Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 08-02-2021 01 Uruchomiony przez Andman (administrator) LAPTOP-S6E15FKF (LENOVO 80SV) (11-02-2021 19:53:10) Uruchomiony z C:\Users\Andman\Desktop Załadowane profile: Andman Platform: Windows 10 Home Wersja 1909 18363.1316 (X64) Język: Polski (Polska) Domyślna przeglądarka: "H:\Program Files H\Slimjet\slimjet.exe" -- "%1" Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Conexant Systems, Inc. -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe (Conexant Systems, Inc.) [Brak podpisu cyfrowego] C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe (DroidMonkey Apps, LLC -> ) C:\Program Files\KeePassXC\keepassxc-proxy.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (FingerPower Digital Technology Ltd. -> ) C:\Users\Andman\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe (FlashPeak Inc -> FlashPeak Inc.) H:\Program Files H\Slimjet\slimjet.exe <9> (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHeciSvc.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4179544 2017-03-08] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [602968 2015-12-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> ) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1831768 2016-08-29] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Print\Monitors\HP D811 Status Monitor: C:\Windows\system32\hpinkstsD811LM.dll [393352 2017-04-05] (Hewlett Packard -> HP Inc.) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{b3270691-f729-4e67-b30f-dfe77d4f5c3c}: [DhcpNameServer] 192.168.1.254 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Andman\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-04] FireFox: ======== FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2020-02-25] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi FF Plugin: @videolan.org/vlc,version=3.0.11 -> H:\Program Files H\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> H:\Program Files H\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab) R2 CxUtilSvc; C:\Program Files\Conexant\SAII\CxUtilSvc.exe [132096 2016-05-12] (Conexant Systems, Inc.) [Brak podpisu cyfrowego] R2 KingoSoftService; C:\Users\Andman\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\checkupdate.exe [377832 2018-03-08] (FingerPower Digital Technology Ltd. -> ) S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [414352 2019-09-16] (Kaspersky Lab -> AO Kaspersky Lab) S3 Origin Client Service; H:\Program Files H\Origin\OriginClientService.exe [2533952 2021-01-21] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; H:\Program Files H\Origin\OriginWebHelperService.exe [3479624 2021-01-21] (Electronic Arts, Inc. -> Electronic Arts) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation) S3 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_faee606ef506c344\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_faee606ef506c344\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-10-26] (Disc Soft Ltd -> Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-10-26] (Disc Soft Ltd -> Disc Soft Ltd) R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [75600 2019-08-13] (Kaspersky Lab -> AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [126288 2019-08-13] (Kaspersky Lab -> AO Kaspersky Lab) R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [91472 2019-08-13] (Kaspersky Lab -> AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2017-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [237160 2020-05-19] (Kaspersky Lab -> AO Kaspersky Lab) R1 KLHK; C:\WINDOWS\System32\drivers\klhk.sys [1192040 2020-05-19] (Kaspersky Lab -> AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [244784 2021-01-28] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1168488 2020-05-19] (Kaspersky Lab -> AO Kaspersky Lab) R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58704 2019-08-13] (Kaspersky Lab -> AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [60536 2019-08-13] (Kaspersky Lab -> AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [60784 2019-08-13] (Kaspersky Lab -> AO Kaspersky Lab) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50304 2019-08-13] (Kaspersky Lab -> AO Kaspersky Lab) S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [46416 2019-08-13] (Kaspersky Lab -> AO Kaspersky Lab) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [257208 2020-11-01] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-09-16] (Kaspersky Lab -> AO Kaspersky Lab) R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [310232 2021-01-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [116888 2021-01-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [207352 2020-11-11] (Kaspersky Lab JSC -> AO Kaspersky