer_1.2.1.exe" -d "I:\Mike's Junk\Latest Keepers\Audio\Winamp\Winamp Mega\winamp plugins\older\Visualizers\Superscape MPEG Dancer"
Task: {EBCFD7BC-4581-4793-AD87-CFAA2309EF45} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1693816 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F00D7C22-7F7F-4EBD-A902-834D5AC7A470} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {F026CB0F-D531-41A6-860B-905CC048C381} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [946296 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F24B36AC-9004-4440-BCD1-C4BA64854BE2} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
Task: {F4386538-7A1B-4A27-817B-0DB5F2FF24EC} - System32\Tasks\Registration Trigger IBM Lotus Symphony Task => C:\Program Files (x86)\IBM\Lotus\Symphony\framework\rcp\rcplauncher.exe [294912 2011-09-15] (IBM Corp)
Task: {F44DA150-AB20-4C57-98CF-37C15E665571} - System32\Tasks\WindowManager => C:\Program Files (x86)\WindowManager\WindowManager.exe [606416 2016-01-22] (DeskSoft)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\Users\mjfoxtrot\AppData\Roaming\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\WpsUpdateTask_mjfoxtrot.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457200 2009-06-02] (Sonic Solutions -> )
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
S4 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [44736 2014-03-11] (ArcSoft, Inc. -> ArcSoft, Inc.)
S4 AdobeUpdateService; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe [710320 2015-01-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S2 advtimesync; C:\Program Files\Advanced Time Synchronizer\svctimesync.exe [804896 2015-11-04] (Vadim Belov -> )
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
S3 ATTRcAppSvc; C:\Program Files (x86)\AT&T\Communication Manager\RcAppSvc.exe [121416 2010-09-02] (AT&T Mobility LLC -> SmithMicro Inc.)
S4 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft -> Alcohol Soft Development Team)
S4 Backupper Service; C:\Program Files (x86)\AOMEI Backupper Technician Edition 2.0.3\ABService.exe [29912 2014-10-31] (ChengDu AoMei Tech Co., Ltd -> AOMEI Tech Co., Ltd.)
S4 BcveServ; C:\Program Files (x86)\Jetico\BestCrypt\BC_VE\bcveserv.exe [126752 2013-08-26] (Jetico Inc. Oy -> )
S4 BCWipeSvc; C:\Program Files (x86)\Jetico\BestCrypt\BCWipeSvc.exe [87840 2013-09-25] (Jetico Inc. Oy -> Jetico, Inc.)
S4 BitKinex; C:\Program Files (x86)\BitKinex\bitkinexsvc.exe [32944 2010-07-12] (Barad-Dur -> )
S3 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [32240 2010-07-14] (Sonic Solutions -> )
S4 BvSshServer-COOLNET; C:\Program Files\Bitvise SSH Server - COOLNET\BvSshServer.exe [12448960 2015-02-22] (Bitvise Limited -> Bitvise Limited)
S4 CAATT; C:\Program Files (x86)\AT&T\Communication Manager\ConAppsSvc.exe [125512 2010-09-02] (AT&T Mobility LLC -> SmithMicro Inc.)
S2 CLDTVHNService; C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe [75048 2009-09-17] (CyberLink -> )
S2 Crypkey License; C:\windows\system32\crypserv.exe [122880 2008-05-07] (CrypKey (Canada) Ltd.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-07-05] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-07-05] (Dropbox, Inc -> Dropbox, Inc.)
S2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
S4 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [232152 2015-05-20] (Dell Inc. -> Dell Inc.)
S4 DeskScapes8; C:\Program Files (x86)\Stardock\DeskScapes8\ds8srv.exe [75376 2014-03-10] (Stardock Corporation -> Stardock Software, Inc)
S2 DragonLoggerService; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [151616 2015-04-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S4 egGetSvc; C:\ProgramsMJ\eagleget\EGMonitor.exe [238592 2016-03-11] ()
S2 Everything; C:\Program Files\JPSoft\TCMD19_x64\Everything.exe [1832688 2015-11-24] (JP Software -> )
S3 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [774656 2015-01-09] (FileZilla Project)
S2 FLService; C:\Windows\SysWow64\WinFLService.exe [92984 2015-03-07] (Newsoftwares.net, Inc SDN BHD -> New Softwares.net)
S2 FreeAgentTheater Service; C:\Program Files (x86)\Seagate\FreeAgent_Theater\Sync\MediaAggreService.exe [169256 2009-07-09] (Seagate Technology, LLC -> Seagate Technology LLC)
S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-02-10] (Ellora Assets Corp.)
S3 GenericMount Helper Service; C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [1571336 2009-09-21] (Symantec Corporation -> Symantec)
S2 Gizmo Central; C:\Program Files (x86)\Gizmo\gservice.exe [34728 2015-03-06] (Arainia Solutions, LLC -> Arainia Solutions)
S4 GJServiceV5; C:\Program Files (x86)\SlySoft\Game Jackal v5\Server.exe [4502200 2013-10-30] (SlySoft, Inc. -> )
S4 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [6309672 2015-02-18] (GlassWire -> SecureMix LLC)
S3 GSService; C:\Windows\SysWOW64\GSService.exe [444640 2014-07-28] (cyan soft ltd -> )
S2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [586536 2016-02-16] (Hauppauge Computer Works Inc. -> Hauppauge Computer Works)
S2 HDDHealth; C:\Program Files (x86)\HDD Health\HDDHealthService.exe [17760 2013-03-08] (Aleksey Cherkasskiy -> )
S2 ImDskSvc; C:\Windows\system32\imdsksvc.exe [18016 2015-04-01] (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist)
S2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344864 2015-01-27] (IObit Information Technology -> IObit)
S2 iReboot; C:\Program Files (x86)\NeoSmart Technologies\iReboot\iRebootd.exe [17408 2009-09-15] ()
S2 IviRegMgr; c:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [110736 2010-05-20] (Corel Corporation -> InterVideo)
S2 Launch TotalMedia Theatre 6 Driver; C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TMTLaunchDriverServer.exe [608256 2014-03-04] (ArcSoft, Inc.)
S2 Leawo_service; C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe [1232880 2014-05-04] (Shenzhen Moyea Software -> )
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE [2999664 2007-09-12] (Symantec Corporation -> Symantec Corporation)
