Witam Skanowałem komputer przez AdwCleaner'a kilka razy i za każdym razem skan wykrywał dwa zagrożenia związane z Pup.optional.legacy ,lecz nie może go za każdym razem usunąć. Przeskanowałem jeszcze raz i nic nie wykrył lecz dziś dla pewności zrobiłem jeszcze jeden skan który wykrył to samo co ostatnimi czasy. W załączniku wrzucam logi z FRST i AdwCleaner. Z góry dziękuję i pozdrawiam
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 21-08-2021
Uruchomiony przez Misiek (administrator) DESKTOP-0INCJAO (Micro-Star International Co., Ltd. MS-7B51) (27-08-2021 10:05:18)
Uruchomiony z C:\Users\Misiek\Desktop\FRST
Załadowane profile: Misiek
Platform: Windows 10 Pro Wersja 21H1 19043.1165 (X64) Język: Polski (Polska)
Domyślna przeglądarka: Chrome
Tryb startu: Normal
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(AVB Disc Soft, SIA - & gt; Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA - & gt; Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Google LLC - & gt; Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe & lt; 12 & gt;
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2105.4017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows Publisher - & gt; Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher - & gt; Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(NVIDIA Corporation - & gt; Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe & lt; 3 & gt;
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe & lt; 3 & gt;
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\NVDisplay.Container.exe & lt; 2 & gt;
(Realtek Semiconductor Corp. - & gt; Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_01042bb7f11c17c4\RtkAudUService64.exe
==================== Rejestr (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [Riot Vanguard] = & gt; C:\Program Files\Riot Vanguard\vgtray.exe [564152 2021-05-21] (Riot Games, Inc. - & gt; Riot Games, Inc.)
HKLM\...\Run: [RtkAudUService] = & gt; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_01042bb7f11c17c4\RtkAudUService64.exe [1256824 2021-04-19] (Realtek Semiconductor Corp. - & gt; Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. - & gt; Oracle Corporation)
HKU\S-1-5-21-3444016899-2235545509-270354729-1001\...\Run: [Steam] = & gt; C:\Program Files (x86)\Steam\steam.exe [4110568 2021-07-21] (Valve - & gt; Valve Corporation)
HKU\S-1-5-21-3444016899-2235545509-270354729-1001\...\Run: [uTorrent] = & gt; C:\Users\Misiek\AppData\Roaming\uTorrent\uTorrent.exe [2132520 2021-05-14] (BitTorrent Inc - & gt; BitTorrent Inc.)
HKU\S-1-5-21-3444016899-2235545509-270354729-1001\...\Run: [DAEMON Tools Lite Automount] = & gt; C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-03-27] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
HKU\S-1-5-21-3444016899-2235545509-270354729-1001\...\Run: [launchOnStartup] = & gt; D:\GOG Galaxy\GalaxyClient.exe [13277256 2020-02-27] (GOG Sp. z o.o. - & gt; GOG.com)
HKU\S-1-5-21-3444016899-2235545509-270354729-1001\...\Run: [FACEIT] = & gt; C:\Users\Misiek\AppData\Local\FACEITApp\update.exe [2204608 2020-07-30] (FACE IT LIMITED - & gt; )
HKU\S-1-5-21-3444016899-2235545509-270354729-1001\...\Run: [EpicGamesLauncher] = & gt; D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32873544 2021-01-18] (Epic Games Inc. - & gt; Epic Games, Inc.)
