Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 20-08-2017 Uruchomiony przez G3orG3 (administrator) DESKTOP-R3FF7QV (23-08-2017 21:22:49) Uruchomiony z C:\Users\G3orG3\Downloads Załadowane profile: G3orG3 (Dostępne profile: defaultuser0 & G3orG3) Platform: Windows 10 Pro Wersja 1607 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: "C:\Users\G3orG3\AppData\Local\Vivaldi\Application\vivaldi.exe" -- "%1") Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Cybereason) C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFreeServiceHost.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe (Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (CyberGhost S.R.L) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe (Cybereason) C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFree.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe (CMedia) C:\Program Files\ASUS Xonar DX Audio\Customapp\AsusAudioCenter.exe (Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe () C:\Program Files (x86)\RocketDock\RocketDock.exe (Flux Software LLC) C:\Users\G3orG3\AppData\Local\FluxSoftware\Flux\flux.exe (Vivaldi Technologies AS) C:\Users\G3orG3\AppData\Local\Vivaldi\Application\update_notifier.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor) HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] () HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] () HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-30] (Microsoft Corporation) HKLM\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe [907144 2015-02-03] () HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [112200 2016-11-12] (VMware, Inc.) HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\AMHelper.exe HKLM-x32\...\Run: [KeepVidProUpdateHelper.exe] => C:\Program Files (x86)\KeepVid\KeepVid Pro\KeepVidProUpdateHelper.exe HKLM-x32\...\Run: [WindowsDefender] => %ProgramFiles(x86)%\Windows Defender\MSASCuiL.exe HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation) HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1 HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKLM\...\Policies\Explorer: [NoResolveSearch] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [4245696 2016-10-19] (Disc Soft Ltd) HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net) HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\Run: [World of Warships] => C:\Games\World_of_Warships\WargamingGameUpdater.exe [3136264 2017-08-07] (Wargaming.net) HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\Run: [f.lux] => C:\Users\G3orG3\AppData\Local\FluxSoftware\Flux\flux.exe [1024240 2016-12-06] (Flux Software LLC) HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1191472 2017-03-08] (CyberGhost S.R.L.) HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\Run: [Spotify Web Helper] => C:\Users\G3orG3\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-05-25] (Spotify Ltd) HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\Run: [Spotify] => C:\Users\G3orG3\AppData\Roaming\Spotify\Spotify.exe [7009904 2017-05-25] (Spotify Ltd) HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\Run: [Vivaldi Update Notifier] => C:\Users\G3orG3\AppData\Local\Vivaldi\Application\update_notifier.exe [4179576 2017-07-11] (Vivaldi Technologies AS) HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\RunOnce: [Edge_DisableAdobeFlashPlayer] => C:\Windows\System32\cmd.exe /c REG ADD "HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Microsoft (dane wartości zawierają 66 znaków więcej). HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\RunOnce: [Edge_DisablePagePrediction] => C:\Windows\System32\cmd.exe /c REG ADD "HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Microsoft (dane wartości zawierają 60 znaków więcej). HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\RunOnce: [Edge_DisableSaveProtectedMediaLicensesonmyDevice] => C:\Windows\System32\cmd.exe /c REG ADD "HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Microsoft (dane wartości zawierają 79 znaków więcej). HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\RunOnce: [Edge_DisableShowSearchSuggestionasItype] => C:\Windows\System32\cmd.exe /c REG ADD "HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Microsoft (dane wartości zawierają 94 znaków więcej). HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\MountPoints2: {01aa39bf-1251-11e7-817d-902b3451f4e0} - "P:\HTC_Sync_Manager_PC.exe" HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\MountPoints2: {4205bec9-ef57-11e6-816c-902b3451f4e0} - "O:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\MountPoints2: {8fc5e00f-317a-11e7-818c-902b3451f4e0} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\MountPoints2: {f1186bfc-13f3-11e7-817d-902b3451f4e0} - "G:\HTC_Sync_Manager_PC.exe" AppInit_DLLs: C:\AeroGlass\UxThemeSignatureBypass\UxThemeSignatureBypass64.dll => C:\AeroGlass\UxThemeSignatureBypass\UxThemeSignatureBypass64.dll [131072 2014-11-25] (Big Muscle) Startup: C:\Users\G3orG3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar415.lnk [2017-08-23] ShortcutTarget: Sidebar415.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) GroupPolicy: Ograniczenia <==== UWAGA GroupPolicy\User: Ograniczenia <==== UWAGA GroupPolicyScripts: Ograniczenia <==== UWAGA GroupPolicyScripts\User: Ograniczenia <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\..\Interfaces\{ad8366ce-65ef-4cd1-93bf-27ac5e1124f8}: [DhcpNameServer] 31.11.202.254 37.8.214.2 Tcpip\..\Interfaces\{b9f93a75-46ed-432e-9016-a3055087b20c}: [DhcpNameServer] 31.11.202.254 37.8.214.2 Tcpip\..\Interfaces\{c7207cb9-93fd-44d0-993d-b9cb0c47b1d4}: [DhcpNameServer] 185.156.172.178 185.93.180.131 83.143.245.42 Internet Explorer: ================== HKU\S-1-5-21-4006257210-923307027-1902655278-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp BHO: Brak nazwy -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Users\G3orG3\AppData\Local\Temp\Rar$EXa0.412\OldNewExplorer64.dll => Brak pliku BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-08-23] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-07-30] (Oracle Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-08-23] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-07-30] (Oracle Corporation) BHO-x32: Brak nazwy -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Users\G3orG3\AppData\Local\Temp\Rar$EXa0.412\OldNewExplorer32.dll => Brak pliku BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-08-23] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-08-23] (Microsoft Corporation) BHO-x32: KeepVid Pro 4.10.0 -> {F9B65201-3D7F-48DA-AAB3-57A6FAD648FD} -> C:\PROGRA~2\KeepVid\KeepVid Pro\BrowserPlugin\KVBrowserAppMgr.dll => Brak pliku Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-23] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-08-23] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-23] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-08-23] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-23] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-08-23] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-23] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-08-23] (Microsoft Corporation) Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - Brak pliku FireFox: ======== FF ProfilePath: C:\Users\G3orG3\AppData\Roaming\Mozilla\Firefox\Profiles\w9fg1b91.default [2017-08-23] FF Extension: (uBlock Origin) - C:\Users\G3orG3\AppData\Roaming\Mozilla\Firefox\Profiles\w9fg1b91.default\Extensions\uBlock0@raymondhill.net.xpi [2017-07-27] FF Extension: (Screengrab (fix version)) - C:\Users\G3orG3\AppData\Roaming\Mozilla\Firefox\Profiles\w9fg1b91.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2017-06-22] FF Extension: (FT DeepDark) - C:\Users\G3orG3\AppData\Roaming\Mozilla\Firefox\Profiles\w9fg1b91.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2017-07-16] FF Extension: (Video DownloadHelper) - C:\Users\G3orG3\AppData\Roaming\Mozilla\Firefox\Profiles\w9fg1b91.