wklejto.pl

Dodane przez: ~Anonim (2017-09-28 13:19) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 26-09-2017 01
Uruchomiony przez MG (administrator)  MG-LAP (28-09-2017 13:12:44)
Uruchomiony z C:\Users\MG\Downloads
Załadowane profile: MG (Dostępne profile: MG)
Platform: Microsoft Windows 10 Home Wersja 1607 (X86) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Edge)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Procesy (filtrowane) =================
 
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
 
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Nikon Corporation) C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x86__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Users\MG\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Rejestr (filtrowane) ===========================
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9398888 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1493608 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [Nikon Message Center 2] => C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [619008 2010-05-25] (Nikon Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [ApnTBMon] => C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1928776 2016-11-09] (APN)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3537088 2016-11-23] (Synaptics Incorporated)
HKU\S-1-5-21-2250666713-1326239112-1522899249-1000\...\RunOnce: [Uninstall 17.3.6943.0625] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\MG\AppData\Local\Microsoft\OneDrive\17.3.6943.0625"
 
==================== Internet (filtrowane) ====================
 
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0ee4c3a6-c433-4699-8db6-19c32f60dacb}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e9b7d532-4acd-4344-90fe-8d5572a8cf2b}: [DhcpNameServer] 194.204.152.34 194.204.159.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2250666713-1326239112-1522899249-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000&st=12&barid={17CB66F2-6444-433A-984E-56F05494869F}
HKU\S-1-5-21-2250666713-1326239112-1522899249-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
URLSearchHook: HKU\S-1-5-21-2250666713-1326239112-1522899249-1000 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll Brak pliku
SearchScopes: HKLM -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms}&barid={17CB66F2-6444-433A-984E-56F05494869F}
SearchScopes: HKLM -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms}&barid={17CB66F2-6444-433A-984E-56F05494869F}
SearchScopes: HKU\.DEFAULT -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = 
SearchScopes: HKU\S-1-5-21-2250666713-1326239112-1522899249-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=110819&babsrc=SP_ss&mntrId=38d2619300000000000088ae1d5b2101
SearchScopes: HKU\S-1-5-21-2250666713-1326239112-1522899249-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=110819&babsrc=SP_ss&mntrId=38d2619300000000000088ae1d5b2101
SearchScopes: HKU\S-1-5-21-2250666713-1326239112-1522899249-1000 -> {27EF8689-ED30-4D02-AD9B-AEC86923D7C4} URL = hxxp://www.search.ask.com/web?tpid=ORJ&o=100000027&pf=V7&p2=^U3^OSJ000^YY^PL&gct=&itbv=12.15.5.6&apn_uid=C3D0151F-0844-4D53-BFE6-F9A804F709EE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^PL&apn_dbr=cr_24.0.1312.52&doi=2013-01-23&trgb=IE,CR&q={searchTerms}&psv=&pt=tb
SearchScopes: HKU\S-1-5-21-2250666713-1326239112-1522899249-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-2250666713-1326239112-1522899249-1000 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms}&barid={17CB66F2-6444-433A-984E-56F05494869F}
BHO: Brak nazwy -> {2c774641-5504-46a8-b63f-6715ae3fe376} -> Brak pliku
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2011-02-15] (Sun Microsystems, Inc.)
BHO: Ask Shopping Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\AskPartnerNetwork\Toolbar\ORJ\Passport.dll [2016-11-09] (APN LLC.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-15] (Sun Microsystems, Inc.)
Toolbar: HKLM - Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\AskPartnerNetwork\Toolbar\ORJ\Passport.dll [2016-11-09] (APN LLC.)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-2250666713-1326239112-1522899249-1000 -> Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\AskPartnerNetwork\Toolbar\ORJ\Passport.dll [2016-11-09] (APN LLC.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
 
FireFox:
========
FF Extension: (Blokowanie banerów) - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak [2011-02-15] [Brak podpisu cyfrowego]
FF Extension: (Kaspersky URL Advisor) - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2011-02-15] [Brak podpisu cyfrowego]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-02-15] [Brak podpisu cyfrowego]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-02-15] [Brak podpisu cyfrowego]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-03-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Brak pliku]
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Brak pliku]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\system32\npDeployJava1.dll [2013-01-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-02-15] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-08] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-08] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-02-15] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2011-06-07] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.pl/
CHR StartupUrls: Default -> "hxxp://www.google.pl/"
CHR DefaultSearchURL: Default -> hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=C3D0151F-0844-4D53-BFE6-F9A804F709EE&apn_ptnrs=U3&apn_sauid=FFCBEF6A-C5EB-4F1D-A663-F954D7D61279&apn_dtid=OSJ000YYPL&q={searchTerms}
CHR DefaultSearchKeyword: Default -> ask.com
CHR DefaultSuggestURL: Default -> hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}
CHR Profile: C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default [2017-09-28]
CHR Extension: (YouTube) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Google Search) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Kaspersky Protection) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-08-21]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-28]
CHR Extension: (Gmail) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-18]
CHR HKLM\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\CRX\ToolbarCR.crx [2016-11-10]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-07-15]
 
