Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2017 Ran by Саид (administrator) on DESKTOP-U0TS6B5 (09-01-2017 22:59:20) Running from C:\Users\Саид\Desktop\антивирусы Loaded Profiles: Саид (Available Profiles: Саид) Platform: Windows 10 Home Single Language Version 1607 (X64) Language: Русский (Россия) Internet Explorer Version 11 (Default browser: Edge) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (YANDEX LLC) C:\Program Files (x86)\Yandex\YandexBrowser\16.10.1.1116\service_update.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (TeamViewer GmbH) C:\Users\Саид\Desktop\антивирусы\TeamViewer.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2017-01-07] (AVAST Software) HKU\S-1-5-21-370598249-2581398766-374051184-1001\...\Run: [Steam] => C:\Intel\steam\steam.exe [2876704 2016-12-20] (Valve Corporation) HKU\S-1-5-21-370598249-2581398766-374051184-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27212760 2016-11-15] (Skype Technologies S.A.) HKU\S-1-5-21-370598249-2581398766-374051184-1001\...\Run: [World of Warships] => C:\Games\World_of_Warships\WargamingGameUpdater.exe [3134216 2016-12-05] (Wargaming.net) HKU\S-1-5-21-370598249-2581398766-374051184-1001\...\Run: [uTorrent] => C:\Users\Саид\AppData\Roaming\uTorrent\uTorrent.exe [1979072 2016-12-17] (BitTorrent Inc.) HKU\S-1-5-21-370598249-2581398766-374051184-1001\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-01-05] (AVAST Software) Startup: C:\Users\Саид\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SafeWeb.lnk [2017-01-05] ShortcutTarget: SafeWeb.lnk -> C:\Users\Саид\AppData\Roaming\SafeWeb\python\pythonw.exe (No File) GroupPolicy: Restriction <======= ATTENTION GroupPolicy\User: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\Parameters: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{0a0a6d00-abf4-4ed6-b862-a5f212d8ab5d}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{1387f537-1010-4776-8b51-fcb09641e2ee}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{34c72d2e-7b40-11e6-a6f8-806e6f6e6963}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{77bd6bb0-1705-471b-bcd9-917cff9f8548}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{77bd6bb0-1705-471b-bcd9-917cff9f8548}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{a0870b5d-89af-4604-9071-900e50b9cfc7}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{a0870b5d-89af-4604-9071-900e50b9cfc7}: [DhcpNameServer] 8.8.8.8 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://yandex.ru/?clid=2101081 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://yandex.ru/search/?text={searchTerms}&clid=2101082 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-370598249-2581398766-374051184-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://yandex.ru/search/?text={searchTerms}&clid=2101082 HKU\S-1-5-21-370598249-2581398766-374051184-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://yandex.ru/?clid=2101081 SearchScopes: HKLM-x32 -> DefaultScope {F4137D40-259A-4FB3-B780-F8C39B303C41} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2101082 SearchScopes: HKLM-x32 -> {F4137D40-259A-4FB3-B780-F8C39B303C41} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2101082 SearchScopes: HKU\S-1-5-21-370598249-2581398766-374051184-1001 -> DefaultScope {F4137D40-259A-4FB3-B780-F8C39B303C41} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2101082 SearchScopes: HKU\S-1-5-21-370598249-2581398766-374051184-1001 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627 SearchScopes: HKU\S-1-5-21-370598249-2581398766-374051184-1001 -> {F4137D40-259A-4FB3-B780-F8C39B303C41} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2101082 SearchScopes: HKU\S-1-5-21-370598249-2581398766-374051184-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-20] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-20] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-20] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-20] (Oracle Corporation) FireFox: ======== FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-05] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-05] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-20] (Oracle Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-20] (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-05] (Google Inc.) Chrome: ======= CHR HomePage: Default -> inline.go.mail.ru/homepage?inline_comp=hp&inline_hp_cnt=21071633 CHR DefaultSearchURL: Default -> hxxps://inline.go.mail.ru/search?inline_comp=dse&q={searchTerms}&fr=chxtn11.0.3 CHR DefaultSearchKeyword: Default -> mail.ru CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms} CHR Profile: C:\Users\Саид\AppData\Local\Google\Chrome\User Data\Default [2017-01-09] CHR Extension: (Диск Google) - C:\Users\Саид\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-06] CHR Extension: (YouTube) - C:\Users\Саид\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-06] CHR Extension: (Adblock Plus) - C:\Users\Саид\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-01-08] CHR Extension: (AdBlock) - C:\Users\Саид\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-08] CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\Саид\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-06] CHR Extension: (Gmail) - C:\Users\Саид\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-06] CHR Extension: (Chrome Media Router) - C:\Users\Саид\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-06] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-01-05] (AVAST Software) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.) R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2142728 2016-10-31] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2209296 2016-10-31] (Electronic Arts) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) R2 YandexBrowserService; C:\Program Files (x86)\Yandex\YandexBrowser\16.10.1.1116\service_update.exe [885240 2016-11-09] (YANDEX LLC) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2017-01-05] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2017-01-05] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2017-01-05] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2017-01-05] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-01-05] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2017-01-07] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2017-01-07] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2017-01-05] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2017-01-07] (AVAST Software) S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2016-11-11] (LogMeIn Inc.) R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2017-01-05] (REALiX(tm)) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-09] (Malwarebytes) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9934c34dc6ca0c4b\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) ========================== Drivers MD5 ======================= C:\WINDOWS\System32\drivers\1394ohci.sys A7901875F89D011C38CF52C98ACF5B29 C:\WINDOWS\System32\drivers\3ware.sys EE1CCC54F75C24727A218F98FC5349DA C:\WINDOWS\System32\drivers\ACPI.sys 73C73E1AA0D4D727A04AAAB120B7F56A C:\WINDOWS\System32\drivers\AcpiDev.sys 0935496EF9624B46B935CB35ECE1F205 C:\WINDOWS\System32\Drivers\acpiex.sys D6794C31F4077B71433988787BAA926E C:\WINDOWS\System32\drivers\acpipagr.sys FE5F656D6B35089DA39112E74EC6A85A C:\WINDOWS\System32\drivers\acpipmi.sys 2F242941E4DFF69B883D77A16F039557 C:\WINDOWS\System32\drivers\acpitime.sys C247E35A21682DA8D0DC3AF9F025FCC5 C:\WINDOWS\System32\drivers\ADP80XX.SYS 49B9DB97AFC85DCCBDACDAB2E90085B7 C:\WINDOWS\system32\drivers\afd.sys 323AA1953ED9C01E23F740FA891FE064 C:\WINDOWS\System32\DRIVERS\ahcache.sys 23522E5D581F7722B1B5B86737CAE39C C:\WINDOWS\System32\drivers\amdk8.sys DF21E05E41E5AC3F13F304D91457649A C:\WINDOWS\System32\drivers\amdppm.sys 45D0AA4BB90B821DF92E8F19ABED0C5E C:\WINDOWS\System32\drivers\amdsata.sys 