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-07-27] FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-07-24] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-07-30] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-07-30] (Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-08-23] (Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-02-07] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-08-23] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-08-23] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-23] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-23] (NVIDIA Corporation) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2017-02-07] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-02-07] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-4006257210-923307027-1902655278-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-02-07] (Tracker Software Products (Canada) Ltd.) Chrome: ======= CHR Profile: C:\Users\G3orG3\AppData\Local\Google\Chrome\User Data\Default [2017-03-19] CHR Extension: (Prezentacje Google) - C:\Users\G3orG3\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-02] CHR Extension: (Dokumenty Google) - C:\Users\G3orG3\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-02] CHR Extension: (Dysk Google) - C:\Users\G3orG3\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-02] CHR Extension: (YouTube) - C:\Users\G3orG3\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-02] CHR Extension: (Arkusze Google) - C:\Users\G3orG3\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-02] CHR Extension: (Kaspersky Protection) - C:\Users\G3orG3\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-02-02] CHR Extension: (Dokumenty Google offline) - C:\Users\G3orG3\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-02] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\G3orG3\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-02] CHR Extension: (Gmail) - C:\Users\G3orG3\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-02] CHR Extension: (Chrome Media Router) - C:\Users\G3orG3\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-02] CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib CHR HKU\S-1-5-21-4006257210-923307027-1902655278-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib Opera: ======= OPR Extension: (Dark Theme for Google™) - C:\Users\G3orG3\AppData\Roaming\Opera Software\Opera Stable\Extensions\fjkfijihipkgkcpbgkohmcngjkdkfcai [2017-06-28] OPR Extension: (Bookmarks Import & Export) - C:\Users\G3orG3\AppData\Roaming\Opera Software\Opera Stable\Extensions\omhcddilnfoiiplehpjihipcocdplljn [2017-05-27] StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab) R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [77872 2017-03-08] (CyberGhost S.R.L) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-08-12] (Microsoft Corporation) R2 CybereasonRansomFree; C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFreeServiceHost.exe [19856 2017-08-07] (Cybereason) R3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe [1392320 2016-10-19] (Disc Soft Ltd) R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [53168 2017-08-17] (AnchorFree Inc.) S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab) S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-11-08] () [Brak podpisu cyfrowego] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-23] (NVIDIA Corporation) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Brak podpisu cyfrowego] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-30] (Microsoft Corporation) R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI) [Brak podpisu cyfrowego] R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [302872 2017-08-12] (RaMMicHaeL) S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-01-20] (SHAREit Technologies Co.Ltd) R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12472904 2016-11-12] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) S3 WiseBootAssistant; C:\BAZA\Wise Care 365\BootTime.exe [X] S3 WsDrvInst; "C:\Program Files (x86)\KeepVid\KeepVid Pro\DriverInstall.exe" [X] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 33799554; C:\Windows\System32\drivers\33799554.sys [478392 2017-08-23] (Kaspersky Lab ZAO) R3 AFTrafMgr1.3; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_3_64.sys [64912 2017-08-15] (AnchorFree Inc.) S3 CisUtMonitor; C:\Windows\System32\DRIVERS\CisUtMonitor.sys [44816 2016-08-25] (CrystalIdea Software) R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2015-06-02] (C-Media Inc) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 dtproscsibus; C:\Windows\System32\drivers\dtproscsibus.sys [30264 2016-11-09] (Disc Soft Ltd) R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c65x64.sys [472016 2016-07-18] (Intel Corporation) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-08-21] () S3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [13312 2016-07-16] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-11-08] (REALiX(tm)) S3 hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [16384 2016-07-16] (Microsoft Corporation) [Brak podpisu cyfrowego] R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab) R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [197312 2017-07-24] (AO Kaspersky Lab) R1 klhk; C:\Windows\System32\drivers\klhk.sys [520152 2017-07-24] (AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [186696 2017-08-23] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1021624 2017-07-24] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [57424 2016-12-07] (AO Kaspersky Lab) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab) R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-07-06] (AO Kaspersky Lab) R3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [87584 2017-08-22] (AO Kaspersky Lab) S3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [251656 2017-07-06] (AO Kaspersky Lab) R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [112912 2017-07-06] (AO Kaspersky Lab) R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [173144 2017-07-06] (AO Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab) R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [136416 2017-03-14] (AO Kaspersky Lab) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [199640 2017-07-24] (AO Kaspersky Lab) R3 LVPr2M64; C:\Windows\system32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [192960 2017-08-23] (Malwarebytes) R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [101824 2017-08-23] (Malwarebytes) R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-08-23] (Malwarebytes) R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253888 2017-08-23] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [94144 2017-08-23] (Malwarebytes) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2015-08-21] (Riverbed Technology, Inc.) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2a6e383a1adc0e24\nvlddmkm.sys [14569528 2017-02-24] (NVIDIA Corporation) S3 s3cap; C:\Windows\System32\drivers\vms3cap.sys [9216 2016-07-16] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 sshid; C:\Windows\System32\drivers\sshid.sys [52960 2016-10-05] (SteelSeries ApS) S3 Synth3dVsc; C:\Windows\System32\drivers\Synth3dVsc.sys [64000 2016-07-16] (Microsoft Corporation) [Brak podpisu cyfrowego] R3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42064 2017-03-21] (Anchorfree Inc.) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [25088 2016-07-16] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation) [Brak podpisu cyfrowego] R0 vsock; C:\Windows\system32\DRIVERS\vsock.sys [91712 2016-09-30] (VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 WiseRegNotify; C:\Windows\WiseRegNotify.sys [29616 2016-10-04] (WiseCleaner.com) [Brak podpisu cyfrowego] R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-08-03] (BigNox Corporation) ========================== MD5 sterowników ======================= C:\Windows\System32\drivers\1394ohci.sys A7901875F89D011C38CF52C98ACF5B29 C:\Windows\System32\drivers\33799554.sys BEE1682DA217A4AD46C36896769AA580 C:\Windows\System32\drivers\3ware.sys EE1CCC54F75C24727A218F98FC5349DA C:\Windows\System32\drivers\ACPI.sys 73C73E1AA0D4D727A04AAAB120B7F56A C:\Windows\System32\drivers\AcpiDev.sys 0935496EF9624B46B935CB35ECE1F205 C:\Windows\System32\Drivers\acpiex.sys D6794C31F4077B71433988787BAA926E C:\Windows\System32\drivers\acpipagr.sys FE5F656D6B35089DA39112E74EC6A85A C:\Windows\System32\drivers\acpipmi.sys 2F242941E4DFF69B883D77A16F039557 C:\Windows\System32\drivers\acpitime.sys C247E35A21682DA8D0DC3AF9F025FCC5 C:\Windows\System32\drivers\ADP80XX.SYS 49B9DB97AFC85DCCBDACDAB2E90085B7 C:\Windows\system32\drivers\afd.sys 983266DA83FFF73DBDDD3730A4712228 C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_3_64.sys 9825FEEA135CBB301F84461188344692 C:\Windows\System32\DRIVERS\ahcache.sys E44DB3F7225EC3E119560738B3619972 C:\Windows\System32\drivers\amdk8.sys DF21E05E41E5AC3F13F304D91457649A C:\Windows\System32\drivers\amdppm.sys 45D0AA4BB90B821DF92E8F19ABED0C5E C:\Windows\System32\drivers\amdsata.sys 74FFBC43B4B899C9A8CA06A892F2CE73 