Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 09-10-2019 01 Uruchomiony przez Krisu (administrator) KRISU-PC (Gigabyte Technology Co., Ltd. B85M-D3H) (11-10-2019 00:23:50) Uruchomiony z C:\Users\Krisu\Desktop Załadowane profile: Krisu (Dostępne profile: Krisu) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe (Artur Liberman -> ) E:\Programy\Nie wypalone\Core Temp\Core Temp.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe (Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-05-05] (AVAST Software s.r.o. -> AVAST Software) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-07-11] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation - Software and Firmware Products -> Intel Corporation) HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2007-10-11] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2007-10-11] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-2664372736-3809392050-2341891308-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG -> Nero AG) HKU\S-1-5-21-2664372736-3809392050-2341891308-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [33120 2009-11-15] (Alcohol Soft -> Alcohol Soft Development Team) HKU\S-1-5-21-2664372736-3809392050-2341891308-1000\...\Winlogon: [Shell] %comspec% <==== UWAGA HKU\S-1-5-21-2664372736-3809392050-2341891308-1000\...\Command Processor: @mode 20,5 & tasklist /FI "IMAGENAME eq SoundMixer.exe" 2>NUL | find /I /N "SoundMixer.exe">NUL && exit & if exist ( start /MIN "" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) <==== UWAGA HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-24] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{10880D85-AAD9-4558-ABDC-2AB1552D831F}] -> C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe [2007-08-23] (Hewlett-Packard Company -> Hewlett-Packard Company) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\64.0.387.186\Installer\chrmstp.exe [2018-03-27] (AVAST Software s.r.o. -> AVAST Software) Startup: C:\Users\Krisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2016-05-30] ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Windows\Installer\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}\OC_GURU.exe_5588D686D23B4C9DBDFA2A7875CD3722.exe (Brak pliku) Startup: C:\Users\Krisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NVIDIA Updater.lnk [2016-12-17] ShortcutTarget: NVIDIA Updater.lnk -> C:\Users\Public\NvidiaDriverUpdate.vbs (Brak pliku) FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0EA25008-F9F9-4FB1-A8A3-46CE08D9F705} - System32\Tasks\{6059B13B-1676-4942-A5D9-969AF57F4CD9} => C:\Windows\system32\pcalua.exe -a "E:\Instal\Drivery - moje\Brother DCP-145C\paperport\InstPPSE.exe" -d "E:\Instal\Drivery - moje\Brother DCP-145C\paperport" Task: {112A3D1D-0A0D-45EB-94DA-C3277F8F123E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-28] (Google Inc -> Google Inc.) Task: {113407F2-D13E-474D-8531-6DD9336C5D7B} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-09-10] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] Task: {39F786FD-F0DB-43E7-BDD5-98DB6FE713F4} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-09-10] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] Task: {52BC2F29-50FB-4590-B2CD-33253A101882} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-27] (AVAST Software s.r.o. -> AVAST Software) Task: {578B886D-B28D-4AED-9670-F7F188A75BFD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software) Task: {6058724A-9D85-4750-BB87-8365C2D6C199} - System32\Tasks\Core Temp Autostart Krisu => E:\Programy\Nie wypalone\Core Temp\Core Temp.exe [890016 2013-10-08] (Artur Liberman -> ) Task: {762A0B59-5513-4A90-B8A4-3BD50D0EA14A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-28] (Google Inc -> Google Inc.) Task: {7F208255-72BD-46A4-BBB8-1E0E92EA7792} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {88BE89D1-F7AF-473C-9226-9615B2F61FBF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-05-05] (AVAST