74FFBC43B4B899C9A8CA06A892F2CE73 C:\WINDOWS\System32\drivers\amdsbs.sys AAB0F1D8D7E54761ABAB13AF161F1680 C:\WINDOWS\System32\drivers\amdxata.sys F91BAAC4237C40352A807000F3B716F9 C:\WINDOWS\System32\drivers\appid.sys BC121C099C6C659126AD2102AFDFF8CF C:\WINDOWS\System32\drivers\applockerfltr.sys 68190E2BADF23BD782344970E5B5DE9E C:\WINDOWS\System32\drivers\arcsas.sys E6AB1F0B4C3D4E0D2A88332D76FECD03 C:\WINDOWS\system32\drivers\aswHwid.sys 9B480B472D6826E7257C90E2D0EE2954 C:\WINDOWS\system32\drivers\aswKbd.sys 06362BBA1347CBA0996F4B39BB1D8353 C:\WINDOWS\system32\drivers\aswMonFlt.sys 1BB00571CC2C78463ABD7E9C32970758 C:\WINDOWS\system32\drivers\aswRdr2.sys 7010B57D708DA5C9686A5923EE621776 C:\Windows\System32\Drivers\aswRvrt.sys 937885085BFE5BD08EC1BC0245DD203B C:\WINDOWS\system32\drivers\aswSnx.sys 0B6352251C5D84130DF4252D33D266C2 C:\WINDOWS\system32\drivers\aswSP.sys 28213B34725B18387CC1B8C3D73858A1 C:\WINDOWS\system32\drivers\aswStm.sys 9C58B6E9663D0A76D00D83E43C765BDF C:\Windows\System32\Drivers\aswVmm.sys D60D9201739400F0FBDB9E36A3212D91 C:\WINDOWS\System32\drivers\asyncmac.sys 61C5A480C43E7E8E49C42869F49D0D3E C:\WINDOWS\System32\drivers\atapi.sys A10F989A812B57B9695F6C305907C9C6 C:\WINDOWS\System32\drivers\athw8x.sys 835E2C1A3D32492E2B90BD4FE5527CB6 C:\WINDOWS\System32\drivers\bxvbda.sys 61BAC67048CA5C1D08C48FCC8012B613 C:\WINDOWS\System32\drivers\BasicDisplay.sys 68F72B05EBC6D1779C0D60A147C7CA0B C:\WINDOWS\System32\drivers\BasicRender.sys 23156E7EDAF613D839E2839746B168D3 C:\WINDOWS\System32\drivers\bcmfn.sys 3F5523DCEFE42B385659C5CB46A6B810 C:\WINDOWS\System32\drivers\bcmfn2.sys 0B750A6A6D847E73CA48ADD7A0F5A393 C:\Windows\System32\Drivers\Beep.sys 0A508274355745EEF01C6BE3198D02C4 C:\WINDOWS\System32\DRIVERS\bowser.sys 9CD2A4821DE379305CACB2E99AD8953A C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 722036C26D2C4E50EC2A2EC5FD678846 C:\WINDOWS\System32\drivers\bthhfenum.sys C2E31BE025D46D189E38DD1EDF07837A C:\WINDOWS\System32\drivers\BthHFHid.sys F7CD605FC0B0B22F3F6F247595E3A655 C:\WINDOWS\System32\drivers\bthmodem.sys 535DC41A33630AE4C262406F9E981C03 C:\WINDOWS\System32\drivers\buttonconverter.sys 23F9EF739F685E07482116425E7879AA C:\WINDOWS\System32\drivers\capimg.sys 60EB6A4CE3E21887D302350631C16F26 C:\WINDOWS\System32\DRIVERS\cdfs.sys F8FB51B9EF6372610E9B31A1D86B62FC C:\WINDOWS\System32\drivers\cdrom.sys 613D0137C269187FA298A157E3D14A18 C:\WINDOWS\System32\drivers\cht4sx64.sys 0AED948DA8D5F08B3D6F12E4E2089736 C:\WINDOWS\System32\drivers\cht4vx64.sys 0002A0FDE087C1657AB31CE73077539C C:\WINDOWS\System32\drivers\circlass.sys 6B4F90A287D75CCD78694F6790C911B2 C:\WINDOWS\System32\drivers\CLFS.sys B72D26074E72A757D788FB1BEF8B2F2E C:\WINDOWS\System32\drivers\registry.sys EEC3A4A98AE1A337E3CD1483AD6F2E15 C:\WINDOWS\System32\drivers\CmBatt.sys 429623E266EF067A44E8CF148E9DFB9B C:\WINDOWS\System32\Drivers\cng.sys B0D9B87B795B7833C9152441CBD55CC4 C:\WINDOWS\System32\DRIVERS\cnghwassist.sys 3DB10C59405931E2C72EFB82C1AF97D1 C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys 34C935AF2A414572B412B3556586D783 C:\WINDOWS\System32\drivers\condrv.sys 44EEEB2382F566999287E13F2067693C C:\WINDOWS\System32\drivers\dam.sys 039B5A8CBD5C75D1C46DF15F7C74D136 C:\WINDOWS\System32\Drivers\dfsc.sys 0D1D392ED2597F295956D058D33BD7C3 C:\WINDOWS\System32\drivers\disk.sys 35B9D46560339A5A7F0CAC6ED702C817 C:\WINDOWS\System32\drivers\dmvsc.sys 815F45161A4571C2C44491564F3D5968 C:\WINDOWS\system32\DRIVERS\drmkaud.sys AE6BD4C879A8C849E53947C92DF3B3A0 C:\WINDOWS\System32\drivers\dxgkrnl.sys 19F2B54EE8861D90579BD0E3AE5182F9 C:\WINDOWS\System32\drivers\evbda.sys 7EC6FC0266D74BD47ABB130A328B70EC C:\WINDOWS\System32\drivers\EhStorClass.sys 8D74B8B5D6F7C5BC4C525BAF2B083FF1 C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys 2A9817B5A9260D8F60D52E36BEF10443 C:\WINDOWS\System32\drivers\errdev.sys 77B60DEC7DCB4233E4A69D3F52E5DB24 C:\WINDOWS\system32\DRIVERS\ETD.sys 6BD85B39B7B23F03B24CF641ED29147B C:\Windows\System32\Drivers\exfat.sys FCD2C63754C2E739A8EEAD9BC63F9DDC C:\Windows\System32\Drivers\fastfat.sys FA918EC296EB410FF02867D008D02421 C:\WINDOWS\System32\drivers\fdc.sys 99598ECA5E41996E005D5B9D9FF1EFA2 C:\WINDOWS\System32\drivers\filecrypt.sys F44F666B0EACC3181544FFCF8CA0FFC7 C:\WINDOWS\System32\drivers\fileinfo.sys 78A210DDFDF2C9EC884631D2DAA573F0 C:\WINDOWS\System32\drivers\filetrace.sys 1A97DB5E701A186989F3795223C3BE39 C:\WINDOWS\System32\drivers\flpydisk.sys 46626665F0E5906E45619B4EFD6186B8 C:\WINDOWS\System32\drivers\fltmgr.sys FDA72ACA14D516D18C33AFCD0FD9260F C:\WINDOWS\System32\DRIVERS\fltsrv.sys B8AFE7A30D34C0E9FDBA81632294547C C:\WINDOWS\System32\drivers\FsDepends.sys D152CCBFC8251670BF0AAFE00D6BC782 C:\Windows\System32\Drivers\Fs_Rec.sys 6D6BB5C7363CD35FA715E826F3D029EE C:\WINDOWS\System32\DRIVERS\fvevol.sys 8EEC4925C03E375C4EC496E45C44139A C:\WINDOWS\System32\drivers\vmgencounter.sys EF78034773CE506323655A868C949144 C:\WINDOWS\System32\drivers\genericusbfn.sys B55FEBC6A00DAA1FE074F020B6907516 C:\WINDOWS\System32\Drivers\msgpioclx.sys DDD8A8CDDC7F13EF57D1DAAE71865936 C:\WINDOWS\System32\drivers\gpuenergydrv.sys 7ACD8F69B5D6EC97E6D2C006E19BED88 C:\WINDOWS\system32\DRIVERS\Hamdrv.sys 7F79205B4EFA98F0767309479C8C01C6 C:\WINDOWS\system32\DRIVERS\HdAudio.sys 217230B984AB2954E2FA5E36578D7B08 C:\WINDOWS\System32\drivers\HDAudBus.sys 10E3515FE5DBA6656FA62C29342EC4A1 C:\WINDOWS\System32\drivers\HidBatt.sys B90D284B97CD4CA9DE7430AAAD887A56 C:\WINDOWS\System32\drivers\hidbth.sys B2FE11643CC6ACDEE6C247DD36018FDB C:\WINDOWS\System32\drivers\hidi2c.sys D24355488A2D4D2323518EC1AC7A6D9E C:\WINDOWS\System32\drivers\hidinterrupt.sys 0AF9ABBA4F3F55C6C803890D64BC3C29 C:\WINDOWS\System32\drivers\hidir.sys CDBCF8E9AB06D88A1E1191D32F320C5D C:\WINDOWS\System32\drivers\hidusb.sys D8536CB438CC4CCDAE047B768EED22B2 C:\WINDOWS\System32\drivers\HpSAMD.sys F5CA18197B4646E04DB9EB2D6642CC4D C:\WINDOWS\System32\drivers\HTTP.sys A10C7C1E69FC90620C7BF2E51302A01F C:\WINDOWS\System32\drivers\hvservice.sys 74FC79C52395B10FFD0B55CF22CF88FC C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS EF558A02D734A1403583E95CCEEC2487 C:\WINDOWS\System32\drivers\hwpolicy.sys 771EDDA9830A3079F996F34D681FB6E5 C:\WINDOWS\System32\drivers\hyperkbd.sys 3B9F315E7FA72CC25228EB097DD9C694 C:\WINDOWS\System32\drivers\i8042prt.sys B54B30992620C97230013A74461C8517 C:\WINDOWS\System32\drivers\iagpio.sys C6B8743B213F06AA60943D8366FE968F C:\WINDOWS\System32\drivers\iai2c.sys 9A2A2F3C69B9A30B6E78536F6D258BAD C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys 5A0E850F8CD17791A3E6A3CF81D0CA28 C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys 7508F1096803385D6376BFD0BD473AC4 C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 16A10CCEDCF5AC4CAAE43DC9FC40392F C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys EB82A11613326691508D9ED9A4FE29E7 C:\WINDOWS\System32\drivers\iaStorAV.sys 97E553D03219D3D51705C7235D9EAEBD C:\WINDOWS\System32\drivers\iaStorV.sys 8350FE3BCDE3428BC040877BB7E9EAEB C:\WINDOWS\System32\drivers\ibbus.sys 3BA03F7C7700DDF4C383DDE9252F5817 C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 9CE4D3A79D3180AC5A141E2F7E7137F4 C:\WINDOWS\System32\drivers\IndirectKmd.sys 2A01C96DF5802D3434634E55C91232D8 C:\WINDOWS\system32\drivers\intelaud.sys 41CD73C13FCAEA4942F0CF7608B7530F C:\WINDOWS\system32\DRIVERS\IntcDAud.sys 87871AB7AC797F922A6F3D4C874CED96 C:\WINDOWS\System32\drivers\intelide.sys 9F7E87F6595D065A8A200A291043045E C:\WINDOWS\System32\drivers\intelpep.sys A6BD2E20AE1BC5CB2776C87C28E4F4CA C:\WINDOWS\System32\drivers\intelppm.sys 2A48DA39542636DB0FA3BA915385D1B3 C:\WINDOWS\System32\drivers\iorate.sys DB32758F3A7F6CCE81A5430080A2EA65 C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys FE85D0A86CA7A5A99CF8CD04DE7F80AE C:\WINDOWS\System32\drivers\IPMIDrv.sys 450DBDD716C7911F83E05F78EE18BFA2 C:\WINDOWS\System32\drivers\ipnat.sys F1DAECC3B3D6399875D4F10529D6A77C C:\WINDOWS\system32\drivers\irda.sys 