C:\Windows\System32\drivers\amdsbs.sys AAB0F1D8D7E54761ABAB13AF161F1680 C:\Windows\System32\drivers\amdxata.sys F91BAAC4237C40352A807000F3B716F9 C:\Windows\System32\drivers\appid.sys BC121C099C6C659126AD2102AFDFF8CF C:\Windows\System32\drivers\applockerfltr.sys 68190E2BADF23BD782344970E5B5DE9E C:\Windows\system32\drivers\AppvStrm.sys B66ED2CB37F7E4696A51612AFBA08834 C:\Windows\system32\drivers\AppvVemgr.sys 8DC924848E20F890BEFC6B31136D46BE C:\Windows\system32\drivers\AppvVfs.sys 9ADC5A8BEE10E174F95349E9232D8E76 C:\Windows\System32\drivers\arcsas.sys E6AB1F0B4C3D4E0D2A88332D76FECD03 C:\Windows\System32\drivers\asyncmac.sys 61C5A480C43E7E8E49C42869F49D0D3E C:\Windows\System32\drivers\atapi.sys A10F989A812B57B9695F6C305907C9C6 C:\Windows\System32\drivers\bxvbda.sys 61BAC67048CA5C1D08C48FCC8012B613 C:\Windows\System32\drivers\BasicDisplay.sys 68F72B05EBC6D1779C0D60A147C7CA0B C:\Windows\System32\drivers\BasicRender.sys 23156E7EDAF613D839E2839746B168D3 C:\Windows\System32\drivers\bcmfn.sys 3F5523DCEFE42B385659C5CB46A6B810 C:\Windows\System32\drivers\bcmfn2.sys 0B750A6A6D847E73CA48ADD7A0F5A393 C:\Windows\System32\Drivers\Beep.sys 0A508274355745EEF01C6BE3198D02C4 C:\Windows\System32\DRIVERS\bowser.sys EEBFAEB4702E1049ECD44B10485E6C0C C:\Windows\System32\drivers\BthAvrcpTg.sys 722036C26D2C4E50EC2A2EC5FD678846 C:\Windows\System32\drivers\bthhfenum.sys C2E31BE025D46D189E38DD1EDF07837A C:\Windows\System32\drivers\BthHFHid.sys F7CD605FC0B0B22F3F6F247595E3A655 C:\Windows\System32\drivers\bthmodem.sys 535DC41A33630AE4C262406F9E981C03 C:\Windows\System32\drivers\buttonconverter.sys 23F9EF739F685E07482116425E7879AA C:\Windows\System32\drivers\capimg.sys 4C61113687EB66035A70A55EE9B7DB4A C:\Windows\System32\DRIVERS\cdfs.sys F8FB51B9EF6372610E9B31A1D86B62FC C:\Windows\System32\drivers\cdrom.sys 613D0137C269187FA298A157E3D14A18 C:\Windows\System32\drivers\cht4sx64.sys 0AED948DA8D5F08B3D6F12E4E2089736 C:\Windows\System32\drivers\cht4vx64.sys 0002A0FDE087C1657AB31CE73077539C C:\Windows\System32\drivers\circlass.sys 6B4F90A287D75CCD78694F6790C911B2 C:\Windows\System32\DRIVERS\CisUtMonitor.sys 54F1192135AA6A2D5E12641C454BA3E1 C:\Windows\System32\drivers\CLFS.sys 09D0B94D3A06EFD1EB70189EC4B26DF7 C:\Windows\System32\drivers\registry.sys EEC3A4A98AE1A337E3CD1483AD6F2E15 C:\Windows\System32\drivers\CmBatt.sys 429623E266EF067A44E8CF148E9DFB9B C:\Windows\system32\drivers\cmudaxp.sys 12145BABD827F3B68B27A4F73B7284CD C:\Windows\System32\DRIVERS\cm_km.sys B29A764A1E76473CD9D64C9438705C19 C:\Windows\System32\Drivers\cng.sys 3E502EB1701CF54CF237B6250FBE38EA C:\Windows\System32\DRIVERS\cnghwassist.sys 3DB10C59405931E2C72EFB82C1AF97D1 C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys 34C935AF2A414572B412B3556586D783 C:\Windows\System32\drivers\condrv.sys 44EEEB2382F566999287E13F2067693C C:\Windows\System32\drivers\dam.sys 68B1E0DA1BB1680494227E88CE821E2F C:\Windows\System32\Drivers\dfsc.sys 7EAFDEF51136E8F2452CEBD8D084F108 C:\Windows\system32\DRIVERS\ssudbus.sys 9593475FBC857A05D93BFF4FA7323C2B C:\Windows\System32\drivers\disk.sys 35B9D46560339A5A7F0CAC6ED702C817 C:\Windows\System32\drivers\dmvsc.sys 815F45161A4571C2C44491564F3D5968 C:\Windows\system32\DRIVERS\drmkaud.sys AE6BD4C879A8C849E53947C92DF3B3A0 C:\Windows\System32\drivers\dtproscsibus.sys 726E40B11612664486BB6C6105283C95 C:\Windows\System32\drivers\dxgkrnl.sys D2EC2AD9C2F514AEECD5EC2B46107228 C:\Windows\system32\DRIVERS\e1c65x64.sys 6C58703CA818801BC98EADA857FA405E C:\Windows\System32\drivers\E1G6032E.sys CCED99682127E8582E5F716ECE775EF8 C:\Windows\System32\drivers\e1i63x64.sys 83E4A14F851341C933C3235BFB882ECA C:\Windows\System32\drivers\evbda.sys 7EC6FC0266D74BD47ABB130A328B70EC C:\Windows\System32\drivers\EhStorClass.sys 8D74B8B5D6F7C5BC4C525BAF2B083FF1 C:\Windows\System32\drivers\EhStorTcgDrv.sys 2A9817B5A9260D8F60D52E36BEF10443 C:\Windows\System32\drivers\errdev.sys 77B60DEC7DCB4233E4A69D3F52E5DB24 C:\Windows\system32\drivers\mbae64.sys F89A17B7F8DC5BCE6008B04D2F6722ED C:\Windows\System32\Drivers\exfat.sys FCD2C63754C2E739A8EEAD9BC63F9DDC C:\Windows\System32\Drivers\fastfat.sys C077AA74EDDAF69985EB27597BCB342A C:\Windows\System32\drivers\fdc.sys 99598ECA5E41996E005D5B9D9FF1EFA2 C:\Windows\System32\drivers\filecrypt.sys F44F666B0EACC3181544FFCF8CA0FFC7 C:\Windows\System32\drivers\fileinfo.sys 78A210DDFDF2C9EC884631D2DAA573F0 C:\Windows\System32\drivers\filetrace.sys 1A97DB5E701A186989F3795223C3BE39 C:\Windows\System32\drivers\flpydisk.sys 46626665F0E5906E45619B4EFD6186B8 C:\Windows\System32\drivers\fltmgr.sys FDA72ACA14D516D18C33AFCD0FD9260F C:\Windows\System32\drivers\FsDepends.sys D152CCBFC8251670BF0AAFE00D6BC782 C:\Windows\System32\Drivers\Fs_Rec.sys 6D6BB5C7363CD35FA715E826F3D029EE C:\Windows\System32\DRIVERS\fvevol.sys 8EEC4925C03E375C4EC496E45C44139A C:\Windows\System32\drivers\vmgencounter.sys EF78034773CE506323655A868C949144 C:\Windows\System32\drivers\genericusbfn.sys B55FEBC6A00DAA1FE074F020B6907516 C:\Windows\System32\Drivers\msgpioclx.sys DDD8A8CDDC7F13EF57D1DAAE71865936 C:\Windows\System32\drivers\gpuenergydrv.sys 7ACD8F69B5D6EC97E6D2C006E19BED88 C:\Windows\system32\DRIVERS\hcmon.sys B23BDC42F7F8EB7A37587FA029B81ADE C:\Windows\system32\DRIVERS\HdAudio.sys 217230B984AB2954E2FA5E36578D7B08 C:\Windows\System32\drivers\HDAudBus.sys 10E3515FE5DBA6656FA62C29342EC4A1 C:\Windows\System32\drivers\HidBatt.sys B90D284B97CD4CA9DE7430AAAD887A56 C:\Windows\System32\drivers\hidbth.sys B2FE11643CC6ACDEE6C247DD36018FDB C:\Windows\System32\drivers\hidi2c.sys D24355488A2D4D2323518EC1AC7A6D9E C:\Windows\System32\drivers\hidinterrupt.sys 0AF9ABBA4F3F55C6C803890D64BC3C29 C:\Windows\System32\drivers\hidir.sys CDBCF8E9AB06D88A1E1191D32F320C5D C:\Windows\System32\drivers\hidusb.sys D8536CB438CC4CCDAE047B768EED22B2 C:\Windows\System32\drivers\HpSAMD.sys F5CA18197B4646E04DB9EB2D6642CC4D C:\Windows\System32\Drivers\ANDROIDUSB.sys F47CEC45FB85791D4AB237563AD0FA8F C:\Windows\system32\DRIVERS\HtcVComV64.sys 7C7C986776D00E575BFBDE5DCBDC615D C:\Windows\System32\drivers\HTTP.sys BAFD8946905DF03E6ECDDB154A4BAA9C C:\Windows\System32\drivers\hvservice.sys 74FC79C52395B10FFD0B55CF22CF88FC C:\Windows\system32\drivers\HWiNFO64A.SYS EF558A02D734A1403583E95CCEEC2487 C:\Windows\System32\drivers\hwpolicy.sys 771EDDA9830A3079F996F34D681FB6E5 C:\Windows\System32\drivers\hyperkbd.sys 3B9F315E7FA72CC25228EB097DD9C694 C:\Windows\System32\drivers\i8042prt.sys B54B30992620C97230013A74461C8517 C:\Windows\System32\drivers\iagpio.sys C6B8743B213F06AA60943D8366FE968F C:\Windows\System32\drivers\iai2c.sys 9A2A2F3C69B9A30B6E78536F6D258BAD C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys 5A0E850F8CD17791A3E6A3CF81D0CA28 C:\Windows\System32\drivers\iaLPSS2i_I2C.sys 7508F1096803385D6376BFD0BD473AC4 C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 16A10CCEDCF5AC4CAAE43DC9FC40392F C:\Windows\System32\drivers\iaLPSSi_I2C.sys EB82A11613326691508D9ED9A4FE29E7 C:\Windows\System32\drivers\iaStorAV.sys 97E553D03219D3D51705C7235D9EAEBD C:\Windows\System32\drivers\iaStorV.sys 8350FE3BCDE3428BC040877BB7E9EAEB C:\Windows\System32\drivers\ibbus.sys 3BA03F7C7700DDF4C383DDE9252F5817 C:\Windows\System32\drivers\IndirectKmd.sys 2A01C96DF5802D3434634E55C91232D8 C:\Windows\system32\drivers\RTKVHD64.sys D172E06EFE08DF148155A59DB716C1B6 C:\Windows\system32\DRIVERS\IntelHaxm.sys CABBDB31EA03DCC5CFA2F47CFF5CC73A C:\Windows\System32\drivers\intelide.sys 9F7E87F6595D065A8A200A291043045E C:\Windows\System32\drivers\intelpep.sys A6BD2E20AE1BC5CB2776C87C28E4F4CA C:\Windows\System32\drivers\intelppm.sys 2A48DA39542636DB0FA3BA915385D1B3 C:\Windows\System32\drivers\iorate.sys 4A922CAB4AB5F29F1BECC9D95B4B7F05 C:\Windows\System32\DRIVERS\ipfltdrv.sys FE85D0A86CA7A5A99CF8CD04DE7F80AE C:\Windows\System32\drivers\IPMIDrv.sys 450DBDD716C7911F83E05F78EE18BFA2 C:\Windows\System32\drivers\ipnat.sys F1DAECC3B3D6399875D4F10529D6A77C C:\Windows\system32\drivers\irda.sys 7475A2903BB704B446AA6309E34D3362 C:\Windows\System32\drivers\irenum.sys 9725E7F0C64CE9916A5CDABE8D6E13C3 C:\Windows\System32\drivers\isapnp.sys 58040898883A96160D41739C80328BBF C:\Windows\System32\drivers\msiscsi.sys C9FD02D62E09337B67B0C61EC8CA38CC C:\Windows\System32\drivers\kbdclass.sys 210808437570BDDEE71A43535E3A2D30 C:\Windows\System32\drivers\kbdhid.sys 0B779E9FC426CA2268D28181FA6C222F C:\Windows\System32\DRIVERS\kl1.sys 97E3E8F35632EECD0ABD2DE6519A9666 C:\Windows\System32\DRIVERS\klbackupdisk.sys B01AD8DA034EE42D4C2282F77FDB03AE C:\Windows\System32\DRIVERS\klbackupflt.sys 10549B5BFD9A3DCF4FFA6287236FA959 C:\Windows\system32\DRIVERS\kldisk.sys 7DAA9047F50BF5A3F8C147719FC520AF