Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 15-01-2015 Ran by Sylwester Sobkowiak at 2015-01-15 10:08:42 Run:4 Running from Z:\T.Tomala Loaded Profiles: Sylwester Sobkowiak (Available profiles: Sylwester Sobkowiak & Iga) Boot Mode: Normal ============================================== Content of fixlist: ***************** ========= dir /a C:\Windows\system32\drivers ========= 2014-10-10 12:58 aswHwid.sys 2014-10-10 12:58 aswMon2.sys 2014-10-10 12:58 aswMonFlt.sys 2014-10-10 12:58 aswNdis.sys 2014-10-10 12:58 aswNdis2.sys 2014-10-10 12:58 aswNdisFlt.sys 2014-10-10 12:58 aswRdr.sys 2014-10-10 12:58 aswRdr2.sys 2014-10-10 12:58 aswRvrt.sys 2014-10-10 12:58 aswSnx.sys 2014-10-10 12:58 aswSP.sys 2014-10-10 12:58 aswStm.sys 2014-10-10 12:58 aswTdi.sys 2014-10-10 12:58 aswVmm.sys Ale jest tego od groma, wszystkie marki antywirusowe sfaÅ‚szowane. Te foldery byÅ‚y podmontowane wczeÅ›niej jako "usÅ‚ugi" (widać to w pierwszym logu na tamtym forum). Na linkowanym forum podejmowano wÄ…tpliwe dziaÅ‚ania typu przetwarzanie w skrypcie wpisów typu "Locked" - to byÅ‚y komunikaty "tylko do odczytu", że FRST już odblokowaÅ‚ te faÅ‚szywe "usÅ‚ugi". OczywiÅ›cie Fix siÄ™ nie wykonaÅ‚. Dodatkowo, jak wykazaÅ‚am wczeÅ›niej C:\Program Files\Windows Defender to jest faÅ‚szywy plik a nie folder. Prawdziwy folder systemowy oraz usÅ‚uga zostaÅ‚y zniszczone i Windows Defender w ogóle nie istnieje w systemie. Jego odtwarzaniem zajmÄ™ siÄ™ potem. DziaÅ‚ania wstÄ™pne: 1. Otwórz Notatnik i wklej w nim: CloseProcesses: HKU\S-1-5-21-4057883698-1414104491-491510895-1000\...\Policies\Explorer: [HideSCAHealth] 1 Task: {8EBC5BFC-7AAA-45F8-AFEE-0264702222E1} - System32\Tasks\{DF93C777-CFB0-43B0-BEFA-6D0D77C51296} => pcalua.exe -a "C:\Program Files\Babylon\Babylon-Pro\Utils\uninstbb.exe" ListPermissions: C:\Windows\system32\drivers\360AntiHacker.sys RemoveDirectory: C:\Windows\system32\drivers\360AntiHacker.sys RemoveDirectory: C:\Windows\system32\drivers\360AntiHacker64.sys RemoveDirectory: C:\Windows\system32\drivers\360AvFlt.sys RemoveDirectory: C:\Windows\system32\drivers\360Box.sys RemoveDirectory: C:\Windows\system32\drivers\360Box64.sys RemoveDirectory: C:\Windows\system32\drivers\360Camera.sys RemoveDirectory: C:\Windows\system32\drivers\360Camera64.sys RemoveDirectory: C:\Windows\system32\drivers\360FsFlt.sys RemoveDirectory: C:\Windows\system32\drivers\360SelfProtection.sys RemoveDirectory: C:\Windows\system32\drivers\Aavmker4.sys RemoveDirectory: C:\Windows\system32\drivers\abndis.sys RemoveDirectory: C:\Windows\system32\drivers\abp470n5.sys RemoveDirectory: C:\Windows\system32\drivers\afw.sys RemoveDirectory: C:\Windows\system32\drivers\afwcore.sys RemoveDirectory: C:\Windows\system32\drivers\AhnFlt2k.sys RemoveDirectory: C:\Windows\system32\drivers\AhnRec2k.sys RemoveDirectory: C:\Windows\system32\drivers\AhnRghNt.sys RemoveDirectory: C:\Windows\system32\drivers\ahnsze.sys RemoveDirectory: C:\Windows\system32\drivers\ale7_nf.sys RemoveDirectory: C:\Windows\system32\drivers\ale7_nf64.sys RemoveDirectory: C:\Windows\system32\drivers\ale_nf.sys RemoveDirectory: C:\Windows\system32\drivers\ale_nf64.sys RemoveDirectory: C:\Windows\system32\drivers\amm6460.sys RemoveDirectory: C:\Windows\system32\drivers\amm8651.sys RemoveDirectory: C:\Windows\system32\drivers\amm8660.sys RemoveDirectory: C:\Windows\system32\drivers\AMonHKNT.sys RemoveDirectory: C:\Windows\system32\drivers\AMonLWLH.sys RemoveDirectory: C:\Windows\system32\drivers\AMonTDLH.sys RemoveDirectory: C:\Windows\system32\drivers\AMonTDNt.sys RemoveDirectory: C:\Windows\system32\drivers\apkhelper.sys RemoveDirectory: C:\Windows\system32\drivers\APPFLT.SYS RemoveDirectory: C:\Windows\system32\drivers\apsp.sys RemoveDirectory: C:\Windows\system32\drivers\arcawfp.sys RemoveDirectory: C:\Windows\system32\drivers\aswHwid.sys RemoveDirectory: C:\Windows\system32\drivers\aswMon2.sys RemoveDirectory: C:\Windows\system32\drivers\aswMonFlt.sys RemoveDirectory: C:\Windows\system32\drivers\aswNdis.sys RemoveDirectory: C:\Windows\system32\drivers\aswNdis2.sys RemoveDirectory: C:\Windows\system32\drivers\aswNdisFlt.sys RemoveDirectory: C:\Windows\system32\drivers\aswRdr.sys RemoveDirectory: C:\Windows\system32\drivers\aswRdr2.sys RemoveDirectory: C:\Windows\system32\drivers\aswRvrt.sys RemoveDirectory: C:\Windows\system32\drivers\aswSnx.sys RemoveDirectory: C:\Windows\system32\drivers\aswSP.sys RemoveDirectory: C:\Windows\system32\drivers\aswStm.sys RemoveDirectory: C:\Windows\system32\drivers\aswTdi.sys RemoveDirectory: C:\Windows\system32\drivers\aswVmm.sys RemoveDirectory: C:\Windows\system32\drivers\avasdmft.sys RemoveDirectory: C:\Windows\system32\drivers\avc3.sys RemoveDirectory: C:\Windows\system32\drivers\avchv.sys RemoveDirectory: C:\Windows\system32\drivers\avckf.sys RemoveDirectory: C:\Windows\system32\drivers\avf.sys RemoveDirectory: C:\Windows\system32\drivers\avgboota.sys RemoveDirectory: C:\Windows\system32\drivers\avgbootx.sys RemoveDirectory: C:\Windows\system32\drivers\avgdiska.sys RemoveDirectory: C:\Windows\system32\drivers\avgdiskx.sys RemoveDirectory: C:\Windows\system32\drivers\avgfwd6a.sys RemoveDirectory: C:\Windows\system32\drivers\avgfwd6x.sys RemoveDirectory: C:\Windows\system32\drivers\avgfwdx.sys RemoveDirectory: C:\Windows\system32\drivers\avgidsdrivera.sys RemoveDirectory: C:\Windows\system32\drivers\avgidsdriverlx.sys RemoveDirectory: C:\Windows\system32\drivers\avgidsdriverx.sys RemoveDirectory: C:\Windows\system32\drivers\avgidsha.sys RemoveDirectory: C:\Windows\system32\drivers\avgidshx.sys RemoveDirectory: C:\Windows\system32\drivers\avgidsshimw8x.sys RemoveDirectory: C:\Windows\system32\drivers\avgidsshimx.sys RemoveDirectory: C:\Windows\system32\drivers\avgldx64.sys RemoveDirectory: C:\Windows\system32\drivers\avgldx86.sys RemoveDirectory: C:\Windows\system32\drivers\avgloga.sys RemoveDirectory: C:\Windows\system32\drivers\avglogx.sys RemoveDirectory: C:\Windows\system32\drivers\avgmfx64.sys RemoveDirectory: C:\Windows\system32\drivers\avgmfx86.sys RemoveDirectory: C:\Windows\system32\drivers\avgntflt.sys RemoveDirectory: C:\Windows\system32\drivers\avgrkx64.sys RemoveDirectory: C:\Windows\system32\drivers\avgrkx86.sys RemoveDirectory: C:\Windows\system32\drivers\avgtdia.sys RemoveDirectory: C:\Windows\system32\drivers\avgtdix.sys RemoveDirectory: C:\Windows\system32\drivers\avgwfpa.sys RemoveDirectory: C:\Windows\system32\drivers\avgwfpx.sys RemoveDirectory: C:\Windows\system32\drivers\avipbb.sys RemoveDirectory: C:\Windows\system32\drivers\avkmgr.sys RemoveDirectory: C:\Windows\system32\drivers\avnetflt.sys RemoveDirectory: C:\Windows\system32\drivers\BAPIDRV.SYS RemoveDirectory: C:\Windows\system32\drivers\BAPIDRV64.SYS RemoveDirectory: C:\Windows\system32\drivers\bcfilter.sys RemoveDirectory: C:\Windows\system32\drivers\bcfsrm.sys RemoveDirectory: C:\Windows\system32\drivers\bcftdi.sys RemoveDirectory: C:\Windows\system32\drivers\bc_hash_f.sys RemoveDirectory: C:\Windows\system32\drivers\bc_ip_f.sys RemoveDirectory: C:\Windows\system32\drivers\bc_ngn.sys RemoveDirectory: C:\Windows\system32\drivers\bc_pat_f.sys RemoveDirectory: C:\Windows\system32\drivers\bc_prt_f.sys RemoveDirectory: C:\Windows\system32\drivers\bc_tdi_f.sys RemoveDirectory: C:\Windows\system32\drivers\BdAgent.sys RemoveDirectory: C:\Windows\system32\drivers\bdelam.sys RemoveDirectory: C:\Windows\system32\drivers\bdfndisf.sys RemoveDirectory: C:\Windows\system32\drivers\BdfNdisf6.sys RemoveDirectory: C:\Windows\system32\drivers\bdfsfltr.sys RemoveDirectory: C:\Windows\system32\drivers\BdNet.sys RemoveDirectory: C:\Windows\system32\drivers\bdsandbox.sys RemoveDirectory: C:\Windows\system32\drivers\bdsflt.sys RemoveDirectory: C:\Windows\system32\drivers\bdsnm.sys RemoveDirectory: C:\Windows\system32\drivers\BdSpy.sys RemoveDirectory: C:\Windows\system32\drivers\bdvedisk.sys RemoveDirectory: C:\Windows\system32\drivers\Bfilter.sys RemoveDirectory: C:\Windows\system32\drivers\Bfmon.sys RemoveDirectory: C:\Windows\system32\drivers\Bhbase.sys RemoveDirectory: C:\Windows\system32\drivers\Bprotect.sys RemoveDirectory: C:\Windows\system32\drivers\catflt.sys RemoveDirectory: C:\Windows\system32\drivers\CdmDrvNt.sys RemoveDirectory: C:\Windows\system32\drivers\cfwids.sys RemoveDirectory: C:\Windows\system32\drivers\cmderd.sys RemoveDirectory: C:\Windows\system32\drivers\cmdguard.sys RemoveDirectory: C:\Windows\system32\drivers\cmdhlp.sys RemoveDirectory: C:\Windows\system32\drivers\COMFiltr.sys RemoveDirectory: C:\Windows\system32\drivers\DrWebLwf.sys RemoveDirectory: C:\Windows\system32\drivers\dsaflt.sys RemoveDirectory: C:\Windows\system32\drivers\dsaflt64.sys RemoveDirectory: C:\Windows\system32\drivers\dwprot.sys RemoveDirectory: C:\Windows\system32\drivers\dw_wfp.sys RemoveDirectory: C:\Windows\system32\drivers\eamon.sys RemoveDirectory: C:\Windows\system32\drivers\eamonm.sys RemoveDirectory: C:\Windows\system32\drivers\econceal.sys RemoveDirectory: C:\Windows\system32\drivers\edevmon.sys RemoveDirectory: C:\Windows\system32\drivers\efimon.sys RemoveDirectory: C:\Windows\system32\drivers\ehdrv.sys RemoveDirectory: C:\Windows\system32\drivers\EMLTDI.SYS RemoveDirectory: C:\Windows\system32\drivers\epfw.sys RemoveDirectory: C:\Windows\system32\drivers\EpfwLWF.sys RemoveDirectory: C:\Windows\system32\drivers\epfwndis.sys RemoveDirectory: C:\Windows\system32\drivers\epfwtdi.sys RemoveDirectory: C:\Windows\system32\drivers\epfwwfp.sys RemoveDirectory: C:\Windows\system32\drivers\epfwwfpr.sys RemoveDirectory: C:\Windows\system32\drivers\fnetm64.sys RemoveDirectory: C:\Windows\system32\drivers\fnetmon.sys RemoveDirectory: C:\Windows\system32\drivers\FPAV_RTP.sys RemoveDirectory: C:\Windows\system32\drivers\fsbts.sys RemoveDirectory: C:\Windows\system32\drivers\fwcore.sys RemoveDirectory: C:\Windows\system32\drivers\GDBehave.sys RemoveDirectory: