Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 22-01-2022 Uruchomiony przez PC (administrator) DESKTOP-ASSE4JQ (Gigabyte Technology Co., Ltd. AB350-Gaming 3) (23-01-2022 18:17:13) Uruchomiony z D:\Pobrane Załadowane profile: PC Platform: Microsoft Windows 10 Home Wersja 21H2 19044.1466 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files\DS502 GAMING Headset\CPL\DS_502_Headset.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.69\identity_helper.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\NVDisplay.Container.exe <2> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (Spotify AB -> Spotify Ltd) C:\Users\PC\AppData\Roaming\Spotify\Spotify.exe <6> (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1082160 2020-05-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Cm108BSound] => C:\Program Files\DS502 GAMING Headset\CPL\DS_502_Headset.exe [2836992 2014-11-10] () [Brak podpisu cyfrowego] HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3086208 2021-06-22] (Riot Games, Inc. -> Riot Games, Inc.) HKLM-x32\...\Run: [FireStormStartUpAutoRun] => D:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [33665024 2017-10-23] (PC Partner Co.Ltd) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-3192562959-1690777676-342118144-1001\...\Run: [FACEIT] => C:\Users\PC\AppData\Local\FACEITApp\update.exe [2204984 2021-02-18] (FACE IT LIMITED -> ) HKU\S-1-5-21-3192562959-1690777676-342118144-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent (Brak pliku) HKU\S-1-5-21-3192562959-1690777676-342118144-1001\...\Run: [com.messenger] => C:\Users\PC\AppData\Local\Programs\Messenger\Messenger.exe messenger://openAtLogin (Brak pliku) HKU\S-1-5-21-3192562959-1690777676-342118144-1001\...\Run: [MicrosoftEdgeAutoLaunch_B47356396DDD0FAAE76D0ED141F5CEA2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 HKU\S-1-5-21-3192562959-1690777676-342118144-1001\...\Run: [Spotify] => C:\Users\PC\AppData\Roaming\Spotify\Spotify.exe [19227064 2022-01-20] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-3192562959-1690777676-342118144-1001\...\MountPoints2: {0e41242f-d45e-11eb-9a4d-1c1b0d9e0dbc} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3192562959-1690777676-342118144-1001\...\MountPoints2: {411e23b8-0a84-11ec-9a94-1c1b0d9e0dbc} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3192562959-1690777676-342118144-1001\...\MountPoints2: {ca55bd43-878d-11e9-970a-1c1b0d9e0dbc} - "E:\HiSuiteDownLoader.exe" HKLM\...\Print\Monitors\HP E611 Status Monitor: C:\Windows\system32\hpinkstsE611LM.dll [401920 2019-07-01] (Hewlett Packard -> HP Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-07] (Google LLC -> Google LLC) Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC Remote Controller.lnk [2021-08-28] ShortcutTarget: PC Remote Controller.lnk -> C:\Users\PC\AppData\Roaming\Microsoft\Installer\{64351801-5DEA-49A8-9C3D-AE6F7D567A56}\_362106003D8A4C2F2D005E.exe () [Brak podpisu cyfrowego] Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2021-06-10] ShortcutTarget: Twitch.lnk -> C:\Users\PC\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1DE4B0EC-2573-4AB9-AEE3-754A163E4FFB} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\thermald.exe [426208 2020-05-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {1F3F4E76-C781-42B2-B9D5-62B19FB40E53} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {23E3A0DD-624D-413D-9ED9-8409647CC3D3} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\sensord.exe [254176 2020-05-04] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {32D90315-62ED-46CA-BFE2-9369318022C0} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {402E27A9-7FB8-48D2-911E-4498E4DDB6A3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4139E184-8D49-4ABD-BFF2-44EC606EFF63} - System32\Tasks\Opera scheduled Autoupdate 1606644086 => C:\Users\PC\AppData\Local\Programs\Opera\launcher.exe [1598616 2021-03-04] (Opera Software AS -> Opera Software) Task: {42A07EE3-82D5-4BAF-9F75-8B42E490A9A3} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4B2520B8-27F6-4D24-9B2A-E4C4869A83B0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-15] (Microsoft Corporation -> Microsoft Corporation) Task: {55793CDA-04CE-490E-A633-19F99486F405} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {5A5E73F7-C5B8-4566-8B71-9F8A5ADC7A95} - System32\Tasks\Opera scheduled assistant Autoupdate 1606644095 => C:\Users\PC\AppData\Local\Programs\Opera\launcher.exe [1598616 2021-03-04] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\PC\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {5E4F3A59-F739-4A29-BC3A-F68CE6E880DE} - System32\Tasks\DSOne Agent => C:\Program Files (x86)\Driver Support One\DSOne.exe [864960 2020-01-20] (Asurvio, LP -> PC Drivers HeadQuarters LP) <==== UWAGA Task: {5EFF23B9-DE9F-4950-AEF3-848886CA8B1B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-16] (Microsoft Corporation -> Microsoft Corporation) Task: {613344E9-DE6A-49B9-A197-30295BB63624} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {64A49B0F-34C5-4F4C-B636-F296A3B4B558} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-30] (Google