C:\Windows\System32\DRIVERS\klelam.sys 5766A27C85EE813029831D125D2EFB45 C:\Windows\system32\DRIVERS\klflt.sys 10F22365381D41EBD3BB08A7BEA15CDD C:\Windows\System32\drivers\klhk.sys 368E5BE52E16307F41C014EE850EE67F C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys BD140112BE2AE22B9912206407AD76A4 C:\Windows\System32\DRIVERS\klif.sys A1DF9BDEDC9105F6085751CC2168F664 C:\Windows\system32\DRIVERS\klim6.sys 6357C533C30650361110DBAF59A25DF8 C:\Windows\system32\DRIVERS\klkbdflt.sys 5480CC93737F48282552C84FA7EBA59B C:\Windows\system32\DRIVERS\klmouflt.sys FD47C92A63B6EADEA830BFA96C06EAEE C:\Windows\System32\DRIVERS\klpd.sys 6B0C605591C892CBB683F63EA47822DC C:\Windows\System32\Drivers\klupd_klif_arkmon.sys 097D722294B9C1FA6E514A088F2E6B6E C:\Windows\System32\Drivers\klupd_klif_kimul.sys A7E26109DE0E310EEE5CFEEA9E821DCA C:\Windows\System32\Drivers\klupd_klif_klark.sys 6A80ECDC10138AC34E48A4BE684E06F9 C:\Windows\System32\Drivers\klupd_klif_klbg.sys EBC5ACF5F373981161752650BC17DD4E C:\Windows\System32\Drivers\klupd_klif_mark.sys D0B29808F37C6F6373AB16B716D9A1F8 C:\Windows\system32\DRIVERS\klwfp.sys 4C5305295B51BA72FC9C8CDAB32F95C3 C:\Windows\system32\DRIVERS\klwtp.sys 4799405773BB400A2FF96663CF0EE4A2 C:\Windows\system32\DRIVERS\kneps.sys 2426B9215884C60F7E021AA94827DC57 C:\Windows\System32\Drivers\ksecdd.sys 705C0F8BCCEF6E7CB704CCB454192D7E C:\Windows\System32\Drivers\ksecpkg.sys 55AD13E2BAFC5AB53A10F8C271F5D242 C:\Windows\system32\drivers\ksthunk.sys 4ED115CD1A1099705F56B5E0FFF97CC6 C:\Windows\System32\drivers\L1C63x64.sys A9E95471762BFCC39B1A3C391F00A2A1 C:\Windows\System32\drivers\lltdio.sys 5933A6673F00D8255C52957E40C2D601 C:\Windows\System32\drivers\lsi_sas.sys 8E1B0946948CCC0BC1FA3CB70374A795 C:\Windows\System32\drivers\lsi_sas2i.sys 4F68163FC04C973500DC4DA0946917B0 C:\Windows\System32\drivers\lsi_sas3i.sys E5AC5F2815938651CDCC27F425474673 C:\Windows\System32\drivers\lsi_sss.sys CCF6EC9FB9B8F18E05B4253E81013E48 C:\Windows\system32\drivers\luafv.sys C9579D32219E5B936AC3A48D470117EC C:\Windows\system32\DRIVERS\lvpopf64.sys B2085E335F2B57077B0CBADB6F1245CD C:\Windows\system32\DRIVERS\LVPr2M64.sys DED333DBDBBCC3555A6E6244522E2F1A C:\Windows\System32\DRIVERS\LVPr2M64.sys DED333DBDBBCC3555A6E6244522E2F1A C:\Windows\system32\DRIVERS\lvrs64.sys 986C1CB787A007BAA5F74E7D316D7246 C:\Windows\system32\DRIVERS\lvuvc64.sys 5747BC465ABEA2858C5D037252AED84E C:\Windows\system32\drivers\MBAMChameleon.sys 25FAEF6CCFF6D9912A65641AE60711EB C:\Windows\system32\DRIVERS\farflt.sys 4988F9AEE3B9E4545975CAA9381DB0EF C:\Windows\system32\drivers\mbam.sys 149E252142950594695178971748D056 C:\Windows\System32\drivers\MBAMSwissArmy.sys 94FCA94EE7937EA3ED75F39DE4C8E292 C:\Windows\system32\drivers\mwac.sys CC6522BC2BD971FEBADC5A794A908E4D C:\Windows\system32\drivers\MBfilt64.sys 8FF2D95CBA49B405C5DE27039FF0BF35 C:\Windows\System32\drivers\megasas.sys C3CDCCF07486BD2616A7B82946E07AC0 C:\Windows\System32\drivers\megasr.sys FADB2FE017E69EECE0E1BA78661C2E8C C:\Windows\System32\drivers\TeeDriverW8x64.sys 220B49994DCFAC3BB242A8C3047E58A2 C:\Windows\System32\drivers\mlx4_bus.sys FD60818B66B2E8A5415EA840E99A9D8F C:\Windows\system32\drivers\mmcss.sys 68F6977F1CFBAAC770D940A8C0326FA1 C:\Windows\System32\drivers\modem.sys D842ADDB5911945D51F61A0B1C8F36E3 C:\Windows\System32\drivers\monitor.sys 9CCCB7FC3EDADEBA461D78615A6011A6 C:\Windows\System32\drivers\mouclass.sys 27A07B2FB2E3057DA8DAEA4F25D843C7 C:\Windows\System32\drivers\mouhid.sys 7BD6E7F7C9001AB21B8362CFFEE80B25 C:\Windows\System32\drivers\mountmgr.sys F5BDAEE4B7D369D4C74668DCFBA3FF10 C:\Windows\System32\drivers\mpsdrv.sys 30844BD376F9D01E62C820BEF446F1F8 C:\Windows\system32\drivers\mrxdav.sys 50C2389CD04C5B8632E3DC2D733EF15D C:\Windows\System32\DRIVERS\mrxsmb.sys E671EDAB0726E05ECEF4058B4CD73C4D C:\Windows\System32\DRIVERS\mrxsmb10.sys 200E4A385F5F370D8866BAE25B0D9D32 C:\Windows\System32\DRIVERS\mrxsmb20.sys F7C22604CD8AFB9AF1C1E3CE39A5A09F C:\Windows\System32\drivers\bridge.sys 74C9D21523DAE0C18F413C196DF0058A C:\Windows\System32\Drivers\Msfs.sys F01B849D9D4A8CEAF32D4FDBD0B83C92 C:\Windows\System32\drivers\msgpiowin32.sys 22ECD8F5D1DFADF2011BBB1700CB871D C:\Windows\System32\drivers\mshidkmdf.sys FD870F6968A145E4D2BA8A8842686B03 C:\Windows\System32\drivers\mshidumdf.sys 30364757963A028CE5DF0FBAAC270173 C:\Windows\System32\drivers\msisadrv.sys 6BB0FEDDAE7135FA37FFAFF4D9E0E876 C:\Windows\system32\DRIVERS\MSKSSRV.sys 13D614E6B51ECF36746C48CE829FA7F6 C:\Windows\System32\drivers\mslldp.sys 642CDE46351D5D2D90311E77072AB46D C:\Windows\system32\DRIVERS\MSPCLOCK.sys F2302A5CE63CA7673200FAFCEEEDB6AF C:\Windows\system32\DRIVERS\MSPQM.sys 6114512EA26E835BA522C63635429DB5 C:\Windows\System32\Drivers\MsRPC.sys AA538E16E644D00E3BA5349BBA9598EC C:\Windows\System32\drivers\mssecflt.sys 7ACFE7435317E791FF9EED2F49B402F2 C:\Windows\System32\drivers\mssmbios.sys 0543BEFD41EC4D25C7F7CF36409CEC7D C:\Windows\system32\DRIVERS\MSTEE.sys C1569E4DB8EFE3617847BF041A3C842F C:\Windows\System32\drivers\MTConfig.sys 130B16970154BA9876B09E5C4BAC63BE C:\Windows\System32\Drivers\mup.sys 15D987C8F6CCD4AC94E070C5986762CB C:\Windows\System32\drivers\mvs91xx.sys 7BDB37C4EA87570E69F415E354FB8B46 C:\Windows\System32\drivers\mvumis.sys 3D2C5B4995CA0751D32DEA0DE9FDFE44 C:\Windows\System32\DRIVERS\nwifi.sys DB31EBB04C871F422C36A0962DA7D38B C:\Windows\System32\drivers\ndfltr.sys 629CB21AC49C8867E0F29DF1C16DB7B4 C:\Windows\System32\drivers\ndis.sys C1294D97AAD475701EB35DF8422D6E15 C:\Windows\System32\drivers\ndiscap.sys 6DD605338FAAF6BA17662AA874E0D162 C:\Windows\System32\drivers\NdisImPlatform.sys E34196F285F8B8879E1FF36C31F7179E C:\Windows\System32\DRIVERS\ndistapi.sys 1FAD2398673F30CEC616B89C46B7DCBA C:\Windows\System32\drivers\ndisuio.sys AEB8ECBE66CC46854066CB1F5623E179 C:\Windows\System32\drivers\NdisVirtualBus.sys 7340104C2BF2F126714F7CDE85E63610 C:\Windows\System32\drivers\ndiswan.sys 07ADC1F8DCBEB8104D75129B11584B8C C:\Windows\System32\DRIVERS\ndiswan.sys 07ADC1F8DCBEB8104D75129B11584B8C C:\Windows\System32\DRIVERS\NDProxy.sys 78A12E3DF035B5D054986949B19BE43C C:\Windows\System32\drivers\Ndu.sys 04C8859355C1DC9C0FA198D1894D71C2 C:\Windows\System32\drivers\NetAdapterCx.sys 6C76780A01FC2B885BD6E957B5C36B02 C:\Windows\System32\drivers\netbios.sys 5D1513BD6430307C9DB86C6E351372ED C:\Windows\System32\DRIVERS\netbt.sys 6FEBB0A847FFD5F057B9AC8889F1B9A7 C:\Windows\system32\drivers\npf.sys DE7FCC77F4A503AF4CA6A47D49B3713D C:\Windows\System32\Drivers\Npfs.sys 001CBD7A2CD45C4EB39C01C3C677EF73 C:\Windows\System32\drivers\npsvctrig.sys 90F5DC9802AAA00CD0B6E2AD9E7FFADC C:\Windows\System32\drivers\nsiproxy.sys 0C6218321A09A7B51BA7FFAFBA4CCB21 C:\Windows\System32\Drivers\NTFS.sys 5DD8CB01C0394F8D052763D2E3C6E684 C:\Windows\System32\Drivers\Null.sys 6E6DD6F9DD2A034CF85E94047DBDB992 C:\Windows\system32\drivers\nvhda64v.sys A138890751D328A9ADEAFCB4CC0B6370 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2a6e383a1adc0e24\nvlddmkm.sys 3A461DD99474F5A27B32A2F43AA596B9 C:\Windows\System32\drivers\nvraid.sys D261DF41F0840F734856A2B4F5E072C7 C:\Windows\System32\drivers\nvstor.sys 23B702B555EB0436B9DAA0BC63DA65CE C:\Windows\System32\drivers\parport.sys 6B81BF7853D161DB8AC62CD8B9C2DE6B C:\Windows\System32\drivers\partmgr.sys 9DB326B54C03EF2892E7551D8B354036 C:\Windows\System32\drivers\pci.sys D723D2C98598B0DF5832427740B2825D C:\Windows\System32\drivers\pciide.sys 214DCC87E3898F738075D1341252A552 C:\Windows\System32\drivers\pcmcia.sys AED76A3333B3A31536E430020E0226FC C:\Windows\System32\drivers\pcw.sys E63FB38B6E75B39467492FBAD2CD512A C:\Windows\System32\drivers\pdc.sys 9EA203A07EFA6D74F07F32EF0DAB5CA6 C:\Windows\System32\drivers\peauth.sys 1509A77F840AA9E72CF8247D0CF2FBDE C:\Windows\System32\drivers\percsas2i.sys 540116170E2135FCD5DDE77702166B67 C:\Windows\System32\drivers\percsas3i.sys 8356F87553BF49C703CF382033815898 C:\Windows\System32\drivers\raspptp.sys 5645B9D9788CCA2C88B9534996ED2D6D C:\Windows\System32\drivers\processr.sys 372913E12677A8CBBBABDD8311894F9D C:\Windows\System32\drivers\pacer.sys FC98407B85A31161851FDE245517574F C:\Windows\system32\drivers\qwavedrv.sys 819602BBBFDB0BD46DEA3715BF0DD452 C:\Windows\System32\DRIVERS\rasacd.sys CDF47037A0939F56D11F699629C276AD C:\Windows\System32\drivers\AgileVpn.sys 28C2EA278070EE12701D0EDF8CB0EC36 C:\Windows\System32\drivers\rasl2tp.sys 17E565710172ED71B8531D8822E1C5D1 C:\Windows\System32\drivers\raspppoe.sys 9387DF155233D45D4E010F4F2FB52A57 C:\Windows\System32\drivers\rassstp.sys F0F4EEDEEBEE7A4244FAFB96A16B5712 C:\Windows\System32\DRIVERS\rdbss.sys EDAF0E161BE98CCC4FC9671481600745 