HKU\S-1-5-21-3444016899-2235545509-270354729-1001\...\Run: [Discord] = & gt; C:\Users\Misiek\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. - & gt; GitHub)
HKU\S-1-5-21-3444016899-2235545509-270354729-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3444016899-2235545509-270354729-1001\...\MountPoints2: {72415877-7046-11ea-bcb2-00d861de10de} - " E:\setup.EXE " /AUTORUN
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-26] (Google LLC - & gt; Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2021-08-26]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk - & gt; (Brak pliku)
HKLM\SOFTWARE\Policies\Google: Ograniczenia & lt; ==== UWAGA
==================== Zaplanowane zadania (filtrowane) ============
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
Task: {0F6B8512-8D1E-4B13-9286-BD8ACCEC8AC5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon = & gt; C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-08-15] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {10754E99-66FC-431F-976E-9C163B3606B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 = & gt; C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4282280 2021-08-09] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {10C9084D-88AD-4280-A4DB-F35571BB4FF8} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {14A50F62-2A62-46B1-AB56-F633D2F5B201} - System32\Tasks\Intel PTT EK Recertification = & gt; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services - & gt; Intel(R) Corporation)
Task: {26E21F7B-B050-42F9-BBB9-88EDD06E1204} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {2F161D22-BC78-4196-BEB9-2BFC92FB8687} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor = & gt; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {304C32E8-61A0-4C80-9C4A-07CB18651C1E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {356D302C-E9D7-4556-8AC6-CDBCEB147715} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {413DDFC3-C97D-4EF7-BFF5-EDAFF134743B} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-26] (Google LLC - & gt; Google LLC)
Task: {4278DD13-8D5C-4821-8334-3BD0D85400C5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {45961B99-2A0B-4BE8-A4DF-0FBACB642AF8} - System32\Tasks\Optimize Thumbnail Cache = & gt; C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\isupdate.exe [61104 2020-09-26] (Flexera Software LLC - & gt; InstallShield®) [Brak podpisu cyfrowego]
Task: {5224B120-EDE0-4E2E-B96C-E9E31FCCF424} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {5E2458C6-F6EA-415F-852B-F68950227B0E} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-26] (Google LLC - & gt; Google LLC)
Task: {5F2F4F39-8928-4D20-9417-E1ED32397568} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {99F2AB40-F4E8-4690-A6E5-510E0402F49A} - System32\Tasks\Microsoft\Office\Office Feature Updates = & gt; C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-08-15] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {9C88A546-D9F1-4757-B81E-987B5F8EEB60} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {A3C104E7-DCE2-45D2-8E14-BC5FF6E7F7B8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 = & gt; C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4282280 2021-08-09] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {AB7D8455-034B-47B5-9599-A1BFAAD700A5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {BA40FB2E-9BD3-4970-A7B7-8313181AD13E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 = & gt; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {C6A13567-E4A8-4794-9FC1-7FED8B16C12D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation - & gt; NVIDIA Corporation) - & gt; -d " C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck " -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {DDF2C453-CBE5-41E6-BDA8-7A3027768BE7} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation - & gt; NVIDIA Corporation) - & gt; -d " C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck " -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E5775EF1-C116-4E1F-825C-69A65858A291} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {EE35CC06-5695-4D71-9A0A-84E36F809213} - System32\Tasks\KMSpico Automatic Update Scheduler = & gt; C:\Program Files\KMSpico\KMSUPD.exe [85656 2020-10-10] (ByELDI - & gt; @ByELDI) [Brak podpisu cyfrowego]
Task: {F3FB284A-F786-434D-9692-B13F736C8BD6} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {FE6C1A03-E62E-48E2-9942-FD2DE9F3E4B6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation - & gt; NVIDIA Corporation)
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 & lt; ==== UWAGA (Ograniczenia - ProxySettings)
AutoConfigURL: [HKLM] = & gt; hxxp://127.0.0.1:86/
AutoConfigURL: [HKLM-x32] = & gt; hxxp://127.0.0.1:86/
AutoConfigURL: [{682391DB-1DCF-4196-A5E7-9D5F4873BF5C}] = & gt; hxxp://127.0.0.1:86/
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{203681e0-fb36-4723-83d2-55578883edc8}: [DhcpNameServer] 192.168.0.1
ManualProxies: 0hxxp://127.0.0.1:86/
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia & lt; ==== UWAGA
Edge:
=======
Edge Extension: (Brak nazwy) - & gt; AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 = & gt; C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono]
Edge Extension: (Brak nazwy) - & gt; BookReader_B171F20233094AC88D05A8EF7B9763E8 = & gt; C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono]