Software s.r.o. -> AVAST Software) Task: {A1361B5B-8B00-4D08-BDBA-3A03981F9DEA} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {B243CBA9-B642-4FDD-B656-AFA0EB95D351} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-27] (AVAST Software s.r.o. -> AVAST Software) Task: {C0EA6A5A-A96A-4A6C-A14F-1B6466D911E2} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{C3BE4DFB-D6FD-4047-ABA0-EA26DE36DAF1}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== FireFox: ======== FF DefaultProfile: g7txyxbn.default FF ProfilePath: C:\Users\Krisu\AppData\Roaming\Mozilla\Firefox\Profiles\g7txyxbn.default [2019-10-03] FF NewTab: Mozilla\Firefox\Profiles\g7txyxbn.default -> about:newtab FF Extension: (United States English Spellchecker) - C:\Users\Krisu\AppData\Roaming\Mozilla\Firefox\Profiles\g7txyxbn.default\Extensions\en-US@dictionaries.addons.mozilla.org.xpi [2019-06-20] FF Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\Krisu\AppData\Roaming\Mozilla\Firefox\Profiles\g7txyxbn.default\Extensions\sp@avast.com.xpi [2019-10-03] FF Extension: (uBlock Origin) - C:\Users\Krisu\AppData\Roaming\Mozilla\Firefox\Profiles\g7txyxbn.default\Extensions\uBlock0@raymondhill.net.xpi [2018-10-17] FF Extension: (Avast Online Security) - C:\Users\Krisu\AppData\Roaming\Mozilla\Firefox\Profiles\g7txyxbn.default\Extensions\wrc@avast.com.xpi [2019-10-03] FF Extension: (NoSquint Plus) - C:\Users\Krisu\AppData\Roaming\Mozilla\Firefox\Profiles\g7txyxbn.default\Extensions\zoomlevelplus@zoomlevelplus.net.xpi [2017-11-26] FF Extension: (Gray and Black by MaDonna) - C:\Users\Krisu\AppData\Roaming\Mozilla\Firefox\Profiles\g7txyxbn.default\Extensions\{1fa0a8e8-d557-43f3-9fa7-54e234aec53d}.xpi [2019-06-20] FF Extension: (YouTube Video and Audio Downloader (Dev Edt.)) - C:\Users\Krisu\AppData\Roaming\Mozilla\Firefox\Profiles\g7txyxbn.default\Extensions\{f73df109-8fb4-453e-8373-f59e61ca4da3}.xpi [2019-10-03] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-18] (Adobe Systems Incorporated -> ) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-18] (Adobe Systems Incorporated -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-01] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-01] (Google Inc -> Google LLC) Chrome: ======= CHR Profile: C:\Users\Krisu\AppData\Local\Google\Chrome\User Data\Default [2019-10-11] CHR Extension: (Dokumenty) - C:\Users\Krisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-17] CHR Extension: (Dysk Google) - C:\Users\Krisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17] CHR Extension: (Automatic 4K/HD for Youtube) - C:\Users\Krisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cibiggmomlagpmfeoohfeogifanfjkma [2019-04-03] CHR Extension: (uBlock Origin) - C:\Users\Krisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-09-26] CHR Extension: (Dokumenty Google offline) - C:\Users\Krisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-17] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Krisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03] CHR Extension: (Chrome Media Router) - C:\Users\Krisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-25] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [nlnpeeaafijaebcdgkdeojkpnkfkjdnh] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [499384 2019-09-10] (Advanced Micro Devices, Inc. -> AMD) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-05-05] (AVAST Software s.r.o. -> AVAST Software) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-27] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-05-05] (AVAST Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-27] (AVAST Software s.r.o. -> AVAST Software) R2 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2017-04-20] (Apple Inc. -> Apple Inc.) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2019-08-21] (FUTUREMARK INC -> Futuremark) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-10-03] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6841416 2019-10-03] (GOG Sp. z o.o. -> GOG.com) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes) R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG -> Nero AG) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2348336 2019-09-25] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3228464 2019-09-25] (Electronic Arts, Inc. -> Electronic Arts) R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [60625592 2019-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [588984 2019-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [94216 2019-04-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-05-05] (AVAST Software s.r.o. -> AVAST Software) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205400 2019-05-05] (AVAST Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254128 2019-05-05] (AVAST Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196000 2019-05-05] (AVAST Software s.r.o. -> AVAST Software) R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320624 2019-05-05] (AVAST Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [57888 2019-05-05] (AVAST Software s.r.o. -> AVAST Software) R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [257832 2019-05-05] (AVAST Software s.r.o. -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-05-05] (AVAST Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166848 2019-09-18] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-05-05] (AVAST Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-05-05] (AVAST Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1031000 2019-05-05] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476776 2019-05-05] (AVAST Software s.r.o. -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220640 2019-05-05] (AVAST Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385848 2019-05-05] (AVAST Software s.r.o. -> AVAST Software) R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [105376 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) S3 cpuz145; C:\Windows\temp\cpuz147\cpuz145_x64.sys [49968 2018-12-10] (CPUID -> CPUID) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [55960 2018-11-29] (Martin Malik - REALiX -> REALiX(tm)) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31144 2015-06-22] (Intel Corporation - Rapid Storage Technology -> Intel Corporation) S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [3785216 2014-03-31] (Intel Corporation) [Brak podpisu cyfrowego] R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [178976 2015-07-07] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2015-12-21] () [Brak podpisu cyfrowego] S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2017-09-07] (Apple, Inc.) [Brak podpisu cyfrowego] U3 a05a1stu; C:\Windows\System32\Drivers\a05a1stu.sys [0 0000-00-00] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder) R3 ALSysIO; \??\D:\Temp\Temp\ALSysIO64.sys [X] U1 aswbdisk; Brak ImagePath S3 gdrv; \??\C:\Windows\gdrv.sys [X] S3 GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [X] S3 GPUZ; \??\D:\Temp\Temp\GPUZ.sys [X] S4 NVHDA; system32\drivers\nvhda64v.sys [X] S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X] S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-10-11 00:23 - 2019-10-11 00:24 - 000024112 _____ C:\Users\Krisu\Desktop\FRST.txt 2019-10-11 00:23 - 2019-10-11 00:23 - 000000000 ____D C:\FRST 2019-10-11 00:22 - 2019-10-11 00:22 - 001615872 _____ (Farbar) C:\Users\Krisu\Desktop\FRST64.exe 2019-10-11 00:20 - 2019-10-11 00:20 - 000000366 _____ C:\TDSSKiller.3.1.0.12_11.10.2019_00.20.45_log.txt 2019-10-11 00:10 - 2019-10-11 00:10 - 000410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll 2019-10-11 00:10 - 2019-10-11 00:10 - 000193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll 2019-10-11 00:10 - 2019-10-11 00:10 - 000113629 _____ C:\Windows\SysWOW64\slmgr.vbs 2019-10-10 23:56 - 2019-10-10 23:56 - 000113629 _____ C:\Windows\system32\slmgr.vbs 2019-10-10 23:50 - 2019-10-10 23:50 - 000113543 _____ C:\Windows\SysWOW64\slmgr.vbs.removewat 2019-10-04 22:43 - 2019-10-04 22:43 - 000000846 _____ C:\Users\Krisu\Desktop\Devil May Cry 5.lnk 2019-10-04 22:22 - 2019-10-04 22:22 - 000000000 ____D C:\Games 2019-10-03 20:12 - 2019-10-04 19:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2019-10-01 20:33 - 2019-10-11 00:11 - 000003102 _____ C:\Windows\system32\Tasks\AMDLinkUpdate 2019-10-01 20:33 - 2019-10-10 23:15 - 000003158 _____ C:\Windows\system32\Tasks\StartCN 2019-10-01 20:33 - 2019-10-10 23:15 - 000003128 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate 2019-10-01 20:33 - 2019-10-10 23:15 - 000003078 _____ C:\Windows\system32\Tasks\StartDVR 2019-10-01 20:33 - 2019-10-01 20:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings 2019-10-01 20:33 - 2019-10-01 20:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard 2019-10-01 20:33 - 2019-10-01 20:33 - 000000000 ____D C:\Program Files (x86)\AMD 2019-10-01 20:30 - 2019-10-01 20:30 - 000000000 ____D C:\ProgramData\AMD 2019-09-11 00:20 - 2019-09-11 00:20 - 001583800 _____ (AMD) C:\Windows\system32\coinst_19.30.dll 2019-09-11 00:19 - 2019-09-11 00:19 - 032426680 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll 2019-09-11 00:19 - 2019-09-11 00:19 - 027980472 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll 2019-09-11 00:19 - 2019-09-11 00:19 - 003906744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll 2019-09-11 00:19 - 2019-09-11 00:19 - 003507896 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll 2019-09-11 00:19 - 2019-09-11 00:19 - 000544952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll 2019-09-11 00:19 - 2019-09-11 00:19 - 000374968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll 2019-09-11 00:06 - 2019-09-11 00:06 - 059430072 _____ C:\Windows\system32\amdcomgr64.dll 2019-09-11 00:05 - 2019-09-11 00:05 - 049326776 _____ C:\Windows\SysWOW64\amdcomgr.dll 2019-09-11 00:00 - 2019-09-11 00:00 - 068480696 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll 2019-09-11 00:00 - 2019-09-11 00:00 - 027500216 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll 2019-09-11 00:00 - 2019-09-11 00:00 - 000340152 _____ C:\Windows\system32\clinfo.exe 2019-09-11 00:00 - 2019-09-11 00:00 - 000126136 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2019-09-11 00:00 - 2019-09-11 00:00 - 000112824 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll ==================== Jeden miesiąc (zmodyfikowane) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-10-11 00:20 - 2009-07-14 06:45 - 000028544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-10-11 00:20 - 2009-07-14 06:45 - 000028544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-10-11 00:16 - 2009-07-14 19:55 - 000739694 _____ C:\Windows\system32\perfh015.dat 2019-10-11 00:16 - 2009-07-14 19:55 - 000155268 _____ C:\Windows\system32\perfc015.dat 2019-10-11 00:16 - 2009-07-14 07:13 - 001668226 _____ C:\Windows\system32\PerfStringBackup.INI 2019-10-11 00:16 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2019-10-11 00:11 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-10-11 00:10 - 2017-11-26 11:17 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winver.exe 2019-10-11 00:10 - 2016-01-20 18:58 - 001382072 _____ C:\Windows\ntbtlog.txt 2019-10-11 00:08 - 2018-10-30 20:30 - 000065536 _____ C:\Windows\system32\spu_storage.bin 2019-10-10 23:50 - 2015-12-21 00:48 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll 2019-10-10 23:50 - 2015-12-21 00:48 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll 2019-10-10 23:50 - 2015-12-21 00:48 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll 2019-10-10 23:25 - 2015-12-21 01:08 - 000004327 _____ C:\Windows\WINCMD.INI 2019-10-10 23:24 - 2015-12-21 18:16 - 000000000 ____D C:\Users\Krisu\Documents\My Games 2019-10-10 23:15 - 2018-10-17 22:40 - 