Inc -> Google LLC) Task: {6706059C-0552-4332-B9EB-7FC4D4BD4195} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {923A4029-8C54-4FCA-B941-384040A22D33} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {968CBF5B-5DBB-4A93-9102-F1B5AC1B1CCB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-15] (Microsoft Corporation -> Microsoft Corporation) Task: {A3791284-05BC-46E3-8D0C-10AC31131966} - System32\Tasks\LiquidSensord => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\LiquidSensord.exe [245760 2019-11-21] (GIGA-BYTE TECHNOLOGY CO., LTD.) [Brak podpisu cyfrowego] Task: {B7F7CCBC-76C7-4A14-B80A-E6DBC0AE51E6} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule (Brak pliku) Task: {DDF1FA4D-B596-4F6B-8A38-AB5EA901BC75} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-16] (Microsoft Corporation -> Microsoft Corporation) Task: {E6E65103-B3F8-431F-BC9A-F8B20202DF58} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-30] (Google Inc -> Google LLC) Task: {FBBEB484-E5D6-44CD-A540-0BF8981E68B3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FC7CE96C-8129-4A92-91DF-666199EE168F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== UWAGA (Ograniczenia - Zones) Tcpip\..\Interfaces\{494d9df0-8028-497e-959c-251cccc7e275}: [DhcpNameServer] 192.168.1.1 192.168.1.1 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Default Edge Profile: C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-23] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-01-23] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-11-01] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-11-01] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2022-01-23] CHR DownloadDir: D:\Pobrane CHR Notifications: Default -> hxxps://www.bananki.pl CHR Extension: (Prezentacje) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-30] CHR Extension: (Dark Theme for Google Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\annfbnbieaamhaimclajlajpijgkdblo [2021-09-19] CHR Extension: (Dokumenty) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-30] CHR Extension: (Dysk Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24] CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-30] CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-12] CHR Extension: (Arkusze) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-30] CHR Extension: (Return YouTube Dislike) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2022-01-10] CHR Extension: (Dokumenty Google offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-19] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-01-23] CHR Extension: (CSGO Trader - Steam Trading Enhancer) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaibcgikagnkfgjnibflebpldakfhfih [2021-12-12] CHR Extension: (Video Downloader PLUS) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\njgehaondchbmjmajphnhlojfnbfokng [2021-09-07] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22] CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-07-01] CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile [2020-07-01] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] Opera: ======= OPR Profile: C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable [2021-01-26] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8395968 2020-06-21] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-15] (Microsoft Corporation -> Microsoft Corporation) R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [143072 2020-05-19] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) S2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [128736 2020-05-04] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2022-01-23] (Malwarebytes Inc -> Malwarebytes) S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [119808 2019-11-21] (GIGA-BYTE TECHNOLOGY CO., LTD.) [Brak podpisu cyfrowego] S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2017072 2021-12-16] (Rockstar Games, Inc. -> Rockstar Games) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14691624 2021-08-27] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 VBoxSDS; D:\Program Files (x86)\VBoxSDS.exe [746736 2021-10-18] (Oracle Corporation -> Oracle Corporation) S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10147296 2021-06-22] (Riot Games, Inc. -> Riot Games, Inc.