7475A2903BB704B446AA6309E34D3362 C:\WINDOWS\System32\drivers\irenum.sys 9725E7F0C64CE9916A5CDABE8D6E13C3 C:\WINDOWS\System32\drivers\isapnp.sys 58040898883A96160D41739C80328BBF C:\WINDOWS\System32\drivers\msiscsi.sys C9FD02D62E09337B67B0C61EC8CA38CC C:\WINDOWS\System32\drivers\iwdbus.sys 48B904D31F2369D7B0122617038D3F5B C:\WINDOWS\System32\drivers\k57nd60a.sys 8438B8A45E16258064C19FBEC4EE069F C:\WINDOWS\System32\drivers\kbdclass.sys 210808437570BDDEE71A43535E3A2D30 C:\WINDOWS\System32\drivers\kbdhid.sys 0B779E9FC426CA2268D28181FA6C222F C:\WINDOWS\System32\drivers\kdnic.sys 813BA3EB2CE038F2A5382DDD75CAD60B C:\WINDOWS\System32\Drivers\ksecdd.sys 705C0F8BCCEF6E7CB704CCB454192D7E C:\WINDOWS\System32\Drivers\ksecpkg.sys 55AD13E2BAFC5AB53A10F8C271F5D242 C:\WINDOWS\system32\drivers\ksthunk.sys 4ED115CD1A1099705F56B5E0FFF97CC6 C:\WINDOWS\System32\drivers\lltdio.sys 5933A6673F00D8255C52957E40C2D601 C:\WINDOWS\System32\drivers\lsi_sas.sys 8E1B0946948CCC0BC1FA3CB70374A795 C:\WINDOWS\System32\drivers\lsi_sas2i.sys 4F68163FC04C973500DC4DA0946917B0 C:\WINDOWS\System32\drivers\lsi_sas3i.sys E5AC5F2815938651CDCC27F425474673 C:\WINDOWS\System32\drivers\lsi_sss.sys CCF6EC9FB9B8F18E05B4253E81013E48 C:\WINDOWS\system32\drivers\luafv.sys C9579D32219E5B936AC3A48D470117EC C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys ABB371D9AEF728B0489B0E6872B4A1C0 C:\WINDOWS\System32\drivers\megasas.sys C3CDCCF07486BD2616A7B82946E07AC0 C:\WINDOWS\System32\drivers\MegaSas2i.sys 2CF0CB2A0ED68C5455371E84C16F9627 C:\WINDOWS\System32\drivers\megasr.sys FADB2FE017E69EECE0E1BA78661C2E8C C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys 6D1671CB2E5402F01D2F13ECF764CAA1 C:\WINDOWS\System32\drivers\mlx4_bus.sys FD60818B66B2E8A5415EA840E99A9D8F C:\WINDOWS\system32\drivers\mmcss.sys 68F6977F1CFBAAC770D940A8C0326FA1 C:\WINDOWS\System32\drivers\modem.sys 0D50B3F3AB32D416786B58D4553859CE C:\WINDOWS\System32\drivers\monitor.sys 9CCCB7FC3EDADEBA461D78615A6011A6 C:\WINDOWS\System32\drivers\mouclass.sys 27A07B2FB2E3057DA8DAEA4F25D843C7 C:\WINDOWS\System32\drivers\mouhid.sys 7BD6E7F7C9001AB21B8362CFFEE80B25 C:\WINDOWS\System32\drivers\mountmgr.sys F5BDAEE4B7D369D4C74668DCFBA3FF10 C:\WINDOWS\System32\drivers\mpsdrv.sys 30844BD376F9D01E62C820BEF446F1F8 C:\WINDOWS\system32\drivers\mrxdav.sys 25D32BE04FE0A23FDF57FD5382757672 C:\WINDOWS\System32\DRIVERS\mrxsmb.sys E671EDAB0726E05ECEF4058B4CD73C4D C:\WINDOWS\System32\DRIVERS\mrxsmb10.sys D4D12BC29DE0F09280868FDCA65B3474 C:\WINDOWS\System32\DRIVERS\mrxsmb20.sys 93A77008A8932FC84A173C4E97E52874 C:\WINDOWS\System32\drivers\bridge.sys 74C9D21523DAE0C18F413C196DF0058A C:\Windows\System32\Drivers\Msfs.sys F01B849D9D4A8CEAF32D4FDBD0B83C92 C:\WINDOWS\System32\drivers\msgpiowin32.sys 22ECD8F5D1DFADF2011BBB1700CB871D C:\WINDOWS\System32\drivers\mshidkmdf.sys FD870F6968A145E4D2BA8A8842686B03 C:\WINDOWS\System32\drivers\mshidumdf.sys 30364757963A028CE5DF0FBAAC270173 C:\WINDOWS\System32\drivers\msisadrv.sys 6BB0FEDDAE7135FA37FFAFF4D9E0E876 C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys 13D614E6B51ECF36746C48CE829FA7F6 C:\WINDOWS\System32\drivers\mslldp.sys 642CDE46351D5D2D90311E77072AB46D C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys F2302A5CE63CA7673200FAFCEEEDB6AF C:\WINDOWS\system32\DRIVERS\MSPQM.sys 6114512EA26E835BA522C63635429DB5 C:\Windows\System32\Drivers\MsRPC.sys AA538E16E644D00E3BA5349BBA9598EC C:\WINDOWS\System32\drivers\mssmbios.sys 0543BEFD41EC4D25C7F7CF36409CEC7D C:\WINDOWS\system32\DRIVERS\MSTEE.sys C1569E4DB8EFE3617847BF041A3C842F C:\WINDOWS\System32\drivers\MTConfig.sys 130B16970154BA9876B09E5C4BAC63BE C:\WINDOWS\System32\Drivers\mup.sys 15D987C8F6CCD4AC94E070C5986762CB C:\WINDOWS\System32\drivers\mvumis.sys 3D2C5B4995CA0751D32DEA0DE9FDFE44 C:\WINDOWS\System32\DRIVERS\nwifi.sys DB31EBB04C871F422C36A0962DA7D38B C:\WINDOWS\System32\drivers\ndfltr.sys 629CB21AC49C8867E0F29DF1C16DB7B4 C:\WINDOWS\System32\drivers\ndis.sys D5564FC81350458ED570528C4E3B1CCF C:\WINDOWS\System32\drivers\ndiscap.sys 6DD605338FAAF6BA17662AA874E0D162 C:\WINDOWS\System32\drivers\NdisImPlatform.sys E34196F285F8B8879E1FF36C31F7179E C:\WINDOWS\System32\DRIVERS\ndistapi.sys 1FAD2398673F30CEC616B89C46B7DCBA C:\WINDOWS\System32\drivers\ndisuio.sys AEB8ECBE66CC46854066CB1F5623E179 C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 7340104C2BF2F126714F7CDE85E63610 C:\WINDOWS\System32\drivers\ndiswan.sys 07ADC1F8DCBEB8104D75129B11584B8C C:\WINDOWS\System32\DRIVERS\ndiswan.sys 07ADC1F8DCBEB8104D75129B11584B8C C:\WINDOWS\System32\DRIVERS\NDProxy.sys 78A12E3DF035B5D054986949B19BE43C C:\WINDOWS\System32\drivers\Ndu.sys 04C8859355C1DC9C0FA198D1894D71C2 C:\WINDOWS\System32\drivers\NetAdapterCx.sys 6C76780A01FC2B885BD6E957B5C36B02 C:\WINDOWS\System32\drivers\netbios.sys 5D1513BD6430307C9DB86C6E351372ED C:\WINDOWS\System32\DRIVERS\netbt.sys 6FEBB0A847FFD5F057B9AC8889F1B9A7 C:\WINDOWS\System32\drivers\npf.sys DE7FCC77F4A503AF4CA6A47D49B3713D C:\Windows\System32\Drivers\Npfs.sys 001CBD7A2CD45C4EB39C01C3C677EF73 C:\WINDOWS\System32\drivers\npsvctrig.sys 90F5DC9802AAA00CD0B6E2AD9E7FFADC C:\WINDOWS\System32\drivers\nsiproxy.sys 0C6218321A09A7B51BA7FFAFBA4CCB21 C:\Windows\System32\Drivers\NTFS.sys DB69C6DA8B3DDFDC547D455CA23A8250 C:\Windows\System32\Drivers\Null.sys 6E6DD6F9DD2A034CF85E94047DBDB992 C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9934c34dc6ca0c4b\nvlddmkm.sys 60328FA27CB565D708CACAC8206037FB C:\WINDOWS\System32\DRIVERS\nvpciflt.sys 019557823197E07EE33C8E363AE648BB C:\WINDOWS\System32\drivers\nvraid.sys D261DF41F0840F734856A2B4F5E072C7 C:\WINDOWS\System32\drivers\nvstor.sys 23B702B555EB0436B9DAA0BC63DA65CE C:\WINDOWS\System32\drivers\parport.sys 6B81BF7853D161DB8AC62CD8B9C2DE6B C:\WINDOWS\System32\drivers\partmgr.sys CDBD029BAEC8D09F6FBD404632D9AF28 C:\WINDOWS\System32\drivers\pci.sys E2DD2E5BDCCD225670831B439826065B C:\WINDOWS\System32\drivers\pciide.sys 214DCC87E3898F738075D1341252A552 C:\WINDOWS\System32\drivers\pcmcia.sys AED76A3333B3A31536E430020E0226FC C:\WINDOWS\System32\drivers\pcw.sys E63FB38B6E75B39467492FBAD2CD512A C:\WINDOWS\System32\drivers\pdc.sys 9EA203A07EFA6D74F07F32EF0DAB5CA6 C:\WINDOWS\System32\drivers\peauth.sys 1509A77F840AA9E72CF8247D0CF2FBDE C:\WINDOWS\System32\drivers\percsas2i.sys 540116170E2135FCD5DDE77702166B67 C:\WINDOWS\System32\drivers\percsas3i.sys 8356F87553BF49C703CF382033815898 C:\WINDOWS\System32\drivers\raspptp.sys 5645B9D9788CCA2C88B9534996ED2D6D C:\WINDOWS\System32\drivers\processr.sys 372913E12677A8CBBBABDD8311894F9D C:\WINDOWS\System32\drivers\pacer.sys FC98407B85A31161851FDE245517574F C:\WINDOWS\system32\drivers\qwavedrv.sys 819602BBBFDB0BD46DEA3715BF0DD452 C:\WINDOWS\System32\DRIVERS\rasacd.sys CDF47037A0939F56D11F699629C276AD C:\WINDOWS\System32\drivers\AgileVpn.sys 28C2EA278070EE12701D0EDF8CB0EC36 C:\WINDOWS\System32\drivers\rasl2tp.sys 17E565710172ED71B8531D8822E1C5D1 C:\WINDOWS\System32\DRIVERS\raspppoe.sys 9387DF155233D45D4E010F4F2FB52A57 C:\WINDOWS\System32\drivers\rassstp.sys F0F4EEDEEBEE7A4244FAFB96A16B5712 C:\WINDOWS\System32\DRIVERS\rdbss.sys AF6963414B820B7C45578ED3300438A7 C:\WINDOWS\System32\drivers\rdpbus.sys 79A415E6FA915EFC00297DAB16EC2635 C:\WINDOWS\System32\drivers\rdpdr.sys 7135785C21CA79D270D11037C43D3F19 C:\WINDOWS\System32\drivers\rdpvideominiport.sys 97A61A3CB2B5CB4FC32B3224EF333448 C:\WINDOWS\System32\drivers\rdyboost.sys 69BB204AE07EE84ECFAB1BF13C4BD04B C:\Windows\System32\Drivers\ReFSv1.sys 940D6F5A2B0A61EE4170DF84F6C95C20 C:\WINDOWS\System32\drivers\rspndr.sys 5FF28F097C9699097B473F8FC7C1AA7D C:\WINDOWS\System32\drivers\vms3cap.sys B5DAEE69BACA64D2BB004568E22D8756 C:\WINDOWS\System32\drivers\sbp2port.sys 5E73FB63E2DBC75FE0C17DEB0010CE0E C:\WINDOWS\System32\DRIVERS\scfilter.sys 3D9A82B03C92D1FEC42CB171D6F57778 C:\WINDOWS\System32\drivers\scmbus.sys 9055ADDFBA4C8B914C914CE693B55C0A C:\WINDOWS\System32\drivers\scmdisk0101.sys B6F2363584E62960846F7C3F00124A4F C:\WINDOWS\System32\drivers\sdbus.sys 