Edge Extension: (Brak nazwy) - & gt; LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 = & gt; C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono]
Edge Extension: (Brak nazwy) - & gt; PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 = & gt; C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono]
Edge Profile: C:\Users\Misiek\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-27]
FireFox:
========
FF DefaultProfile: uo26xz7v.default
FF ProfilePath: C:\Users\Misiek\AppData\Roaming\Mozilla\Firefox\Profiles\uo26xz7v.default [2021-08-26]
FF ProfilePath: C:\Users\Misiek\AppData\Roaming\Mozilla\Firefox\Profiles\m4zau58e.default-release [2021-08-26]
FF Plugin: @java.com/DTPlugin,version=11.301.2 - & gt; C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-08-26] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.301.2 - & gt; C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-08-26] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - & gt; C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-07-19] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-07-19] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. - & gt; Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Backup [2021-08-26] & lt; ==== UWAGA
CHR HomePage: Backup - & gt; hxxps://www.google.com/
CHR StartupUrls: Backup - & gt; " hxxp://www.google.pl/firefox "
CHR Extension: (Prezentacje) - C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Backup\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-26]
CHR Extension: (Dokumenty) - C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Backup\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-26]
CHR Extension: (Dysk Google) - C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Backup\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-26]
CHR Extension: (YouTube) - C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Backup\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-26]
CHR Extension: (Arkusze) - C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Backup\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Backup\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-08-26]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Backup\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-26]
CHR Extension: (Gmail) - C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Backup\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-26]
CHR Extension: (Chrome Media Router) - C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Backup\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-26]
CHR Profile: C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Default [2021-08-27]
CHR HomePage: Default - & gt; hxxp://mysearch.avg.com?cid={A89802AE-2AFC-428D-B90F-3F7C7915B876} & mid=3b84c64f9b7e47d2bcd7d1060886a6c9-8b5800363fd82e742bbfad8448e6adfdcfc42e43 & lang=pl & ds=AVG & coid=avgtbavg & cmpid= & pr=fr & d=2014-04-19 12:34:36 & v=18.0.5.292 & pid=safeguard & sg= & sap=hp
CHR StartupUrls: Default - & gt; " hxxp://www.google.pl/firefox "
CHR Extension: (Prezentacje) - C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-26]
CHR Extension: (Dokumenty) - C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-26]
CHR Extension: (Dysk Google) - C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-26]
CHR Extension: (YouTube) - C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-26]
CHR Extension: (Arkusze) - C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-08-26]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-26]
CHR Extension: (Gmail) - C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-26]
CHR Extension: (Chrome Media Router) - C:\Users\Misiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-26]
==================== Usługi (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. - & gt; Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9142128 2021-08-05] (Microsoft Corporation - & gt; Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-03-27] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-11-16] (EasyAntiCheat Oy - & gt; Epic Games, Inc)
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [19039072 2020-08-04] (FACE IT LIMITED - & gt; )
S3 GalaxyClientService; D:\GOG Galaxy\GalaxyClientService.exe [1636936 2020-02-27] (GOG Sp. z o.o. - & gt; GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-02-27] (GOG Sp. z o.o. - & gt; GOG.com)
S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-24] (Huawei Technologies Co., Ltd. - & gt; )
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2556048 2021-07-15] (Electronic Arts, Inc. - & gt; Electronic Arts)
S2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3474584 2021-07-15] (Electronic Arts, Inc. - & gt; Electronic Arts)
S3 Rockstar Service; D:\Rockstar Games\RockstarService.exe [1856816 2021-08-06] (Rockstar Games, Inc. - & gt; Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-08-10] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10322376 2021-05-21] (Riot Games, Inc. - & gt; Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Sterowniki (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-03-27] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-03-27] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher - & gt; Huawei Technologies Co., Ltd.)