C:\Windows\system32\drivers\gddcd64.sys RemoveDirectory: C:\Windows\system32\drivers\gddcv64.sys RemoveDirectory: C:\Windows\system32\drivers\GDNdisIc.sys RemoveDirectory: C:\Windows\system32\drivers\GDTdiIcpt.sys RemoveDirectory: C:\Windows\system32\drivers\gdwfpcd32.sys RemoveDirectory: C:\Windows\system32\drivers\gdwfpcd64.sys RemoveDirectory: C:\Windows\system32\drivers\gfiark.sys RemoveDirectory: C:\Windows\system32\drivers\gfiutil.sys RemoveDirectory: C:\Windows\system32\drivers\ggc.sys RemoveDirectory: C:\Windows\system32\drivers\gzflt.sys RemoveDirectory: C:\Windows\system32\drivers\HipShieldK.sys RemoveDirectory: C:\Windows\system32\drivers\HookCentre.sys RemoveDirectory: C:\Windows\system32\drivers\HookHelp.sys RemoveDirectory: C:\Windows\system32\drivers\hookport.sys RemoveDirectory: C:\Windows\system32\drivers\Hooksys.sys RemoveDirectory: C:\Windows\system32\drivers\HookTdi.sys RemoveDirectory: C:\Windows\system32\drivers\hvm.sys RemoveDirectory: C:\Windows\system32\drivers\idsflt.sys RemoveDirectory: C:\Windows\system32\drivers\idsflt64.sys RemoveDirectory: C:\Windows\system32\drivers\inspect.sys RemoveDirectory: C:\Windows\system32\drivers\K7FWFilt.sys RemoveDirectory: C:\Windows\system32\drivers\K7FWHlpr.sys RemoveDirectory: C:\Windows\system32\drivers\K7Sentry.sys RemoveDirectory: C:\Windows\system32\drivers\K7TdiHlp.sys RemoveDirectory: C:\Windows\system32\drivers\kl1.sys RemoveDirectory: C:\Windows\system32\drivers\kl2.sys RemoveDirectory: C:\Windows\system32\drivers\klelam.sys RemoveDirectory: C:\Windows\system32\drivers\klflt.sys RemoveDirectory: C:\Windows\system32\drivers\klhk.sys RemoveDirectory: C:\Windows\system32\drivers\klif.sys RemoveDirectory: C:\Windows\system32\drivers\klim5.sys RemoveDirectory: C:\Windows\system32\drivers\klim6.sys RemoveDirectory: C:\Windows\system32\drivers\klpd.sys RemoveDirectory: C:\Windows\system32\drivers\kltdi.sys RemoveDirectory: C:\Windows\system32\drivers\klwfp.sys RemoveDirectory: C:\Windows\system32\drivers\KmxAgent.sys RemoveDirectory: C:\Windows\system32\drivers\KmxAMRT.sys RemoveDirectory: C:\Windows\system32\drivers\KmxCF.sys RemoveDirectory: C:\Windows\system32\drivers\KmxCfg.sys RemoveDirectory: C:\Windows\system32\drivers\KmxFile.sys RemoveDirectory: C:\Windows\system32\drivers\KmxFilter.sys RemoveDirectory: C:\Windows\system32\drivers\KmxFw.sys RemoveDirectory: C:\Windows\system32\drivers\KmxSbx.sys RemoveDirectory: C:\Windows\system32\drivers\KmxStart.sys RemoveDirectory: C:\Windows\system32\drivers\kneps.sys RemoveDirectory: C:\Windows\system32\drivers\kvnet.sys RemoveDirectory: C:\Windows\system32\drivers\kwflower.sys RemoveDirectory: C:\Windows\system32\drivers\kwfupper.sys RemoveDirectory: C:\Windows\system32\drivers\llio.sys RemoveDirectory: C:\Windows\system32\drivers\McPvDrv.sys RemoveDirectory: C:\Windows\system32\drivers\mfeapfk.sys RemoveDirectory: C:\Windows\system32\drivers\mfeavfk.sys RemoveDirectory: C:\Windows\system32\drivers\mfebopk.sys RemoveDirectory: C:\Windows\system32\drivers\mfeclnrk.sys RemoveDirectory: C:\Windows\system32\drivers\mfeelamk.sys RemoveDirectory: C:\Windows\system32\drivers\mfefirek.sys RemoveDirectory: C:\Windows\system32\drivers\mfehidk.sys RemoveDirectory: C:\Windows\system32\drivers\mfencbdc.sys RemoveDirectory: C:\Windows\system32\drivers\mfencrk.sys RemoveDirectory: C:\Windows\system32\drivers\mfewfpk.sys RemoveDirectory: C:\Windows\system32\drivers\MiniIcpt.sys RemoveDirectory: C:\Windows\system32\drivers\MOBK.sys RemoveDirectory: C:\Windows\system32\drivers\mscank.sys RemoveDirectory: C:\Windows\system32\drivers\mwfsmflt.sys RemoveDirectory: C:\Windows\system32\drivers\n64i1644.sys RemoveDirectory: C:\Windows\system32\drivers\netfilter.sys RemoveDirectory: C:\Windows\system32\drivers\NETFLTDI.SYS RemoveDirectory: C:\Windows\system32\drivers\neti1644.sys RemoveDirectory: C:\Windows\system32\drivers\NETTDI64.SYS RemoveDirectory: C:\Windows\system32\drivers\nnetsec.sys RemoveDirectory: C:\Windows\system32\drivers\nnetsecl.sys RemoveDirectory: C:\Windows\system32\drivers\nnetsecl64.sys RemoveDirectory: C:\Windows\system32\drivers\NNSAlpc.sys RemoveDirectory: C:\Windows\system32\drivers\NNSHttp.sys RemoveDirectory: C:\Windows\system32\drivers\NNSHttps.sys RemoveDirectory: C:\Windows\system32\drivers\NNSIds.sys RemoveDirectory: C:\Windows\system32\drivers\NNSNAHS.sys RemoveDirectory: C:\Windows\system32\drivers\NNSNAHSL.sys RemoveDirectory: C:\Windows\system32\drivers\NNSpicc.sys RemoveDirectory: C:\Windows\system32\drivers\NNSpihs.sys RemoveDirectory: C:\Windows\system32\drivers\NNSPihsw.sys RemoveDirectory: C:\Windows\system32\drivers\NNSPop3.sys RemoveDirectory: C:\Windows\system32\drivers\NNSProt.sys RemoveDirectory: C:\Windows\system32\drivers\NNSPrv.sys RemoveDirectory: C:\Windows\system32\drivers\NNSSmtp.sys RemoveDirectory: C:\Windows\system32\drivers\NNSStrm.sys RemoveDirectory: C:\Windows\system32\drivers\NNStlsc.sys RemoveDirectory: C:\Windows\system32\drivers\npf.sys RemoveDirectory: C:\Windows\system32\drivers\NSKernel.sys RemoveDirectory: C:\Windows\system32\drivers\NSNetmon.sys RemoveDirectory: C:\Windows\system32\drivers\nvcv64mf.sys RemoveDirectory: C:\Windows\system32\drivers\OADriver.sys RemoveDirectory: C:\Windows\system32\drivers\oahlp32.sys RemoveDirectory: C:\Windows\system32\drivers\OAmon.sys RemoveDirectory: C:\Windows\system32\drivers\OAnet.sys RemoveDirectory: C:\Windows\system32\drivers\pavboot.sys RemoveDirectory: C:\Windows\system32\drivers\pavboot64.sys RemoveDirectory: C:\Windows\system32\drivers\PavProc.sys RemoveDirectory: C:\Windows\system32\drivers\PCTBD64.sys RemoveDirectory: C:\Windows\system32\drivers\pctBTFix64.sys RemoveDirectory: C:\Windows\system32\drivers\PCTCore64.sys RemoveDirectory: C:\Windows\system32\drivers\pctDS64.sys RemoveDirectory: C:\Windows\system32\drivers\pctEFA64.sys RemoveDirectory: C:\Windows\system32\drivers\pctgntdi64.sys RemoveDirectory: C:\Windows\system32\drivers\pctplsg64.sys RemoveDirectory: C:\Windows\system32\drivers\pctplsm64.sys RemoveDirectory: C:\Windows\system32\drivers\PCTSD64.sys RemoveDirectory: C:\Windows\system32\drivers\pctwfpfilter64.sys RemoveDirectory: C:\Windows\system32\drivers\PktIcpt.sys RemoveDirectory: C:\Windows\system32\drivers\PROCEXP152.SYS RemoveDirectory: C:\Windows\system32\drivers\protreg.sys RemoveDirectory: C:\Windows\system32\drivers\PSINAflt.sys RemoveDirectory: C:\Windows\system32\drivers\PSINFile.sys RemoveDirectory: C:\Windows\system32\drivers\PSINKNC.sys RemoveDirectory: C:\Windows\system32\drivers\PSINProc.sys RemoveDirectory: C:\Windows\system32\drivers\PSINProt.sys RemoveDirectory: C:\Windows\system32\drivers\PSINReg.sys RemoveDirectory: C:\Windows\system32\drivers\PSKMAD.sys RemoveDirectory: C:\Windows\system32\drivers\qutmdrv.sys RemoveDirectory: C:\Windows\system32\drivers\qutmipc.sys RemoveDirectory: C:\Windows\system32\drivers\SandBox.sys RemoveDirectory: C:\Windows\system32\drivers\SandBox64.sys RemoveDirectory: C:\Windows\system32\drivers\savonaccess.sys RemoveDirectory: C:\Windows\system32\drivers\savonaccesscontrol.sys RemoveDirectory: C:\Windows\system32\drivers\savonaccessfilter.sys RemoveDirectory: C:\Windows\system32\drivers\sbaphd.sys RemoveDirectory: C:\Windows\system32\drivers\sbapifs.sys RemoveDirectory: C:\Windows\system32\drivers\SbFw.sys RemoveDirectory: C:\Windows\system32\drivers\SbFwIm.sys RemoveDirectory: C:\Windows\system32\drivers\sbhips.sys RemoveDirectory: C:\Windows\system32\drivers\sbtis.sys RemoveDirectory: C:\Windows\system32\drivers\sbwtis.sys RemoveDirectory: C:\Windows\system32\drivers\scfdriver.sys RemoveDirectory: C:\Windows\system32\drivers\scfndis.sys RemoveDirectory: C:\Windows\system32\drivers\ShldFlt.sys RemoveDirectory: C:\Windows\system32\drivers\ShlDrv51.sys RemoveDirectory: C:\Windows\system32\drivers\skmscan.sys RemoveDirectory: C:\Windows\system32\drivers\SophosBootDriver.sys RemoveDirectory: C:\Windows\system32\drivers\spiderg3.sys RemoveDirectory: C:\Windows\system32\drivers\ssmdrv.sys RemoveDirectory: C:\Windows\system32\drivers\SYMEVENT.SYS RemoveDirectory: C:\Windows\system32\drivers\SYMEVENT64x86.SYS RemoveDirectory: C:\Windows\system32\drivers\SysPlant.sys RemoveDirectory: C:\Windows\system32\drivers\tdifw.sys RemoveDirectory: C:\Windows\system32\drivers\tdi_nf.sys RemoveDirectory: C:\Windows\system32\drivers\Teefer.sys RemoveDirectory: C:\Windows\system32\drivers\tmactmon.sys RemoveDirectory: C:\Windows\system32\drivers\tmcomm.sys RemoveDirectory: C:\Windows\system32\drivers\TMEBC32.sys RemoveDirectory: C:\Windows\system32\drivers\TMEBC64.sys RemoveDirectory: C:\Windows\system32\drivers\tmeevw.sys RemoveDirectory: C:\Windows\system32\drivers\tmevtmgr.sys RemoveDirectory: C:\Windows\system32\drivers\tmnciesc.sys RemoveDirectory: C:\Windows\system32\drivers\tmusa.sys RemoveDirectory: C:\Windows\system32\drivers\tpdevflt.sys RemoveDirectory: C:\Windows\system32\drivers\tpsec.sys RemoveDirectory: C:\Windows\system32\drivers\Trufos.sys RemoveDirectory: C:\Windows\system32\drivers\TS4nt.sys RemoveDirectory: C:\Windows\system32\drivers\v3engine.sys RemoveDirectory: C:\Windows\system32\drivers\VBEngNT.sys RemoveDirectory: C:\Windows\system32\drivers\vsdatant.sys RemoveDirectory: C:\Windows\system32\drivers\webssx.sys RemoveDirectory: C:\Windows\system32\drivers\WGX64.SYS RemoveDirectory: C:\Windows\system32\drivers\wnmflt.sys RemoveDirectory: C:\Windows\system32\drivers\wnmflt64.sys RemoveDirectory: C:\Windows\system32\drivers\WRkrn.sys RemoveDirectory: C:\Windows\system32\drivers\wsnf.sys RemoveDirectory: C:\Windows\system32\drivers\wstif.sys Unlock: C:\Program Files\Microsoft Security Client Unlock: C:\Program Files\NortonInstaller Unlock: C:\Program Files\Trend Micro Installer Unlock: C:\Program Files\Windows Defender Unlock: C:\ProgramData\ESET Unlock: C:\ProgramData\NortonInstaller Unlock: C:\ProgramData\Trend Micro Installer Unlock: C:\Users\Sylwester Sobkowiak\AppData\Local\IObit Apps Unlock: C:\Users\Sylwester Sobkowiak\AppData\Roaming\IObit Apps C:\Program Files\AlphaChessHistory.dat C:\Program Files\Common Files\Softwin C:\Program Files\Common Files\Symantec Shared C:\Program Files\GamingWonderlandEI C:\Program Files\GUM2809.tmp C:\Program Files\GUMC6A8.tmp C:\Program Files\GUTC6E8.tmp C:\Program Files\Kroll Ontrack C:\Program Files\Mozilla Firefox C:\Program Files\Nitro PDF C:\Program Files\NortonInstaller C:\Program Files\RealPopup C:\Program Files\Softwin C:\Program Files\Temp C:\Program Files\Tor C:\Program Files\Trend Micro Installer C:\ProgramData\HitmanPro C:\ProgramData\Norton C:\ProgramData\NortonInstaller C:\ProgramData\Symantec C:\ProgramData\Trend Micro Installer C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AlphaChess 3.