7C3D10BEC8B0DBA00A78C78EB10B3AE2 C:\WINDOWS\System32\drivers\sdstor.sys 120DFCB71D6C502613A9E2D50E16850C C:\WINDOWS\System32\drivers\SerCx.sys 401D706DDC0A7AF18C3DD228ADF74551 C:\WINDOWS\System32\drivers\SerCx2.sys 7084D11083F0CDCA8B5C76F9846ABF5D C:\WINDOWS\System32\drivers\serenum.sys 3FF478A8ED32A83C36581425F6282B6C C:\WINDOWS\System32\drivers\serial.sys 92509187AA171A80521528B36F753E1D C:\WINDOWS\System32\drivers\sermouse.sys 433D38FF6D08B993847EA2A10EB8CB52 C:\WINDOWS\System32\drivers\sfloppy.sys 697D3EE0740AEAB62B66ABCA1C83D13B C:\WINDOWS\System32\drivers\SiSRaid2.sys A34CE1830E45DA98932295FDE4B7908A C:\WINDOWS\System32\drivers\sisraid4.sys A7B5C670770E908DA5FEF5BF1136E933 C:\WINDOWS\System32\drivers\spaceport.sys C994DF90427103CCB80F893FFD2B1CE8 C:\WINDOWS\System32\drivers\SpbCx.sys E03264C4C25B568F92ED1656AD541E64 C:\WINDOWS\System32\DRIVERS\srv.sys E83830BB74AE8CBECEA0ECD94DE436F9 C:\WINDOWS\System32\DRIVERS\srv2.sys 55CA5329D1ADEB8F8034045930147AE4 C:\WINDOWS\System32\DRIVERS\srvnet.sys F13EE0DB1FB1D6946AC3228D7EFCFC8F C:\WINDOWS\System32\drivers\stexstor.sys 29D26E1347AE1BBD4201014E19880B2C C:\WINDOWS\System32\drivers\storahci.sys 53EB8CE34B55A1EE63424C8DB7388BFC C:\WINDOWS\System32\drivers\vmstorfl.sys C5E0ACE4771F5575D9D5B457ABF3AD03 C:\WINDOWS\System32\drivers\stornvme.sys B66D8C75C9BC59D637177AB3B1C569A6 C:\WINDOWS\System32\drivers\storqosflt.sys BEBF85EB4D90E6996047DA027D0ED26E C:\WINDOWS\System32\drivers\storufs.sys 8E73037A6F8938475692FFCC26EBF385 C:\WINDOWS\System32\drivers\storvsc.sys 9D9DED47DA10E845EFF2DD57C94C809B C:\WINDOWS\System32\drivers\swenum.sys 505E0C40B5D0ADDCBB414640F59BD2E0 C:\WINDOWS\System32\drivers\Synth3dVsc.sys 32F46FB0F290D16DAA452B289C985795 C:\WINDOWS\System32\drivers\tcpip.sys 4F25E481124059CC593B4C68BC485640 C:\WINDOWS\System32\drivers\tcpip.sys 4F25E481124059CC593B4C68BC485640 C:\WINDOWS\System32\drivers\tcpipreg.sys 8DBB1BE20C36E6D19BCC89EEA00B953C C:\WINDOWS\system32\DRIVERS\tdx.sys 9D2DD64A0B51C56285512DC9454340F6 C:\WINDOWS\System32\drivers\terminpt.sys 06130AFFECEB94525FC2352936576B70 C:\WINDOWS\System32\drivers\tpm.sys 46171262D0E806779DEEDFCAB2F830CC C:\WINDOWS\System32\drivers\TsUsbFlt.sys A6F4025664C9D4BC2A9EDAB4092706D7 C:\WINDOWS\System32\drivers\TsUsbGD.sys 37A96AD493E110C0BF1EE0AC0F9E7DBD C:\WINDOWS\System32\drivers\tunnel.sys 79E264287F17D56D768440B0270466DE C:\WINDOWS\System32\drivers\uaspstor.sys AA65954F512BA097DD190790876DD991 C:\WINDOWS\System32\Drivers\UcmCx.sys AB6268022C3A5B529075A39C33904DA6 C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys 7ED2EDA43D21C7A5F589A7960E265C52 C:\WINDOWS\System32\drivers\UcmUcsi.sys 169351463039B45F5CDED9768879F712 C:\WINDOWS\System32\drivers\ucx01000.sys 08A9E3AD29B215484FBB68CDC175DF3A C:\WINDOWS\System32\drivers\udecx.sys DA70AEE267491AA56BC63AA0C0C96CA2 C:\WINDOWS\System32\DRIVERS\udfs.sys FBC5ECF6D5A868D0B116C2DBB02B8168 C:\WINDOWS\System32\drivers\UEFI.sys B918E40FAA9CD118CCA4AD388B748C98 C:\WINDOWS\System32\drivers\ufx01000.sys 0FD75222C1AD2687AB365BEBEA400DD4 C:\WINDOWS\System32\drivers\UfxChipidea.sys C1A78C53E01C641AE41BFA65797819F5 C:\WINDOWS\System32\drivers\ufxsynopsys.sys 767307212110EBEFB93EC9A5BE9E85B9 C:\WINDOWS\System32\drivers\umbus.sys DC460AAA18CA2342FBBFB2DF9B044472 C:\WINDOWS\System32\drivers\umpass.sys C3CF0377917ECE6D65D7623E1E61568F C:\WINDOWS\System32\drivers\urschipidea.sys 6B46FC140C9AF68E6E7697D66D59CB4D C:\WINDOWS\System32\drivers\urscx01000.sys B4402E7F0923F660270442CE76877ABE C:\WINDOWS\System32\drivers\urssynopsys.sys 9DD431F1B94789CFB527E5D19261F124 C:\WINDOWS\System32\drivers\usbccgp.sys C87E32B90F085970D9637FBAD45EF6FE C:\WINDOWS\System32\drivers\usbcir.sys 0B663856474AC41924D9E9112203858F C:\WINDOWS\System32\drivers\usbehci.sys F83D2250256203AC5DA5E8601C1AFDD7 C:\WINDOWS\System32\drivers\usbhub.sys 7FFD26742321919590ED77FCA556D65F C:\WINDOWS\System32\drivers\UsbHub3.sys 7A749B2863B5561BE34B39E8E249AD8F C:\WINDOWS\System32\drivers\usbohci.sys D2109F1F4FEBF1DAC415CDC5DE876479 C:\WINDOWS\System32\drivers\usbprint.sys 29C9572F2D061CFC3C0BD48A3163E343 C:\WINDOWS\System32\drivers\usbser.sys 429477D6DEF3321FF7D3EF23CAAADA00 C:\WINDOWS\System32\drivers\USBSTOR.SYS 0CC16F7B91C57AE9A4E44425A295FDAA C:\WINDOWS\System32\drivers\usbuhci.sys C917D09064CDBD18F75ADC9B2C48F847 C:\WINDOWS\System32\Drivers\usbvideo.sys B4F448F2424492F99F83D3676A453553 C:\WINDOWS\System32\drivers\USBXHCI.SYS 95BCCEFBC40D06484CF16144FE79B8A5 C:\WINDOWS\System32\drivers\vdrvroot.sys 0CBDE344FB48E42D78E29469F202ADBC C:\WINDOWS\System32\drivers\VerifierExt.sys 723195568C8755CAD57F7933C5F2C5C2 C:\WINDOWS\System32\drivers\vhdmp.sys 46ADD0CD4473AAEF1C68266A803F704D C:\WINDOWS\System32\drivers\vhf.sys 7929228F0E8B0C2FA0495A17A4FC27F6 C:\WINDOWS\System32\drivers\vmbus.sys AEE432ED868831B1F068E373598F6D93 C:\WINDOWS\System32\drivers\VMBusHID.sys 9444B23FC694B5F90F21B0FC7F10D8DD C:\WINDOWS\System32\drivers\vmgid.sys 4D0287F566B36536DD812A54C015FC4A C:\WINDOWS\System32\drivers\volmgr.sys 29075915F9BDC3437F8BED71C067D399 C:\WINDOWS\System32\drivers\volmgrx.sys 6BDB6CE6D2D9E3D3F28F1C97E12B62E2 C:\WINDOWS\System32\drivers\volsnap.sys BF2546583BB75F01DDA60A7921DFB230 C:\WINDOWS\System32\drivers\volume.sys AC2E20A74D09D24485BE8396CE04F07B C:\WINDOWS\System32\drivers\vpci.sys 92F6E3E6D3F1795263EB34B37F74AEF7 C:\WINDOWS\System32\drivers\vsmraid.sys FD9BCB8920973CEAD4D49DC7A6D8A618 C:\WINDOWS\System32\drivers\vstxraid.sys 0C111F220798CCE80484026E06822379 C:\WINDOWS\System32\drivers\vwifibus.sys 607639716E9DB1CEF4E18B5B229293B4 C:\WINDOWS\System32\drivers\vwififlt.sys B1ED64E628763148BF84FBE23F2AD711 C:\WINDOWS\System32\drivers\vwifimp.sys 59920894C38A827091A06AF559834E47 C:\WINDOWS\System32\drivers\wacompen.sys 55D00B785A7587F4263D125817871283 C:\WINDOWS\System32\DRIVERS\wanarp.sys CEF3D306C09BEC1A800E9B4A06F859F6 C:\WINDOWS\System32\DRIVERS\wanarp.sys CEF3D306C09BEC1A800E9B4A06F859F6 C:\WINDOWS\system32\drivers\wcifs.sys E330144B97D493AA886000DCAAA8DAF5 C:\WINDOWS\system32\drivers\wcnfs.sys AEA1093B751339267D8C8C1EF3D669CF C:\WINDOWS\system32\drivers\WdBoot.sys D520B1B849B6D4D707AB31722B952C2D C:\WINDOWS\System32\drivers\Wdf01000.sys 5030C76047D756263093A47B82970868 C:\WINDOWS\system32\drivers\WdFilter.sys 29FF9199EDEB4F5470BB134D1A2563D2 C:\WINDOWS\System32\DRIVERS\wdiwifi.sys 8CB606A3057355FD5A9DBDD1A0AC94EF C:\WINDOWS\System32\Drivers\WdNisDrv.sys 17CF416CFF408190F5A4CBD79AB12E55 C:\WINDOWS\System32\drivers\wfplwfs.sys E1785942AC51FEE6826CDF02075C5AA9 C:\WINDOWS\System32\drivers\wimmount.sys 0CF79A0EACFFBB75A50A469A27696D02 C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys 0DE131733317EB4BE67028366B0CAAC6 C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys 92EB5D38BDF10C790450F3E46BF93A0E C:\WINDOWS\System32\drivers\winmad.sys F95DE20312ACCA7761446DE152BD1F7C C:\WINDOWS\System32\drivers\WinUSB.SYS 4EFB346BFDAEEB29316AA52BBB9852B1 C:\WINDOWS\System32\drivers\winverbs.sys 8B9AFF5F08E66A6F1F1063DEC9457FB6 C:\WINDOWS\System32\drivers\wmiacpi.sys 6F4F4F5A007D1710BD76FB311DA97C07 C:\Windows\System32\Drivers\Wof.sys 43C8D087B31C592163B33A4BDA540E40 C:\WINDOWS\System32\drivers\WpdUpFltr.sys 75A9284F01FE7CB1A7D5EAE5C1EB4F33 C:\WINDOWS\system32\drivers\ws2ifsl.sys 36D7B73ADC3E10607ED6EC874AFB5D1E C:\WINDOWS\System32\drivers\WudfPf.sys AED7FE551E8672B824A56324076183EB C:\WINDOWS\System32\drivers\WUDFRd.sys CEFAB17FD7DFCFA515626C306262E89D C:\WINDOWS\system32\DRIVERS\WUDFRd.sys CEFAB17FD7DFCFA515626C306262E89D C:\WINDOWS\System32\drivers\xboxgip.sys 9627BBAA50878F6833A6A7843EE3B1D9 C:\WINDOWS\System32\drivers\xinputhid.sys 63088A3361D9A308F328F11E9099DD87 ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-01-09 22:58 - 2017-01-09 22:59 - 00000000 ____D C:\FRST 2017-01-09 22:45 - 2017-01-09 22:51 - 00000000 ____D C:\AdwCleaner 2017-01-08 22:44 - 2017-01-08 22:46 - 00008626 _____ C:\TDSSKiller.3.0.0.44_08.01.2017_22.44.17_log.txt 2017-01-08 22:42 - 2017-01-09 22:59 - 