R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [10401656 2020-08-04] (FACE IT LIMITED - & gt; )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James - & gt; Scarlet.Crush Productions)
R3 sshid; C:\WINDOWS\system32\DRIVERS\sshid.sys [57440 2020-10-09] (SteelSeries ApS - & gt; SteelSeries ApS)
S4 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239664 2021-07-28] (Oracle Corporation - & gt; Oracle Corporation)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8182600 2021-05-20] (Riot Games, Inc. - & gt; Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows - & gt; Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows - & gt; Microsoft Corporation)
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc (utworzone) (filtrowane) =========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2021-08-27 10:04 - 2021-08-27 10:05 - 000000000 ____D C:\Users\Misiek\Desktop\FRST
2021-08-27 10:04 - 2021-08-27 10:05 - 000000000 ____D C:\FRST
2021-08-27 06:55 - 2021-08-27 06:55 - 000000000 ____D C:\ProgramData\McAfee
2021-08-27 06:52 - 2021-08-27 06:52 - 008553680 _____ (Malwarebytes) C:\Users\Misiek\Downloads\adwcleaner_8.3.0.exe
2021-08-27 00:14 - 2021-08-27 00:14 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2021-08-27 00:10 - 2021-08-27 00:11 - 000000000 ____D C:\AdwCleaner
2021-08-26 22:53 - 2021-08-26 23:00 - 000000000 ____D C:\Users\Misiek\VirtualBox VMs
2021-08-26 22:50 - 2021-08-27 00:10 - 000000000 ____D C:\Users\Misiek\.VirtualBox
2021-08-26 22:50 - 2021-08-26 22:50 - 000000000 ____D C:\ProgramData\VirtualBox
2021-08-26 22:33 - 2021-08-26 22:38 - 000000000 ____D C:\Users\Misiek\AppData\LocalLow\Mozilla
2021-08-26 22:33 - 2021-08-26 22:38 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-26 22:33 - 2021-08-26 22:38 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-08-26 22:33 - 2021-08-26 22:33 - 000000000 ____D C:\Users\Misiek\AppData\Roaming\Mozilla
2021-08-26 22:33 - 2021-08-26 22:33 - 000000000 ____D C:\Users\Misiek\AppData\Local\Mozilla
2021-08-26 22:14 - 2021-08-26 22:14 - 000002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-26 22:14 - 2021-08-26 22:14 - 000002284 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-26 22:14 - 2021-08-26 22:14 - 000000000 ____D C:\Program Files\Google
2021-08-26 22:13 - 2021-08-26 22:13 - 000003570 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-26 22:13 - 2021-08-26 22:13 - 000003446 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-26 17:31 - 2021-08-26 17:31 - 000001167 _____ C:\Users\Misiek\Desktop\Sea of Thieves.lnk
2021-08-25 21:36 - 2021-08-25 21:36 - 000000000 ____D C:\Users\Misiek\Documents\FeedbackHub
2021-08-25 21:24 - 2021-08-25 21:24 - 000001164 _____ C:\Users\Misiek\Desktop\Human Fall Flat.lnk
2021-08-25 21:24 - 2021-08-25 21:24 - 000000000 ____D C:\Users\Misiek\AppData\LocalLow\Curve Digital
2021-08-25 21:06 - 2021-08-25 21:06 - 000000000 ____D C:\Users\Misiek\AppData\Local\INetHistory
2021-08-10 19:44 - 2021-08-10 19:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-10 19:44 - 2021-08-10 19:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-10 19:44 - 2021-08-10 19:44 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-10 19:44 - 2021-08-10 19:44 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-10 19:44 - 2021-08-10 19:44 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-10 19:44 - 2021-08-10 19:44 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-10 19:44 - 2021-08-10 19:44 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-10 19:40 - 2021-08-10 19:40 - 000000000 ___HD C:\$WinREAgent
2021-07-28 13:11 - 2021-07-28 13:11 - 000249568 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys
2021-07-28 13:11 - 2021-07-28 13:11 - 000239664 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp6.sys
==================== Jeden miesiąc (zmodyfikowane) ==================
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2021-08-27 10:03 - 2021-02-04 00:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-27 10:03 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-27 09:28 - 2020-03-24 18:26 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-27 08:04 - 2020-09-30 19:50 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-27 07:00 - 2020-03-31 19:53 - 000000000 ____D C:\Users\Misiek\Documents\Assassin's Creed Unity
2021-08-27 07:00 - 2020-03-24 18:31 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-27 06:53 - 2020-03-24 19:13 - 000000000 ____D C:\Users\Misiek\AppData\Roaming\discord
2021-08-27 06:53 - 2020-03-24 18:32 - 000000000 ____D C:\Users\Misiek\AppData\Local\NVIDIA Corporation
2021-08-27 06:50 - 2021-07-13 18:09 - 000000000 ____D C:\Users\Misiek\AppData\Local\Discord
2021-08-27 06:50 - 2020-03-24 18:44 - 000000000 ____D C:\Program Files (x86)\Steam
2021-08-27 06:50 - 2020-03-24 18:26 - 000000000 ___RD C:\Users\Misiek\OneDrive
2021-08-27 00:14 - 2021-03-11 23:52 - 000000000 ____D C:\Program Files (x86)\Autodesk