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClamWin Antivirus C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk C:\Users\Sylwester Sobkowiak\AppData\Local\IObit Apps C:\Users\Sylwester Sobkowiak\AppData\Local\Mozilla C:\Users\Sylwester Sobkowiak\AppData\Local\nsg6B92.tmp C:\Users\Sylwester Sobkowiak\AppData\Local\nsy3E40.tmp C:\Users\Sylwester Sobkowiak\AppData\Local\Seven Zip C:\Users\Sylwester Sobkowiak\AppData\Local\WindowsUpdate C:\Users\Sylwester Sobkowiak\AppData\Roaming\CEZEO software C:\Users\Sylwester Sobkowiak\AppData\Roaming\cwbritga C:\Users\Sylwester Sobkowiak\AppData\Roaming\FLVPlayerPackages C:\Users\Sylwester Sobkowiak\AppData\Roaming\FunmoodsChat C:\Users\Sylwester Sobkowiak\AppData\Roaming\IObit Apps C:\Users\Sylwester Sobkowiak\AppData\Roaming\Mozilla C:\Users\Sylwester Sobkowiak\AppData\Roaming\NIWHJ C:\Users\Sylwester Sobkowiak\AppData\Roaming\o1o1aFVzWL0 C:\Users\Sylwester Sobkowiak\AppData\Roaming\PrimoPDF C:\Users\Sylwester Sobkowiak\AppData\Roaming\PrimoPDFSet.xml C:\Users\Sylwester Sobkowiak\AppData\Roaming\QuickMessenger C:\Users\Sylwester Sobkowiak\AppData\Roaming\TeamViewer C:\Users\Sylwester Sobkowiak\AppData\Roaming\WWXWQSSS C:\Users\Sylwester Sobkowiak\AppData\Roaming\Microsoft\Windows\Start Menu\FLV Player FLV Player.lnk C:\Users\Sylwester Sobkowiak\AppData\Roaming\Microsoft\Windows\Start Menu\FLV Player Uninstall FLV Player.lnk C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension C:\Windows\system32\drivers\01E8782C.sys C:\Windows\system32\drivers\058074E8.sys C:\Windows\system32\drivers\0B584EBA.sys C:\Windows\system32\drivers\46145E6A.sys C:\Windows\system32\drivers\47957877.sys C:\Windows\system32\drivers\5C017815.sys C:\Windows\system32\drivers\5F9974D1.sys C:\Windows\system32\drivers\etc\hosts.old CMD: attrib -r -s -h "C:\Program Files\Microsoft Security Client" CMD: attrib -r -s -h "C:\Program Files\Windows Defender" CMD: del /q "C:\Program Files\Microsoft Security Client" CMD: del /q "C:\Program Files\Windows Defender" Reg: reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GamingWonderland Search Scope Monitor" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RealPopup" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Robot Boom Search Scope Monitor" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SPDriver" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YTDownloader" /f Reg: reg delete HKCU\Software\Mozilla /f Reg: reg delete HKCU\Software\MozillaPlugins /f Reg: reg delete HKLM\SOFTWARE\Mozilla /f Reg: reg delete HKLM\SOFTWARE\mozilla.org /f Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f Reg: reg query HKCU\Software Reg: reg query HKLM\SOFTWARE Reg: reg query "HKLM\SOFTWARE\Microsoft\Windows Defender" /s CMD: dir /a "C:\Users\Iga\AppData\Local" CMD: dir /a "C:\Users\Iga\AppData\LocalLow" CMD: dir /a "C:\Users\Iga\AppData\Roaming" ***************** ========= dir /a C:\Windows\system32\drivers ========= => Error: No automatic fix found for this entry. "2014-10-10 12:58 aswHwid.sys" => File/Directory not found. "2014-10-10 12:58 aswMon2.sys" => File/Directory not found. "2014-10-10 12:58 aswMonFlt.sys" => File/Directory not found. "2014-10-10 12:58 aswNdis.sys" => File/Directory not found. "2014-10-10 12:58 aswNdis2.sys" => File/Directory not found. "2014-10-10 12:58 aswNdisFlt.sys" => File/Directory not found. "2014-10-10 12:58 aswRdr.sys" => File/Directory not found. "2014-10-10 12:58 aswRdr2.sys" => File/Directory not found. "2014-10-10 12:58 aswRvrt.sys" => File/Directory not found. "2014-10-10 12:58 aswSnx.sys" => File/Directory not found. "2014-10-10 12:58 aswSP.sys" => File/Directory not found. "2014-10-10 12:58 aswStm.sys" => File/Directory not found. "2014-10-10 12:58 aswTdi.sys" => File/Directory not found. "2014-10-10 12:58 aswVmm.sys" => File/Directory not found. Ale jest tego od groma, wszystkie marki antywirusowe sfaÅ‚szowane. Te foldery byÅ‚y podmontowane wczeÅ›niej jako "usÅ‚ugi" (widać to w pierwszym logu na tamtym forum). Na linkowanym forum podejmowano wÄ…tpliwe dziaÅ‚ania typu przetwarzanie w skrypcie wpisów typu "Locked" - to byÅ‚y komunikaty "tylko do odczytu", że FRST już odblokowaÅ‚ te faÅ‚szywe "usÅ‚ugi". OczywiÅ›cie Fix siÄ™ nie wykonaÅ‚. => Error: No automatic fix found for this entry. Dodatkowo, jak wykazaÅ‚am wczeÅ›niej C:\Program Files\Windows Defender to jest faÅ‚szywy plik a nie folder. Prawdziwy folder systemowy oraz usÅ‚uga zostaÅ‚y zniszczone i Windows Defender w ogóle nie istnieje w systemie. Jego odtwarzaniem zajmÄ™ siÄ™ potem. => Error: No automatic fix found for this entry. DziaÅ‚ania wstÄ™pne: => Error: No automatic fix found for this entry. 1. Otwórz Notatnik i wklej w nim: => Error: No automatic fix found for this entry. Processes closed successfully. HKU\S-1-5-21-4057883698-1414104491-491510895-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8EBC5BFC-7AAA-45F8-AFEE-0264702222E1}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EBC5BFC-7AAA-45F8-AFEE-0264702222E1}" => Key deleted successfully. C:\Windows\System32\Tasks\{DF93C777-CFB0-43B0-BEFA-6D0D77C51296} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DF93C777-CFB0-43B0-BEFA-6D0D77C51296}" => Key deleted successfully. =================================== Permissions for "C:\Windows\system32\drivers\360AntiHacker.sys": Owner: BUILTIN\Administrators DACL(PAI): NT SERVICE\TrustedInstaller ALLOW FULL (OI-CI) BUILTIN\Administrators ALLOW FULL (OI-CI) NT AUTHORITY\SYSTEM ALLOW FULL (OI-CI) EVERYONE ALLOW FULL (OI-CI) BUILTIN\Users ALLOW FULL (OI-CI) =================================== Could not remove "C:\Windows\system32\drivers\360AntiHacker.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\360AntiHacker64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\360AvFlt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\360Box.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\360Box64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\360Camera.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\360Camera64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\360FsFlt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\360SelfProtection.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\Aavmker4.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\abndis.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\abp470n5.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\afw.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\afwcore.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\AhnFlt2k.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\AhnRec2k.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\AhnRghNt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\ahnsze.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\ale7_nf.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\ale7_nf64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\ale_nf.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\ale_nf64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\amm6460.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\amm8651.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\amm8660.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\AMonHKNT.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\AMonLWLH.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\AMonTDLH.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\AMonTDNt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\apkhelper.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\APPFLT.SYS" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\apsp.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\arcawfp.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\aswHwid.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\aswMon2.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\aswMonFlt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\aswNdis.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\aswNdis2.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\aswNdisFlt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\aswRdr.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\aswRdr2.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\aswRvrt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\aswSnx.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\aswSP.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\aswStm.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\aswTdi.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\aswVmm.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avasdmft.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avc3.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avchv.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avckf.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avf.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgboota.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgbootx.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgdiska.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgdiskx.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgfwd6a.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgfwd6x.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgfwdx.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgidsdrivera.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgidsdriverlx.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgidsdriverx.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgidsha.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgidshx.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgidsshimw8x.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgidsshimx.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgldx64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgldx86.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgloga.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avglogx.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgmfx64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgmfx86.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgntflt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgrkx64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgrkx86.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgtdia.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgtdix.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgwfpa.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avgwfpx.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avipbb.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avkmgr.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\avnetflt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\BAPIDRV.SYS" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\BAPIDRV64.SYS" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\bcfilter.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\bcfsrm.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\bcftdi.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\bc_hash_f.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\bc_ip_f.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\bc_ngn.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\bc_pat_f.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\bc_prt_f.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\bc_tdi_f.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\BdAgent.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\bdelam.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\bdfndisf.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\BdfNdisf6.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\bdfsfltr.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\BdNet.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\bdsandbox.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\bdsflt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\bdsnm.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\BdSpy.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\bdvedisk.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\Bfilter.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\Bfmon.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\Bhbase.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\Bprotect.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\catflt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\CdmDrvNt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\cfwids.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\cmderd.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\cmdguard.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\cmdhlp.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\COMFiltr.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\DrWebLwf.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\dsaflt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\dsaflt64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\dwprot.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\dw_wfp.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\eamon.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\eamonm.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\econceal.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\edevmon.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\efimon.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\ehdrv.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\EMLTDI.SYS" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\epfw.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\EpfwLWF.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\epfwndis.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\epfwtdi.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\epfwwfp.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\epfwwfpr.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\fnetm64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\fnetmon.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\FPAV_RTP.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\fsbts.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\fwcore.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\GDBehave.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\gddcd64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\gddcv64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\GDNdisIc.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\GDTdiIcpt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\gdwfpcd32.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\gdwfpcd64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\gfiark.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\gfiutil.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\ggc.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\gzflt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\HipShieldK.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\HookCentre.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\HookHelp.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\hookport.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\Hooksys.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\HookTdi.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\hvm.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\idsflt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\idsflt64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\inspect.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\K7FWFilt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\K7FWHlpr.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\K7Sentry.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\K7TdiHlp.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\kl1.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\kl2.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\klelam.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\klflt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\klhk.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\klif.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\klim5.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\klim6.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\klpd.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\kltdi.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\klwfp.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\KmxAgent.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\KmxAMRT.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\KmxCF.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\KmxCfg.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\KmxFile.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\KmxFilter.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\KmxFw.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\KmxSbx.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\KmxStart.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\kneps.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\kvnet.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\kwflower.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\kwfupper.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\llio.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\McPvDrv.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\mfeapfk.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\mfeavfk.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\mfebopk.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\mfeclnrk.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\mfeelamk.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\mfefirek.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\mfehidk.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\mfencbdc.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\mfencrk.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\mfewfpk.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\MiniIcpt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\MOBK.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\mscank.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\mwfsmflt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\n64i1644.sys" => Scheduled to remove on reboot. "C:\Windows\system32\drivers\netfilter.sys" => Removed successfully. Could not remove "C:\Windows\system32\drivers\NETFLTDI.SYS" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\neti1644.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\NETTDI64.SYS" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\nnetsec.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\nnetsecl.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\nnetsecl64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\NNSAlpc.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\NNSHttp.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\NNSHttps.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\NNSIds.