Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 28-12-2019 Uruchomiony przez acer (administrator) LAPTOP-LGV33DOQ (Acer Aspire F5-573G) (04-01-2020 20:46:43) Uruchomiony z E:\ Załadowane profile: acer (Dostępne profile: defaultuser0 & acer) Platform: Windows 10 Home Wersja 1903 18362.476 (X64) Język: Polski (Polska) Domyślna przeglądarka: IE Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceddadac8a2b489e\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceddadac8a2b489e\igfxEM.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.471_none_5f12f35059003107\TiWorker.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\NisSrv.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587800 2017-12-19] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-1646629283-2140427641-3585600790-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3289040 2019-12-06] (Valve -> Valve Corporation) HKU\S-1-5-21-1646629283-2140427641-3585600790-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIRPE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-1646629283-2140427641-3585600790-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35210128 2019-02-19] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-1646629283-2140427641-3585600790-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-20] (Piriform Ltd -> Piriform Ltd) HKU\S-1-5-21-1646629283-2140427641-3585600790-1001\...\MountPoints2: {ae359293-40d2-11e8-8ad2-5800e39de258} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1646629283-2140427641-3585600790-1001\...\MountPoints2: {e036e887-2a64-11ea-8b27-a81e8453860e} - "E:\HiSuiteDownLoader.exe" ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0EE2A50B-6C32-4169-A65D-34D84A63FB0C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {18EB7945-2F51-49D5-9E79-EDE21452CD4C} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe Task: {21FD4E9C-F52D-4156-BBAB-B8A14A5F4DFE} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Task: {2328D97F-E221-4699-9B49-B6B6D9D907E3} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-27] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) Task: {2E880EE4-5A65-4E0F-9922-AB54851E343C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE Task: {2E880EE4-5A65-4E0F-9922-AB54851E343C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE Task: {2E880EE4-5A65-4E0F-9922-AB54851E343C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Overwolf Updater Task" /ENABLE Task: {2E880EE4-5A65-4E0F-9922-AB54851E343C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE Task: {2F0EB93D-9A95-4011-A037-E1FEEA8B838F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4C232B81-F1FA-431A-98D1-CDB0E8385462} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2016-11-12] (Acer Incorporated -> Acer Incorporated) Task: {71D7E1F1-4B60-42D6-82BA-D1EA87533184} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {88CA1574-1D52-4924-9C96-F85A3649CBC9} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1905072 2019-09-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) Task: {A14295B8-3C9B-4E1E-8882-98FEB00F548E} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe Task: {A447BDA9-C868-48CB-A99E-DECB58ED2454} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-20] (Piriform Ltd -> Piriform Ltd) Task: {A8026262-9B9B-45DB-B072-EC6367A6D93D} - System32\Tasks\EPSON L386 Series Update {3C112718-3D3F-4307-91DD-10EA88049609} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRPE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {DAE0CC53-D642-4A7A-BD13-3F8899ED1EC7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd) Task: {DE08DB47-6804-4F03-9C86-87A8B9613A25} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DF9CE420-C849-41D8-AE85-CBAD9D0A1DE4} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> ) Task: {E46CCCD5-77F6-4AEA-A141-5B1F7D6DA1A2} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\EPSON L386 Series Update {3C112718-3D3F-4307-91DD-10EA88049609}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRPE.EXE:/EXE:{3C112718-3D3F-4307-91DD-10EA88049609} /F:UpdateWORKGROUP\LAPTOP-LGV33DOQ$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{0bfa66b3-79cf-4407-a591-c623f1a25eeb}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{34da6a8d-f462-4935-948c-8a2a64779cc5}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{37ebed31-6e35-4de0-a552-a30ba880a540}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{3a32b244-64b2-4471-ae3e-acaf1ea75d96}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{f4ce7d87-833b-44ae-b639-65ce111aa0c7}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-1646629283-2140427641-3585600790-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE HKU\S-1-5-21-1646629283-2140427641-3585600790-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE SearchScopes: HKU\S-1-5-21-1646629283-2140427641-3585600790-1001 -> DefaultScope {6CB65B15-4568-41AD-8DCB-F0AA3DECC2F4} URL = SearchScopes: HKU\S-1-5-21-1646629283-2140427641-3585600790-1001 -> {6CB65B15-4568-41AD-8DCB-F0AA3DECC2F4} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-29] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-29] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle America, Inc. -> Oracle Corporation) FireFox: ======== FF DefaultProfile: bgvvai1z.default FF ProfilePath: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\bgvvai1z.default [2020-01-04] FF user.js: detected! => C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\bgvvai1z.default\user.js [2019-10-27] FF Notifications: Mozilla\Firefox\Profiles\bgvvai1z.default -> hxxps://www.youtube.com; hxxps://www.facebook.com FF HKLM\...\Firefox\Extensions: [{7bb202fa-9247-49c6-898c-ce0d36bc44e3}] - C:\Program Files (x86)\mypopupblocker\ff\my_popup_blocker-1.0.0-fx.xpi FF Extension: (My Popup Blocker) - C:\Program Files (x86)\mypopupblocker\ff\my_popup_blocker-1.0.0-fx.xpi [2019-09-03] FF HKLM-x32\...\Firefox\Extensions: [{7bb202fa-9247-49c6-898c-ce0d36bc44e3}] - C:\Program Files (x86)\mypopupblocker\ff\my_popup_blocker-1.0.0-fx.xpi FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-29] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-29] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle America, Inc. -> Oracle Corporation) Chrome: ======= CHR Profile: C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default [2019-12-29] CHR Extension: (Prezentacje) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-01] CHR Extension: (Dokumenty) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-01] CHR Extension: (Dysk Google) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-18] CHR Extension: (YouTube) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-18] CHR Extension: (Arkusze) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-01] CHR Extension: (Dokumenty Google offline) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-18] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-30] CHR Extension: (Amazon Assistant for Chrome) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2017-11-01] CHR Extension: (Gmail) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-18] CHR Extension: (Chrome Media Router) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-30] CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [326392 2015-11-27] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7356680 2018-11-23] (BattlEye Innovations e.K. -> ) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2017-02-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation) R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806144 2018-11-08] (ICEpower a/s -> ICEpower) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-27] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-08-30] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2016-01-04] (Intel Corporation-Wireless Connectivity Solutions -> ) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3832224 2016-01-04] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) S2 IntelSSTSvc; "C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe" [X] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [217688 2016-08-17] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56376 2016-08-04] (NVIDIA Corporation -> NVIDIA Corporation) R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2360048 2018-08-29] (Qualcomm Atheros -> Qualcomm Atheros, Inc.) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek Semiconductor Corp. -> Realtek ) R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [779232 2016-08-04] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) S3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46776 2018-12-21] (SteelSeries ApS -> ) S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [48040 2018-09-25] (SteelSeries ApS -> SteelSeries ApS) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-10-12] (Microsoft Windows -> Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [351968 2019-10-31] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-10-31] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-01-04 20:36 - 2020-01-04 20:47 - 000000000 ____D C:\FRST 2020-01-04 15:13 - 2020-01-04 15:13 - 000000000 ____D C:\Program Files\Common Files\QCA_Bluetooth 2020-01-04 15:12 - 2020-01-04 15:12 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2020-01-04 15:00 - 2020-01-04 15:00 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles 2020-01-04 14:59 - 2020-01-04 14:59 - 000000000 ____D C:\Users\acer\AppData\Roaming\Intel 2020-01-04 14:58 - 2020-01-04 14:58 - 000000000 ____D C:\ProgramData\Intel.sav 2020-01-04 14:58 - 2020-01-04 14:58 - 000000000 ____D C:\Program Files\Common Files\Intel 2020-01-04 14:58 - 2020-01-04 14:58 - 000000000 ____D C:\Program Files (x86)\Cisco 2019-12-29 18:54 - 2019-12-29 18:54 - 000000000 ____D C:\Users\acer\AppData\Local\ElevatedDiagnostics 2019-12-29 00:04 - 2019-12-29 00:05 - 000000000 ____D C:\$Windows.~BT 2019-12-28 16:49 - 2019-12-29 00:25 - 000000000 ___HD C:\$SysReset 2019-12-07 11:17 - 2019-12-07 11:17 - 000000080 ___SH C:\bootTel.dat 2019-12-07 11:17 - 2019-12-07 11:17 - 000000000 __SHD C:\found.002 2019-12-07 11:10 - 2019-12-07 11:10 - 000000000 __SHD C:\found.001 2019-12-07 11:10 - 2019-12-07 11:10 - 000000000 __SHD C:\found.000 ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-01-04 20:43 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF 2020-01-04 20:42 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-01-04 20:33 - 2019-10-12 13:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-01-04 20:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF 2020-01-04 16:11 - 2019-10-12 13:42 - 001770300 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-01-04 16:11 - 2019-03-19 13:23 - 000785768 _____ C:\WINDOWS\system32\perfh015.dat 2020-01-04 16:11 - 2019-03-19 13:23 - 000152530 _____ C:\WINDOWS\system32\perfc015.dat 2020-01-04 16:08 - 2017-07-18 09:47 - 000000000 ____D C:\Program Files (x86)\Steam 2020-01-04 16:07 - 2019-10-12 14:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-01-04 16:07 - 2019-10-12 13:29 - 000000000 ____D C:\Users\acer 2020-01-04 16:07 - 2017-07-18 08:22 - 000000000 __SHD C:\Users\acer\IntelGraphicsProfiles 2020-01-04 16:07 - 2017-02-24 01:10 - 000000000 ____D C:\ProgramData\NVIDIA 2020-01-04 15:25 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-01-04 15:13 - 2017-02-24 00:57 - 000000000 ____D C:\Program Files (x86)\Qualcomm Atheros 2020-01-04 15:08 - 2017-02-24 00:57 - 000000000 ____D C:\WINDOWS\system32\ihvmanager 2020-01-04 15:07 - 2017-02-24 00:28 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2020-01-04 14:59 - 2019-10-12 13:29 - 000000000 ____D C:\Users\defaultuser0 2020-01-04 14:58 - 2017-11-04 17:35 - 000000000 ____D C:\Program Files\Intel 2020-01-04 14:58 - 2017-11-04 17:35 - 000000000 ____D C:\Program Files (x86)\Intel 2020-01-04 14:58 - 2017-02-24 00:32 - 000000000 ____D C:\ProgramData\Package Cache 2020-01-04 14:58 - 2017-02-24 00:27 - 000000000 ____D C:\ProgramData\Intel 2019-12-29 19:19 - 2019-02-11 22:03 - 000000000 ____D C:\Users\acer\AppData\Roaming\TS3Client 2019-12-19 09:34 - 2019-09-30 13:25 - 000000000 ___DC C:\WINDOWS\Panther 2019-12-19 09:34 - 2017-07-18 09:38 - 000000000 ____D C:\Users\acer\AppData\Local\CrashDumps 2019-12-07 19:36 - 2018-07-04 21:10 - 000000000 ____D C:\Users\acer\AppData\Local\D3DSCache 2019-12-07 10:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-12-05 21:14 - 2017-07-18 09:40 - 000000000 ____D C:\Users\acer\AppData\LocalLow\Mozilla 2019-12-05 21:09 - 2019-11-04 17:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2019-12-05 00:55 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps ==================== FCheck ================================ (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) FCheck: C:\WINDOWS\system32\dhcpcsvc.dll [2019-10-12] <==== UWAGA (zerobajtowy plik/folder) ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================