FRST

Kolorwanie:
Status:
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 26.01.2019
Uruchomiony przez kuba (administrator)  KUBA-KOMPUTER (27-01-2019 11:47:55)
Uruchomiony z C:\Users\kuba\Desktop
Załadowane profile: kuba (Dostępne profile: kuba & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Electronic Arts) D:\Origin\OriginWebHelperService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) D:\SoftEther VPN Client\vpnclient_x64.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(DEVGURU Co., LTD.) D:\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
() C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
() C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated)
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] ()
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe [178504 2018-07-26] (ESET)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [XboxStat] => C:\Program Files (x86)\Microsoft Xbox 360 Accessories\XboxStat.exe [718688 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409424 2018-04-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKU\S-1-5-21-727411061-3885270544-3697033259-1000\...\Run: [uTorrent] => C:\Users\kuba\AppData\Roaming\uTorrent\uTorrent.exe [2013368 2019-01-24] (BitTorrent Inc.)
HKU\S-1-5-21-727411061-3885270544-3697033259-1000\...\Run: [Codec Pack Update Checker] => [X]
HKU\S-1-5-21-727411061-3885270544-3697033259-1000\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-727411061-3885270544-3697033259-1000\...\Run: [CubeDesktop] => [X]
HKU\S-1-5-21-727411061-3885270544-3697033259-1000\...\Run: [SideSync] => C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe [12476064 2018-03-07] ()
HKU\S-1-5-21-727411061-3885270544-3697033259-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd)
HKU\S-1-5-21-727411061-3885270544-3697033259-1000\...\MountPoints2: F - F:\start.exe
HKU\S-1-5-21-727411061-3885270544-3697033259-1000\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-727411061-3885270544-3697033259-1000\...\MountPoints2: {0afa7a9e-b66c-11e7-b326-00ac140dd3a7} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-727411061-3885270544-3697033259-1000\...\MountPoints2: {1d8e0549-8241-11e5-a5be-806e6f6e6963} - E:\DVDSetup.exe
HKU\S-1-5-21-727411061-3885270544-3697033259-1000\...\MountPoints2: {293831de-84ba-11e5-bf35-d8cb8a5dc01b} - J:\Setup.exe
HKU\S-1-5-18\...\Run: [] => [X]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L)
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-28] ()
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\system32\vorbis.acm [1470976 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( )
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [127488 2013-06-21] ()
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\system32\l3codecp.acm [182272 2009-07-14] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L)
HKLM\...\Drivers32-x32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] ()
HKLM\...\Drivers32-x32: [vidc.ffds] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-12-05] ()
HKLM\...\Drivers32-x32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2014-04-08] ()
HKLM\...\Drivers32-x32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3525120 2014-11-16] (x264vfw project)
HKLM\...\Drivers32-x32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [216064 2013-12-17] ( )
HKLM\...\Drivers32-x32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2013-12-17] (Packed With Joy !)
HKLM\...\Drivers32-x32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-26] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation)
Startup: C:\Users\kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerMenu.lnk [2018-04-27]
ShortcutTarget: PowerMenu.lnk -> C:\Program Files (x86)\PowerMenu\PowerMenu.exe (Brak pliku)
Startup: C:\Users\kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-01-17]
ShortcutTarget: Twitch.lnk -> C:\Users\kuba\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
GroupPolicy: Ograniczenia ? <==== UWAGA

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{6BC4C262-106C-4B40-B63A-708A5531128F}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{848240A3-1F49-469D-9F53-B2999283FF06}: [DhcpNameServer] 192.168.42.129
ManualProxies: 

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131043461323289714&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131043461323289714&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-727411061-3885270544-3697033259-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131043461323289714&GUID=00000000-0000-0000-0000-000000000000
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-727411061-3885270544-3697033259-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-12-11] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-11] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
Toolbar: HKLM-x32 - @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\SysWow64\Msdxm6.ocx [2000-04-21] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
Handler-x32: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Windows\SysWow64\Msdxm6.ocx [2000-04-21] (Microsoft Corporation)


Copyrights 2014-2021 © Wklejaj.pl Wszelkie prawa zastrzeżone.