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\NNSNAHS.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\NNSNAHSL.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\NNSpicc.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\NNSpihs.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\NNSPihsw.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\NNSPop3.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\NNSProt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\NNSPrv.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\NNSSmtp.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\NNSStrm.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\NNStlsc.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\npf.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\NSKernel.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\NSNetmon.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\nvcv64mf.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\OADriver.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\oahlp32.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\OAmon.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\OAnet.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\pavboot.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\pavboot64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\PavProc.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\PCTBD64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\pctBTFix64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\PCTCore64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\pctDS64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\pctEFA64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\pctgntdi64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\pctplsg64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\pctplsm64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\PCTSD64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\pctwfpfilter64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\PktIcpt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\PROCEXP152.SYS" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\protreg.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\PSINAflt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\PSINFile.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\PSINKNC.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\PSINProc.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\PSINProt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\PSINReg.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\PSKMAD.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\qutmdrv.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\qutmipc.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\SandBox.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\SandBox64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\savonaccess.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\savonaccesscontrol.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\savonaccessfilter.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\sbaphd.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\sbapifs.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\SbFw.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\SbFwIm.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\sbhips.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\sbtis.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\sbwtis.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\scfdriver.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\scfndis.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\ShldFlt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\ShlDrv51.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\skmscan.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\SophosBootDriver.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\spiderg3.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\ssmdrv.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\SYMEVENT.SYS" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\SYMEVENT64x86.SYS" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\SysPlant.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\tdifw.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\tdi_nf.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\Teefer.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\tmactmon.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\tmcomm.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\TMEBC32.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\TMEBC64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\tmeevw.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\tmevtmgr.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\tmnciesc.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\tmusa.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\tpdevflt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\tpsec.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\Trufos.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\TS4nt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\v3engine.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\VBEngNT.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\vsdatant.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\webssx.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\WGX64.SYS" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\wnmflt.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\wnmflt64.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\WRkrn.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\wsnf.sys" => Scheduled to remove on reboot. Could not remove "C:\Windows\system32\drivers\wstif.sys" => Scheduled to remove on reboot. "C:\Program Files\Microsoft Security Client" => File/Directory unlocked successfully. "C:\Program Files\NortonInstaller" => File/Directory unlocked successfully. "C:\Program Files\Trend Micro Installer" => File/Directory unlocked successfully. "C:\Program Files\Windows Defender" => File/Directory unlocked successfully. "C:\ProgramData\ESET" => File/Directory unlocked successfully. "C:\ProgramData\NortonInstaller" => File/Directory unlocked successfully. "C:\ProgramData\Trend Micro Installer" => File/Directory unlocked successfully. "C:\Users\Sylwester Sobkowiak\AppData\Local\IObit Apps" => File/Directory unlocked successfully. "C:\Users\Sylwester Sobkowiak\AppData\Roaming\IObit Apps" => File/Directory unlocked successfully. C:\Program Files\AlphaChessHistory.dat => Moved successfully. C:\Program Files\Common Files\Softwin => Moved successfully. C:\Program Files\Common Files\Symantec Shared => Moved successfully. C:\Program Files\GamingWonderlandEI => Moved successfully. C:\Program Files\GUM2809.tmp => Moved successfully. C:\Program Files\GUMC6A8.tmp => Moved successfully. C:\Program Files\GUTC6E8.tmp => Moved successfully. C:\Program Files\Kroll Ontrack => Moved successfully. C:\Program Files\Mozilla Firefox => Moved successfully. C:\Program Files\Nitro PDF => Moved successfully. C:\Program Files\NortonInstaller => Moved successfully. C:\Program Files\RealPopup => Moved successfully. C:\Program Files\Softwin => Moved successfully. C:\Program Files\Temp => Moved successfully. C:\Program Files\Tor => Moved successfully. C:\Program Files\Trend Micro Installer => Moved successfully. C:\ProgramData\HitmanPro => Moved successfully. C:\ProgramData\Norton => Moved successfully. C:\ProgramData\NortonInstaller => Moved successfully. C:\ProgramData\Symantec => Moved successfully. C:\ProgramData\Trend Micro Installer => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AlphaChess 3.lnk => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClamWin Antivirus => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Local\IObit Apps => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Local\Mozilla => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Local\nsg6B92.tmp => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Local\nsy3E40.tmp => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Local\Seven Zip => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Local\WindowsUpdate => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Roaming\CEZEO software => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Roaming\cwbritga => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Roaming\FLVPlayerPackages => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Roaming\FunmoodsChat => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Roaming\IObit Apps => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Roaming\Mozilla => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Roaming\NIWHJ => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Roaming\o1o1aFVzWL0 => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Roaming\PrimoPDF => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Roaming\PrimoPDFSet.xml => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Roaming\QuickMessenger => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Roaming\TeamViewer => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Roaming\WWXWQSSS => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Roaming\Microsoft\Windows\Start Menu\FLV Player FLV Player.lnk => Moved successfully. C:\Users\Sylwester Sobkowiak\AppData\Roaming\Microsoft\Windows\Start Menu\FLV Player Uninstall FLV Player.lnk => Moved successfully. C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension => Moved successfully. C:\Windows\system32\drivers\01E8782C.sys => Moved successfully. C:\Windows\system32\drivers\058074E8.sys => Moved successfully. C:\Windows\system32\drivers\0B584EBA.sys => Moved successfully. C:\Windows\system32\drivers\46145E6A.sys => Moved successfully. C:\Windows\system32\drivers\47957877.sys => Moved