S4 Macro Expert; c:\program files (x86)\grasssoft\macro expert\MacroService.exe [376320 2012-09-20] ()
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes Corporation -> Malwarebytes)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4692840 2016-08-15] (Acronis International GmbH -> Acronis International GmbH)
S2 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [7717528 2016-07-18] (Acronis International GmbH -> Acronis International GmbH)
S2 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1510712 2016-09-13] (Acronis International GmbH -> )
S3 MPlayerWWService; C:\Program Files (x86)\MPlayer\tools\MPlayerWWService.exe [11776 2014-07-09] ()
S2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [69964448 2015-04-03] (Microsoft Corporation -> Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] (Intel Corporation-Wireless Connectivity Solutions -> )
S2 ndsvc; C:\Program Files\NetDrive\ndsvc.exe [2789888 2011-08-31] (Bdrive Inc.)
S4 Norton Ghost; C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe [4584288 2009-10-01] (Symantec Corporation -> Symantec Corporation)
S3 Off-Helper; C:\Program Files (x86)\Hobbyist Software\Off Remote Helper\Off-Helper Service.exe [7680 2016-02-19] (Hobbyist Software)
S2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [4814120 2013-12-06] (O&O Software GmbH -> O&O Software GmbH)
S2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2210792 2018-02-26] (Plex, Inc -> Plex, Inc.)
S2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S4 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [1142768 2014-04-22] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-08-25] (CyberLink Corp. -> )
S4 Rohos Disk; C:\Program Files (x86)\Rohos\agent.exe [825008 2015-02-13] (Tesline-Service s.r.l. -> Tesline-Service SRL)
S4 RoxMediaDB13; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [1099248 2010-07-16] (Sonic Solutions -> Sonic Solutions)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-12-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441512 2015-04-03] (Microsoft Corporation -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated)
S3 Symantec SymSnap VSS Provider; C:\Windows\system32\dllhost.exe /Processid:{D09ABDE6-1536-44C5-8CD8-48B8D1106114} [9728 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
S3 Symantec SymSnap VSS Provider; C:\Windows\system32\dllhost.exe /Processid:{D09ABDE6-1536-44C5-8CD8-48B8D1106114} [9728 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
S3 SymSnapService; C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [2963960 2009-09-21] (Symantec Corporation -> Symantec)
S2 TVersityMediaServer; C:\Users\mjfoxtrot\AppData\Local\TVersity\Media Server\MediaServer.exe [856064 2010-01-18] ()
S2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC. -> GlavSoft LLC.)
S2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12730048 2015-02-06] (VMware, Inc. -> )
S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [638272 2014-08-18] (RealVNC Ltd -> RealVNC Ltd)
S2 VyprVPN; C:\Program Files (x86)\VyprVPN\VyprVPNService.exe [309248 2018-12-23] (Golden Frog, GmbH.)
S2 WebUpdate4; C:\Windows\SysWOW64\WebUpdateSvc4.exe [412776 2013-11-25] (Data Perceptions -> Data Perceptions / PowerProgrammer)
S3 WinAutomation Service; C:\Program Files\WinAutomation\WinAutomation.ServiceAgent.exe [166912 2011-01-26] (Softomotive)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 WindowBlinds; C:\Program Files (x86)\Stardock\WindowBlinds\wbsrv.exe [89600 2014-03-10] (Stardock Corporation)
S2 WindowFX; C:\Program Files (x86)\Stardock\WindowFX\WindowFXSrv.exe [181824 2017-03-23] (Stardock Corporation -> Stardock Corporation)
S2 WindowsScheduler; C:\ProgramsMJ\system_scheduler_pro\WService.exe [13312 2009-08-01] ()
S2 WindowsSchedulerLogon; C:\ProgramsMJ\system_scheduler_pro\WSLogon.exe [52224 2009-08-01] ()
S2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
S3 chromoting; "C:\Program Files (x86)\Google\Chrome Remote Desktop\78.0.3904.7\remoting_host.exe" --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json"
S4 DokanMounter_Dokan_NetDrive2; C:\Program Files\NetDrive2\mounter.exe [X]
S2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
S2 SwiCardDetectSvc; "C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-20] (Microsoft Corporation)
S3 Acceler; C:\Windows\System32\DRIVERS\Accelern.sys [27760 2010-12-13] (STMicroelectronics -> ST Microelectronics)
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-20] (Microsoft Corporation)
S1 AFD; C:\Windows\system32\drivers\afd.sys [496128 2017-04-04] (Microsoft Corporation)
S0 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2014-08-19] (Aomei Technology Co., Limited -> )
S3 AmdK8; C:\Windows\system32\drivers\amdk8.sys [64512 2019-09-16] (Microsoft Corporation)
S3 AmdPPM; C:\Windows\system32\drivers\amdppm.sys [60928 2019-09-16] (Microsoft Corporation)
S2 ammntdrv; C:\Windows\system32\ammntdrv.sys [151480 2014-08-19] (Aomei Technology Co., Limited -> )
S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-12-18] (ChengDu AoMei Tech Co., Ltd -> )
S3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [164832 2013-07-29] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
S2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [17848 2014-08-19] (Aomei Technology Co., Limited -> )
S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Co., Ltd. -> AnvSoft Inc.)
S3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [163832 2019-01-28] (Microsoft Windows Hardware Compatibility Publisher -> RedFox)
S3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [163832 2019-01-28] (Microsoft Windows Hardware Compatibility Publisher -> RedFox)
S3 AppID; C:\Windows\system32\drivers\appid.sys [62464 2019-09-16] (Microsoft Corporation)
S1 ArcCtrl; C:\Windows\System32\drivers\ArcCtrl.sys [3315392 2013-11-20] (ArcSoft, Inc. -> )