00000000 ____D C:\Users\Саид\Desktop\антивирусы 2017-01-07 16:31 - 2017-01-07 16:45 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2017-01-07 16:31 - 2017-01-07 16:31 - 00000000 ____D C:\Users\Саид\AppData\Local\ConnectedDevicesPlatform 2017-01-07 16:29 - 2017-01-07 16:29 - 00000000 ____D C:\WINDOWS\pss 2017-01-07 11:39 - 2017-01-07 11:43 - 00000000 ____D C:\Users\Саид\Downloads\uvs_latest 2017-01-07 11:38 - 2017-01-07 11:38 - 03371406 _____ C:\Users\Саид\Downloads\uvs_latest.zip 2017-01-06 22:08 - 2017-01-09 22:53 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-01-06 22:08 - 2017-01-06 22:09 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-01-06 22:08 - 2017-01-06 22:08 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-01-06 22:08 - 2017-01-06 22:08 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-01-06 22:08 - 2017-01-06 22:08 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-01-06 22:07 - 2017-01-07 19:04 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-01-06 22:07 - 2017-01-06 22:07 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-01-06 22:07 - 2017-01-06 22:07 - 00000000 ____D C:\Users\Все пользователи\Malwarebytes 2017-01-06 22:07 - 2017-01-06 22:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-01-06 22:07 - 2017-01-06 22:07 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-01-06 22:07 - 2017-01-06 22:07 - 00000000 ____D C:\Program Files\Malwarebytes 2017-01-05 23:52 - 2017-01-07 11:35 - 00004036 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1483649519 2017-01-05 23:52 - 2017-01-07 11:35 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2017-01-05 22:38 - 2017-01-05 22:37 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2017-01-05 22:38 - 2017-01-05 22:37 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2017-01-05 22:37 - 2017-01-05 22:37 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2017-01-05 22:28 - 2017-01-05 22:28 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk 2017-01-05 22:28 - 2017-01-05 22:28 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2017-01-05 22:28 - 2017-01-05 22:28 - 00000000 ____D C:\Users\Саид\AppData\Roaming\AVAST Software 2017-01-05 22:26 - 2017-01-07 11:38 - 00969184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys 2017-01-05 22:26 - 2017-01-07 11:38 - 00513632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys 2017-01-05 22:26 - 2017-01-07 11:38 - 00293352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys 2017-01-05 22:26 - 2017-01-05 23:50 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2017-01-05 22:26 - 2017-01-05 22:37 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2017-01-05 22:26 - 2017-01-05 22:37 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2017-01-05 22:26 - 2017-01-05 22:37 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2017-01-05 22:26 - 2017-01-05 22:37 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2017-01-05 22:26 - 2017-01-05 22:37 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2017-01-05 22:25 - 2017-01-05 22:37 - 00000000 ____D C:\Program Files\AVAST Software 2017-01-05 21:57 - 2017-01-05 21:57 - 00002880 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2017-01-05 21:57 - 2017-01-05 21:57 - 00001086 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-01-05 21:57 - 2017-01-05 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-01-05 21:56 - 2017-01-05 21:57 - 00000000 ____D C:\Program Files (x86)\CCleaner 2017-01-05 21:56 - 2017-01-05 21:56 - 00002340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-01-05 21:56 - 2017-01-05 21:56 - 00002328 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-01-05 21:53 - 2017-01-05 21:59 - 00003486 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-01-05 21:53 - 2017-01-05 21:59 - 00003362 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-01-05 21:15 - 2009-10-15 10:44 - 00809560 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmp7287.tmp 2017-01-05 21:09 - 2017-01-05 21:09 - 00000000 ____D C:\Users\Саид\AppData\Local\Steam 2017-01-05 21:09 - 2017-01-05 21:09 - 00000000 ____D C:\Users\Саид 2017-01-05 21:03 - 2017-01-05 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2017-01-05 20:49 - 2017-01-05 20:49 - 00000000 ____D C:\Users\Саид\AppData\Roaming\TeamViewer 2017-01-05 20:01 - 2017-01-05 23:46 - 00000000 ____D C:\Users\Саид\AppData\Roaming\ForceUpdateVOF 2017-01-05 20:01 - 2017-01-05 20:01 - 04175224 _____ C:\Users\Саид\AppData\Roaming\vof.exe 2017-01-05 20:01 - 2017-01-05 20:01 - 00000040 _____ C:\Users\Саид\AppData\Roaming\vof.exe.sha1 2017-01-05 15:12 - 2017-01-05 23:46 - 00000000 ____D C:\Program Files\ZRTS1AIKZW 2017-01-05 15:12 - 2017-01-05 15:17 - 00000000 ____D C:\Users\Все пользователи\ProductData 2017-01-05 15:12 - 2017-01-05 15:17 - 00000000 ____D C:\ProgramData\ProductData 2017-01-05 15:12 - 2017-01-05 15:15 - 00000000 ____D C:\Users\Саид\AppData\LocalLow\IObit 2017-01-05 15:12 - 2017-01-05 15:12 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS 2017-01-05 15:12 - 2017-01-05 15:12 - 00000000 ____D C:\WINDOWS\IObit 2017-01-05 15:12 - 2017-01-05 15:12 - 00000000 ____D C:\Users\Все пользователи\IObit 2017-01-05 15:12 - 2017-01-05 15:12 - 00000000 ____D C:\ProgramData\IObit 2017-01-05 15:11 - 2017-01-05 15:11 - 00003564 _____ C:\WINDOWS\System32\Tasks\SafeWeb 2017-01-05 15:11 - 2017-01-05 15:11 - 00003534 _____ C:\WINDOWS\System32\Tasks\SafeWeb2 2017-01-05 15:11 - 2017-01-05 15:11 - 00000000 ____D C:\Users\Саид\AppData\Roaming\IObit 2017-01-05 15:10 - 2017-01-05 23:46 - 00000000 ____D C:\Program Files\LCYZSDG8D4 2016-12-26 21:10 - 2016-12-26 21:10 - 00061860 _____ C:\Users\Саид\Documents\1.10.2 (2016-12-26).log 2016-12-20 11:35 - 2016-12-20 11:35 - 00000000 _____ C:\WINDOWS\SysWOW64\REN9663.tmp 2016-12-20 11:34 - 2016-12-20 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-12-20 11:34 - 2016-12-20 11:34 - 00000000 ____D C:\Users\Саид\AppData\Roaming\Sun 2016-12-18 16:49 - 2016-12-18 16:49 - 00007245 _____ C:\WINDOWS\system32\-1.14-windows.xml 2016-12-17 12:03 - 2016-12-17 12:05 - 00000000 ____D C:\Users\Саид\AppData\Roaming\.hcs 2016-12-17 09:29 - 2017-01-01 19:38 - 00000000 ____D C:\Users\Саид\AppData\Roaming\.vimeworld 2016-12-15 17:32 - 2016-12-15 17:32 - 00000000 ____D C:\Users\Саид\AppData\Local\Chromium 2016-12-13 22:10 - 2016-12-09 13:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-12-13 22:10 - 2016-12-09 13:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-12-13 22:10 - 2016-12-09 13:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-12-13 22:10 - 2016-12-09 13:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-12-13 22:10 - 2016-12-09 13:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-12-13 22:10 - 2016-12-09 13:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-12-13 22:10 - 2016-12-09 13:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-12-13 22:10 - 2016-12-09 13:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2016-12-13 22:10 - 2016-12-09 13:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2016-12-13 22:10 - 2016-12-09 13:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2016-12-13 22:10 - 2016-12-09 13:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2016-12-13 22:10 - 2016-12-09 13:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2016-12-13 22:10 - 2016-12-09 13:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-12-13 22:10 - 2016-12-09 13:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2016-12-13 22:10 - 2016-12-09 13:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-12-13 22:10 - 2016-12-09 13:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-12-13 22:10 - 2016-12-09 13:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-12-13 22:10 - 2016-12-09 13:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2016-12-13 22:10 - 2016-12-09 13:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-12-13 22:10 - 2016-12-09 13:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-12-13 22:10 - 2016-12-09 13:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2016-12-13 22:10 - 2016-12-09 13:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2016-12-13 22:10 - 2016-12-09 13:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2016-12-13 22:10 - 2016-12-09 13:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2016-12-13 22:10 - 2016-12-09 13:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-12-13 22:10 - 2016-12-09 13:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-12-13 22:10 - 2016-12-09 13:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-12-13 22:10 - 2016-12-09 13:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-12-13 22:10 - 2016-12-09 13:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2016-12-13 22:10 - 2016-12-09 13:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-12-13 22:10 - 2016-12-09 13:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2016-12-13 22:10 - 2016-12-09 13:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-12-13 22:10 - 2016-12-09 13:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2016-12-13 22:10 - 2016-12-09 13:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-12-13 22:10 - 2016-12-09 13:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2016-12-13 22:10 - 2016-12-09 13:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-12-13 22:10 - 2016-12-09 13:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2016-12-13 22:10 - 2016-12-09 12:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-12-13 22:10 - 2016-12-09 12:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-12-13 22:10 - 2016-12-09 12:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-12-13 22:10 - 2016-12-09 12:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-12-13 22:10 - 2016-12-09 12:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-12-13 22:10 - 2016-12-09 12:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-12-13 22:10 - 2016-12-09 12:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2016-12-13 22:10 - 2016-12-09 12:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2016-12-13 22:10 - 2016-12-09 12:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-12-13 22:10 - 2016-12-09 12:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-12-13 22:10 - 2016-12-09 12:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2016-12-13 22:10 - 2016-12-09 12:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-12-13 22:10 - 2016-12-09 12:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2016-12-13 22:10 - 2016-12-09 12:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll 2016-12-13 22:10 - 2016-12-09 12:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2016-12-13 22:10 - 2016-12-09 12:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2016-12-13 22:10 - 2016-12-09 12:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-12-13 22:10 - 2016-12-09 12:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-12-13 22:10 - 2016-12-09 12:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-12-13 22:10 - 2016-12-09 12:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-12-13 22:10 - 2016-12-09 12:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-12-13 22:10 - 2016-12-09 12:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2016-12-13 22:10 - 2016-12-09 12:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-12-13 22:10 - 2016-12-09 12:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2016-12-13 22:10 - 2016-12-09 12:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-12-13 22:10 - 2016-12-09 12:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2016-12-13 22:10 - 2016-12-09 12:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-12-13 22:10 - 2016-12-09 12:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2016-12-13 22:10 - 2016-12-09 12:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-12-13 22:10 - 2016-12-09 12:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-12-13 22:10 - 2016-12-09 12:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-12-13 22:10 - 2016-12-09 12:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-12-13 22:10 - 2016-12-09 12:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-12-13 22:10 - 2016-12-09 12:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-12-13 22:10 - 2016-12-09 12:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-12-13 22:10 - 2016-12-09 12:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-12-13 22:10 - 2016-12-09 12:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-12-13 22:10 - 2016-12-09 12:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-12-13 22:10 - 2016-12-09 12:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-12-13 22:10 - 2016-12-09 12:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2016-12-13 22:10 - 2016-12-09 12:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2016-12-13 22:10 - 2016-12-09 12:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-12-13 22:10 - 2016-12-09 12:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2016-12-13 22:10 - 2016-12-09 12:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2016-12-13 22:10 - 2016-12-09 12:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-12-13 22:10 - 2016-12-09 12:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-12-13 22:10 - 2016-12-09 12:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-12-13 22:10 - 2016-12-09 12:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-12-13 22:10 - 2016-12-09 12:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-12-13 22:10 - 2016-12-09 12:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-12-13 22:10 - 2016-12-09 12:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-12-13 22:10 - 2016-12-09 12:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-12-13 22:10 - 2016-12-09 12:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2016-12-13 22:10 - 2016-12-09 12:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-12-13 22:10 - 2016-12-09 12:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2016-12-13 22:10 - 2016-12-09 12:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-12-13 22:10 - 2016-12-09 12:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2016-12-13 22:10 - 2016-12-09 12:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2016-12-13 22:10 - 2016-12-09 12:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2016-12-13 22:10 - 2016-12-09 12:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-12-13 22:10 - 2016-12-09 12:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-12-13 22:10 - 2016-12-09 12:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2016-12-13 22:10 - 2016-12-09 12:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2016-12-13 22:10 - 2016-12-09 12:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-12-13 22:10 - 2016-12-09 12:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-12-13 22:10 - 2016-12-09 12:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-12-13 22:10 - 2016-12-09 12:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2016-12-13 22:10 - 2016-12-09 12:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2016-12-13 22:10 - 2016-12-09 12:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2016-12-13 22:10 - 2016-12-09 12:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-12-13 22:10 - 2016-12-09 12:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-12-13 22:10 - 2016-12-09 12:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-12-13 22:10 - 2016-12-09 12:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-12-13 22:10 - 2016-12-09 12:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll 2016-12-13 22:10 - 2016-12-09 11:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2016-12-13 22:09 - 2016-12-09 12:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2016-12-13 18:42 - 2016-12-25 12:32 - 00000000 ____D C:\WINDOWS\system32\SSL 