C:\Windows\System32\drivers\rdpbus.sys 79A415E6FA915EFC00297DAB16EC2635 C:\Windows\System32\drivers\rdpdr.sys 7135785C21CA79D270D11037C43D3F19 C:\Windows\System32\drivers\rdpvideominiport.sys 97A61A3CB2B5CB4FC32B3224EF333448 C:\Windows\System32\drivers\rdyboost.sys 69BB204AE07EE84ECFAB1BF13C4BD04B C:\Windows\System32\Drivers\ReFSv1.sys 940D6F5A2B0A61EE4170DF84F6C95C20 C:\Windows\System32\drivers\rspndr.sys 5FF28F097C9699097B473F8FC7C1AA7D C:\Windows\System32\drivers\vms3cap.sys B5DAEE69BACA64D2BB004568E22D8756 C:\Windows\System32\drivers\sbp2port.sys 5E73FB63E2DBC75FE0C17DEB0010CE0E C:\Windows\System32\DRIVERS\scfilter.sys 3D9A82B03C92D1FEC42CB171D6F57778 C:\Windows\System32\drivers\scmbus.sys 9055ADDFBA4C8B914C914CE693B55C0A C:\Windows\System32\drivers\scmdisk0101.sys B6F2363584E62960846F7C3F00124A4F C:\Windows\System32\drivers\sdbus.sys 2A8832563C2826665517B91195085476 C:\Windows\System32\drivers\sdstor.sys 120DFCB71D6C502613A9E2D50E16850C C:\Windows\System32\drivers\SerCx.sys 401D706DDC0A7AF18C3DD228ADF74551 C:\Windows\System32\drivers\SerCx2.sys 7084D11083F0CDCA8B5C76F9846ABF5D C:\Windows\System32\drivers\serenum.sys 3FF478A8ED32A83C36581425F6282B6C C:\Windows\System32\drivers\serial.sys 92509187AA171A80521528B36F753E1D C:\Windows\System32\drivers\sermouse.sys 433D38FF6D08B993847EA2A10EB8CB52 C:\Windows\System32\drivers\sfloppy.sys 697D3EE0740AEAB62B66ABCA1C83D13B C:\Windows\System32\drivers\spaceport.sys 43AC4C5CC233BCE9D7C46DA0E7EC0676 C:\Windows\System32\drivers\SpbCx.sys E03264C4C25B568F92ED1656AD541E64 C:\Windows\System32\DRIVERS\srv.sys E83830BB74AE8CBECEA0ECD94DE436F9 C:\Windows\System32\DRIVERS\srv2.sys 1312896CAE6AF0D4557DB7B37283C116 C:\Windows\System32\DRIVERS\srvnet.sys F13EE0DB1FB1D6946AC3228D7EFCFC8F C:\Windows\System32\drivers\sshid.sys EB6CA2EC412203040E8C4A1438FE06CA C:\Windows\System32\drivers\stexstor.sys 29D26E1347AE1BBD4201014E19880B2C C:\Windows\System32\drivers\storahci.sys 53EB8CE34B55A1EE63424C8DB7388BFC C:\Windows\System32\drivers\vmstorfl.sys C5E0ACE4771F5575D9D5B457ABF3AD03 C:\Windows\System32\drivers\stornvme.sys B66D8C75C9BC59D637177AB3B1C569A6 C:\Windows\System32\drivers\storqosflt.sys BEBF85EB4D90E6996047DA027D0ED26E C:\Windows\System32\drivers\storufs.sys 8E73037A6F8938475692FFCC26EBF385 C:\Windows\System32\drivers\storvsc.sys 9D9DED47DA10E845EFF2DD57C94C809B C:\Windows\System32\drivers\swenum.sys 505E0C40B5D0ADDCBB414640F59BD2E0 C:\Windows\System32\drivers\Synth3dVsc.sys 32F46FB0F290D16DAA452B289C985795 C:\Windows\System32\drivers\tap0901.sys D765F43CBEA72D14C04AF3D2B9C8E54B C:\Windows\System32\drivers\taphss6.sys E790E904BB06081F5A3DAFE87F20D06B C:\Windows\System32\drivers\tcpip.sys B705D8E3011268160833518FBD80FBCE C:\Windows\System32\drivers\tcpip.sys B705D8E3011268160833518FBD80FBCE C:\Windows\System32\drivers\tcpipreg.sys 8DBB1BE20C36E6D19BCC89EEA00B953C C:\Windows\system32\DRIVERS\tdx.sys 9D2DD64A0B51C56285512DC9454340F6 C:\Windows\System32\drivers\terminpt.sys 06130AFFECEB94525FC2352936576B70 C:\Windows\System32\drivers\tpm.sys 3D04046C468AD2868A093925B5E2AA0A C:\Windows\System32\drivers\TsUsbFlt.sys A6F4025664C9D4BC2A9EDAB4092706D7 C:\Windows\System32\drivers\TsUsbGD.sys 37A96AD493E110C0BF1EE0AC0F9E7DBD C:\Windows\System32\drivers\tsusbhub.sys 5A91FDBA4D3FCB56DAEB8C091B3EB8E1 C:\Windows\System32\drivers\tunnel.sys 79E264287F17D56D768440B0270466DE C:\Windows\System32\drivers\uaspstor.sys AA65954F512BA097DD190790876DD991 C:\Windows\System32\Drivers\UcmCx.sys AB6268022C3A5B529075A39C33904DA6 C:\Windows\System32\Drivers\UcmTcpciCx.sys 7ED2EDA43D21C7A5F589A7960E265C52 C:\Windows\System32\drivers\UcmUcsi.sys 169351463039B45F5CDED9768879F712 C:\Windows\System32\drivers\ucx01000.sys 08A9E3AD29B215484FBB68CDC175DF3A C:\Windows\System32\drivers\udecx.sys DA70AEE267491AA56BC63AA0C0C96CA2 C:\Windows\System32\DRIVERS\udfs.sys FBC5ECF6D5A868D0B116C2DBB02B8168 C:\Windows\System32\drivers\UEFI.sys B918E40FAA9CD118CCA4AD388B748C98 C:\Windows\system32\drivers\UevAgentDriver.sys 166B17AE1DD24D8BA8CA474C7C31148F C:\Windows\System32\drivers\ufx01000.sys 0FD75222C1AD2687AB365BEBEA400DD4 C:\Windows\System32\drivers\UfxChipidea.sys C1A78C53E01C641AE41BFA65797819F5 C:\Windows\System32\drivers\ufxsynopsys.sys 767307212110EBEFB93EC9A5BE9E85B9 C:\Windows\System32\drivers\umbus.sys DC460AAA18CA2342FBBFB2DF9B044472 C:\Windows\System32\drivers\umpass.sys C3CF0377917ECE6D65D7623E1E61568F C:\Windows\System32\drivers\urschipidea.sys 6B46FC140C9AF68E6E7697D66D59CB4D C:\Windows\System32\drivers\urscx01000.sys B4402E7F0923F660270442CE76877ABE C:\Windows\System32\drivers\urssynopsys.sys 9DD431F1B94789CFB527E5D19261F124 C:\Windows\system32\drivers\usbaudio.sys 93F169DE94DBAC5DAF4755AFF10193DD C:\Windows\System32\drivers\usbccgp.sys C87E32B90F085970D9637FBAD45EF6FE C:\Windows\System32\drivers\usbcir.sys 0B663856474AC41924D9E9112203858F C:\Windows\System32\drivers\usbehci.sys F83D2250256203AC5DA5E8601C1AFDD7 C:\Windows\System32\drivers\usbhub.sys 7FFD26742321919590ED77FCA556D65F C:\Windows\System32\drivers\UsbHub3.sys 7A749B2863B5561BE34B39E8E249AD8F C:\Windows\System32\drivers\usbohci.sys D2109F1F4FEBF1DAC415CDC5DE876479 C:\Windows\System32\drivers\usbprint.sys 29C9572F2D061CFC3C0BD48A3163E343 C:\Windows\System32\drivers\usbser.sys 429477D6DEF3321FF7D3EF23CAAADA00 C:\Windows\System32\drivers\USBSTOR.SYS 0CC16F7B91C57AE9A4E44425A295FDAA C:\Windows\System32\drivers\usbuhci.sys C917D09064CDBD18F75ADC9B2C48F847 C:\Windows\System32\Drivers\usbvideo.sys B4F448F2424492F99F83D3676A453553 C:\Windows\System32\drivers\USBXHCI.SYS 95BCCEFBC40D06484CF16144FE79B8A5 C:\Windows\system32\DRIVERS\VBoxNetAdp.sys C64AD70CCCB0CED8925BE4E2C889DE3A C:\Windows\system32\DRIVERS\VBoxNetFlt.sys 712724A7C726CA15AD2FC8C40D56AE6D C:\Windows\System32\drivers\vdrvroot.sys 0CBDE344FB48E42D78E29469F202ADBC C:\Windows\System32\drivers\VerifierExt.sys 723195568C8755CAD57F7933C5F2C5C2 C:\Windows\System32\drivers\vhdmp.sys C12B4859FC255AA6B3021CF8BB14A11F C:\Windows\System32\drivers\vhf.sys 7929228F0E8B0C2FA0495A17A4FC27F6 C:\Windows\System32\drivers\vmbus.sys AEE432ED868831B1F068E373598F6D93 C:\Windows\System32\drivers\VMBusHID.sys 9444B23FC694B5F90F21B0FC7F10D8DD C:\Windows\System32\drivers\vmci.sys 9C3FD3B0B9376537181067A28F2A5290 C:\Windows\System32\drivers\vmgid.sys 4D0287F566B36536DD812A54C015FC4A C:\Windows\system32\DRIVERS\vmnetadapter.sys 1CA7A1295E0DF2DB74EA2005FF1B47D1 C:\Windows\system32\DRIVERS\vmnetbridge.sys 069261D445C6B037DE3FD0773547E91E C:\Windows\system32\DRIVERS\vmnetuserif.sys C4A2FC7244D181C2DB9D26EDF029D5DC C:\Windows\System32\drivers\vmusb.sys F235ABE47DFEFAC7D1078099F212B68B C:\Windows\system32\DRIVERS\vmx86.sys 145C7940CE014E0D77911652CC4984CC C:\Windows\System32\drivers\volmgr.sys 29075915F9BDC3437F8BED71C067D399 C:\Windows\System32\drivers\volmgrx.sys 6BDB6CE6D2D9E3D3F28F1C97E12B62E2 C:\Windows\System32\drivers\volsnap.sys BF2546583BB75F01DDA60A7921DFB230 C:\Windows\System32\drivers\volume.sys AC2E20A74D09D24485BE8396CE04F07B C:\Windows\System32\drivers\vpci.sys 92F6E3E6D3F1795263EB34B37F74AEF7 C:\Windows\system32\DRIVERS\vsock.sys F067FA5D1BEC4B5CE70DA61237A9B2AB C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys 6D46D403FAAD2B493BD06A6800E67041 C:\Windows\System32\drivers\vwifibus.sys 607639716E9DB1CEF4E18B5B229293B4 C:\Windows\System32\drivers\vwififlt.sys B1ED64E628763148BF84FBE23F2AD711 C:\Windows\System32\drivers\wacompen.sys 55D00B785A7587F4263D125817871283 C:\Windows\System32\DRIVERS\wanarp.sys CEF3D306C09BEC1A800E9B4A06F859F6 C:\Windows\System32\DRIVERS\wanarp.sys CEF3D306C09BEC1A800E9B4A06F859F6 C:\Windows\system32\drivers\wcifs.sys E330144B97D493AA886000DCAAA8DAF5 C:\Windows\system32\drivers\wcnfs.sys AEA1093B751339267D8C8C1EF3D669CF C:\Windows\system32\drivers\WdBoot.sys D520B1B849B6D4D707AB31722B952C2D C:\Windows\System32\drivers\wdcsam64.sys A556768CC1FA4F36022BEE2F0EDE2566 C:\Windows\System32\drivers\Wdf01000.sys 5030C76047D756263093A47B82970868 C:\Windows\system32\drivers\WdFilter.sys 29FF9199EDEB4F5470BB134D1A2563D2 C:\Windows\System32\DRIVERS\wdiwifi.sys 8CB606A3057355FD5A9DBDD1A0AC94EF C:\Windows\System32\Drivers\WdNisDrv.sys 17CF416CFF408190F5A4CBD79AB12E55 C:\Windows\System32\drivers\wfplwfs.sys E1785942AC51FEE6826CDF02075C5AA9 C:\Windows\System32\drivers\wimmount.sys 0CF79A0EACFFBB75A50A469A27696D02 C:\Windows\System32\drivers\WindowsTrustedRT.sys 0DE131733317EB4BE67028366B0CAAC6 C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys 92EB5D38BDF10C790450F3E46BF93A0E C:\Windows\System32\drivers\winmad.sys F95DE20312ACCA7761446DE152BD1F7C