S3 AVer7231_x64; C:\Windows\System32\DRIVERS\AVer7231_x64.sys [1800576 2010-08-26] (AVerMedia TECHNOLOGIES, Inc.)
S2 AWEAlloc; C:\Windows\System32\DRIVERS\awealloc.sys [20536 2015-04-01] (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist)
S3 BazisPortableCDBus; C:\Windows\System32\drivers\BazisPortableCDBus.sys [283480 2015-06-04] (Sysprogs OU -> Sysprogs OU)
S1 bcbus; C:\Windows\System32\DRIVERS\bcbus.sys [80064 2013-07-29] (Jetico Inc. Oy -> Jetico, Inc.)
S0 bcfnt; C:\Windows\System32\Drivers\bcfnt.sys [178880 2013-07-29] (Jetico Inc. Oy -> Jetico, Inc.)
S1 BC_3DES; C:\Windows\System32\Drivers\BC_3DES.sys [35520 2013-09-25] (Jetico Inc. Oy -> Jetico, Inc.)
S1 BC_BF128; C:\Windows\System32\Drivers\BC_BF128.sys [31424 2013-09-24] (Jetico Inc. Oy -> Jetico, Inc.)
S1 BC_BF448; C:\Windows\System32\Drivers\BC_BF448.sys [31936 2013-09-24] (Jetico Inc. Oy -> Jetico, Inc.)
S1 BC_BFish; C:\Windows\System32\Drivers\BC_BFish.sys [31424 2013-09-24] (Jetico Inc. Oy -> Jetico, Inc.)
S1 BC_CAST; C:\Windows\System32\Drivers\BC_CAST.sys [38592 2013-09-24] (Jetico Inc. Oy -> Jetico, Inc.)
S1 BC_DES; C:\Windows\System32\Drivers\BC_DES.sys [35008 2013-09-24] (Jetico Inc. Oy -> Jetico, Inc.)
S1 BC_Gost; C:\Windows\System32\Drivers\BC_Gost.sys [26816 2013-09-24] (Jetico Inc. Oy -> Jetico, Inc.)
S1 BC_IDEA; C:\Windows\System32\Drivers\BC_IDEA.sys [28864 2013-09-24] (Jetico Inc. Oy -> Iarsn)
S1 BC_RC6; C:\Windows\System32\Drivers\BC_RC6.sys [31424 2013-09-24] (Jetico Inc. Oy -> Michael Oestergaard Pedersen)
S1 BC_RIJN; C:\Windows\System32\Drivers\BC_RIJN.sys [52416 2013-09-24] (Jetico Inc. Oy -> Jetico, Inc.)
S1 BC_SERP; C:\Windows\System32\Drivers\BC_SERP.sys [38080 2013-09-24] (Jetico Inc. Oy -> Michael Oestergaard Pedersen)
S1 BC_TFISH; C:\Windows\System32\Drivers\BC_TFISH.sys [35520 2013-09-24] (Jetico Inc. Oy -> Jetico, Inc.)
S1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] (Microsoft Corporation)
S0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2010-09-02] (Bytemobile Inc. -> Bytemobile, Inc.)
S3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90112 2018-07-18] (Microsoft Corporation)
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
S3 BthEnum; C:\Windows\system32\drivers\BthEnum.sys [41984 2019-07-29] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [72192 2009-07-13] (Microsoft Corporation)
S3 BthPan; C:\Windows\system32\drivers\bthpan.sys [119296 2017-07-05] (Microsoft Corporation)
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [556032 2019-07-29] (Microsoft Corporation)
S3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [80384 2019-07-29] (Microsoft Corporation)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [274432 2010-10-19] (Intel Corporation)
S1 Capsax64Drv; C:\Windows\System32\Drivers\Capsax64Drv.sys [44312 2016-09-01] (Colasoft Co., Ltd -> Colasoft Co., Ltd.)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92672 2019-02-10] (Microsoft Corporation)
S1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-20] (Microsoft Corporation)
S2 CDRPDACC; C:\Program Files (x86)\Quintessential Media Player\cdrpdacc.sys [5273 2007-01-25] (Arrowkey)
S3 circlass; C:\Windows\System32\DRIVERS\circlass.sys [45568 2009-07-13] (Microsoft Corporation)
S3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [38912 2010-11-20] (Microsoft Corporation)
S1 CSC; C:\Windows\System32\drivers\csc.sys [516096 2018-06-29] (Microsoft Corporation)
S3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Techporch Incorporated -> Dell Inc.)
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [15288 2011-06-15] (Aomei Technology Co., Limited -> )
S3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation)
S1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [115200 2018-04-25] (Microsoft Corporation)
S1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] (Microsoft Corporation)
S2 DLPortIO; C:\Windows\SysWOW64\DRIVERS\DLPortIO.sys [3584 1999-01-10] ()
S3 Dot4; C:\Windows\System32\DRIVERS\Dot4.sys [145920 2009-07-13] (Microsoft Corporation)
S3 Dot4Print; C:\Windows\System32\DRIVERS\Dot4Prt.sys [19968 2010-11-20] (Microsoft Corporation)
S3 dot4usb; C:\Windows\System32\DRIVERS\dot4usb.sys [43008 2009-07-13] (Microsoft Corporation)
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2015-12-08] (Microsoft Corporation)
S3 DrvSnSht; C:\Program Files (x86)\R-Drive Image\DrvSnSht64.sys [132432 2010-05-31] (R-tools Technology Inc. -> R-TT Inc.)
S3 eagleGet; C:\Windows\System32\Drivers\eagleGet.sys [76904 2015-01-31] (DuanLiSha -> eagleGet)
S3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc. -> SlySoft, Inc.)
S3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc. -> SlySoft, Inc.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2018-02-10] (Microsoft Corporation)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S1 Eve; C:\Windows\System32\DRIVERS\eve.sys [41304 2015-01-21] (VSO-SOFTWARE -> )
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195584 2019-02-10] (Microsoft Corporation)
S3 ezplay; C:\Windows\System32\Drivers\ezplay.sys [118400 2015-08-26] (VSO Software)
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [205312 2019-02-10] (Microsoft Corporation)
S0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [375136 2018-02-17] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S0 fsh; C:\Windows\System32\Drivers\fsh.sys [68800 2013-09-15] (Jetico Inc. Oy -> Jetico, Inc.)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [129456 2017-08-24] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [89792 2017-09-19] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation -> Symantec Corporation)
S1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [34704 2015-03-06] (Arainia Solutions, LLC -> Arainia Solutions LLC)
S1 gwdrv; C:\Windows\System32\DRIVERS\gwdrv.sys [33296 2015-02-18] (GlassWire -> SecureMix LLC)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
S3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [350208 2019-08-26] (Microsoft Corporation)