2016-12-13 18:42 - 2016-12-13 18:42 - 00000000 ____D C:\Microsoft 2016-12-12 21:37 - 2016-12-23 20:51 - 01988279 _____ C:\WINDOWS\8ea07ed05946141e262344fe83fa747e.exe 2016-12-10 12:40 - 2016-12-10 12:40 - 00000000 ____D C:\Users\Саид\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Warships 2016-12-10 12:26 - 2016-12-10 12:26 - 00000000 ____D C:\Users\Саид\AppData\Local\Ubisoft 2016-12-10 12:26 - 2016-12-10 12:26 - 00000000 ____D C:\Users\Public\Ubisoft 2016-12-10 12:19 - 2017-01-05 23:46 - 00000000 ____D C:\WINDOWS\Adobe Flash Player 2016-12-10 09:47 - 2016-12-21 19:07 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{4c92420b-bea3-11e6-8856-9c2a704f7619}.TMContainer00000000000000000001.regtrans-ms 2016-12-10 09:47 - 2016-12-21 19:07 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{4c92420b-bea3-11e6-8856-9c2a704f7619}.TM.blf 2016-12-10 09:47 - 2016-12-10 09:50 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{4c92420b-bea3-11e6-8856-9c2a704f7619}.TMContainer00000000000000000002.regtrans-ms 2016-12-10 09:39 - 2017-01-05 23:49 - 00524288 ___SH C:\Users\Саид\NTUSER.DAT{4c924073-bea3-11e6-8856-9c2a704f7619}.TMContainer00000000000000000001.regtrans-ms 2016-12-10 09:39 - 2017-01-05 23:49 - 00065536 ___SH C:\Users\Саид\NTUSER.DAT{4c924073-bea3-11e6-8856-9c2a704f7619}.TM.blf 2016-12-10 09:39 - 2016-12-15 11:36 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{4c924024-bea3-11e6-8856-9c2a704f7619}.TMContainer00000000000000000001.regtrans-ms 2016-12-10 09:39 - 2016-12-15 11:36 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{4c924024-bea3-11e6-8856-9c2a704f7619}.TM.blf 2016-12-10 09:39 - 2016-12-10 09:44 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{4c924024-bea3-11e6-8856-9c2a704f7619}.TMContainer00000000000000000002.regtrans-ms 2016-12-10 09:39 - 2016-12-10 09:39 - 00524288 ___SH C:\Users\Саид\NTUSER.DAT{4c924073-bea3-11e6-8856-9c2a704f7619}.TMContainer00000000000000000002.regtrans-ms ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-01-09 22:56 - 2016-09-17 23:06 - 00004184 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{ACC60A8F-F8B7-49FB-9984-055849F4851B} 2017-01-09 22:54 - 2016-11-17 13:10 - 00000508 _____ C:\WINDOWS\Tasks\Системное обновление Браузера Яндекс.job 2017-01-09 22:54 - 2016-11-17 13:10 - 00000426 _____ C:\WINDOWS\Tasks\Обновление Браузера Яндекс.job 2017-01-09 22:54 - 2016-09-11 01:40 - 00000000 __SHD C:\Users\Саид\IntelGraphicsProfiles 2017-01-09 22:53 - 2016-09-15 15:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-01-09 22:53 - 2016-09-15 15:39 - 00000000 ____D C:\Users\Саид 2017-01-09 22:53 - 2016-07-16 09:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI 2017-01-09 22:15 - 2016-09-15 18:56 - 00000000 ____D C:\Users\Саид\AppData\Roaming\Skype 2017-01-09 20:44 - 2016-09-15 15:31 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-01-09 11:20 - 2016-09-22 22:12 - 00000000 ____D C:\Users\Саид\AppData\Roaming\.minecraft 2017-01-09 02:00 - 2016-09-11 08:31 - 00000000 ____D C:\Users\Саид\AppData\Roaming\vlc 2017-01-08 22:26 - 2016-10-30 17:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO 2017-01-08 22:26 - 2016-09-11 09:17 - 00000000 __RSD C:\Users\Саид\AppData\Roaming\Microsoft\Windows\Start Menu\Программы 2k10  2017-01-06 22:29 - 2016-09-11 01:26 - 00000000 ____D C:\Users\Саид\AppData\Local\Packages 2017-01-06 22:29 - 2016-07-16 14:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-01-06 22:29 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-01-06 22:24 - 2016-12-01 11:45 - 00000000 ____D C:\Users\Саид\AppData\Local\ComDev 2017-01-06 22:23 - 2016-09-11 01:26 - 00000000 ____D C:\Users\Саид\AppData\Roaming\Adobe 2017-01-06 16:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-01-06 16:27 - 2016-09-11 08:18 - 00000000 ____D C:\Users\Саид\AppData\Local\Google 2017-01-06 10:01 - 2016-07-16 14:45 - 00000000 ____D C:\WINDOWS\INF 2017-01-05 23:49 - 2016-10-30 17:04 - 00000000 ____D C:\Users\Саид\AppData\Local\callculator 2017-01-05 23:46 - 2016-10-30 17:04 - 00000000 ____D C:\Users\Все пользователи\hdtask 2017-01-05 23:46 - 2016-10-30 17:04 - 00000000 ____D C:\ProgramData\hdtask 2017-01-05 23:46 - 2016-10-30 16:55 - 00000000 ____D C:\Users\Саид\Doctor Web 2017-01-05 23:12 - 2016-09-11 09:36 - 00000000 ____D C:\Users\Саид\AppData\Roaming\uTorrent 2017-01-05 23:11 - 2016-09-15 15:30 - 00000000 ___DC C:\WINDOWS\Panther 2017-01-05 23:11 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-01-05 22:47 - 2016-10-25 00:10 - 00000000 ____D C:\Program Files (x86)\R.G. Gamblers 2017-01-05 22:46 - 2016-10-12 19:23 - 00000000 ____D C:\Users\Саид\AppData\Local\Ubisoft Game Launcher 2017-01-05 22:42 - 2016-11-04 13:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-01-05 22:41 - 2016-07-16 14:47 - 00000000 __RHD C:\Users\Public\Libraries 2017-01-05 22:40 - 2016-11-19 19:26 - 00000000 ____D C:\Users\Саид\AppData\Local\Bluestacks 2017-01-05 22:37 - 2016-09-11 08:37 - 00000000 ____D C:\Users\Все пользователи\AVAST Software 2017-01-05 22:37 - 2016-09-11 08:37 - 00000000 ____D C:\ProgramData\AVAST Software 2017-01-05 21:56 - 2016-09-11 08:18 - 00000000 ____D C:\Program Files (x86)\Google 2017-01-05 21:18 - 2016-09-14 21:37 - 00000000 ____D C:\Users\Саид\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2017-01-05 21:17 - 2016-09-11 11:33 - 00000000 ____D C:\Games 2017-01-05 21:16 - 2016-10-28 18:11 - 00000000 ____D C:\Program Files\Rockstar Games 2017-01-05 21:12 - 2016-09-13 20:42 - 00000000 ____D C:\Users\Саид\Documents\Rockstar Games 2017-01-05 21:12 - 2016-09-13 20:06 - 00000000 ____D C:\Users\Саид\AppData\Local\Rockstar Games 2017-01-05 21:03 - 2016-11-11 18:15 - 00000000 ____D C:\Users\Саид\Documents\EA Games 2017-01-02 16:14 - 2016-09-30 18:27 - 00000000 ____D C:\Users\Все пользователи\BlueStacksSetup 2017-01-02 16:14 - 2016-09-30 18:27 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2016-12-29 22:34 - 2016-12-03 22:18 - 00000000 ____D C:\Users\Саид\AppData\Local\Troubleshooter 2016-12-29 14:45 - 2016-09-11 01:31 - 02854076 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-12-29 14:45 - 2016-07-17 02:08 - 01203384 _____ C:\WINDOWS\system32\perfh019.dat 2016-12-29 14:45 - 2016-07-17 02:08 - 00304654 _____ C:\WINDOWS\system32\perfc019.dat 2016-12-29 14:45 - 2016-07-16 14:49 - 00962926 _____ C:\WINDOWS\system32\perfh009.dat 2016-12-29 14:45 - 2016-07-16 14:49 - 00356916 _____ C:\WINDOWS\system32\perfc009.dat 2016-12-27 17:16 - 2016-10-18 22:07 - 00000000 ____D C:\Users\Все пользователи\Origin 2016-12-27 17:16 - 2016-10-18 22:07 - 00000000 ____D C:\ProgramData\Origin 2016-12-27 17:15 - 2016-10-18 22:44 - 00000000 ____D C:\Users\Саид\AppData\Roaming\Origin 2016-12-27 17:12 - 2016-10-18 22:07 - 00000000 ____D C:\Users\Саид\AppData\Local\Origin 2016-12-26 21:10 - 2016-09-11 01:26 - 00000000 ___RD C:\Users\Саид\Documents 2016-12-24 20:33 - 2016-11-17 13:10 - 00002524 _____ C:\Users\Саид\Desktop\Yandex.lnk 2016-12-23 19:18 - 2016-11-17 12:58 - 00000000 ____D C:\Users\Саид\AppData\Local\Diagnostics 2016-12-22 18:15 - 2016-07-16 09:04 - 00000000 ____D C:\WINDOWS\system32\config 2016-12-20 11:38 - 2016-09-13 21:16 - 00000000 ____D C:\Users\Все пользователи\Oracle 2016-12-20 11:38 - 2016-09-13 21:16 - 00000000 ____D C:\ProgramData\Oracle 2016-12-20 11:35 - 2016-09-22 22:13 - 00000000 ____D C:\Program Files\Java 2016-12-20 11:35 - 2016-09-22 22:13 - 00000000 ____D C:\Program Files (x86)\Java 2016-12-20 11:35 - 2016-07-16 09:04 - 00000000 ____D C:\Program Files (x86)\Common Files 2016-12-20 11:34 - 2016-09-22 22:14 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2016-12-18 14:00 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\rescache 2016-12-15 22:15 - 2016-07-16 09:04 - 00000000 ____D C:\WINDOWS\system32\DriverStore 2016-12-15 20:02 - 2016-07-16 14:47 - 00000000 __RSD C:\WINDOWS\assembly 2016-12-15 17:50 - 2016-07-16 14:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-12-15 