==================== Usługi (filtrowane) ====================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [201800 2016-11-09] (APN LLC.)
R2 AVP17.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 FoxitCloudUpdateService; C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [244392 2015-06-02] (Foxit Software Inc.)
R2 IconMan_R; C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-27] (Realsil Microelectronics Inc.) [Brak podpisu cyfrowego]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Brak podpisu cyfrowego]
R2 KSDE1.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2012-07-31] (Hewlett-Packard) [Brak podpisu cyfrowego]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2012-07-31] (Hewlett-Packard) [Brak podpisu cyfrowego]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [225984 2016-11-23] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271488 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84920 2017-04-28] (Microsoft Corporation)
 
===================== Sterowniki (filtrowane) ======================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63.sys [6811648 2016-07-16] (Broadcom Corporation)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [170840 2016-06-10] (AO Kaspersky Lab)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [165296 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [57264 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [71512 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [69000 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [23168 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [157408 2017-03-29] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [327456 2017-03-29] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [792288 2017-03-29] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [49744 2017-03-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [46000 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [37560 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [41392 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48056 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [258312 2017-08-21] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [83880 2017-08-21] (AO Kaspersky Lab)
S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [264008 2017-08-21] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [95656 2017-08-21] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [170464 2017-08-21] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [71504 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [116448 2017-03-29] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [161712 2016-06-14] (AO Kaspersky Lab)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 PGEffect; C:\WINDOWS\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2016-07-16] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [44224 2016-11-23] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [42088 2015-12-31] (Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
U3 idsvc; Brak ImagePath
S3 klids; \??\C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [X]
 
==================== NetSvcs (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
 
==================== Jeden miesiąc - utworzone pliki i foldery ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2017-09-28 13:12 - 2017-09-28 13:14 - 000019588 _____ C:\Users\MG\Downloads\FRST.txt
2017-09-28 13:12 - 2017-09-28 13:12 - 000000000 ____D C:\FRST
2017-09-28 13:10 - 2017-09-28 13:11 - 001795584 _____ (Farbar) C:\Users\MG\Downloads\FRST.exe
2017-09-28 12:59 - 2017-09-28 12:59 - 002399744 _____ (Farbar) C:\Users\MG\Downloads\FRST64.exe
 
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2017-09-28 13:12 - 2016-04-13 12:37 - 000002438 _____ C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-28 13:12 - 2016-04-13 12:37 - 000000000 ___RD C:\Users\MG\OneDrive
2017-09-28 13:08 - 2012-06-08 12:04 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-09-28 13:06 - 2016-11-30 11:46 - 000000000 ____D C:\Users\MG
2017-09-28 13:06 - 2016-07-16 10:29 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-28 13:04 - 2016-11-30 12:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-28 13:03 - 2016-11-30 11:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-28 13:01 - 2016-07-16 10:29 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-28 12:58 - 2016-07-16 10:19 - 000000000 ____D C:\WINDOWS\CbsTemp
 
==================== Pliki w katalogu głównym wybranych folderów =======
 
2012-07-03 16:15 - 2012-07-03 16:15 - 000000268 ___RH () C:\Users\MG\AppData\Roaming\Vocal Transformer
2012-07-03 16:15 - 2012-07-03 16:15 - 000000268 ___RH () C:\Users\MG\AppData\Roaming\Vocals
2012-07-03 16:15 - 2012-07-03 16:15 - 000000268 ___RH () C:\Users\MG\AppData\Roaming\WebServer
2012-06-08 12:07 - 2012-06-08 12:07 - 000017408 _____ () C:\Users\MG\AppData\Local\WebpageIcons.db
2012-07-03 16:15 - 2012-07-03 16:15 - 000000012 ___RH () C:\ProgramData\Abstract
2012-07-03 16:15 - 2012-07-03 16:15 - 000000020 ____H () C:\ProgramData\PKP_DLes.DAT
2012-07-03 16:15 - 2012-07-03 16:22 - 000000020 ____H () C:\ProgramData\PKP_DLet.DAT
2012-07-03 16:15 - 2012-07-03 16:15 - 000000020 ____H () C:\ProgramData\PKP_DLev.DAT
2012-07-03 16:15 - 2012-07-03 16:15 - 000000268 ___RH () C:\ProgramData\Woodwind
2012-07-03 16:15 - 2012-07-03 16:15 - 000000268 ___RH () C:\ProgramData\Woodwinds
2012-07-03 16:15 - 2012-07-03 16:15 - 000000268 ___RH () C:\ProgramData\Work - Home
 
Pliki do przeniesienia lub usunięcia:
====================
C:\Users\MG\MAPUJ.BAT
 
 
==================== Bamital & volsnap ======================
 
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
 
C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
 
LastRegBack: 2017-09-28 11:27
 
==================== Koniec  FRST.txt ============================
Wygenerowano w 0.032s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!