Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 25-11-2020 Uruchomiony przez inteXPC (administrator) DELL (Dell Inc. Latitude E6540) (26-11-2020 12:48:13) Uruchomiony z C:\Users\inteXPC\Desktop\analiza Załadowane profile: inteXPC Platform: Windows 10 Pro Wersja 1909 18363.1198 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe (ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\DellTPad\hidfind.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (Broadcom Corporation -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe (Intel Corporation -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\avp.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\avpui.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\plugins_nms.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksdeui.exe (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [Brak podpisu cyfrowego] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2009.4.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe\commsapps.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\MsMpEng.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12> (QNAP Systems, Inc. -> ) C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplmv.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [779152 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8474880 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403800 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [QfinderPro] => C:\Program Files (x86)\QNAP\Qfinder\QfinderPro.exe [4323128 2020-09-14] (QNAP Systems, Inc. -> QNAP) HKU\S-1-5-21-1735864313-1882589148-509794174-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1938296 2020-10-20] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1735864313-1882589148-509794174-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365760 2020-10-08] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-1735864313-1882589148-509794174-1001\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --user-data-dir="C:\ProgramData\ESET\ESET Security\OPP\S-1-5-21-1735864313-1882589148-509794174-1001\EsetOPPChromeProfile" --flag-switches- (dane wartości zawierają 149 znaków więcej). HKU\S-1-5-21-1735864313-1882589148-509794174-1001\...\MountPoints2: {990e2723-094a-11eb-8c59-801934903a61} - "H:\Setup.exe" HKLM\...\Windows x64\Print Processors\hpippbob: C:\Windows\System32\spool\prtprocs\x64\hpippbob.dll [635904 2015-01-29] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Windows x64\Print Processors\hpippE58: C:\Windows\System32\spool\prtprocs\x64\hpippE58.dll [1116672 2018-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2020-08-26] (pdfforge GmbH) [Brak podpisu cyfrowego] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.66\Installer\chrmstp.exe [2020-11-26] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FTP Utility.lnk [2020-08-26] ShortcutTarget: FTP Utility.lnk -> C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [Brak podpisu cyfrowego] ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {08429196-2F8E-4CA9-827C-13266698FE47} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [1740088 2020-09-14] (QNAP Systems, Inc. -> ) Task: {250B7098-2AC1-44A4-B16C-7908570669F4} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403800 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {4D6950B5-52EE-486D-A472-81ADD15FA3D9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5264F32D-BE43-4649-A2AF-D075429B527F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {576AFDEF-191C-4441-82D4-99550042E2FE} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2774904 2020-10-20] (Microsoft Corporation -> Microsoft Corporation) Task: {63D09742-6F24-4BA0-BC88-E85D5DC3826E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-21] (Mozilla Corporation -> Mozilla Foundation) Task: {71E5B178-1B6F-441F-A704-28EC21428C7F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {73A292D8-F89A-4E51-8602-53AB8B21AD6D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-21] (Google LLC -> Google LLC) Task: {86A45C86-4AD5-4761-9C38-54D9AED54DE2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.) Task: {8AF9DB6A-9F42-4391-8498-3D44C1B08C5C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D27D3B73-A0AE-4EF5-8888-54B06E4FB6D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-21] (Google LLC -> Google LLC) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{bdcfe1b3-e82f-48a7-9cd1-f369ae71411f}: [DhcpNameServer] 192.168.0.1 Edge: ====== Edge DefaultProfile: Default Edge Profile: C:\Users\inteXPC\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-26] Edge Extension: (Kaspersky Protection) - C:\Users\inteXPC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2020-11-26] Edge HKU\S-1-5-21-1735864313-1882589148-509794174-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] FireFox: ======== FF DefaultProfile: 3og8jk2l.default FF ProfilePath: C:\Users\inteXPC\AppData\Roaming\Mozilla\Firefox\Profiles\3og8jk2l.default [2020-08-28] FF ProfilePath: C:\Users\inteXPC\AppData\Roaming\Mozilla\Firefox\Profiles\kogxow0g.default-release [2020-11-26] FF Extension: (Kaspersky Protection) - C:\Users\inteXPC\AppData\Roaming\Mozilla\Firefox\Profiles\kogxow0g.default-release\Extensions\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com.xpi [2020-11-26] FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\FFExt\light_plugin_firefox\addon.xpi => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\FFExt\light_plugin_firefox\addon.xpi => nie znaleziono FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-11-19] (Adobe Inc. -> Adobe Systems Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-11-26] <==== UWAGA (Linkuje do pliku *.cfg) FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-11-26] <==== UWAGA Chrome: ======= CHR Profile: C:\Users\inteXPC\AppData\Local\Google\Chrome\User Data\Default [2020-11-26] CHR Extension: (Kaspersky Protection) - C:\Users\inteXPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2020-11-26] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\inteXPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-08-21] CHR Extension: (Chrome Media Router) - C:\Users\inteXPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-26] CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.) R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [114960 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) R2 AVP21.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\avp.exe [381928 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4581568 2020-10-08] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\FileSyncHelper.exe [2188664 2020-10-20] (Microsoft Corporation -> Microsoft Corporation) R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) R2 hasplms; C:\Windows\system32\hasplms.exe [4502024 2018-03-29] (SafeNet Canada, Inc. -> SafeNet, Inc.) S3 klvssbridge64_21.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\x64\vssbridge64.exe [467352 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2020-08-26] () [Brak podpisu cyfrowego] S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [351424 2020-09-23] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 KSDE5.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe [644264 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\OneDriveUpdaterService.exe [2553200 2020-10-20] (Microsoft Corporation -> Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6153048 2020-11-11] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-26] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-26] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [251608 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [19440 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2020-10-08] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [59360 2020-10-08] (AVB Disc Soft, SIA -> Disc Soft Ltd) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [1304816 2018-03-29] (SafeNet, Inc. -> SafeNet, Inc.) R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [110392 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [212280 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [127288 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [37496 2020-10-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [523576 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [659768 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1341232 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.2\Bases\klids.sys [245792 2020-11-26] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1025336 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [95544 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [113464 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [113464 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85288 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [97080 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 kltap; C:\Windows\System32\drivers\kltap.sys [55592 2020-10-21] (AnchorFree Inc -> The OpenVPN Project) R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [257208 2020-11-26] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [99152 2020-11-26] (Kaspersky Lab -> AO Kaspersky Lab) R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [310232 2020-11-26] (Kaspersky Lab JSC -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [117456 2020-11-26] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [207352 2020-11-26] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [153400 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [250168 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [300856 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2020-11-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [429288 2020-11-26] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-26] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-11-26 12:20 - 2020-11-26 12:20 - 000000000 ____D C:\ProgramData\FileOpen 2020-11-26 12:02 - 2020-11-26 12:48 - 000000000 ____D C:\FRST 2020-11-26 11:48 - 2020-11-26 11:48 - 000310232 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys 2020-11-26 11:47 - 2020-11-26 11:47 - 000001227 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk 2020-11-26 11:46 - 2020-11-26 11:46 - 000000000 ____D C:\Users\Default\AppData\Local\Kaspersky Lab 2020-11-26 11:46 - 2020-11-26 11:46 - 000000000 ____D C:\Users\Default User\AppData\Local\Kaspersky Lab 2020-11-26 11:46 - 2020-11-26 11:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager 2020-11-26 11:45 - 2020-11-26 11:46 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2020-11-26 11:45 - 2020-11-26 11:46 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2020-11-26 11:45 - 2020-11-26 11:45 - 000257208 