successfully. C:\Windows\system32\drivers\5C017815.sys => Moved successfully. C:\Windows\system32\drivers\5F9974D1.sys => Moved successfully. C:\Windows\system32\drivers\etc\hosts.old => Moved successfully. ========= attrib -r -s -h "C:\Program Files\Microsoft Security Client" ========= ========= End of CMD: ========= ========= attrib -r -s -h "C:\Program Files\Windows Defender" ========= ========= End of CMD: ========= ========= del /q "C:\Program Files\Microsoft Security Client" ========= ========= End of CMD: ========= ========= del /q "C:\Program Files\Windows Defender" ========= ========= End of CMD: ========= ========= reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GamingWonderland Search Scope Monitor" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RealPopup" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Robot Boom Search Scope Monitor" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SPDriver" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YTDownloader" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKCU\Software\Mozilla /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKCU\Software\MozillaPlugins /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Mozilla /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\mozilla.org /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\MozillaPlugins /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg query HKCU\Software ========= HKEY_CURRENT_USER\Software (domy˜lny) REG_SZ HKEY_CURRENT_USER\Software\(null) HKEY_CURRENT_USER\Software\7-Zip HKEY_CURRENT_USER\Software\Adobe HKEY_CURRENT_USER\Software\ahead HKEY_CURRENT_USER\Software\AlphaChess HKEY_CURRENT_USER\Software\APC HKEY_CURRENT_USER\Software\AppDataLow HKEY_CURRENT_USER\Software\Apple Computer, Inc. HKEY_CURRENT_USER\Software\Borland HKEY_CURRENT_USER\Software\Brother HKEY_CURRENT_USER\Software\CanonBJ HKEY_CURRENT_USER\Software\CDDB HKEY_CURRENT_USER\Software\Clients HKEY_CURRENT_USER\Software\Corel HKEY_CURRENT_USER\Software\ej-technologies HKEY_CURRENT_USER\Software\Elfin HKEY_CURRENT_USER\Software\FMChat HKEY_CURRENT_USER\Software\Foxit Software HKEY_CURRENT_USER\Software\Fujitsu HKEY_CURRENT_USER\Software\Gabest HKEY_CURRENT_USER\Software\Gadu-Gadu HKEY_CURRENT_USER\Software\Ghisler HKEY_CURRENT_USER\Software\GMPlayer HKEY_CURRENT_USER\Software\GNU HKEY_CURRENT_USER\Software\Google HKEY_CURRENT_USER\Software\Haali HKEY_CURRENT_USER\Software\Hewlett-Packard HKEY_CURRENT_USER\Software\IM Providers HKEY_CURRENT_USER\Software\InstallShield HKEY_CURRENT_USER\Software\Intel HKEY_CURRENT_USER\Software\InterTrust HKEY_CURRENT_USER\Software\IPSPI HKEY_CURRENT_USER\Software\JavaSoft HKEY_CURRENT_USER\Software\keyhole.com HKEY_CURRENT_USER\Software\KONICA MINOLTA HKEY_CURRENT_USER\Software\LAB-EL HKEY_CURRENT_USER\Software\Lavalys HKEY_CURRENT_USER\Software\Licenses HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications HKEY_CURRENT_USER\Software\Macromedia HKEY_CURRENT_USER\Software\Master Converter HKEY_CURRENT_USER\Software\Microsoft HKEY_CURRENT_USER\Software\MimarSinan HKEY_CURRENT_USER\Software\Nero HKEY_CURRENT_USER\Software\Netscape HKEY_CURRENT_USER\Software\OB HKEY_CURRENT_USER\Software\ODBC HKEY_CURRENT_USER\Software\OLYMPUS HKEY_CURRENT_USER\Software\Opera Software HKEY_CURRENT_USER\Software\Policies HKEY_CURRENT_USER\Software\PRZEPI~1 HKEY_CURRENT_USER\Software\Realtek HKEY_CURRENT_USER\Software\Reg HKEY_CURRENT_USER\Software\roxio HKEY_CURRENT_USER\Software\Safer Networking Limited HKEY_CURRENT_USER\Software\SimonTatham HKEY_CURRENT_USER\Software\Skype HKEY_CURRENT_USER\Software\Smart Projects HKEY_CURRENT_USER\Software\SOFTWIN HKEY_CURRENT_USER\Software\SSPrint HKEY_CURRENT_USER\Software\Statgraphics HKEY_CURRENT_USER\Software\Sys HKEY_CURRENT_USER\Software\TaxMachinePityRoczne HKEY_CURRENT_USER\Software\TeamViewer HKEY_CURRENT_USER\Software\Trolltech HKEY_CURRENT_USER\Software\VB and VBA Program Settings HKEY_CURRENT_USER\Software\Wargaming.net HKEY_CURRENT_USER\Software\WhiteSmoke Writer V8 HKEY_CURRENT_USER\Software\Winamp HKEY_CURRENT_USER\Software\WinRAR HKEY_CURRENT_USER\Software\WinRAR SFX HKEY_CURRENT_USER\Software\Classes ========= End of Reg: ========= ========= reg query HKLM\SOFTWARE ========= HKEY_LOCAL_MACHINE\SOFTWARE\7-Zip HKEY_LOCAL_MACHINE\SOFTWARE\781 HKEY_LOCAL_MACHINE\SOFTWARE\activePDF HKEY_LOCAL_MACHINE\SOFTWARE\Adobe HKEY_LOCAL_MACHINE\SOFTWARE\AdobeFlashPlayerUpdate HKEY_LOCAL_MACHINE\SOFTWARE\AdwCleaner HKEY_LOCAL_MACHINE\SOFTWARE\Ahead HKEY_LOCAL_MACHINE\SOFTWARE\ALK Technologies HKEY_LOCAL_MACHINE\SOFTWARE\APC HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow HKEY_LOCAL_MACHINE\SOFTWARE\Apple Computer, Inc. HKEY_LOCAL_MACHINE\SOFTWARE\Apple Inc. HKEY_LOCAL_MACHINE\SOFTWARE\Audible HKEY_LOCAL_MACHINE\SOFTWARE\Brother HKEY_LOCAL_MACHINE\SOFTWARE\Brother Industries, Ltd. HKEY_LOCAL_MACHINE\SOFTWARE\CDDB HKEY_LOCAL_MACHINE\SOFTWARE\Classes HKEY_LOCAL_MACHINE\SOFTWARE\Clients HKEY_LOCAL_MACHINE\SOFTWARE\Codec Tweak Tool HKEY_LOCAL_MACHINE\SOFTWARE\Corel HKEY_LOCAL_MACHINE\SOFTWARE\DivXNetworks HKEY_LOCAL_MACHINE\SOFTWARE\ej-technologies HKEY_LOCAL_MACHINE\SOFTWARE\Elfin HKEY_LOCAL_MACHINE\SOFTWARE\ESET HKEY_LOCAL_MACHINE\SOFTWARE\Foolish IT HKEY_LOCAL_MACHINE\SOFTWARE\Foxit Software HKEY_LOCAL_MACHINE\SOFTWARE\Fujitsu Siemens Computers HKEY_LOCAL_MACHINE\SOFTWARE\Gadu-Gadu HKEY_LOCAL_MACHINE\SOFTWARE\GamingWonderlandEI HKEY_LOCAL_MACHINE\SOFTWARE\Ge-Force-nv HKEY_LOCAL_MACHINE\SOFTWARE\GNU HKEY_LOCAL_MACHINE\SOFTWARE\GoHD-nv HKEY_LOCAL_MACHINE\SOFTWARE\Google HKEY_LOCAL_MACHINE\SOFTWARE\HaaliMkx HKEY_LOCAL_MACHINE\SOFTWARE\Hewlett-Packard HKEY_LOCAL_MACHINE\SOFTWARE\HitmanPro HKEY_LOCAL_MACHINE\SOFTWARE\ICE HKEY_LOCAL_MACHINE\SOFTWARE\IM Providers HKEY_LOCAL_MACHINE\SOFTWARE\InstallShield HKEY_LOCAL_MACHINE\SOFTWARE\Intel HKEY_LOCAL_MACHINE\SOFTWARE\IPSPI HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft HKEY_LOCAL_MACHINE\SOFTWARE\JreMetrics HKEY_LOCAL_MACHINE\SOFTWARE\KLCodecPack HKEY_LOCAL_MACHINE\SOFTWARE\Kodak HKEY_LOCAL_MACHINE\SOFTWARE\KONICA MINOLTA HKEY_LOCAL_MACHINE\SOFTWARE\LAB-EL HKEY_LOCAL_MACHINE\SOFTWARE\Macromedia HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft HKEY_LOCAL_MACHINE\SOFTWARE\MimarSinan HKEY_LOCAL_MACHINE\SOFTWARE\National Instruments HKEY_LOCAL_MACHINE\SOFTWARE\Nero HKEY_LOCAL_MACHINE\SOFTWARE\NeroDigital HKEY_LOCAL_MACHINE\SOFTWARE\Nullsoft HKEY_LOCAL_MACHINE\SOFTWARE\ODBC HKEY_LOCAL_MACHINE\SOFTWARE\OldTimer Tools HKEY_LOCAL_MACHINE\SOFTWARE\OLYMPUS HKEY_LOCAL_MACHINE\SOFTWARE\Ontrack HKEY_LOCAL_MACHINE\SOFTWARE\Opera Software HKEY_LOCAL_MACHINE\SOFTWARE\PhotoFiltre HKEY_LOCAL_MACHINE\SOFTWARE\Policies HKEY_LOCAL_MACHINE\SOFTWARE\Realtek HKEY_LOCAL_MACHINE\SOFTWARE\Realtek Semiconductor Corp. HKEY_LOCAL_MACHINE\SOFTWARE\Reg HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications HKEY_LOCAL_MACHINE\SOFTWARE\Runtime Software HKEY_LOCAL_MACHINE\SOFTWARE\Safer Networking Limited HKEY_LOCAL_MACHINE\SOFTWARE\Samsung HKEY_LOCAL_MACHINE\SOFTWARE\Sense-nv HKEY_LOCAL_MACHINE\SOFTWARE\Siber Systems HKEY_LOCAL_MACHINE\SOFTWARE\Skype HKEY_LOCAL_MACHINE\SOFTWARE\SOFTWIN HKEY_LOCAL_MACHINE\SOFTWARE\SRS Labs HKEY_LOCAL_MACHINE\SOFTWARE\SSPrint HKEY_LOCAL_MACHINE\SOFTWARE\Statgraphics HKEY_LOCAL_MACHINE\SOFTWARE\Symantec HKEY_LOCAL_MACHINE\SOFTWARE\TeamViewer HKEY_LOCAL_MACHINE\SOFTWARE\VideoLAN HKEY_LOCAL_MACHINE\SOFTWARE\Volatile HKEY_LOCAL_MACHINE\SOFTWARE\Waves Audio HKEY_LOCAL_MACHINE\SOFTWARE\WebUpdate HKEY_LOCAL_MACHINE\SOFTWARE\Windows HKEY_LOCAL_MACHINE\SOFTWARE\Windows Defender HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node HKEY_LOCAL_MACHINE\SOFTWARE\Zenographics ========= End of Reg: ========= ========= reg query "HKLM\SOFTWARE\Microsoft\Windows Defender" /s ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= dir /a "C:\Users\Iga\AppData\Local" ========= Wolumin w stacji C to System Numer seryjny woluminu: ACCA-A5B0 Katalog: C:\Users\Iga\AppData\Local 2014-12-02 10:31 . 2014-12-02 10:31 .. 2011-07-20 13:12 Adobe 2011-07-15 08:29 Apple 2011-07-13 10:51 Dane aplikacji [C:\Users\Iga\AppData\Local] 2012-03-05 06:58 104ÿ744 GDIPFONTCACHEV1.DAT 2014-06-04 05:49 Google 2011-07-13 10:51 Historia [C:\Users\Iga\AppData\Local\Microsoft\Windows\History] 2014-06-04 05:51 2ÿ068ÿ785 IconCache.db 2014-11-13 11:00 0 IObit Apps 2011-07-20 13:47 Microsoft 2008-11-05 12:32 Microsoft Help 2014-12-02 10:31 Temp 2011-07-13 10:51 Temporary Internet Files [C:\Users\Iga\AppData\Local\Microsoft\Windows\Temporary Internet Files] 3 plik(¢w) 2ÿ173ÿ529 bajt¢w 11 katalog(¢w) 24ÿ099ÿ155ÿ968 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a "C:\Users\Iga\AppData\LocalLow" ========= Wolumin w stacji C to System Numer seryjny woluminu: ACCA-A5B0 Katalog: C:\Users\Iga\AppData\LocalLow 2014-11-13 09:41 . 2014-11-13 09:41 .. 2011-07-20 13:12 Adobe 2013-02-01 10:48 Apple Computer 2011-07-13 10:51 6 desktop.ini 2011-07-20 13:12 Microsoft 2011-07-19 11:22 Sun 1 plik(¢w) 6 bajt¢w 6 katalog(¢w) 24ÿ099ÿ155ÿ968 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a "C:\Users\Iga\AppData\Roaming" ========= Wolumin w stacji C to System Numer seryjny woluminu: ACCA-A5B0 Katalog: C:\Users\Iga\AppData\Roaming 2014-12-02 10:31 . 2014-12-02 10:31 .. 