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation) S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X] R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem S3 OverwolfUpdater; "C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe" /RunningFrom SCM [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 CMUAC; C:\WINDOWS\System32\drivers\CMUAC.sys [613888 2014-10-09] (C-MEDIA ELECTRONICS INC. -> C-MEDIA) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2022-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 gdrv2; C:\Windows\gdrv2.sys [32600 2019-07-19] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.) S3 GVCIDrv; C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [18432 2019-12-08] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [66640 2019-07-31] (Martin Malik - REALiX -> REALiX(tm)) S3 JitDriver; C:\WINDOWS\system32\drivers\JitDriver.sys [23040 2020-01-24] (Microsoft Windows Hardware Compatibility Publisher -> ) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220568 2022-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-01-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [194480 2022-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-01-23] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156792 2022-01-23] (Malwarebytes Inc -> Malwarebytes) R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2021-03-09] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> ) R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> ) R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239664 2021-10-18] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249568 2021-10-18] (Oracle Corporation -> Oracle Corporation) S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8241992 2021-06-22] (Riot Games, Inc. -> Riot Games, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435432 2021-12-20] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-20] (Microsoft Windows -> Microsoft Corporation) S3 WinRing0_1_2_0; C:\Program Files (x86)\GIGABYTE\RGBFusion\MODAPI.sys [14544 2021-03-06] (Noriyuki MIYAZAKI -> OpenLibSys.org) S2 GLCKIO2; \??\C:\Program Files (x86)\GIGABYTE\RGBFusion\GLCKIO2.sys [X] S3 hsstap; \SystemRoot\System32\drivers\hsstap.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-01-23 18:16 - 2022-01-23 18:16 - 000000000 ____D C:\Users\PC\AppData\LocalLow\IGDump 2022-01-23 18:06 - 2022-01-23 18:17 - 000000000 ____D C:\FRST 2022-01-23 18:02 - 2022-01-23 18:02 - 000194480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2022-01-23 18:02 - 2022-01-23 18:02 - 000156792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2022-01-23 18:02 - 2022-01-23 18:02 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2022-01-23 16:09 - 2022-01-23 16:09 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-01-23 16:09 - 2022-01-23 16:09 - 000220568 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-01-23 16:09 - 2022-01-23 16:09 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2022-01-23 16:09 - 2022-01-23 16:09 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2022-01-23 16:09 - 2022-01-23 16:09 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-01-23 16:09 - 2022-01-23 16:09 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-01-23 16:09 - 2022-01-23 16:09 - 000000000 ____D C:\Users\PC\AppData\Local\mbam 2022-01-23 16:05 - 2022-01-23 16:05 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-01-23 16:05 - 2022-01-23 16:05 - 000000000 ____D C:\Program Files\Malwarebytes 2022-01-23 16:00 - 2022-01-23 16:01 - 000000000 ____D C:\AdwCleaner 2022-01-22 23:07 - 2022-01-22 23:07 - 000000000 ____D C:\WINDOWS\SystemTemp 2022-01-22 22:45 - 2022-01-22 22:45 - 000000729 _____ C:\Users\PC\Downloads\Pulpit — skrót.lnk 2022-01-22 22:32 - 2022-01-22 22:32 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-01-22 22:32 - 2022-01-22 22:32 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-01-22 22:32 - 2022-01-22 22:32 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-01-22 22:20 - 2022-01-22 22:20 - 000000000 ___HD C:\$WinREAgent 2022-01-22 21:58 - 2022-01-22 21:58 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2022-01-22 21:58 - 2022-01-22 21:58 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2022-01-22 21:58 - 2022-01-22 21:58 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-01-10 19:14 - 2022-01-10 19:14 - 000000000 ____D C:\Users\PC\AppData\Roaming\Zoom 2022-01-10 19:14 - 2022-01-10 19:14 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-01-23 18:18 - 2019-05-30 16:19 - 000000000 ____D C:\ProgramData\NVIDIA 2022-01-23 18:17 - 2019-05-30 19:51 - 000000000 ____D C:\Program Files (x86)\Google 2022-01-23 18:16 - 2021-08-29 00:02 - 000000000 ____D C:\Program Files\TeamViewer 2022-01-23 18:16 - 2021-02-25 17:22 - 000000000 ____D C:\Users\PC\AppData\Roaming\Spotify 2022-01-23 18:16 - 2020-11-28 19:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-01-23 18:16 - 2020-11-28 19:42 - 000008192 ___SH C:\DumpStack.log.tmp 2022-01-23 18:16 - 2020-11-28 19:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-01-23 18:16 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-01-23 18:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-01-23 18:08 - 2020-11-28 19:52 - 001767980 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-01-23 18:08 - 2019-12-07 16:08 - 000784334 _____ C:\WINDOWS\system32\perfh015.dat 2022-01-23 18:08 - 2019-12-07 16:08 - 000152230 _____ C:\WINDOWS\system32\perfc015.dat 2022-01-23 18:08 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2022-01-23 18:07 - 2021-03-12 14:38 - 000000000 ___HD C:\Users\PC\Downloads\.opera 2022-01-23 18:07 - 2021-03-12 14:38 - 000000000 ___HD C:\Users\PC\.opera 2022-01-23 18:04 - 2021-02-25 17:26 - 000000000 ____D