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys 2020-11-26 11:45 - 2020-11-26 11:45 - 000207352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys 2020-11-26 11:45 - 2020-11-26 11:45 - 000117456 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys 2020-11-26 11:45 - 2020-11-26 11:45 - 000099152 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_kimul.sys 2020-11-26 11:45 - 2020-11-26 11:45 - 000002178 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk 2020-11-26 11:45 - 2020-11-26 11:45 - 000001163 _____ C:\Users\Public\Desktop\Kaspersky VPN.lnk 2020-11-26 11:45 - 2020-11-26 11:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN 2020-11-26 11:45 - 2020-11-26 11:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security 2020-11-26 11:45 - 2020-11-26 11:45 - 000000000 ____D C:\Program Files\Common Files\AV 2020-11-26 11:45 - 2020-10-21 23:12 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll 2020-11-26 11:44 - 2020-10-21 23:11 - 001025336 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys 2020-11-26 11:44 - 2020-10-21 23:11 - 000523576 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys 2020-11-26 10:40 - 2020-11-26 12:48 - 000000000 ____D C:\Users\inteXPC\Desktop\analiza 2020-11-26 10:08 - 2020-11-26 10:09 - 001273676 _____ C:\Windows\Minidump\112620-11687-01.dmp 2020-11-25 13:45 - 2020-11-25 13:47 - 000000342 _____ C:\Users\inteXPC\Desktop\CCcam.cfg.txt 2020-11-23 12:22 - 2020-11-23 12:22 - 000000000 _____ C:\Users\inteXPC\Desktop\Nowy dokument tekstowy (9).txt 2020-11-22 15:51 - 2020-11-22 15:51 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2020-11-21 11:52 - 2020-11-26 11:55 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-11-13 12:07 - 2020-11-13 12:07 - 000000044 _____ C:\Users\inteXPC\Desktop\Nowy dokument tekstowy (8).txt 2020-11-11 16:37 - 2020-11-17 09:21 - 000000189 _____ C:\Users\inteXPC\Desktop\Nowy dokument tekstowy (7).txt 2020-11-11 13:09 - 2020-11-11 13:09 - 001101312 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll 2020-11-11 13:09 - 2020-11-11 13:09 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin 2020-11-11 13:09 - 2020-11-11 13:09 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin 2020-11-11 13:09 - 2020-11-11 13:09 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin 2020-11-11 13:09 - 2020-11-11 13:09 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin 2020-11-11 13:09 - 2020-11-11 13:09 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin 2020-11-11 13:09 - 2020-11-11 13:09 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin 2020-11-11 13:09 - 2020-11-11 13:09 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin 2020-11-11 13:09 - 2020-11-11 13:09 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin 2020-11-11 13:09 - 2020-11-11 13:09 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin 2020-11-11 13:09 - 2020-11-11 13:09 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin 2020-11-11 13:09 - 2020-11-11 13:09 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin 2020-11-11 13:09 - 2020-11-11 13:09 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin 2020-11-11 13:08 - 2020-11-11 13:08 - 001841152 _____ C:\Windows\system32\TextInputMethodFormatter.dll 2020-11-11 13:08 - 2020-11-11 13:08 - 000200704 _____ C:\Windows\system32\IHDS.dll 2020-11-11 13:08 - 2020-11-11 13:08 - 000164864 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2020-11-04 12:19 - 2020-11-04 12:22 - 000000000 ____D C:\Users\inteXPC\Desktop\Nowy folder (4) 2020-11-01 19:03 - 2020-11-01 19:03 - 000000000 ____D C:\Users\inteXPC\AppData\Local\QNAP 2020-11-01 19:02 - 2020-11-01 19:02 - 000003040 _____ C:\Windows\system32\Tasks\iSCSIAgentAutoStartup 2020-11-01 19:02 - 2020-11-01 19:02 - 000001180 _____ C:\Users\Public\Desktop\Qfinder Pro.lnk 2020-11-01 19:02 - 2020-11-01 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QNAP 2020-11-01 19:01 - 2020-11-01 19:01 - 000000000 ____D C:\Program Files (x86)\QNAP 2020-11-01 18:47 - 2020-11-01 18:47 - 000000000 ____H C:\Users\inteXPC\Documents\Default.rdp 2020-10-29 08:24 - 2020-10-29 08:27 - 000000000 ____D C:\Users\inteXPC\Desktop\Hale Arington Zabrze 2020-10-28 11:18 - 2020-10-28 11:18 - 001898721 _____ C:\Users\inteXPC\AppData\Roaming\ProgInfo.pph ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-11-26 12:39 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-11-26 12:32 - 2020-09-28 22:47 - 000001138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk 2020-11-26 12:32 - 2020-09-28 22:47 - 000001126 _____ C:\Users\Public\Desktop\WinSCP.lnk 2020-11-26 12:32 - 2020-09-28 22:47 - 000000128 _____ C:\Users\inteXPC\AppData\Roaming\winscp.rnd 2020-11-26 12:32 - 2020-09-28 22:47 - 000000000 ____D C:\Program Files (x86)\WinSCP 2020-11-26 12:19 - 2020-09-24 17:29 - 000000000 ____D C:\Users\inteXPC\AppData\Roaming\Foxit Software 2020-11-26 12:16 - 2020-08-21 11:51 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-11-26 12:16 - 2020-08-21 11:51 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-11-26 12:00 - 2020-08-21 11:34 - 001769484 _____ C:\Windows\system32\PerfStringBackup.INI 2020-11-26 12:00 - 2019-03-19 13:24 - 000786006 _____ C:\Windows\system32\perfh015.dat 2020-11-26 12:00 - 2019-03-19 13:24 - 000152768 _____ C:\Windows\system32\perfc015.dat 2020-11-26 12:00 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF 2020-11-26 11:56 - 2020-08-28 13:40 - 000000000 ____D C:\ProgramData\Mozilla 2020-11-26 11:55 - 2020-08-28 13:40 - 000000000 ____D C:\Users\inteXPC\AppData\LocalLow\Mozilla 2020-11-26 11:55 - 2020-08-26 16:13 - 000000000 ____D C:\Users\inteXPC\Desktop\Skan 2020-11-26 11:55 - 2020-08-21 11:33 - 000000000 ___RD C:\Users\inteXPC\OneDrive 2020-11-26 11:54 - 2020-08-21 11:36 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2020-11-26 11:54 - 2020-08-21 11:36 - 000000000 __SHD C:\Users\inteXPC\IntelGraphicsProfiles 2020-11-26 11:54 - 2020-08-21 11:27 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-11-26 11:54 - 2019-03-19 05:37 - 000524288 _____ C:\Windows\system32\config\BBI 2020-11-26 11:49 - 2019-03-19 05:37 - 000032768 _____ C:\Windows\system32\config\ELAM 2020-11-26 11:45 - 2020-08-21 11:27 - 000000000 ____D C:\Windows\system32\Drivers\wd 2020-11-26 11:45 - 2019-03-19 05:52 - 000000000 ___HD C:\Windows\ELAMBKUP 2020-11-26 11:44 - 2020-08-26 17:32 - 000000000 ____D C:\Windows\AutoKMS 2020-11-26 11:44 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender 2020-11-26 11:42 - 2020-08-21 11:30 - 000000000 ____D C:\Users\inteXPC 2020-11-26 11:29 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\NDF 2020-11-26 10:09 - 2020-08-21 11:29 - 000000000 ____D C:\Windows\minidump 2020-11-26 10:09 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\LiveKernelReports 2020-11-26 08:31 - 2020-08-21 11:27 - 000000000 ____D C:\Windows\system32\SleepStudy 2020-11-25 11:57 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness 2020-11-25 11:26 - 2020-09-10 08:46 - 000040960 _____ C:\Users\inteXPC\Desktop\obliczenia - woda.xls 2020-11-25 08:17 - 2020-08-31 07:10 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-11-25 08:17 - 2020-08-31 07:10 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2020-11-24 12:16 - 2020-08-26 16:07 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2020-11-24 12:16 - 2020-08-26 16:07 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-11-23 18:27 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-11-23 13:43 - 2020-09-07 11:03 - 000000485 _____ C:\Users\inteXPC\Documents\Conversion.txt 2020-11-23 13:42 - 2020-09-07 11:00 - 000000000 ____D C:\ProgramData\boost_interprocess 2020-11-23 09:16 - 2020-08-28 13:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-11-22 15:51 - 2020-08-28 13:40 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-11-20 17:13 - 2020-09-30 23:00 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2020-11-16 14:57 - 2020-08-26 15:42 - 000000000 ____D C:\Users\inteXPC\Documents\InstalSystem-BIMs PLUS PL 2020-11-12 11:00 - 2020-09-30 23:00 - 000907064 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll 2020-11-12 10:59 - 2020-09-30 23:00 - 000436536 _____ (Microsoft Corporation) C:\Windows\system32\QualityUpdateAssistant.dll 2020-11-12 08:24 - 2020-08-21 11:30 - 000000000 __RHD C:\Users\Public\AccountPictures 2020-11-12 08:24 - 2020-08-21 11:30 - 000000000 ___RD C:\Users\inteXPC\3D Objects 2020-11-12 08:23 - 2020-08-21 11:27 - 000548296 _____ C:\Windows\system32\FNTCACHE.DAT 2020-11-11 16:49 - 2019-03-19 13:26 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2020-11-11 16:49 - 2019-03-19 05:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2020-11-11 16:49 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\TextInput 2020-11-11 16:49 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\setup 2020-11-11 16:49 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources 2020-11-11 16:49 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\setup 2020-11-11 16:49 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\oobe 2020-11-11 16:49 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\migwiz 2020-11-11 16:49 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences 2020-11-11 16:49 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\PolicyDefinitions 2020-11-11 16:49 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr 2020-11-11 13:15 - 2020-08-29 15:42 - 000000000 ____D C:\Windows\system32\MRT 2020-11-11 13:15 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp 2020-11-11 13:12 - 2020-08-29 15:42 - 133736600 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2020-11-11 13:08 - 2020-08-21 11:31 - 002876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2020-11-10 12:22 - 2020-08-26 16:20 - 000000000 ____D C:\Users\inteXPC\AppData\Local\ElevatedDiagnostics 2020-11-09 08:44 - 2020-08-21 11:49 - 000000000 ____D C:\Users\inteXPC\AppData\Local\PlaceholderTileLogoFolder 2020-11-03 14:12 - 2020-08-31 07:09 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2020-11-03 14:12 - 2020-08-31 07:09 - 000003386 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2020-10-31 13:30 - 2020-08-28 07:35 - 000000000 ____D C:\Users\inteXPC\Documents\InstalSystem-Geberit PL 2020-10-28 20:07 - 2020-09-12 19:31 - 000000000 ____D C:\Users\inteXPC\Desktop\Nowy folder 2020-10-28 11:06 - 2020-08-26 15:41 - 000000000 ____D C:\Users\inteXPC\Desktop\Instal soft ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-10-28 11:18 - 2020-10-28 11:18 - 001898721 _____ () C:\Users\inteXPC\AppData\Roaming\ProgInfo.pph 2020-09-28 22:47 - 2020-11-26 12:32 - 000000128 _____ () C:\Users\inteXPC\AppData\Roaming\winscp.rnd ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================