Lab) S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [104576 2019-08-13] (Kaspersky Lab -> AO Kaspersky Lab) R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [184960 2019-08-13] (Kaspersky Lab -> AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [218736 2020-05-19] (Kaspersky Lab -> AO Kaspersky Lab) S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [163644 2020-06-14] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Brak podpisu cyfrowego] R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203296 2020-06-14] (Disc Soft Ltd -> Duplex Secure Ltd) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink) S3 AIDA64Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-02-11 19:53 - 2021-02-11 19:54 - 000013260 _____ C:\Users\Andman\Desktop\FRST.txt 2021-02-11 19:52 - 2021-02-11 19:52 - 000000000 ____D C:\Users\Andman\Desktop\FRST-OlderVersion 2021-02-09 16:19 - 2021-01-23 09:12 - 000613536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2021-02-09 16:18 - 2021-01-23 09:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-02-09 16:18 - 2021-01-23 09:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2021-02-09 16:18 - 2021-01-23 09:14 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2021-02-09 16:18 - 2021-01-23 09:14 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe 2021-02-09 16:18 - 2021-01-23 09:14 - 001453728 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2021-02-09 16:18 - 2021-01-23 09:14 - 001193120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2021-02-09 16:18 - 2021-01-23 09:14 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2021-02-09 16:18 - 2021-01-23 09:14 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll 2021-02-09 16:18 - 2021-01-23 09:14 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2021-02-09 16:18 - 2021-01-23 09:14 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2021-02-09 16:18 - 2021-01-23 09:12 - 001512096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2021-02-09 16:18 - 2021-01-23 09:12 - 001164960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2021-02-09 16:18 - 2021-01-23 09:12 - 000689312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2021-02-09 16:18 - 2021-01-23 09:12 - 000680096 _____ C:\WINDOWS\system32\nvofapi64.dll 2021-02-09 16:18 - 2021-01-23 09:12 - 000672928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2021-02-09 16:18 - 2021-01-23 09:12 - 000558240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2021-02-09 16:18 - 2021-01-23 09:12 - 000547488 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2021-02-09 16:18 - 2021-01-23 09:11 - 008262304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2021-02-09 16:18 - 2021-01-23 09:11 - 007392928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2021-02-09 16:18 - 2021-01-23 09:11 - 004611744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2021-02-09 16:18 - 2021-01-23 09:11 - 002731168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2021-02-09 16:18 - 2021-01-23 09:11 - 002103456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2021-02-09 16:18 - 2021-01-23 09:11 - 001589408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2021-02-09 16:18 - 2021-01-23 09:11 - 000813216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2021-02-09 16:18 - 2021-01-23 09:11 - 000657056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2021-02-09 16:18 - 2021-01-23 09:11 - 000446624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2021-02-09 16:18 - 2021-01-23 09:10 - 007116680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2021-02-09 16:18 - 2021-01-23 09:10 - 006070848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2021-02-09 16:18 - 2021-01-23 09:10 - 000850080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2021-02-09 16:18 - 2021-01-22 23:59 - 000084264 _____ C:\WINDOWS\system32\nvinfo.pb 2021-02-04 16:27 - 2021-02-04 16:27 - 000000983 _____ C:\Users\Public\Desktop\KeePassXC.lnk 2021-02-04 16:27 - 2021-02-04 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePassXC 2021-02-04 10:23 - 2021-02-05 14:21 - 000000037 _____ C:\Users\Andman\Desktop\MM.txt 2021-02-01 21:27 - 2021-02-01 21:27 - 008457584 _____ (Malwarebytes) C:\Users\Andman\Desktop\adwcleaner_8.0.9.1.exe 2021-02-01 09:41 - 2021-02-01 09:41 - 000000938 _____ C:\Users\Public\Desktop\LibreOffice 7.0.lnk 2021-02-01 09:41 - 2021-02-01 09:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0 2021-01-29 08:57 - 2021-02-11 17:49 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2021-01-27 16:02 - 2021-01-27 23:12 - 000007618 _____ C:\Users\Andman\AppData\Local\Resmon.ResmonCfg 2021-01-22 14:24 - 2021-01-22 15:42 - 000000000 ____D C:\Program Files (x86)\SpeedFan 2021-01-22 14:24 - 2021-01-22 14:24 - 000000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo 2021-01-21 14:27 - 2021-01-21 14:27 - 000000197 _____ C:\Users\Andman\Desktop\hejt.txt 2021-01-21 14:24 - 2021-01-21 14:24 - 000310232 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys 2021-01-21 14:23 - 2021-01-21 14:23 - 000116888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys 2021-01-14 16:35 - 2021-02-04 16:27 - 000000000 ____D C:\Program Files\KeePassXC 2021-01-13 18:15 - 2021-01-13 18:15 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2021-01-13 18:15 - 2021-01-13 18:15 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2021-01-13 18:15 - 2021-01-13 18:15 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2021-01-13 18:15 - 2021-01-13 18:15 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax 2021-01-13 18:15 - 2021-01-13 18:15 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll 2021-01-13 18:15 - 2021-01-13 18:15 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-01-13 18:14 - 2021-01-13 18:14 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx 2021-01-13 18:14 - 2021-01-13 18:14 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl 2021-01-13 18:14 - 2021-01-13 18:14 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2021-01-13 18:14 - 2021-01-13 18:14 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax 2021-01-13 18:14 - 2021-01-13 18:14 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-01-13 18:14 - 2021-01-13 18:14 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2021-01-13 18:14 - 2021-01-13 18:14 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll 2021-01-13 18:13 - 2021-01-13 18:13 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx 2021-01-13 18:13 - 2021-01-13 18:13 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2021-01-13 18:13 - 2021-01-13 18:13 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl 2021-01-13 18:13 - 2021-01-13 18:13 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2021-01-13 18:13 - 2021-01-13 18:13 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll 2021-01-13 18:13 - 2021-01-13 18:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin 2021-01-13 18:13 - 2021-01-13 18:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin 2021-01-13 18:13 - 2021-01-13 18:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin 2021-01-13 18:13 - 2021-01-13 18:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin 2021-01-13 18:13 - 2021-01-13 18:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin 2021-01-13 18:13 - 2021-01-13 18:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin 2021-01-13 18:13 - 2021-01-13 18:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin 2021-01-13 18:13 - 2021-01-13 18:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin 2021-01-13 18:13 - 2021-01-13 18:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin 2021-01-13 18:13 - 2021-01-13 18:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin 2021-01-13 18:13 - 2021-01-13 18:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin 2021-01-13 18:13 - 2021-01-13 18:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin 2021-01-13 18:13 - 2021-01-13 18:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin 2021-01-13 18:13 - 2021-01-13 18:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin 2021-01-13 18:13 - 2021-01-13 18:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin 2021-01-13 18:13 - 2021-01-13 18:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin 2021-01-13 18:12 - 2021-01-13 18:12 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-01-13 18:12 - 2021-01-13 18:12 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl 2021-01-13 18:12 - 2021-01-13 18:12 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll 2021-01-13 18:11 - 2021-01-13 18:11 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-01-13 18:11 - 2021-01-13 18:11 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll 2021-01-13 18:11 - 2021-01-13 18:11 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl 2021-01-13 18:11 - 2021-01-13 18:11 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl 2021-01-13 18:10 - 2021-01-13 18:10 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll 2021-01-13 18:10 - 2021-01-13 18:10 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-01-13 18:10 - 2021-01-13 18:10 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl 2021-01-13 18:10 - 2021-01-13 18:10 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll 2021-01-13 18:09 - 2021-01-13 18:09 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll 2021-01-13 18:09 - 2021-01-13 18:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl 2021-01-13 18:09 - 2021-01-13 18:09 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-01-13 