S3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2010-11-20] (Microsoft Corporation)
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-13] (Microsoft Corporation)
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-13] (Microsoft Corporation)
S3 HidUsb; C:\Windows\system32\drivers\hidusb.sys [30208 2019-03-04] (Microsoft Corporation)
S0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37456 2012-02-02] (Paragon Software GmbH -> Paragon Software Group)
S3 HTTP; C:\Windows\System32\drivers\HTTP.sys [754176 2017-12-31] (Microsoft Corporation)
S3 iBtFltCoex; C:\Windows\System32\DRIVERS\iBtFltCoex.sys [59904 2010-11-04] (Intel Corporation)
S2 ImDisk; C:\Windows\System32\DRIVERS\imdisk.sys [44096 2015-04-01] (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist)
S2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2015-07-25] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [342528 2014-03-26] (Intel(R) Corporation)
S3 intelppm; C:\Windows\system32\drivers\intelppm.sys [62464 2019-09-16] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] (Microsoft Corporation)
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-20] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] (Microsoft Corporation)
S3 ISpeakVA; C:\Windows\System32\drivers\wav_mixer.sys [35592 2014-05-08] (Tenorshare Co.,Ltd. -> )
S3 jakstaVA; C:\Windows\System32\DRIVERS\jaksta_va.sys [103816 2014-12-08] (Jaksta Technologies Pty Ltd -> e2eSoft)
S3 jumi; C:\Windows\System32\DRIVERS\jumi.sys [15160 2015-11-10] (JumiTech -> Windows (R) Codename Longhorn DDK provider)
S3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-20] (Microsoft Corporation)
S3 kqemu; C:\Windows\SysWOW64\DRIVERS\kqemu.sys [144622 2010-03-15] ()
S0 KSafeDISK; C:\Windows\System32\Drivers\KSafeDISK.sys [52504 2015-02-07] (XII CNC Inc. -> Toolwiz.com)
S3 leawo_vad; C:\Windows\System32\drivers\leawo_vad.sys [33048 2014-11-13] (Shenzhen Moyea Software -> Shenzhen Moyea Software)
S3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [37408 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
S2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
S3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [26912 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
S3 libusbK; C:\Windows\System32\DRIVERS\libusbK.sys [47200 2016-07-19] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] (Microsoft Corporation)
S2 luafv; C:\Windows\system32\drivers\luafv.sys [114688 2019-03-28] (Microsoft Corporation)
S3 Maplom; C:\Windows\System32\Drivers\Maplom.sys [35384 2013-10-29] (SlySoft, Inc. -> SlySoft Inc.)
S3 MaplomL; C:\Windows\System32\Drivers\MaplomL.sys [60472 2013-10-29] (SlySoft, Inc. -> SlySoft Inc.)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-11-11] (Malwarebytes Corporation -> Malwarebytes)
S3 mcdevice; C:\Windows\System32\DRIVERS\mcdevice.sys [334400 2011-05-19] (Hefei GreenXin Technology Co. Ltd. -> ShiningMorning Inc.)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [21208 2013-02-25] (北京铠信神州科技有限责任公司 -> )
S3 MftWipeFilter; C:\Windows\System32\Drivers\MftWipeFilter.sys [32960 2013-09-25] (Jetico Inc. Oy -> Windows (R) Win 7 DDK provider)
S3 mhk; C:\Windows\System32\Drivers\mhk.sys [17472 2013-03-05] (Jetico Inc. Oy -> Jetico, Inc.)
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] (Microsoft Corporation)
S3 moh; C:\Windows\System32\Drivers\moh.sys [13376 2013-03-05] (Jetico Inc. Oy -> Jetico, Inc.)
S3 monitor; C:\Windows\system32\drivers\monitor.sys [30208 2019-09-09] (Microsoft Corporation)
S3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2018-08-10] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [142336 2016-09-08] (Microsoft Corporation)
S3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [161280 2019-09-16] (Microsoft Corporation)
S3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [291328 2019-09-16] (Microsoft Corporation)
S3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [129536 2019-09-16] (Microsoft Corporation)
S1 mse; C:\Windows\System32\drivers\mse.sys [51896 2015-01-10] (Thanksoft -> Windows (R) Win 7 DDK provider)
S1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2019-02-03] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] (Microsoft Corporation)
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [324608 2017-09-13] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] (Microsoft Corporation)
S3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2018-12-07] (Microsoft Corporation)
S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] (Microsoft Corporation)
S3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] (Microsoft Corporation)
S3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [58368 2018-12-07] (Microsoft Corporation)
S1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [45056 2017-12-31] (Microsoft Corporation)
S1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [262656 2019-02-21] (Microsoft Corporation)
S3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw01.sys [11534096 2015-05-04] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] (CrypKey (Canada) Inc. -> )
S2 NEWDRIVER; C:\Windows\SysWow64\WinVDEdrv6.sys [197648 2015-03-07] (NewSoftwares.net Inc. SDN. BHD. -> )
S3 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44544 2019-09-16] (Microsoft Corporation)
S1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [26112 2017-08-10] (Microsoft Corporation)
S1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [306296 2017-05-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [76840 2017-03-31] (NVIDIA Corporation -> NVIDIA Corporation)
S0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [118032 2012-06-08] (O and O Software GmbH -> O&O Software GmbH)
S0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [40720 2012-06-08] (O and O Software GmbH -> O&O Software GmbH)
S0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [259344 2012-06-08] (O and O Software GmbH -> O&O Software GmbH)