17:29 - 2016-09-15 18:52 - 00000174 ___SH C:\Users\Саид\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini 2016-12-15 17:29 - 2016-09-11 01:26 - 00000402 ___SH C:\Users\Саид\Documents\desktop.ini 2016-12-15 17:29 - 2016-09-11 01:26 - 00000282 ___SH C:\Users\Саид\Downloads\desktop.ini 2016-12-15 17:29 - 2016-09-11 01:26 - 00000282 ___SH C:\Users\Саид\Desktop\desktop.ini 2016-12-15 17:29 - 2016-09-11 01:26 - 00000174 ___SH C:\Users\Саид\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini 2016-12-15 17:29 - 2016-09-11 01:26 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-12-15 17:29 - 2016-09-11 01:26 - 00000000 ___RD C:\Users\Саид\Videos 2016-12-15 17:29 - 2016-09-11 01:26 - 00000000 ___RD C:\Users\Саид\Searches 2016-12-15 17:29 - 2016-09-11 01:26 - 00000000 ___RD C:\Users\Саид\Saved Games 2016-12-15 17:29 - 2016-09-11 01:26 - 00000000 ___RD C:\Users\Саид\Pictures 2016-12-15 17:29 - 2016-09-11 01:26 - 00000000 ___RD C:\Users\Саид\Music 2016-12-15 17:29 - 2016-09-11 01:26 - 00000000 ___RD C:\Users\Саид\Links 2016-12-15 17:29 - 2016-09-11 01:26 - 00000000 ___RD C:\Users\Саид\Contacts 2016-12-15 17:29 - 2016-09-11 01:26 - 00000000 ___RD C:\Users\Саид\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2016-12-15 11:37 - 2016-09-15 15:31 - 00345080 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-12-15 11:35 - 2016-07-16 14:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2016-12-15 11:35 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\config\TxR 2016-12-15 11:34 - 2016-07-16 14:47 - 00000796 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini 2016-12-15 11:34 - 2016-07-16 14:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-12-15 11:34 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\SysWOW64\ru-RU 2016-12-15 11:34 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2016-12-15 11:34 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-12-15 11:34 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\wbem 2016-12-15 11:34 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS 2016-12-15 11:34 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\ru-RU 2016-12-15 11:34 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-12-15 11:34 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\Boot 2016-12-15 11:34 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-12-15 11:34 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-12-15 11:34 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\AppPatch 2016-12-15 11:34 - 2016-07-16 14:47 - 00000000 ____D C:\Program Files\Internet Explorer 2016-12-15 11:34 - 2016-07-16 14:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer 2016-12-15 11:34 - 2016-07-16 09:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-12-15 11:34 - 2016-07-16 09:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-12-15 11:34 - 2016-07-16 09:04 - 00000000 ____D C:\WINDOWS\system32\Dism 2016-12-15 11:34 - 2016-07-16 09:04 - 00000000 ____D C:\WINDOWS\servicing 2016-12-13 22:21 - 2016-09-11 08:40 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-12-13 22:19 - 2016-09-11 08:40 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-12-13 10:36 - 2016-07-16 09:04 - 00049152 _____ C:\WINDOWS\system32\config\SAM 2016-12-12 02:56 - 2016-07-16 14:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-12-12 02:56 - 2016-07-16 14:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-12-11 11:12 - 2016-10-10 22:20 - 00000000 ____D C:\WINDOWS\SysWOW64\directx 2016-12-10 12:26 - 2016-07-16 14:47 - 00000000 ___RD C:\Users\Public ==================== Files in the root of some directories ======= 2017-01-05 20:01 - 2017-01-05 20:01 - 4175224 _____ () C:\Users\Саид\AppData\Roaming\vof.exe 2017-01-05 20:01 - 2017-01-05 20:01 - 0000040 _____ () C:\Users\Саид\AppData\Roaming\vof.exe.sha1 2016-11-19 19:30 - 2016-11-23 16:37 - 0000570 _____ () C:\Users\Саид\AppData\Local\TroubleshooterConfig.json ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== BCD ================================ „ЁбЇҐвзҐа § Јаг§ЄЁ ¬ЁЄа®Їа®Ја ¬¬ --------------------- Ё¤Ґ­вЁдЁЄ в®а {fwbootmgr} displayorder {bootmgr} timeout 2 „ЁбЇҐвзҐа § Јаг§ЄЁ Windows -------------------- Ё¤Ґ­вЁдЁЄ в®а {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale ru-RU inherit {globalsettings} default {current} resumeobject {ee6c5be3-7eac-11e5-96d5-fa71a82cd04a} displayorder {current} toolsdisplayorder {memdiag} timeout 30 ‡ Јаг§Є  Windows ------------------- Ё¤Ґ­вЁдЁЄ в®а {ee6c5be0-7eac-11e5-96d5-fa71a82cd04a} device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{ee6c5be1-7eac-11e5-96d5-fa71a82cd04a} path \windows\system32\winload.efi description Windows Recovery Environment locale ru-RU inherit {bootloadersettings} displaymessage Recovery displaymessageoverride Recovery osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{ee6c5be1-7eac-11e5-96d5-fa71a82cd04a} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes ‡ Јаг§Є  Windows ------------------- Ё¤Ґ­вЁдЁЄ в®а {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale ru-RU inherit {bootloadersettings} recoverysequence {ee6c5be5-7eac-11e5-96d5-fa71a82cd04a} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {ee6c5be3-7eac-11e5-96d5-fa71a82cd04a} nx OptIn bootmenupolicy Standard ‡ Јаг§Є  Windows ------------------- Ё¤Ґ­вЁдЁЄ в®а {ee6c5be5-7eac-11e5-96d5-fa71a82cd04a} device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{ee6c5be6-7eac-11e5-96d5-fa71a82cd04a} path \windows\system32\winload.efi description Windows Recovery Environment locale ru-RU inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{ee6c5be6-7eac-11e5-96d5-fa71a82cd04a} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes ‚л室 Ё§ ०Ё¬  ЈЁЎҐа­ жЁЁ -------------------------- Ё¤Ґ­вЁдЁЄ в®а {ee6c5bde-7eac-11e5-96d5-fa71a82cd04a} device partition=C: path \Windows\system32\winresume.efi description Windows Resume Application locale ru-RU inherit {resumeloadersettings} recoverysequence {ee6c5be0-7eac-11e5-96d5-fa71a82cd04a} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No ‚л室 Ё§ ०Ё¬  ЈЁЎҐа­ жЁЁ -------------------------- Ё¤Ґ­вЁдЁЄ в®а {ee6c5be3-7eac-11e5-96d5-fa71a82cd04a} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale ru-RU inherit {resumeloadersettings} recoverysequence {ee6c5be5-7eac-11e5-96d5-fa71a82cd04a} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Џа®ўҐаЄ  Ї ¬пвЁ Windows --------------------- Ё¤Ґ­вЁдЁЄ в®а {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description „Ё Ј­®бвЁЄ  Ї ¬пвЁ locale ru-RU inherit {globalsettings} badmemoryaccess Yes Џ а ¬Ґвал EMS ------------- Ё¤Ґ­вЁдЁЄ в®а {emssettings} bootems No Џ а ¬Ґвал ®в« ¤зЁЄ  ------------------- Ё¤Ґ­вЁдЁЄ в®а {dbgsettings} debugtype Serial debugport 1 baudrate 115200 „ҐдҐЄвл Ћ‡“ ----------- Ё¤Ґ­вЁдЁЄ в®а {badmemory} ѓ«®Ў «м­лҐ Ї а ¬Ґвал -------------------- Ё¤Ґ­вЁдЁЄ в®а {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Џ а ¬Ґвал § Јаг§зЁЄ  -------------------- Ё¤Ґ­вЁдЁЄ в®а {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Џ а ¬Ґвал ЈЁЇҐаўЁ§®а  ------------------- Ё¤Ґ­вЁдЁЄ в®а {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Џ а ¬Ґвал § Јаг§зЁЄ  ў®ббв ­®ў«Ґ­Ёп ----------------------------------- Ё¤Ґ­вЁдЁЄ в®а {resumeloadersettings} inherit {globalsettings} Џ а ¬Ґвал гбва®©бвў ------------------- Ё¤Ґ­вЁдЁЄ в®а {ee6c5be1-7eac-11e5-96d5-fa71a82cd04a} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume1 ramdisksdipath \Recovery\WindowsRE\boot.sdi Џ а ¬Ґвал гбва®©бвў ------------------- Ё¤Ґ­вЁдЁЄ в®а {ee6c5be2-7eac-11e5-96d5-fa71a82cd04a} description Windows Setup ramdisksdidevice partition=C: ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi Џ а ¬Ґвал гбва®©бвў ------------------- Ё¤Ґ­вЁдЁЄ в®а {ee6c5be6-7eac-11e5-96d5-fa71a82cd04a} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume1 ramdisksdipath \Recovery\WindowsRE\boot.sdi LastRegBack: 2017-01-04 22:31 ==================== End of FRST.txt ============================