000003484 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2019-10-10 23:15 - 2018-10-17 22:40 - 000003356 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2019-10-10 23:15 - 2016-05-31 20:11 - 000003240 _____ C:\Windows\system32\Tasks\{6059B13B-1676-4942-A5D9-969AF57F4CD9} 2019-10-10 23:15 - 2015-12-21 18:16 - 000000110 _____ C:\Users\Krisu\Documents\ax_files.xml 2019-10-10 23:15 - 2015-12-21 01:41 - 000002748 _____ C:\Windows\system32\Tasks\Core Temp Autostart Krisu 2019-10-10 23:15 - 2015-12-21 01:06 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software 2019-10-10 23:11 - 2019-01-29 11:31 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server 2019-10-10 23:11 - 2019-01-29 11:30 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner 2019-10-10 23:01 - 2018-04-01 22:36 - 000000000 ____D C:\Users\Krisu\AppData\LocalLow\uTorrent 2019-10-10 23:01 - 2015-12-22 17:50 - 000000000 ____D C:\Users\Krisu\AppData\Roaming\uTorrent 2019-10-10 21:17 - 2015-12-21 18:16 - 000000000 ____D C:\Users\Krisu\Documents\Krzysiek 2019-10-08 20:58 - 2015-12-21 01:12 - 000000000 ____D C:\ProgramData\Origin 2019-10-08 20:41 - 2015-12-21 01:13 - 000000000 ____D C:\Users\Krisu\AppData\Roaming\Origin 2019-10-08 20:40 - 2019-05-29 23:22 - 000000000 ____D C:\Program Files (x86)\Origin Games 2019-10-08 20:40 - 2015-12-21 01:12 - 000000000 ____D C:\Program Files (x86)\Origin 2019-10-07 07:12 - 2017-02-07 18:25 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2019-10-06 20:43 - 2015-12-21 20:05 - 000000000 ____D C:\Program Files (x86)\Steam 2019-10-04 19:17 - 2015-12-21 17:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-10-03 21:39 - 2016-09-12 19:59 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy 2019-10-03 21:15 - 2016-11-18 20:58 - 000000000 ____D C:\Users\Krisu\AppData\LocalLow\Mozilla 2019-10-01 21:46 - 2018-10-30 20:40 - 000000000 ____D C:\Users\Krisu\AppData\LocalLow\AMD 2019-10-01 20:34 - 2018-10-30 20:28 - 000000000 ____D C:\Program Files\AMD 2019-10-01 20:28 - 2018-11-13 08:11 - 000000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml 2019-10-01 20:28 - 2018-10-30 20:27 - 000000000 ____D C:\AMD 2019-10-01 16:38 - 2016-12-28 22:44 - 000000000 ____D C:\Program Files (x86)\Google 2019-09-25 18:56 - 2017-12-24 22:41 - 000000000 ____D C:\Users\Krisu\AppData\Roaming\AIMP 2019-09-24 23:08 - 2018-10-17 22:41 - 000002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-09-24 20:50 - 2017-09-24 23:09 - 000000000 ____D C:\Users\Public\Documents\Steam 2019-09-24 20:50 - 2017-09-24 23:09 - 000000000 ____D C:\ProgramData\Documents\Steam 2019-09-19 20:14 - 2016-12-17 14:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2019-09-18 18:59 - 2015-12-21 01:06 - 000166848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2019-09-15 23:15 - 2016-01-25 18:53 - 000000000 ____D C:\Users\Krisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2019-09-11 21:17 - 2016-01-05 22:27 - 000000000 ____D C:\Users\Krisu\AppData\Roaming\Audacity ==================== Pliki w katalogu głównym wybranych folderów ================ 2017-11-26 18:00 - 2017-11-26 18:00 - 041693696 _____ () C:\Users\Krisu\AppData\Roaming\ffmpeg.exe 2016-09-02 19:04 - 2016-09-02 19:05 - 000005120 _____ () C:\Users\Krisu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-10-30 20:43 - 2018-11-08 20:53 - 002128896 _____ () C:\Users\Krisu\AppData\Local\file__0.localstorage 2019-07-14 19:00 - 2019-07-14 19:00 - 000001568 _____ () C:\Users\Krisu\AppData\Local\recently-used.xbel 2015-12-27 01:38 - 2017-01-05 22:10 - 000007597 _____ () C:\Users\Krisu\AppData\Local\Resmon.ResmonCfg 2017-04-04 20:33 - 2017-04-04 20:33 - 000000000 _____ () C:\Users\Krisu\AppData\Local\{63D313E1-12F3-44EB-81BA-C126B4DB6AD1} ==================== SigCheck =============================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2019-10-10 07:25 ==================== Koniec FRST.txt ============================