S0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44304 2012-06-08] (O and O Software GmbH -> O&O Software GmbH)
S3 PCTINDIS5X64; C:\Windows\system32\PCTINDIS5X64.SYS [43032 2010-09-02] (Smith Micro Software, Inc. -> Smith Micro Inc.)
S2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [663552 2019-06-12] (Microsoft Corporation)
S2 PfModNT; C:\Windows\SysWOW64\PfModNT.sys [6752 1999-12-16] (Creative Technology Ltd.)
S0 phylock; C:\Windows\System32\drivers\phylock.sys [34864 2013-08-19] (TeraByte, Inc. -> TeraByte, Inc.)
S3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] (Microsoft Corporation)
S3 Processor; C:\Windows\system32\drivers\processr.sys [60928 2019-09-16] (Microsoft Corporation)
S1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2017-12-31] (Microsoft Corporation)
S3 PSMounterEx; C:\Windows\system32\drivers\psmounterex.sys [76408 2013-08-01] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
S3 PSVolAcc; C:\Windows\System32\Drivers\PSVolAcc.sys [13944 2013-06-28] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
S3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-13] (Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 qicflt; C:\Windows\System32\DRIVERS\qicflt.sys [29288 2010-07-01] (Quanta Computer Inc. -> Quanta Computer)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-13] (Microsoft Corporation)
S3 R-ImageDisk; C:\Program Files (x86)\R-Drive Image\R-ImageDisk64.sys [181840 2013-01-15] (R-Tools Technology Inc. -> R-TT Inc.)
S2 RadPciNT; C:\Windows\SysWOW64\Drivers\RadPciNT.sys [9417 2000-04-24] (MediaForte Products Pte. Ltd.)
S3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-20] (Microsoft Corporation)
S1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [317440 2019-09-09] (Microsoft Corporation)
S3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-13] (Microsoft Corporation)
S1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] (Microsoft Corporation)
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165888 2010-11-20] (Microsoft Corporation)
S1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] (Microsoft Corporation)
S1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] (Microsoft Corporation)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [20992 2019-03-11] (Microsoft Corporation)
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [212480 2014-07-16] (Microsoft Corporation)
S3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [158720 2009-07-13] (Microsoft Corporation)
S2 RHDISK_AMD64; C:\Program Files (x86)\Rohos\RHDISK_AMD64.SYS [42920 2014-10-12] (Tesline-Service s.r.l. -> Tesline-Service SRL)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2010-08-30] (Research in Motion Ltd)
S3 ROOTMODEM; C:\Windows\System32\Drivers\RootMdm.sys [11264 2009-07-13] (Microsoft Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-04-20] (RapidSolution Software AG -> RapidSolution Software AG)
S3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-04-20] (RapidSolution Software AG -> RapidSolution Software AG)
S2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] (Microsoft Corporation)
S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [6656 2010-11-20] (Microsoft Corporation)
S1 SafDskNT; C:\Windows\system32\drivers\SAFDSKNT.SYS [76112 2009-12-07] (PC DYNAMICS INC. -> PC Dynamics, Inc.)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] (Microsoft Corporation)
S4 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] (Intel(R) Code Signing External -> )
S3 Ser2pl; C:\Windows\System32\DRIVERS\ser2pl64.sys [199960 2016-10-06] (WDKTestCert charles-yeh,131069736795923936 -> Prolific Technology Inc.)
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-13] (Microsoft Corporation)
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-13] (Microsoft Corporation)
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] (Microsoft Corporation)
S1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [109144 2014-01-30] (Softwareentwicklung Patric Remus - ArchiCrypt - (Patric W.Remus) -> Softwareentwicklung Remus - ArchiCrypt - )
S3 SndTAudio; C:\Windows\System32\drivers\SndTAudio.sys [36064 2014-07-28] (cyan soft ltd -> Windows (R) Win 7 DDK provider)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-12-16] (Disc Soft Ltd -> Duplex Secure Ltd.)
S3 srv; C:\Windows\System32\DRIVERS\srv.sys [464384 2019-09-16] (Microsoft Corporation)
S3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [406016 2019-09-16] (Microsoft Corporation)
S3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [169984 2019-09-16] (Microsoft Corporation)
S0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [21616 2010-08-20] (STMicroelectronics -> ST Microelectronics)
S3 StillCam; C:\Windows\System32\DRIVERS\serscan.sys [12288 2009-07-13] (Microsoft Corporation)
S3 swmsflt; C:\Windows\System32\DRIVERS\swmsflt.sys [50008 2010-04-26] (Sierra Wireless Inc. -> )
S3 SWNC8U80; C:\Windows\System32\DRIVERS\swnc8u80.sys [280064 2009-08-12] (Sierra Wireless Inc.)
S3 SWUMX80; C:\Windows\System32\DRIVERS\swumx80.sys [199552 2009-07-22] (Sierra Wireless Inc.)
S0 symsnap; C:\Windows\System32\DRIVERS\symsnap.sys [170032 2009-09-21] (Symantec Corporation -> StorageCraft)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [36496 2016-10-07] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapvyprvpn; C:\Windows\System32\DRIVERS\tapvyprvpn.sys [44896 2014-12-16] (Golden Frog, GmbH -> The OpenVPN Project)
S3 TBIMount; C:\Windows\System32\drivers\tbimount.sys [374320 2013-02-26] (TeraByte, Inc. -> TeraByte, Inc.)
S1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2010-09-02] (Bytemobile Inc. -> Bytemobile, Inc.)
S2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [46080 2016-07-07] (Microsoft Corporation)
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] (Microsoft Corporation)
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-16] (Microsoft Corporation)