2011-07-20 13:12 Adobe 2011-07-13 10:51 Identities 2014-11-13 11:00 0 IObit Apps 2011-03-02 11:04 Macromedia 2011-07-20 13:12 Microsoft 2011-07-13 10:53 Nero 2011-07-20 08:03 WinRAR 1 plik(¢w) 0 bajt¢w 8 katalog(¢w) 24ÿ099ÿ155ÿ968 bajt¢w wolnych ========= End of CMD: ========= => Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-15 10:10:37)<= C:\Windows\system32\drivers\360AntiHacker.sys => Removed successfully. C:\Windows\system32\drivers\360AntiHacker64.sys => Removed successfully. C:\Windows\system32\drivers\360AvFlt.sys => Removed successfully. C:\Windows\system32\drivers\360Box.sys => Removed successfully. C:\Windows\system32\drivers\360Box64.sys => Removed successfully. C:\Windows\system32\drivers\360Camera.sys => Removed successfully. C:\Windows\system32\drivers\360Camera64.sys => Removed successfully. C:\Windows\system32\drivers\360FsFlt.sys => Removed successfully. C:\Windows\system32\drivers\360SelfProtection.sys => Removed successfully. C:\Windows\system32\drivers\Aavmker4.sys => Removed successfully. C:\Windows\system32\drivers\abndis.sys => Removed successfully. C:\Windows\system32\drivers\abp470n5.sys => Removed successfully. C:\Windows\system32\drivers\afw.sys => Removed successfully. C:\Windows\system32\drivers\afwcore.sys => Removed successfully. C:\Windows\system32\drivers\AhnFlt2k.sys => Removed successfully. C:\Windows\system32\drivers\AhnRec2k.sys => Removed successfully. C:\Windows\system32\drivers\AhnRghNt.sys => Removed successfully. C:\Windows\system32\drivers\ahnsze.sys => Removed successfully. C:\Windows\system32\drivers\ale7_nf.sys => Removed successfully. C:\Windows\system32\drivers\ale7_nf64.sys => Removed successfully. C:\Windows\system32\drivers\ale_nf.sys => Removed successfully. C:\Windows\system32\drivers\ale_nf64.sys => Removed successfully. C:\Windows\system32\drivers\amm6460.sys => Removed successfully. C:\Windows\system32\drivers\amm8651.sys => Removed successfully. C:\Windows\system32\drivers\amm8660.sys => Removed successfully. C:\Windows\system32\drivers\AMonHKNT.sys => Removed successfully. C:\Windows\system32\drivers\AMonLWLH.sys => Removed successfully. C:\Windows\system32\drivers\AMonTDLH.sys => Removed successfully. C:\Windows\system32\drivers\AMonTDNt.sys => Removed successfully. C:\Windows\system32\drivers\apkhelper.sys => Removed successfully. C:\Windows\system32\drivers\APPFLT.SYS => Removed successfully. C:\Windows\system32\drivers\apsp.sys => Removed successfully. C:\Windows\system32\drivers\arcawfp.sys => Removed successfully. C:\Windows\system32\drivers\aswHwid.sys => Removed successfully. C:\Windows\system32\drivers\aswMon2.sys => Removed successfully. C:\Windows\system32\drivers\aswMonFlt.sys => Removed successfully. C:\Windows\system32\drivers\aswNdis.sys => Removed successfully. C:\Windows\system32\drivers\aswNdis2.sys => Removed successfully. C:\Windows\system32\drivers\aswNdisFlt.sys => Removed successfully. C:\Windows\system32\drivers\aswRdr.sys => Removed successfully. C:\Windows\system32\drivers\aswRdr2.sys => Removed successfully. C:\Windows\system32\drivers\aswRvrt.sys => Removed successfully. C:\Windows\system32\drivers\aswSnx.sys => Removed successfully. C:\Windows\system32\drivers\aswSP.sys => Removed successfully. C:\Windows\system32\drivers\aswStm.sys => Removed successfully. C:\Windows\system32\drivers\aswTdi.sys => Removed successfully. C:\Windows\system32\drivers\aswVmm.sys => Removed successfully. C:\Windows\system32\drivers\avasdmft.sys => Removed successfully. C:\Windows\system32\drivers\avc3.sys => Removed successfully. C:\Windows\system32\drivers\avchv.sys => Removed successfully. C:\Windows\system32\drivers\avckf.sys => Removed successfully. C:\Windows\system32\drivers\avf.sys => Removed successfully. C:\Windows\system32\drivers\avgboota.sys => Removed successfully. C:\Windows\system32\drivers\avgbootx.sys => Removed successfully. C:\Windows\system32\drivers\avgdiska.sys => Removed successfully. C:\Windows\system32\drivers\avgdiskx.sys => Removed successfully. C:\Windows\system32\drivers\avgfwd6a.sys => Removed successfully. C:\Windows\system32\drivers\avgfwd6x.sys => Removed successfully. C:\Windows\system32\drivers\avgfwdx.sys => Removed successfully. C:\Windows\system32\drivers\avgidsdrivera.sys => Removed successfully. C:\Windows\system32\drivers\avgidsdriverlx.sys => Removed successfully. C:\Windows\system32\drivers\avgidsdriverx.sys => Removed successfully. C:\Windows\system32\drivers\avgidsha.sys => Removed successfully. C:\Windows\system32\drivers\avgidshx.sys => Removed successfully. C:\Windows\system32\drivers\avgidsshimw8x.sys => Removed successfully. C:\Windows\system32\drivers\avgidsshimx.sys => Removed successfully. C:\Windows\system32\drivers\avgldx64.sys => Removed successfully. C:\Windows\system32\drivers\avgldx86.sys => Removed successfully. C:\Windows\system32\drivers\avgloga.sys => Removed successfully. C:\Windows\system32\drivers\avglogx.sys => Removed successfully. C:\Windows\system32\drivers\avgmfx64.sys => Removed successfully. C:\Windows\system32\drivers\avgmfx86.sys => Removed successfully. C:\Windows\system32\drivers\avgntflt.sys => Removed successfully. C:\Windows\system32\drivers\avgrkx64.sys => Removed successfully. C:\Windows\system32\drivers\avgrkx86.sys => Removed successfully. C:\Windows\system32\drivers\avgtdia.sys => Removed successfully. C:\Windows\system32\drivers\avgtdix.sys => Removed successfully. C:\Windows\system32\drivers\avgwfpa.sys => Removed successfully. C:\Windows\system32\drivers\avgwfpx.sys => Removed successfully. C:\Windows\system32\drivers\avipbb.sys => Removed successfully. C:\Windows\system32\drivers\avkmgr.sys => Removed successfully. C:\Windows\system32\drivers\avnetflt.sys => Removed successfully. C:\Windows\system32\drivers\BAPIDRV.SYS => Removed successfully. C:\Windows\system32\drivers\BAPIDRV64.SYS => Removed successfully. C:\Windows\system32\drivers\bcfilter.sys => Removed successfully. C:\Windows\system32\drivers\bcfsrm.sys => Removed successfully. C:\Windows\system32\drivers\bcftdi.sys => Removed successfully. C:\Windows\system32\drivers\bc_hash_f.sys => Removed successfully. C:\Windows\system32\drivers\bc_ip_f.sys => Removed successfully. C:\Windows\system32\drivers\bc_ngn.sys => Removed successfully. C:\Windows\system32\drivers\bc_pat_f.sys => Removed successfully. C:\Windows\system32\drivers\bc_prt_f.sys => Removed successfully. C:\Windows\system32\drivers\bc_tdi_f.sys => Removed successfully. C:\Windows\system32\drivers\BdAgent.sys => Removed successfully. C:\Windows\system32\drivers\bdelam.sys => Removed successfully. C:\Windows\system32\drivers\bdfndisf.sys => Removed successfully. C:\Windows\system32\drivers\BdfNdisf6.sys => Removed successfully. C:\Windows\system32\drivers\bdfsfltr.sys => Removed successfully. C:\Windows\system32\drivers\BdNet.sys => Removed successfully. C:\Windows\system32\drivers\bdsandbox.sys => Removed successfully. C:\Windows\system32\drivers\bdsflt.sys => Removed successfully. C:\Windows\system32\drivers\bdsnm.sys => Removed successfully. C:\Windows\system32\drivers\BdSpy.sys => Removed successfully. C:\Windows\system32\drivers\bdvedisk.sys => Removed successfully. C:\Windows\system32\drivers\Bfilter.sys => Removed successfully. C:\Windows\system32\drivers\Bfmon.sys => Removed successfully. C:\Windows\system32\drivers\Bhbase.sys => Removed successfully. C:\Windows\system32\drivers\Bprotect.sys => Removed successfully. C:\Windows\system32\drivers\catflt.sys => Removed successfully. C:\Windows\system32\drivers\CdmDrvNt.sys => Removed successfully. C:\Windows\system32\drivers\cfwids.sys => Removed successfully. C:\Windows\system32\drivers\cmderd.sys => Removed successfully. C:\Windows\system32\drivers\cmdguard.sys => Removed successfully. C:\Windows\system32\drivers\cmdhlp.sys => Removed successfully. C:\Windows\system32\drivers\COMFiltr.sys => Removed successfully. C:\Windows\system32\drivers\DrWebLwf.sys => Removed successfully. C:\Windows\system32\drivers\dsaflt.sys => Removed successfully. C:\Windows\system32\drivers\dsaflt64.sys => Removed successfully. C:\Windows\system32\drivers\dwprot.sys => Removed successfully. C:\Windows\system32\drivers\dw_wfp.sys => Removed successfully. C:\Windows\system32\drivers\eamon.sys => Removed successfully. C:\Windows\system32\drivers\eamonm.sys => Removed successfully. C:\Windows\system32\drivers\econceal.sys => Removed successfully. C:\Windows\system32\drivers\edevmon.sys => Removed successfully. C:\Windows\system32\drivers\efimon.sys => Removed successfully. C:\Windows\system32\drivers\ehdrv.sys => Removed successfully. C:\Windows\system32\drivers\EMLTDI.SYS => Removed successfully. C:\Windows\system32\drivers\epfw.sys => Removed successfully. C:\Windows\system32\drivers\EpfwLWF.sys => Removed successfully. C:\Windows\system32\drivers\epfwndis.sys => Removed successfully. C:\Windows\system32\drivers\epfwtdi.sys => Removed successfully. C:\Windows\system32\drivers\epfwwfp.sys => Removed successfully. C:\Windows\system32\drivers\epfwwfpr.sys => Removed successfully. C:\Windows\system32\drivers\fnetm64.sys => Removed successfully. C:\Windows\system32\drivers\fnetmon.sys => Removed successfully. C:\Windows\system32\drivers\FPAV_RTP.sys => Removed successfully. C:\Windows\system32\drivers\fsbts.sys => Removed successfully. C:\Windows\system32\drivers\fwcore.sys => Removed successfully. C:\Windows\system32\drivers\GDBehave.sys => Removed successfully. C:\Windows\system32\drivers\gddcd64.sys => Removed successfully. C:\Windows\system32\drivers\gddcv64.sys => Removed successfully. C:\Windows\system32\drivers\GDNdisIc.sys => Removed successfully. C:\Windows\system32\drivers\GDTdiIcpt.sys => Removed successfully. C:\Windows\system32\drivers\gdwfpcd32.sys => Removed successfully. C:\Windows\system32\drivers\gdwfpcd64.sys => Removed successfully. C:\Windows\system32\drivers\gfiark.sys => Removed successfully. C:\Windows\system32\drivers\gfiutil.sys => Removed successfully. C:\Windows\system32\drivers\ggc.sys => Removed successfully. C:\Windows\system32\drivers\gzflt.sys => Removed successfully. C:\Windows\system32\drivers\HipShieldK.sys => Removed successfully. C:\Windows\system32\drivers\HookCentre.sys => Removed successfully. C:\Windows\system32\drivers\HookHelp.sys => Removed successfully. C:\Windows\system32\drivers\hookport.sys => Removed successfully. C:\Windows\system32\drivers\Hooksys.sys => Removed successfully. C:\Windows\system32\drivers\HookTdi.sys => Removed