C:\Windows\System32\drivers\WinUSB.SYS 4EFB346BFDAEEB29316AA52BBB9852B1 C:\Windows\System32\drivers\winverbs.sys 8B9AFF5F08E66A6F1F1063DEC9457FB6 C:\Windows\WiseRegNotify.sys 69CFB44032285CBBB635249AE11CD820 C:\Windows\System32\drivers\wmiacpi.sys 6F4F4F5A007D1710BD76FB311DA97C07 C:\Windows\System32\Drivers\Wof.sys 43C8D087B31C592163B33A4BDA540E40 C:\Windows\System32\drivers\WpdUpFltr.sys 75A9284F01FE7CB1A7D5EAE5C1EB4F33 C:\Windows\system32\drivers\ws2ifsl.sys 36D7B73ADC3E10607ED6EC874AFB5D1E C:\Windows\System32\drivers\WudfPf.sys AED7FE551E8672B824A56324076183EB C:\Windows\System32\drivers\WUDFRd.sys CEFAB17FD7DFCFA515626C306262E89D C:\Windows\system32\DRIVERS\WUDFRd.sys CEFAB17FD7DFCFA515626C306262E89D C:\Windows\system32\DRIVERS\WUDFRd.sys CEFAB17FD7DFCFA515626C306262E89D C:\Windows\System32\drivers\xboxgip.sys 59335CEA021FB89E07AD5DB5D17F09D0 C:\Windows\System32\drivers\xinputhid.sys 63088A3361D9A308F328F11E9099DD87 C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys 27578F40FD3C5EFD43563A266476F466 ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Trzy miesiące - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-08-23 21:21 - 2017-08-23 21:21 - 000085772 _____ C:\Users\G3orG3\Desktop\FRST.txt 2017-08-23 21:21 - 2017-08-23 21:21 - 000052464 _____ C:\Users\G3orG3\Desktop\Addition.txt 2017-08-23 21:13 - 2017-08-23 21:13 - 000526126 ____N C:\Users\Qmsjvxb\properly chandler representative.xlsx 2017-08-23 21:13 - 2017-08-23 21:13 - 000515182 ____N C:\Users\Aknfgky\fuel-burning-authorize.xlsx 2017-08-23 21:13 - 2017-08-23 21:13 - 000224944 ____N C:\Users\Qmsjvxb\otherwise_medical_seeing.mdb 2017-08-23 21:13 - 2017-08-23 21:13 - 000218762 ____N C:\Users\Aknfgky\clean_madden_thickness_convention.mdb 2017-08-23 21:13 - 2017-08-23 21:13 - 000101824 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2017-08-23 21:13 - 2017-08-23 21:13 - 000074753 ____N C:\Users\Qmsjvxb\corpseducate.xls 2017-08-23 21:13 - 2017-08-23 21:13 - 000062659 ____N C:\Users\Aknfgky\feeling-trivial-thermal-the.xls 2017-08-23 21:13 - 2017-08-23 21:13 - 000057768 ____N C:\Users\Aknfgky\each.manchester.border.maude.pem 2017-08-23 21:13 - 2017-08-23 21:13 - 000055293 ____N C:\Users\Qmsjvxb\conflict-openly.pem 2017-08-23 21:13 - 2017-08-23 21:13 - 000026153 ____N C:\Users\Qmsjvxb\containing_stupid.sql 2017-08-23 21:13 - 2017-08-23 21:13 - 000022613 ____N C:\Users\Qmsjvxb\ratio.zero.directed.long.txt 2017-08-23 21:13 - 2017-08-23 21:13 - 000022517 ____N C:\Users\Aknfgky\bones wool.txt 2017-08-23 21:13 - 2017-08-23 21:13 - 000014592 ____N C:\Users\Aknfgky\tie-attain.sql 2017-08-23 21:13 - 2017-08-23 21:13 - 000000000 __SHD C:\Users\G3orG3\Desktop\0K, this directory is for Ransomware detection (just leave it here) 2017-08-23 21:13 - 2017-08-23 21:13 - 000000000 ___HD C:\Users\Qmsjvxb 2017-08-23 21:13 - 2017-08-23 21:13 - 000000000 ___HD C:\Users\G3orG3\Documents\Wsetup197 2017-08-23 21:13 - 2017-08-23 21:13 - 000000000 ___HD C:\Users\G3orG3\Documents\Aosetup133 2017-08-23 21:13 - 2017-08-23 21:13 - 000000000 ___HD C:\Users\Aknfgky 2017-08-23 21:13 - 2017-08-23 21:13 - 000000000 ____D C:\Xlog123 2017-08-23 21:13 - 2017-08-23 21:13 - 000000000 ____D C:\Abcache140 2017-08-23 21:04 - 2017-08-23 21:05 - 000000000 ____D C:\Users\G3orG3\Downloads\Malwarebytes.Premium.3.2.2.2018 2017-08-23 21:03 - 2017-08-23 21:13 - 000253888 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-08-23 21:03 - 2017-08-23 21:13 - 000094144 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2017-08-23 21:03 - 2017-08-23 21:13 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2017-08-23 21:03 - 2017-08-23 21:08 - 000192960 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys 2017-08-23 21:03 - 2017-08-23 21:08 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-08-23 21:03 - 2017-08-23 21:03 - 000001890 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-08-23 21:03 - 2017-08-23 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-08-23 21:03 - 2017-08-21 07:20 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys 2017-08-23 20:40 - 2017-08-23 21:03 - 000000000 ____D C:\Program Files\Malwarebytes 2017-08-23 20:38 - 2017-08-23 20:38 - 066543342 _____ C:\Users\G3orG3\Downloads\Malwarebytes.Premium.3.2.2.2018.rar 2017-08-23 20:24 - 2017-08-23 21:18 - 000052461 _____ C:\Users\G3orG3\Downloads\Addition.txt 2017-08-23 20:21 - 2017-08-23 21:22 - 000057638 _____ C:\Users\G3orG3\Downloads\FRST.txt 2017-08-23 20:20 - 2017-08-23 20:20 - 002395648 _____ (Farbar) C:\Users\G3orG3\Downloads\FRST64.exe 2017-08-23 20:17 - 2017-08-23 20:17 - 000380928 _____ C:\Users\G3orG3\Downloads\7wl0idw8.exe 2017-08-23 20:08 - 2017-08-23 20:08 - 126354392 _____ (Kaspersky Lab ZAO) C:\Users\G3orG3\Downloads\KVRT.exe 2017-08-23 20:08 - 2017-08-23 20:08 - 000478392 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\33799554.sys 2017-08-23 20:08 - 2017-08-23 20:08 - 000000000 ____D C:\KVRT_Data 2017-08-23 16:45 - 2017-08-23 16:45 - 008185288 _____ (Malwarebytes) C:\Users\G3orG3\Downloads\adwcleaner_7.0.1.0.exe 2017-08-23 12:09 - 2017-08-23 12:09 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2017-08-22 15:36 - 2017-08-22 15:36 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\Daum 2017-08-22 11:34 - 2017-08-22 11:34 - 000087584 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_kimul.sys 2017-08-22 00:13 - 2016-12-20 09:53 - 000000000 ____D C:\Users\G3orG3\Downloads\Pavtube.Video.Converter.Ultimate.4.9.0.0.KaranPC 2017-08-22 00:08 - 2017-08-22 00:11 - 036315522 _____ C:\Users\G3orG3\Downloads\Pavtube.Video.Converter.Ultimate.4.9.0.0.KaranPC.rar 2017-08-22 00:03 - 2017-08-22 00:03 - 000002359 _____ C:\Users\Public\Desktop\Pavtube Video Converter Ultimate.lnk 2017-08-22 00:03 - 2017-08-22 00:03 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\Pavtube 2017-08-22 00:03 - 2017-08-22 00:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pavtube 2017-08-22 00:03 - 2017-08-22 00:03 - 000000000 ____D C:\Program Files (x86)\Pavtube 2017-08-22 00:02 - 2016-12-20 17:34 - 000000000 ____D C:\Users\G3orG3\Downloads\Crack 2017-08-22 00:02 - 2016-12-20 14:35 - 037412978 _____ (Pavtube Studio ) C:\Users\G3orG3\Downloads\Setup.exe 2017-08-21 23:59 - 2017-08-22 00:01 - 038310682 _____ C:\Users\G3orG3\Downloads\rsload.net.Pavtube.Video.Converter.Ultimate.rar 2017-08-21 23:44 - 2017-08-21 23:44 - 002825369 _____ C:\Users\G3orG3\Downloads\tsMuxeR_2.6.12.zip 2017-08-21 23:38 - 2017-08-21 23:38 - 017724224 _____ (Moritz Bunkus) C:\Users\G3orG3\Downloads\mkvtoolnix-64-bit-15.0.0-setup.exe 2017-08-21 23:38 - 2017-08-21 23:38 - 000000000 ____D C:\Program Files\MKVToolNix 2017-08-21 23:05 - 2017-08-21 23:07 - 123691846 _____ (Aslain ) C:\Users\G3orG3\Downloads\Aslains_WoT_Modpack_Installer_v.9.19.1.2_05.exe 2017-08-21 09:44 - 2017-08-21 09:47 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\HandBrake 2017-08-21 09:44 - 2017-08-21 09:44 - 010468271 _____ C:\Users\G3orG3\Downloads\HandBrake-1.0.7-x86_64-Win_GUI.exe 2017-08-21 09:44 - 2017-08-21 09:44 - 000000835 _____ C:\Users\G3orG3\Desktop\HandBrake.lnk 2017-08-21 09:44 - 2017-08-21 09:44 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake 2017-08-21 09:44 - 2017-08-21 09:44 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\HandBrake Team 2017-08-21 09:44 - 2017-08-21 09:44 - 000000000 ____D C:\Program Files\HandBrake 2017-08-21 09:35 - 2017-08-21 23:42 - 000099384 _____ C:\Users\G3orG3\AppData\Roaming\inst.exe 2017-08-21 09:35 - 2017-08-21 23:42 - 000082816 _____ (VSO Software) C:\Users\G3orG3\AppData\Roaming\pcouffin.sys 2017-08-21 09:35 - 2017-08-21 23:42 - 000007859 _____ C:\Users\G3orG3\AppData\Roaming\pcouffin.cat 2017-08-21 09:35 - 2017-08-21 23:42 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\VSO 2017-08-21 09:35 - 2017-08-21 09:35 - 042986096 _____ (VSO Software ) C:\Users\G3orG3\Downloads\vsoBlurayConverterUltimate4_setup.exe 2017-08-21 09:35 - 2017-08-21 09:35 - 000730624 _____ (RadiXX11) C:\Users\G3orG3\Downloads\Patch.exe 2017-08-21 09:35 - 2017-08-21 09:35 - 000000000 ____D C:\Users\G3orG3\Documents\PcSetup 2017-08-20 17:14 - 2017-08-20 17:14 - 000000000 ____D C:\Users\G3orG3\AppData\Local\MultiPlayerManager 2017-08-19 18:26 - 2017-08-19 18:26 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\TakeOwnershipEx 2017-08-19 09:06 - 2017-08-19 09:06 - 000001153 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk 2017-08-19 09:06 - 2017-08-19 09:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield 2017-08-17 14:57 - 2017-08-17 14:57 - 000004000 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1495853744 