S1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [117248 2017-07-29] (Microsoft Corporation)
S0 tib; C:\Windows\System32\DRIVERS\tib.sys [1267544 2018-02-17] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [212320 2018-02-17] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 tnd; C:\Windows\System32\DRIVERS\tnd.sys [687968 2018-02-17] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [40448 2017-08-13] (Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-20] (Microsoft Corporation)
S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] (Microsoft Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2019-02-10] (Microsoft Corporation)
S1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2013-11-15] (Paragon Software GmbH -> )
S1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2013-11-15] (Paragon Software GmbH -> )
S1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700680 2013-11-15] (Paragon Software GmbH -> )
S3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-20] (Microsoft Corporation)
S5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDA64.sys [955856 2015-11-30] (Hauppauge Computer Works Inc. -> eMPIA Technology Corp.)
S3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEM64.sys [1672528 2015-11-30] (Hauppauge Computer Works Inc. -> eMPIA Technology Corp.)
S3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [204184 2014-03-04] (Intel Wireless Display -> Windows (R) Win 7 DDK provider)
S3 usbccgp; C:\Windows\system32\drivers\usbccgp.sys [99840 2018-05-02] (Microsoft Corporation)
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation)
S3 usbehci; C:\Windows\system32\drivers\usbehci.sys [56320 2018-05-02] (Microsoft Corporation)
S3 usbhub; C:\Windows\system32\drivers\usbhub.sys [344064 2018-05-02] (Microsoft Corporation)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2018-05-02] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-13] (Microsoft Corporation)
S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [42496 2013-07-02] (Microsoft Corporation)
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2016-02-03] (Microsoft Corporation)
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2018-05-02] (Microsoft Corporation)
S3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] (Microsoft Corporation)
S2 VirtualDrive; C:\Program Files (x86)\All Image\vdd-x86.sys [10752 2010-02-16] (Towodo Software)
S2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [331104 2018-02-17] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [21760 2010-11-20] (Microsoft Corporation)
S1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [59392 2010-11-20] (Microsoft Corporation)
S3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [95232 2010-11-20] (Microsoft Corporation)
S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [20528 2009-09-21] (Symantec Corporation -> Symantec Corporation)
S0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-01-07] (VMware, Inc. -> VMware, Inc.)
S2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc. -> VMware, Inc.)
S3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-13] (Microsoft Corporation)
S1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-13] (Microsoft Corporation)
S3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-13] (Microsoft Corporation)
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2018-12-07] (Microsoft Corporation)
S1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2018-12-07] (Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] (Microsoft Corporation)
S1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [36472 2015-03-07] (Newsoftwares.net, Inc SDN BHD -> )
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-20] (Microsoft Corporation)
S2 WinVDEDrv; C:\Windows\SysWow64\WinVDEdrv.sys [225680 2015-03-07] (NewSoftwares.net Inc. SDN. BHD. -> NewSoftwares.net, Inc.)
S2 WiseFS; C:\Windows\WiseFs64.sys [12328 2015-02-26] (Lespeed Technology Ltd. -> WiseCleaner.com)
S1 WMDrive; C:\Windows\SysWOW64\drivers\WMDrive.sys [92536 2015-01-31] (Beijing LoongStore Technology Co.,Ltd -> WinMount International Inc)
S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2018-02-10] (Microsoft Corporation)
S1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [22016 2019-08-19] (Microsoft Corporation)
S3 WsAudio_Device; C:\Windows\System32\drivers\VirtualAudio.sys [31080 2013-03-25] (Wondershare Software Co., Ltd. -> Wondershare)
S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare Software Co., Ltd. -> Wondershare)
S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-01-25] (Wondershare Software Co., Ltd. -> Wondershare)
S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-01-25] (Wondershare Software Co., Ltd. -> Wondershare)
S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-01-25] (Wondershare Software Co., Ltd. -> Wondershare)
S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-01-25] (Wondershare Software Co., Ltd. -> Wondershare)
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-25] (Microsoft Corporation)
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation)
S2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [29896 2016-10-05] (CyberLink Corp. -> CyberLink Corp.)
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S1 CsNdisLWF; System32\Drivers\CsNdisLWF.sys [X]
S2 Dokan_NetDrive2; \??\C:\Program Files\NetDrive2\dokan.sys [X]
S4 mchInjDrv; \??\C:\Users\MJFOXT~1\AppData\Local\Temp\mc240CA.tmp [X] <==== ATTENTION
S3 PCASp60; System32\Drivers\PCASp60.sys [X]
S2 SVKP; \??\C:\Windows\system32\SVKP.sys [X]
S3 SWUMX20; system32\DRIVERS\swumx20.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S2 V2iMount; no ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
UpperFilters: [{4D36E967-E325-11CE-BFC1-08002BE10318}] -> [bcfnt phylock PartMgr oodisr fltsrv]
UpperFilters: [{71A27CDD-812A-11D0-BEC7-08002BE2092F}] -> [ambakdrv SaibAd64 hotcore3 oodisr oodivd fltsrv]