successfully. C:\Windows\system32\drivers\hvm.sys => Removed successfully. C:\Windows\system32\drivers\idsflt.sys => Removed successfully. C:\Windows\system32\drivers\idsflt64.sys => Removed successfully. C:\Windows\system32\drivers\inspect.sys => Removed successfully. C:\Windows\system32\drivers\K7FWFilt.sys => Removed successfully. C:\Windows\system32\drivers\K7FWHlpr.sys => Removed successfully. C:\Windows\system32\drivers\K7Sentry.sys => Removed successfully. C:\Windows\system32\drivers\K7TdiHlp.sys => Removed successfully. C:\Windows\system32\drivers\kl1.sys => Removed successfully. C:\Windows\system32\drivers\kl2.sys => Removed successfully. C:\Windows\system32\drivers\klelam.sys => Removed successfully. C:\Windows\system32\drivers\klflt.sys => Removed successfully. C:\Windows\system32\drivers\klhk.sys => Removed successfully. C:\Windows\system32\drivers\klif.sys => Removed successfully. C:\Windows\system32\drivers\klim5.sys => Removed successfully. C:\Windows\system32\drivers\klim6.sys => Removed successfully. C:\Windows\system32\drivers\klpd.sys => Removed successfully. C:\Windows\system32\drivers\kltdi.sys => Removed successfully. C:\Windows\system32\drivers\klwfp.sys => Removed successfully. C:\Windows\system32\drivers\KmxAgent.sys => Removed successfully. C:\Windows\system32\drivers\KmxAMRT.sys => Removed successfully. C:\Windows\system32\drivers\KmxCF.sys => Removed successfully. C:\Windows\system32\drivers\KmxCfg.sys => Removed successfully. C:\Windows\system32\drivers\KmxFile.sys => Removed successfully. C:\Windows\system32\drivers\KmxFilter.sys => Removed successfully. C:\Windows\system32\drivers\KmxFw.sys => Removed successfully. C:\Windows\system32\drivers\KmxSbx.sys => Removed successfully. C:\Windows\system32\drivers\KmxStart.sys => Removed successfully. C:\Windows\system32\drivers\kneps.sys => Removed successfully. C:\Windows\system32\drivers\kvnet.sys => Removed successfully. C:\Windows\system32\drivers\kwflower.sys => Removed successfully. C:\Windows\system32\drivers\kwfupper.sys => Removed successfully. C:\Windows\system32\drivers\llio.sys => Removed successfully. C:\Windows\system32\drivers\McPvDrv.sys => Removed successfully. C:\Windows\system32\drivers\mfeapfk.sys => Removed successfully. C:\Windows\system32\drivers\mfeavfk.sys => Removed successfully. C:\Windows\system32\drivers\mfebopk.sys => Removed successfully. C:\Windows\system32\drivers\mfeclnrk.sys => Removed successfully. C:\Windows\system32\drivers\mfeelamk.sys => Removed successfully. C:\Windows\system32\drivers\mfefirek.sys => Removed successfully. C:\Windows\system32\drivers\mfehidk.sys => Removed successfully. C:\Windows\system32\drivers\mfencbdc.sys => Removed successfully. C:\Windows\system32\drivers\mfencrk.sys => Removed successfully. C:\Windows\system32\drivers\mfewfpk.sys => Removed successfully. C:\Windows\system32\drivers\MiniIcpt.sys => Removed successfully. C:\Windows\system32\drivers\MOBK.sys => Removed successfully. C:\Windows\system32\drivers\mscank.sys => Removed successfully. C:\Windows\system32\drivers\mwfsmflt.sys => Removed successfully. C:\Windows\system32\drivers\n64i1644.sys => Removed successfully. C:\Windows\system32\drivers\NETFLTDI.SYS => Removed successfully. C:\Windows\system32\drivers\neti1644.sys => Removed successfully. C:\Windows\system32\drivers\NETTDI64.SYS => Removed successfully. C:\Windows\system32\drivers\nnetsec.sys => Removed successfully. C:\Windows\system32\drivers\nnetsecl.sys => Removed successfully. C:\Windows\system32\drivers\nnetsecl64.sys => Removed successfully. C:\Windows\system32\drivers\NNSAlpc.sys => Removed successfully. C:\Windows\system32\drivers\NNSHttp.sys => Removed successfully. C:\Windows\system32\drivers\NNSHttps.sys => Removed successfully. C:\Windows\system32\drivers\NNSIds.sys => Removed successfully. C:\Windows\system32\drivers\NNSNAHS.sys => Removed successfully. C:\Windows\system32\drivers\NNSNAHSL.sys => Removed successfully. C:\Windows\system32\drivers\NNSpicc.sys => Removed successfully. C:\Windows\system32\drivers\NNSpihs.sys => Removed successfully. C:\Windows\system32\drivers\NNSPihsw.sys => Removed successfully. C:\Windows\system32\drivers\NNSPop3.sys => Removed successfully. C:\Windows\system32\drivers\NNSProt.sys => Removed successfully. C:\Windows\system32\drivers\NNSPrv.sys => Removed successfully. C:\Windows\system32\drivers\NNSSmtp.sys => Removed successfully. C:\Windows\system32\drivers\NNSStrm.sys => Removed successfully. C:\Windows\system32\drivers\NNStlsc.sys => Removed successfully. C:\Windows\system32\drivers\npf.sys => Removed successfully. C:\Windows\system32\drivers\NSKernel.sys => Removed successfully. C:\Windows\system32\drivers\NSNetmon.sys => Removed successfully. C:\Windows\system32\drivers\nvcv64mf.sys => Removed successfully. C:\Windows\system32\drivers\OADriver.sys => Removed successfully. C:\Windows\system32\drivers\oahlp32.sys => Removed successfully. C:\Windows\system32\drivers\OAmon.sys => Removed successfully. C:\Windows\system32\drivers\OAnet.sys => Removed successfully. C:\Windows\system32\drivers\pavboot.sys => Removed successfully. C:\Windows\system32\drivers\pavboot64.sys => Removed successfully. C:\Windows\system32\drivers\PavProc.sys => Removed successfully. C:\Windows\system32\drivers\PCTBD64.sys => Removed successfully. C:\Windows\system32\drivers\pctBTFix64.sys => Removed successfully. C:\Windows\system32\drivers\PCTCore64.sys => Removed successfully. C:\Windows\system32\drivers\pctDS64.sys => Removed successfully. C:\Windows\system32\drivers\pctEFA64.sys => Removed successfully. C:\Windows\system32\drivers\pctgntdi64.sys => Removed successfully. C:\Windows\system32\drivers\pctplsg64.sys => Removed successfully. C:\Windows\system32\drivers\pctplsm64.sys => Removed successfully. C:\Windows\system32\drivers\PCTSD64.sys => Removed successfully. C:\Windows\system32\drivers\pctwfpfilter64.sys => Removed successfully. C:\Windows\system32\drivers\PktIcpt.sys => Removed successfully. C:\Windows\system32\drivers\PROCEXP152.SYS => Removed successfully. C:\Windows\system32\drivers\protreg.sys => Removed successfully. C:\Windows\system32\drivers\PSINAflt.sys => Removed successfully. C:\Windows\system32\drivers\PSINFile.sys => Removed successfully. C:\Windows\system32\drivers\PSINKNC.sys => Removed successfully. C:\Windows\system32\drivers\PSINProc.sys => Removed successfully. C:\Windows\system32\drivers\PSINProt.sys => Removed successfully. C:\Windows\system32\drivers\PSINReg.sys => Removed successfully. C:\Windows\system32\drivers\PSKMAD.sys => Removed successfully. C:\Windows\system32\drivers\qutmdrv.sys => Removed successfully. C:\Windows\system32\drivers\qutmipc.sys => Removed successfully. C:\Windows\system32\drivers\SandBox.sys => Removed successfully. C:\Windows\system32\drivers\SandBox64.sys => Removed successfully. C:\Windows\system32\drivers\savonaccess.sys => Removed successfully. C:\Windows\system32\drivers\savonaccesscontrol.sys => Removed successfully. C:\Windows\system32\drivers\savonaccessfilter.sys => Removed successfully. C:\Windows\system32\drivers\sbaphd.sys => Removed successfully. C:\Windows\system32\drivers\sbapifs.sys => Removed successfully. C:\Windows\system32\drivers\SbFw.sys => Removed successfully. C:\Windows\system32\drivers\SbFwIm.sys => Removed successfully. C:\Windows\system32\drivers\sbhips.sys => Removed successfully. C:\Windows\system32\drivers\sbtis.sys => Removed successfully. C:\Windows\system32\drivers\sbwtis.sys => Removed successfully. C:\Windows\system32\drivers\scfdriver.sys => Removed successfully. C:\Windows\system32\drivers\scfndis.sys => Removed successfully. C:\Windows\system32\drivers\ShldFlt.sys => Removed successfully. C:\Windows\system32\drivers\ShlDrv51.sys => Removed successfully. C:\Windows\system32\drivers\skmscan.sys => Removed successfully. C:\Windows\system32\drivers\SophosBootDriver.sys => Removed successfully. C:\Windows\system32\drivers\spiderg3.sys => Removed successfully. C:\Windows\system32\drivers\ssmdrv.sys => Removed successfully. C:\Windows\system32\drivers\SYMEVENT.SYS => Removed successfully. C:\Windows\system32\drivers\SYMEVENT64x86.SYS => Removed successfully. C:\Windows\system32\drivers\SysPlant.sys => Removed successfully. C:\Windows\system32\drivers\tdifw.sys => Removed successfully. C:\Windows\system32\drivers\tdi_nf.sys => Removed successfully. C:\Windows\system32\drivers\Teefer.sys => Removed successfully. C:\Windows\system32\drivers\tmactmon.sys => Removed successfully. C:\Windows\system32\drivers\tmcomm.sys => Removed successfully. C:\Windows\system32\drivers\TMEBC32.sys => Removed successfully. C:\Windows\system32\drivers\TMEBC64.sys => Removed successfully. C:\Windows\system32\drivers\tmeevw.sys => Removed successfully. C:\Windows\system32\drivers\tmevtmgr.sys => Removed successfully. C:\Windows\system32\drivers\tmnciesc.sys => Removed successfully. C:\Windows\system32\drivers\tmusa.sys => Removed successfully. C:\Windows\system32\drivers\tpdevflt.sys => Removed successfully. C:\Windows\system32\drivers\tpsec.sys => Removed successfully. C:\Windows\system32\drivers\Trufos.sys => Removed successfully. C:\Windows\system32\drivers\TS4nt.sys => Removed successfully. C:\Windows\system32\drivers\v3engine.sys => Removed successfully. C:\Windows\system32\drivers\VBEngNT.sys => Removed successfully. C:\Windows\system32\drivers\vsdatant.sys => Removed successfully. C:\Windows\system32\drivers\webssx.sys => Removed successfully. C:\Windows\system32\drivers\WGX64.SYS => Removed successfully. C:\Windows\system32\drivers\wnmflt.sys => Removed successfully. C:\Windows\system32\drivers\wnmflt64.sys => Removed successfully. C:\Windows\system32\drivers\WRkrn.sys => Removed successfully. C:\Windows\system32\drivers\wsnf.sys => Removed successfully. C:\Windows\system32\drivers\wstif.sys => Removed successfully. ==== End of Fixlog 10:10:49 ====