2021-08-27 00:14 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-26 22:53 - 2021-02-03 18:05 - 000000000 ____D C:\Users\Misiek
2021-08-26 22:39 - 2020-10-16 23:44 - 000000000 ____D C:\Users\Misiek\AppData\Local\Opera Software
2021-08-26 22:39 - 2020-10-16 23:43 - 000000000 ____D C:\Users\Misiek\AppData\Roaming\Opera Software
2021-08-26 22:32 - 2021-02-04 01:03 - 001767984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-26 22:32 - 2019-12-07 17:09 - 000784340 _____ C:\WINDOWS\system32\perfh015.dat
2021-08-26 22:32 - 2019-12-07 17:09 - 000152236 _____ C:\WINDOWS\system32\perfc015.dat
2021-08-26 22:28 - 2020-04-09 23:37 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-08-26 22:25 - 2021-02-04 00:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-26 22:25 - 2021-02-04 00:53 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-26 22:24 - 2020-12-24 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-08-26 22:24 - 2020-12-24 17:01 - 000000000 ____D C:\Program Files\Java
2021-08-26 22:24 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-08-26 22:23 - 2020-12-24 17:01 - 000191832 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2021-08-26 22:14 - 2020-03-24 18:26 - 000000000 ____D C:\Users\Misiek\AppData\Local\Google
2021-08-26 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-26 17:31 - 2020-03-24 18:26 - 000000000 ____D C:\Users\Misiek\AppData\Local\PlaceholderTileLogoFolder
2021-08-26 17:31 - 2020-03-24 18:23 - 000000000 ____D C:\Users\Misiek\AppData\Local\Packages
2021-08-26 17:31 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-25 21:24 - 2020-03-24 18:26 - 000000000 ____D C:\ProgramData\Packages
2021-08-25 19:25 - 2021-07-15 21:59 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3444016899-2235545509-270354729-1001
2021-08-25 19:25 - 2021-02-03 18:05 - 000002426 _____ C:\Users\Misiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-24 18:56 - 2020-05-03 11:13 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-08-24 18:56 - 2020-04-12 12:21 - 002163152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-08-24 18:56 - 2020-04-12 12:21 - 000307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-08-24 18:56 - 2020-04-12 12:21 - 000213456 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-08-24 18:56 - 2020-04-12 12:21 - 000188856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-08-24 18:56 - 2020-04-12 12:21 - 000061904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-08-22 01:29 - 2020-06-08 23:51 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-17 01:22 - 2020-09-30 19:50 - 000740168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-08-17 01:22 - 2020-09-30 19:50 - 000486728 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-08-16 21:50 - 2021-04-16 01:29 - 000000000 ____D C:\WINDOWS\Minidump
2021-08-16 21:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-08-16 21:41 - 2021-07-15 06:03 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-16 21:41 - 2021-07-15 06:03 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-15 01:03 - 2020-03-24 18:30 - 000000000 ____D C:\Users\Misiek\AppData\Local\Battle.net
2021-08-15 00:50 - 2020-04-16 10:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-08-15 00:48 - 2020-03-24 18:44 - 000000000 ____D C:\Program Files (x86)\Call of Duty Modern Warfare
2021-08-14 01:14 - 2020-03-24 18:29 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-08-10 23:47 - 2021-02-04 00:53 - 000467768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-10 23:46 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-08-10 23:46 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-10 23:46 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-10 23:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-10 23:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-10 23:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-10 23:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-10 23:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-10 23:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-08-10 23:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-10 23:46 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-10 19:46 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-10 19:40 - 2020-03-25 00:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-10 19:38 - 2020-03-25 00:45 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-09 10:22 - 2020-03-24 20:46 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-08-04 14:00 - 2020-03-24 18:19 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Pliki w katalogu głównym wybranych folderów ========
2020-09-29 17:04 - 2020-09-29 17:14 - 000016438 _____ () C:\Users\Misiek\AppData\Local\partner.bmp
2021-05-27 11:18 - 2021-05-27 11:18 - 000001593 _____ () C:\Users\Misiek\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
==================== Koniec FRST.txt ========================