UpperFilters: [{4D36E96B-E325-11CE-BFC1-08002BE10318}] -> [kbdclass mhk]
LowerFilters: [{4D36E967-E325-11CE-BFC1-08002BE10318}] -> [stdcfltn SahdAd64]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-08 21:50 - 2019-12-08 21:51 - 000000000 ____D C:\FRST
2019-12-05 19:51 - 2019-12-05 19:49 - 002315928 _____ (niemiro) C:\SFCFix.exe
2019-12-03 09:24 - 2019-12-03 09:24 - 016817600 _____ C:\Users\mjfoxtrot\Downloads\SetupAnyDVD8420.exe
2019-12-02 05:34 - 2019-12-02 05:34 - 042345744 _____ C:\Users\mjfoxtrot\Downloads\SetupCloneBD64_1270.exe
2019-12-02 05:34 - 2019-12-02 05:34 - 016801424 _____ C:\Users\mjfoxtrot\Downloads\SetupAnyDVD8410.exe
2019-12-02 02:32 - 2019-11-05 12:54 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-12-02 02:32 - 2019-11-05 12:46 - 000142336 _____ (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2019-12-02 00:53 - 2019-12-02 00:52 - 015284088 _____ (Kaspersky Lab ZAO) C:\kavremvr 2019.exe
2019-11-14 04:19 - 2019-11-14 04:19 - 000051024 _____ (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
2019-11-14 04:19 - 2019-11-14 04:19 - 000047600 _____ (Dropbox, Inc.) C:\Windows\System32\Drivers\dbx-stable.sys
2019-11-14 04:19 - 2019-11-14 04:19 - 000047600 _____ (Dropbox, Inc.) C:\Windows\System32\Drivers\dbx-dev.sys
2019-11-14 04:19 - 2019-11-14 04:19 - 000047600 _____ (Dropbox, Inc.) C:\Windows\System32\Drivers\dbx-canary.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-08 17:10 - 2014-12-14 18:03 - 037014490 _____ C:\Windows\ntbtlog.txt
2019-12-06 21:59 - 2014-12-21 03:12 - 000000266 _____ C:\Windows\Tasks\AutoKMS.job
2019-12-06 21:59 - 2014-12-15 23:45 - 000000000 ____D C:\ProgramData\TEMP
2019-12-06 21:59 - 2009-07-13 21:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-06 21:58 - 2014-12-14 18:44 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-06 00:20 - 2014-12-14 14:16 - 000410814 __RSH C:\bootmgr
2019-12-06 00:07 - 2016-03-18 18:33 - 000000000 ____D C:\ProgramData\Hauppauge
2019-12-06 00:06 - 2009-07-13 20:45 - 000025088 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-06 00:06 - 2009-07-13 20:45 - 000025088 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-06 00:05 - 2017-07-05 13:33 - 000000914 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-12-05 23:58 - 2015-02-22 13:56 - 000000000 ____D C:\ProgramData\VMware
2019-12-05 16:15 - 2009-07-13 19:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-12-05 16:14 - 2016-01-24 21:24 - 000000000 ____D C:\Users\mjfoxtrot\AppData\Roaming\Everything
2019-12-05 16:14 - 2014-12-15 21:14 - 000000000 ____D C:\Windows\pss
2019-12-05 16:14 - 2014-12-14 18:35 - 000000000 ___HD C:\Windows\System32\WLANProfiles
2019-12-05 16:14 - 2014-12-14 13:14 - 000000000 ___SD C:\Windows\System32\CompatTel
2019-12-05 16:14 - 2014-12-14 13:14 - 000000000 ____D C:\Windows\System32\appraiser
2019-12-05 16:14 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\servicing
2019-12-05 16:14 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-12-05 16:14 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\inf
2019-12-05 11:33 - 2014-12-23 01:20 - 000000382 _____ C:\Windows\Tasks\WpsUpdateTask_mjfoxtrot.job
2019-12-05 11:07 - 2015-08-08 23:51 - 000000426 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2019-12-05 06:46 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\SysWOW64\inetsrv
2019-12-05 06:46 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\System32\inetsrv
2019-12-03 23:01 - 2009-07-13 21:13 - 000935794 _____ C:\Windows\System32\PerfStringBackup.INI
2019-12-03 22:48 - 2014-12-14 11:33 - 000000000 ____D C:\users\mjfoxtrot
2019-12-03 22:41 - 2015-02-14 22:05 - 000000000 ____D C:\users\DefaultAppPool
2019-12-03 22:39 - 2014-12-14 17:34 - 000000000 ____D C:\Users\mjfoxtrot\AppData\Roaming\Mozilla
2019-12-03 10:39 - 2016-01-26 02:00 - 000000000 ____D C:\Users\mjfoxtrot\AppData\Local\Everything
2019-12-03 10:20 - 2014-12-14 17:54 - 000000000 ____D C:\Users\mjfoxtrot\AppData\Local\ClassicShell
2019-12-03 06:23 - 2014-12-14 22:42 - 000003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{17F8EE6E-0B40-4797-897D-5741E0FEB282}
2019-12-03 03:12 - 2014-12-15 02:55 - 000000000 ____D C:\Users\mjfoxtrot\AppData\Local\Adobe
2019-12-03 02:58 - 2017-07-05 13:33 - 000000910 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-12-03 02:55 - 2009-07-13 23:45 - 000000000 ___RD C:\Users\Public\Recorded TV
2019-12-03 00:18 - 2016-07-19 20:35 - 000000398 __RSH C:\ProgramData\ntuser.pol
2019-12-02 21:14 - 2015-06-21 14:09 - 000000000 ____D C:\Program Files (x86)\Minilyrics
2019-12-02 06:37 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\rescache
2019-12-02 05:41 - 2018-03-15 09:02 - 000004470 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-12-02 05:41 - 2014-12-15 02:56 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-12-02 05:41 - 2014-12-15 02:56 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-12-02 05:41 - 2014-12-15 02:56 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-12-02 05:41 - 2014-12-15 02:56 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-12-02 05:41 - 2014-12-15 02:56 - 000000000 ____D C:\Windows\System32\Macromed
2019-12-02 03:21 - 2009-07-13 20:45 - 005812864 _____ C:\Windows\System32\FNTCACHE.DAT
2019-12-02 01:58 - 2017-07-05 13:43 - 000000000 ___RD C:\Users\mjfoxtrot\Dropbox
2019-12-02 01:53 - 2017-07-05 13:33 - 000000000 ____D C:\Users\mjfoxtrot\AppData\Local\Dropbox
2019-12-02 01:40 - 2017-07-05 13:33 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-12-02 01:25 - 2015-04-03 13:03 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-12-02 01:23 - 2014-12-26 12:36 - 000000299 ___SH C:\ProgramData\.zreglib
2019-12-02 00:00 - 2017-07-22 11:58 - 000000000 ___RD C:\Users\mjfoxtrot\iCloudDrive
2019-11-12 15:59 - 2014-12-14 17:36 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-12 13:03 - 2014-12-14 12:45 - 000748816 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe

==================== FLock ==============================

2015-01-03 19:50 C:\Users\mjfoxtrot\AppData\Roaming\cryptlib

==================== FCheck ================================

(If an entry is included in the fixlist, the file/folder will be moved.)

FCheck: C:\Windows\SysWOW64\sysaddei34.dll [1999-05-05] <==== ATTENTION (zero byte File/Folder)

==================== KnownDLLs (Whitelisted) =========================

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\dllhost.exe => MD5 is legit
C:\Windows\SysWOW64\dllhost.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Association (Whitelisted) =============

==================== Restore Points =========================

==================== Memory info ===========================

Percentage of memory in use: 8%
Total physical RAM: 16278.17 MB
Available physical RAM: 14854.18 MB
Total Virtual: 16276.32 MB
Available Virtual: 14865.89 MB

==================== Drives ================================

Drive c: (WIN7) (Fixed) (Total:678 GB) (Free:90.45 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (WIN10) (Fixed) (Total:117.43 GB) (Free:90.51 GB) NTFS
Drive f: (ACRONIS) (Fixed) (Total:1 GB) (Free:0.91 GB) NTFS
Drive g: (DATA) (Fixed) (Total:382.57 GB) (Free:48.59 GB) NTFS
Drive h: (VISTA) (Fixed) (Total:60 GB) (Free:12.48 GB) NTFS
Drive i: () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT ==>[system with boot components (obtained from drive)]
Drive k: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.16 GB) (Free:0 GB) UDF
Drive l: (USB30FD) (Removable) (Total:116.91 GB) (Free:12.35 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (WIN8) (Fixed) (Total:98.03 GB) (Free:16.48 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 2D29D84B)
Partition 1: (Not Active) - (Size=382.6 GB) - (Type=0E)
Partition 2: (Not Active) - (Size=158 GB) - (Type=0F Extended)
Partition 3: (Not Active) - (Size=60 GB) - (Type=07 NTFS)
Partition 4: (Active) - (Size=98 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 698.6 GB) (Disk ID: 2D29D84A)
Partition 1: (Not Active) - (Size=102 MB) - (Type=06)
Partition 2: (Not Active) - (Size=19.5 GB) - (Type=0C)
Partition 3: (Active) - (Size=678 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1023 MB) - (Type=0F Extended)

==========================================================
Disk: 2 (Size: 116.9 GB) (Disk ID: 500E5053)
Partition 1: (Active) - (Size=116.9 GB) - (Type=0C)

LastRegBack: 2019-12-02 06:27
==================== End of FRST.txt ========================

Sysnative Windows Update · Dec 8, 2019

Unfortunately, I will be unable to assist you any further because there is evidence of tools used to illegally bypass the activation for Microsoft products.

elmendorf764 · Dec 8, 2019

"I will be unable to assist you any further because there is evidence of tools used to illegally bypass the activation for Microsoft products."

Well, that's news to me. I run Win10, Win8, Win7, and Vista on my laptop and all of them are bought, paid for and registered.

Sysnative Windows Update · Dec 8, 2019

You can see the tools in question here:

Code:

2019-12-06 21:59 - 2014-12-21 03:12 - 000000266 _____ C:\Windows\Tasks\AutoKMS.job
Task: {BB7BE5F2-E518-4383-8BD0-4F7F2F9F8F27} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe <==== ATTENTION

elmendorf764 · Dec 8, 2019

I don't use pirated software, at least as far as I know. If you like, I can take pictures of the official Microsoft installation discs with the proper registration codes written on them and send them to you. The product IDs of the operating systems on my laptop would correctly correspond with the registration codes, as verified by the NirSoft utility ProduKey.

The only other Microsoft products I run on my laptop are Microsoft Office 2007 and Microsoft Office Ultimate for Vista, both of which I also have the original packaging and registration codes for. I confess I am not the only person who has access to this laptop, which I have used since 2011. But I can say with certainty that all my operating systems are properly registered, as are my versions of Microsoft office.

Sysnative Windows Update · Dec 8, 2019

I don't necessarily see a problem with your products, but with the presence of the tools used for illegal activation of MS software.

elmendorf764 · Dec 9, 2019

Ok. I thank you for your time.

Sysnative Windows Update · Dec 9, 2019

No problem. Best of luck.

[SOLVED] Win7 Crippled by KB4519976 and KB4525235

elmendorf764

Member

Sysnative Windows Update

Inactive

elmendorf764

Member

Sysnative Windows Update

Inactive

elmendorf764

Member

Sysnative Windows Update

Inactive

elmendorf764

Member

Sysnative Windows Update

Inactive

elmendorf764

Member

Sysnative Windows Update

Inactive

elmendorf764

Member

Sysnative Windows Update

Inactive