2017-08-16 23:08 - 2017-08-16 23:08 - 000076872 _____ C:\Users\G3orG3\Downloads\Skrypt umożliwiający pobieranie materiałów ze znanych serwisów VOD Autor- Przemek.user.js 2017-08-16 22:50 - 2017-08-17 14:56 - 000000000 ____D C:\ProgramData\RDRM 2017-08-16 22:50 - 2017-08-17 14:54 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\ipla 2017-08-16 21:40 - 2017-08-16 21:42 - 030154752 _____ C:\Users\G3orG3\Downloads\[trt.pl] 720_The_Grand_Tour_S01E06_NAPISY_PL.mp4 2017-08-15 23:45 - 2017-08-15 23:47 - 043181072 _____ C:\Users\G3orG3\Downloads\[trt.pl] 720_The_Grand_Tour_S01E06_NAPISY_PL.mp4.crdownload 2017-08-15 12:15 - 2017-08-15 12:15 - 000000000 ____D C:\Users\G3orG3\AppData\Local\Viber 2017-08-10 12:58 - 2017-08-10 12:58 - 000170006 _____ C:\Users\G3orG3\Downloads\Invoice_32973391.pdf 2017-08-07 23:14 - 2017-08-07 23:14 - 000004090 _____ C:\Windows\System32\Tasks\Cybereason RansomFree Keepalive 2017-08-07 23:14 - 2017-08-07 23:14 - 000003196 _____ C:\Windows\System32\Tasks\Cybereason RansomFree Autostart 2017-08-07 23:14 - 2017-08-07 23:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cybereason RansomFree 2017-08-03 20:00 - 2017-08-04 11:29 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\Andy 2017-08-03 20:00 - 2017-08-03 20:00 - 000000000 ____D C:\Users\G3orG3\Andy 2017-08-03 19:55 - 2017-08-03 19:55 - 000000000 ____D C:\ProgramData\Andy 2017-08-03 19:55 - 2017-08-03 19:55 - 000000000 ____D C:\Program Files\Bonjour 2017-08-03 19:55 - 2017-08-03 19:55 - 000000000 ____D C:\Program Files\Andy 2017-08-03 19:55 - 2017-08-03 19:55 - 000000000 ____D C:\Program Files (x86)\Bonjour 2017-08-03 19:54 - 2014-11-21 14:57 - 000916024 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys 2017-08-03 19:54 - 2014-11-21 14:55 - 000128080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2017-08-03 18:19 - 2017-08-03 18:19 - 000000066 _____ C:\Users\G3orG3\inittk.ini 2017-08-03 18:18 - 2017-08-20 20:37 - 000000000 ____D C:\Users\G3orG3\vmlogs 2017-08-03 18:18 - 2017-08-20 20:37 - 000000000 ____D C:\Users\G3orG3\.BigNox 2017-08-03 18:18 - 2017-08-03 18:18 - 000001133 _____ C:\Users\G3orG3\Desktop\Multi-Drive.lnk 2017-08-03 18:18 - 2017-08-03 18:18 - 000001042 _____ C:\Users\G3orG3\Desktop\Nox.lnk 2017-08-03 18:18 - 2017-08-03 18:18 - 000000045 _____ C:\Users\G3orG3\nuuid.ini 2017-08-03 18:18 - 2017-08-03 18:18 - 000000041 _____ C:\Users\G3orG3\inst.ini 2017-08-03 18:18 - 2017-08-03 18:18 - 000000000 ____D C:\Users\G3orG3\Nox_share 2017-08-03 18:18 - 2017-08-03 18:18 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\Microsoft\Windows\Start Menu\Nox 2017-08-03 18:18 - 2017-08-03 18:18 - 000000000 ____D C:\Program Files (x86)\Bignox 2017-08-03 18:17 - 2017-08-20 20:38 - 000000000 ____D C:\Users\G3orG3\AppData\Local\Nox 2017-08-03 18:17 - 2017-08-03 18:17 - 000000000 ____D C:\Program Files (x86)\Nox 2017-08-03 18:16 - 2017-08-03 18:16 - 290530184 _____ (Duodian Technology Co. Ltd.) C:\Users\G3orG3\Downloads\nox_setup_v5.0.0.0_full_intl.exe 2017-08-02 22:00 - 2017-08-02 22:00 - 000000000 ____D C:\Users\G3orG3\AppData\Local\Troubleshooter 2017-08-02 21:59 - 2017-08-02 21:59 - 000000000 ____D C:\Users\G3orG3\AppData\Local\Macromedia 2017-08-02 21:58 - 2017-08-02 21:58 - 000000552 _____ C:\Users\G3orG3\AppData\Local\TroubleshooterConfig.json 2017-08-02 21:57 - 2017-08-02 21:58 - 000000000 ____D C:\ProgramData\BlueStacksSetup 2017-08-02 17:00 - 2017-08-08 08:14 - 000000000 ____D C:\Users\G3orG3\AppData\Local\Bluestacks 2017-08-01 21:34 - 2017-08-03 16:13 - 000000000 ____D C:\Program Files (x86)\Razer 2017-08-01 21:34 - 2017-08-01 21:34 - 000000000 ____D C:\Users\G3orG3\AppData\Local\Razer_Inc 2017-08-01 21:34 - 2017-08-01 21:34 - 000000000 ____D C:\ProgramData\Razer 2017-07-30 21:18 - 2017-07-30 21:18 - 000110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2017-07-28 15:41 - 2017-07-28 15:44 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\NapiProjekt 2017-07-28 15:41 - 2017-07-28 15:41 - 000001117 _____ C:\Users\G3orG3\Desktop\NapiProjekt.lnk 2017-07-28 15:41 - 2017-07-28 15:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt 2017-07-28 15:41 - 2017-07-28 15:41 - 000000000 ____D C:\Program Files (x86)\NapiProjekt 2017-07-28 14:53 - 2017-07-28 14:53 - 000006520 _____ C:\Users\G3orG3\Downloads\viking.(6997230).nfo 2017-07-28 00:52 - 2017-07-28 00:52 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\KRyLack Software 2017-07-28 00:52 - 2017-07-28 00:52 - 000000000 ____D C:\ProgramData\KRyLack Software 2017-07-27 23:06 - 2017-01-02 15:01 - 000053299 _____ C:\Windows\SysWOW64\pthreadVC.dll 2017-07-27 23:05 - 2017-07-10 09:44 - 000000000 ____D C:\Users\G3orG3\Downloads\Apowersoft.Video.Download.Capture.6.2.7.KaranPC 2017-07-27 23:00 - 2017-07-27 23:00 - 000000000 ____D C:\Users\G3orG3\dwhelper 2017-07-26 15:13 - 2017-07-26 15:15 - 1988449907 _____ C:\Users\G3orG3\Downloads\Tomorrowland_2015_Official_Aftermovie.mp4 2017-07-24 12:43 - 2017-07-24 12:43 - 001021624 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys 2017-07-24 12:43 - 2017-07-24 12:43 - 000520152 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys 2017-07-24 12:43 - 2017-07-24 12:43 - 000199640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kneps.sys 2017-07-24 12:43 - 2017-07-24 12:43 - 000197312 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys 2017-07-22 15:09 - 2017-07-22 15:12 - 000000000 _____ C:\Windows\system32\Drivers\lvuvc.hs 2017-07-22 07:51 - 2017-08-23 16:44 - 000000000 ____D C:\Users\G3orG3\AppData\Local\LogiShrd 2017-07-22 07:51 - 2017-08-23 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2017-07-22 07:51 - 2017-08-23 16:44 - 000000000 ____D C:\Program Files (x86)\Logitech 2017-07-22 07:51 - 2017-07-22 15:10 - 000000000 ____D C:\ProgramData\LogiShrd 2017-07-22 07:51 - 2017-07-22 07:51 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\Leadertech 2017-07-22 07:51 - 2017-07-22 07:51 - 000000000 ____D C:\Program Files\Logitech 2017-07-21 21:18 - 2017-07-22 07:51 - 000000000 ____D C:\Program Files\Common Files\logishrd 2017-07-21 15:43 - 2017-07-21 15:43 - 000000000 ____D C:\Users\G3orG3\AppData\Local\Viber Media S.à r.l 2017-07-16 09:34 - 2017-07-16 09:34 - 000000000 ___HD C:\$Windows.~WS 2017-07-16 09:02 - 2017-07-16 09:02 - 000001666 __RSH C:\ProgramData\ntuser.pol 2017-07-15 14:46 - 2017-08-02 21:55 - 000000000 ____D C:\Windows\LastGood 2017-07-15 12:58 - 2017-07-16 09:35 - 000000000 ____D C:\ESD 2017-07-15 12:57 - 2017-07-15 12:57 - 000000000 ____D C:\$WINDOWS.~BT 2017-07-15 12:26 - 2017-07-15 12:26 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf 2017-07-14 20:15 - 2017-07-14 20:15 - 001318380 _____ C:\Users\G3orG3\Downloads\video-1499328354.mp4 2017-07-06 15:56 - 2017-07-06 15:56 - 000251656 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys 2017-07-06 15:55 - 2017-07-06 15:55 - 000229288 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys 2017-07-06 15:55 - 2017-07-06 15:55 - 000173144 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys 2017-07-06 15:55 - 2017-07-06 15:55 - 000112912 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys 2017-07-04 19:29 - 2017-08-07 23:15 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\Cybereason 2017-07-04 19:29 - 2017-07-04 19:29 - 000000000 ____D C:\Users\G3orG3\AppData\Local\Cybereason 2017-07-04 19:29 - 2017-07-04 19:29 - 000000000 ____D C:\ProgramData\Cybereason 2017-07-04 19:29 - 2017-07-04 19:29 - 000000000 ____D C:\Program Files (x86)\Cybereason 2017-06-29 23:49 - 2017-06-29 23:49 - 000001048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2017-06-29 08:53 - 2017-06-29 09:02 - 000000000 ___HD C:\cgk87CAykbaCa4CR 2017-06-26 11:49 - 2017-06-26 11:49 - 000000000 ____D C:\Windows\SysWOW64\Hotspot Shield 2017-06-14 15:17 - 2017-06-14 15:33 - 000000000 ____D C:\Program Files\KMSpico 2017-06-14 15:17 - 2017-06-14 15:17 - 000004608 _____ C:\Windows\SECOH-QAD.exe 2017-06-14 15:17 - 2017-06-14 15:17 - 000003584 _____ C:\Windows\SECOH-QAD.dll 2017-06-14 15:17 - 2017-06-14 15:17 - 000003478 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart 2017-06-14 15:17 - 2017-06-14 15:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico 2017-06-14 15:17 - 2010-12-06 04:16 - 000090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll 2017-05-28 22:13 - 2017-07-09 23:13 - 000000000 ____D C:\Program Files\Mozilla Firefox 2017-05-28 22:13 - 2017-05-28 22:13 - 000000981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-05-28 22:13 - 2017-05-28 22:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-05-27 