C:\Users\PC\AppData\Local\Spotify 2022-01-23 16:23 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-01-23 16:14 - 2019-06-12 16:45 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps 2022-01-23 16:09 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-01-23 13:33 - 2019-05-30 20:24 - 000007612 _____ C:\Users\PC\AppData\Local\Resmon.ResmonCfg 2022-01-23 13:13 - 2020-10-10 18:31 - 000000000 ____D C:\Users\PC\Documents\Euro Truck Simulator 2 2022-01-23 12:35 - 2021-06-12 18:03 - 000000000 ____D C:\Users\PC\AppData\Roaming\Messenger 2022-01-23 12:35 - 2021-06-12 18:03 - 000000000 ____D C:\Users\PC\AppData\Local\Messenger 2022-01-23 02:18 - 2021-02-14 22:11 - 000000000 ____D C:\Users\PC\AppData\Roaming\TS3Client 2022-01-23 01:24 - 2019-09-21 17:03 - 000000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics 2022-01-22 23:08 - 2020-11-28 19:42 - 000439224 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-01-22 23:07 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2022-01-22 23:07 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-01-22 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-01-22 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-01-22 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2022-01-22 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-01-22 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2022-01-22 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2022-01-22 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2022-01-22 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-01-22 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-01-22 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2022-01-22 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-01-22 22:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-01-22 16:10 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-01-22 16:08 - 2020-08-23 11:34 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-01-21 21:43 - 2020-11-14 18:01 - 000000000 ____D C:\WINDOWS\pss 2022-01-21 20:36 - 2019-05-30 19:41 - 000000000 ____D C:\Users\PC\AppData\Local\NVIDIA Corporation 2022-01-21 20:11 - 2020-11-28 19:51 - 000003570 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2022-01-21 20:11 - 2020-11-28 19:51 - 000003446 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2022-01-21 15:34 - 2019-06-20 13:14 - 000000000 ____D C:\Users\PC\AppData\Roaming\.minecraft 2022-01-19 15:32 - 2020-11-30 15:05 - 000003414 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c5b749975f9 2022-01-19 15:32 - 2020-11-28 19:51 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-01-18 15:44 - 2021-02-12 21:45 - 000000000 ____D C:\WINDOWS\Minidump 2022-01-18 15:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-01-18 15:44 - 2019-05-30 16:20 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache 2022-01-17 20:24 - 2019-07-31 20:31 - 000000000 ____D C:\Users\PC\AppData\Roaming\Discord 2022-01-17 20:23 - 2019-07-31 20:31 - 000000000 ____D C:\Users\PC\AppData\Local\Discord 2022-01-16 19:03 - 2019-06-04 18:23 - 000000000 ____D C:\Program Files\Microsoft Office 2022-01-15 22:40 - 2020-10-10 18:26 - 000000000 ____D C:\ProgramData\TruckersMP 2022-01-15 15:52 - 2019-05-31 14:42 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-01-15 15:50 - 2019-05-31 14:42 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-01-15 14:36 - 2019-06-12 17:31 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2022-01-14 21:06 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2022-01-14 18:11 - 2020-11-28 19:51 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3192562959-1690777676-342118144-1001 2022-01-14 18:11 - 2020-11-28 19:43 - 000002414 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-01-11 23:49 - 2020-11-28 19:43 - 000000000 ____D C:\Users\PC 2022-01-08 20:33 - 2020-11-20 08:15 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Mozilla 2022-01-07 16:06 - 2019-05-30 19:53 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-12-26 14:30 - 2020-11-14 13:00 - 000001672 _____ C:\Users\PC\Desktop\Nowy Plik Tekstowy.txt 2021-12-25 20:45 - 2021-05-21 09:49 - 000000000 ____D C:\Users\PC\AppData\Roaming\paradox-launcher-v2 ==================== Pliki w katalogu głównym wybranych folderów ======== 2021-08-28 20:39 - 2021-08-28 20:39 - 000032768 _____ () C:\Users\PC\AppData\Roaming\pc-remote-data.db 2020-05-21 08:21 - 2020-05-21 08:21 - 000000128 _____ () C:\Users\PC\AppData\Local\PUTTY.RND 2021-04-16 22:41 - 2021-04-16 22:41 - 000001605 _____ () C:\Users\PC\AppData\Local\recently-used.xbel 2019-05-30 20:24 - 2022-01-23 13:33 - 000007612 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg 2019-08-30 16:47 - 2019-08-30 16:47 - 000000056 _____ () C:\Users\PC\AppData\Local\X-Plane 11 Preferences.prf 2019-08-30 16:49 - 2019-10-05 14:40 - 000000015 _____ () C:\Users\PC\AppData\Local\X-Plane_drm_11.prf 2019-08-30 16:47 - 2019-08-30 16:47 - 000000059 _____ () C:\Users\PC\AppData\Local\x-plane_install_11.txt ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================