18:08 - 2021-01-13 18:08 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-01-13 18:08 - 2021-01-13 18:08 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll 2021-01-13 18:08 - 2021-01-13 18:08 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-02-11 19:53 - 2020-05-20 20:56 - 000000000 ____D C:\FRST 2021-02-11 19:52 - 2020-05-20 20:55 - 002297344 _____ (Farbar) C:\Users\Andman\Desktop\FRST64 (1).exe 2021-02-11 19:45 - 2019-09-15 16:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-02-11 17:59 - 2019-09-16 16:01 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2021-02-11 17:40 - 2019-09-15 17:53 - 000000000 ____D C:\Users\Andman\AppData\LocalLow\Mozilla 2021-02-11 17:30 - 2019-09-15 15:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-02-11 16:32 - 2019-09-15 16:10 - 000000000 ___HD C:\Program Files\WindowsApps 2021-02-11 16:32 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-02-11 10:19 - 2020-06-05 12:25 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-02-11 10:19 - 2020-06-05 12:25 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-02-11 10:16 - 2017-10-26 03:20 - 000000000 __SHD C:\Users\Andman\IntelGraphicsProfiles 2021-02-09 19:53 - 2019-09-15 16:01 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-02-09 19:52 - 2019-09-16 12:37 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-02-09 19:49 - 2019-09-16 12:37 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-02-09 17:52 - 2019-09-15 16:08 - 000000000 ____D C:\WINDOWS\INF 2021-02-09 16:23 - 2019-09-15 15:44 - 000000000 ____D C:\ProgramData\NVIDIA 2021-02-06 21:29 - 2020-07-08 14:51 - 000000000 ____D C:\Users\Andman\AppData\Local\KeePassXC 2021-02-06 11:15 - 2017-10-26 00:28 - 000000000 ____D C:\Users\Andman\Desktop\dostęp 2021-02-06 10:52 - 2020-07-08 14:51 - 000000000 ____D C:\Users\Andman\AppData\Roaming\KeePassXC 2021-02-05 23:37 - 2019-09-15 17:47 - 000000000 ____D C:\Users\Andman\AppData\Roaming\vlc 2021-02-05 23:17 - 2020-06-05 12:25 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-02-01 09:43 - 2019-09-15 15:32 - 000463984 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-02-01 09:42 - 2019-09-15 17:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-02-01 09:42 - 2019-09-15 16:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-02-01 09:41 - 2019-09-15 15:52 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-02-01 08:20 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-01-29 10:31 - 2019-09-15 16:28 - 000000000 ____D C:\Users\Andman\AppData\Local\Packages 2021-01-29 10:11 - 2019-09-15 17:53 - 000001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2021-01-28 07:22 - 2019-09-15 16:18 - 000785768 _____ C:\WINDOWS\system32\perfh015.dat 2021-01-28 07:22 - 2019-09-15 16:18 - 000152530 _____ C:\WINDOWS\system32\perfc015.dat 2021-01-28 07:22 - 2019-09-15 16:16 - 001768484 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-01-27 20:30 - 2019-09-15 17:51 - 000000000 ____D C:\Users\Andman\AppData\Local\D3DSCache 2021-01-24 13:40 - 2018-10-21 15:20 - 000000000 ___RD C:\Users\Andman\Desktop\WBE dokumenty 2021-01-22 14:33 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-01-21 19:04 - 2017-10-25 21:34 - 000000277 _____ C:\Users\Andman\Desktop\DVD.lnk 2021-01-19 18:21 - 2017-11-02 00:31 - 000000810 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk 2021-01-16 11:10 - 2019-09-16 14:07 - 000000000 ____D C:\Users\Andman\AppData\Local\ElevatedDiagnostics 2021-01-13 20:53 - 2019-09-15 16:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo 2021-01-13 20:45 - 2019-09-15 15:42 - 000000000 ____D C:\ProgramData\Lenovo 2021-01-13 20:24 - 2017-10-26 10:09 - 000000000 ____D C:\Users\Andman\AppData\LocalLow\Temp 2021-01-13 19:43 - 2017-10-26 09:39 - 000000000 ___RD C:\Users\Andman\3D Objects 2021-01-13 19:43 - 2016-07-29 18:27 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ___SD C:\WINDOWS\system32\F12 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\SystemResources 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\system32\setup 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\system32\Com 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\Provisioning 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\IME 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\Program Files\Windows Defender 2021-01-13 19:35 - 2019-09-15 16:10 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2021-01-13 18:08 - 2019-09-15 15:43 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll ==================== Pliki w katalogu głównym wybranych folderów ======== 2021-01-27 16:02 - 2021-01-27 23:12 - 000007618 _____ () C:\Users\Andman\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================