04:55 - 2017-08-20 20:44 - 000000000 ____D C:\Program Files\Opera ==================== Trzy miesiące - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-08-23 21:22 - 2017-01-14 14:05 - 000000000 ____D C:\FRST 2017-08-23 21:22 - 2016-11-22 23:43 - 000000000 ____D C:\Users\G3orG3\AppData\LocalLow\Mozilla 2017-08-23 21:18 - 2016-11-08 00:26 - 004999368 _____ C:\Windows\system32\PerfStringBackup.INI 2017-08-23 21:18 - 2016-07-17 00:05 - 002267580 _____ C:\Windows\system32\perfh015.dat 2017-08-23 21:18 - 2016-07-17 00:05 - 000634748 _____ C:\Windows\system32\perfc015.dat 2017-08-23 21:13 - 2017-02-05 13:17 - 000000000 ____D C:\ProgramData\VMware 2017-08-23 21:13 - 2016-11-10 20:26 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2017-08-23 21:13 - 2016-11-08 00:26 - 000000000 ____D C:\ProgramData\NVIDIA 2017-08-23 21:13 - 2016-10-04 23:44 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-08-23 21:13 - 2016-07-16 08:04 - 000131072 _____ C:\Windows\system32\config\BBI 2017-08-23 21:12 - 2017-05-09 08:35 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield 2017-08-23 20:58 - 2016-10-04 23:44 - 000000000 ____D C:\Windows\system32\SleepStudy 2017-08-23 20:03 - 2016-11-17 10:36 - 000000000 ____D C:\AdwCleaner 2017-08-23 16:44 - 2016-12-19 22:13 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\Apowersoft 2017-08-23 15:26 - 2016-11-09 20:11 - 000000000 ____D C:\Program Files\Microsoft Office 2017-08-23 12:09 - 2016-07-16 13:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-08-23 12:09 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2017-08-22 21:53 - 2016-11-27 20:55 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\TS3Client 2017-08-22 20:13 - 2016-11-10 18:41 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\GG 2017-08-22 00:10 - 2016-11-11 16:05 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\qBittorrent 2017-08-21 23:42 - 2016-12-19 22:03 - 000000000 ____D C:\Program Files (x86)\VSO 2017-08-21 09:41 - 2016-11-13 19:43 - 000000000 ____D C:\Users\G3orG3\Documents\ViberDownloads 2017-08-21 09:41 - 2016-11-13 19:43 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\ViberPC 2017-08-21 09:38 - 2016-12-19 22:03 - 000000000 ____D C:\ProgramData\VSO 2017-08-20 20:38 - 2017-02-11 02:49 - 000000000 ____D C:\Users\G3orG3\.android 2017-08-20 15:31 - 2016-11-11 16:05 - 000000000 ____D C:\Users\G3orG3\AppData\Local\JDownloader v2.0 2017-08-20 15:30 - 2016-11-11 16:08 - 000000000 ____D C:\Users\G3orG3\Downloads\jDownloader 2017-08-19 22:15 - 2016-07-16 13:45 - 000000000 ____D C:\Windows\INF 2017-08-19 12:50 - 2017-03-18 05:35 - 000000000 ____D C:\Users\G3orG3\AppData\Local\CyberGhost 2017-08-19 09:06 - 2017-05-09 08:35 - 000000000 ____D C:\ProgramData\Hotspot Shield 2017-08-19 09:06 - 2017-04-23 14:07 - 000000000 ____D C:\ProgramData\Package Cache 2017-08-19 08:26 - 2017-01-15 02:34 - 000004700 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-08-19 08:26 - 2016-11-12 19:11 - 000000000 ____D C:\Users\G3orG3\AppData\Local\Adobe 2017-08-19 08:26 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2017-08-19 08:26 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\Macromed 2017-08-17 21:12 - 2016-11-11 16:06 - 000000000 ____D C:\Users\G3orG3\Downloads\Torrent 2017-08-16 21:13 - 2017-01-14 22:45 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client 2017-08-16 01:16 - 2016-11-11 16:03 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\AIMP 2017-08-15 10:47 - 2016-11-08 00:24 - 000000000 ____D C:\Users\G3orG3 2017-08-13 18:32 - 2016-11-09 23:31 - 000000000 ____D C:\Users\G3orG3\AppData\Local\Mirillis 2017-08-13 11:07 - 2017-05-10 13:45 - 000000000 ____D C:\Users\G3orG3\Downloads\Tinder 2017-08-08 08:15 - 2016-07-16 13:47 - 000000000 __RHD C:\Users\Public\Libraries 2017-07-30 21:19 - 2016-11-27 15:47 - 000000000 ____D C:\ProgramData\Oracle 2017-07-30 21:19 - 2016-11-27 15:47 - 000000000 ____D C:\Program Files\Java 2017-07-30 21:18 - 2016-11-27 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-07-30 07:03 - 2016-12-19 22:57 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\MPC-HC 2017-07-29 23:07 - 2016-11-09 17:59 - 000000000 ____D C:\Users\G3orG3\AppData\Roaming\DAEMON Tools Pro 2017-07-29 23:00 - 2016-11-11 16:11 - 000000000 ____D C:\ProgramData\Unchecky 2017-07-27 23:07 - 2016-12-19 22:42 - 000000000 ____D C:\Users\G3orG3\Documents\Apowersoft 2017-07-24 12:44 - 2016-07-16 08:04 - 000032768 _____ C:\Windows\system32\config\ELAM ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-01-06 17:51 - 2016-12-31 00:08 - 000012879 _____ () C:\Users\G3orG3\AppData\Roaming\alsoft.ini 2016-11-27 23:13 - 2016-12-02 09:36 - 000000285 _____ () C:\Users\G3orG3\AppData\Roaming\GPU MeterV2_Settings.ini 2017-08-21 09:35 - 2017-08-21 23:42 - 000099384 _____ () C:\Users\G3orG3\AppData\Roaming\inst.exe 2017-08-21 09:35 - 2017-08-21 23:42 - 000007859 _____ () C:\Users\G3orG3\AppData\Roaming\pcouffin.cat 2017-08-21 09:35 - 2017-08-21 23:42 - 000001167 _____ () C:\Users\G3orG3\AppData\Roaming\pcouffin.inf 2017-08-21 09:35 - 2017-08-21 23:42 - 000000055 _____ () C:\Users\G3orG3\AppData\Roaming\pcouffin.log 2017-08-21 09:35 - 2017-08-21 23:42 - 000082816 _____ (VSO Software) C:\Users\G3orG3\AppData\Roaming\pcouffin.sys 2016-12-02 11:23 - 2016-12-02 11:23 - 000000122 _____ () C:\Users\G3orG3\AppData\Roaming\System Monitor II_UptimeRecord.ini 2017-08-02 21:58 - 2017-08-02 21:58 - 000000552 _____ () C:\Users\G3orG3\AppData\Local\TroubleshooterConfig.json Niektóre pliki w TEMP: ==================== 2017-08-02 21:27 - 2017-07-28 15:32 - 000824376 _____ (BlueStack Systems, Inc.) C:\Users\G3orG3\AppData\Local\Temp\BlueStacksClientUninstaller.exe 2017-08-08 08:14 - 2016-12-13 19:24 - 000990744 _____ (BlueStack Systems, Inc.) C:\Users\G3orG3\AppData\Local\Temp\BluestacksUninstaller.exe 2017-08-08 08:14 - 2016-12-13 19:23 - 000187416 _____ (BlueStack Systems) C:\Users\G3orG3\AppData\Local\Temp\HD-LibraryHandler.dll 2017-08-08 08:14 - 2016-12-13 19:21 - 000246808 _____ (BlueStack Systems) C:\Users\G3orG3\AppData\Local\Temp\HD-Logger-Native.dll 2017-07-30 21:18 - 2017-07-30 21:18 - 000740416 _____ (Oracle Corporation) C:\Users\G3orG3\AppData\Local\Temp\jre-8u144-windows-au.exe 2017-08-02 21:27 - 2017-07-28 15:32 - 000421400 _____ (CodeTitans) C:\Users\G3orG3\AppData\Local\Temp\JSON.dll 2017-07-22 15:10 - 2017-07-22 15:10 - 015122648 _____ (Logitech Inc.) C:\Users\G3orG3\AppData\Local\Temp\lvid_lvid.exe 2017-08-19 11:45 - 2017-08-19 11:45 - 000040448 ____N () C:\Users\G3orG3\AppData\Local\Temp\proxy_vole1142164993091831129.dll 2017-08-19 11:46 - 2017-08-19 11:46 - 000040448 ____N () C:\Users\G3orG3\AppData\Local\Temp\proxy_vole2760533360145110260.dll 2017-08-19 11:46 - 2017-08-19 11:46 - 000040448 ____N () C:\Users\G3orG3\AppData\Local\Temp\proxy_vole7385394470075588492.dll 2017-07-22 07:51 - 2017-07-22 07:51 - 043866392 _____ (Logitech, Inc.) C:\Users\G3orG3\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_64.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo testsigning: ==> Ustawiony "Tryb testu". Sprawdź obecność niepodpisanego sterownika <==== UWAGA ==================== BCD ================================ Windows Boot Manager -------------------- identifier {bootmgr} device partition=C: description Windows Boot Manager locale pl-PL inherit {globalsettings} default {current} resumeobject {5e827c8e-a538-11e6-9c98-c0323493243a} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Windows Boot Loader ------------------- identifier {current} device partition=C: path \Windows\system32\winload.exe description Windows 10 locale pl-PL loadoptions DDISABLE_INTEGRITY_CHECKS inherit {bootloadersettings} testsigning Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {5e827c8e-a538-11e6-9c98-c0323493243a} nx OptIn bootmenupolicy Legacy Resume from Hibernate --------------------- identifier {5e827c8e-a538-11e6-9c98-c0323493243a} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale pl-PL inherit {resumeloadersettings} allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=C: path \boot\memtest.exe description Diagnostyka pami©ci systemu Windows locale pl-PL inherit {globalsettings} badmemoryaccess Yes EMS Settings ------------ identifier {emssettings} bootems No Debugger Settings ----------------- identifier {dbgsettings} debugtype Local RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} integrityservices Enable Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} LastRegBack: 2017-08-22 09:39 ==================== Koniec FRST.txt ============================