Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 30-05.2019
Uruchomiony przez Admin (administrator)  DESKTOP-CREU7S2 (ASUSTeK COMPUTER INC. X553MA) (31-05-2019 13:37:51)
Uruchomiony z C:\Users\Admin\Desktop
Załadowane profile: Admin (Dostępne profile: Admin)
Platform: Windows 10 Home Wersja 1809 17763.503 (X64) Język: Polski (Polska)
Domyślna przeglądarka nie została wykryta!
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

() [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.1000_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19051.545.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 4510 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.1000_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Microsoft Corporation) [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11904.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3797523829-3167351363-222133892-1001\...\Run: [HP Deskjet 4510 series (NET)] => C:\Program Files\HP\HP Deskjet 4510 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {023932EC-7994-4049-80B7-FA57ABE19E76} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {086AF6D2-AF3B-426B-9E3E-C7B76438D685} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C34BD14-4BC3-4BDC-900B-FA6DF0040561} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {11F14E68-482A-41C9-84E3-560E098858FA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-03-28] (Google Inc -> Google LLC)
Task: {28187CC0-B526-46FA-BE41-D55F9A84AE5B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {49F0D2B5-5A32-4E6F-9CC4-106B687A5C90} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16405744 2015-08-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {71B712D8-DE79-4A81-B28F-29F035DEB42B} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-03-09] (ASUSTeK Computer Inc. -> AsusTek)
Task: {774AF7D2-0A95-4CD8-9422-DFDC58040820} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {8A173DA9-FFD7-4684-9E14-35CD7D12882C} - System32\Tasks\HPCustParticipation HP Deskjet 4510 series => C:\Program Files\HP\HP Deskjet 4510 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {93C0C704-8A21-42A8-9532-3028FA467A1A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-03-28] (Google Inc -> Google LLC)
Task: {C9899115-1EAC-44C1-8FD7-AD0E03C34F48} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9E4EE65-4E05-475A-9D00-4BE8DD80A5FA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {CCAE8177-751A-4982-BF70-8DF95BA226BD} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2408496 2019-05-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 217.172.224.160 89.231.1.206
Tcpip\..\Interfaces\{2efbbe94-dac6-4578-b58c-2dd14525c523}: [DhcpNameServer] 217.172.224.160 89.231.1.206

Internet Explorer:
==================
HKU\S-1-5-21-3797523829-3167351363-222133892-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web-pl.com/
SearchScopes: HKU\S-1-5-21-3797523829-3167351363-222133892-1001 -> DefaultScope {A7B030C1-8701-401F-A67B-52F157F8CAF9} URL = hxxp://www.web-pl.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3797523829-3167351363-222133892-1001 -> {A7B030C1-8701-401F-A67B-52F157F8CAF9} URL = hxxp://www.web-pl.com/search?q={searchTerms}

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-3797523829-3167351363-222133892-1001 -> hxxp://www.web-pl.com/

FireFox:
========
FF DefaultProfile: lik0x5xn.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lik0x5xn.default [2019-05-31]
FF Homepage: Mozilla\Firefox\Profiles\lik0x5xn.default -> hxxp://www.web-pl.com/
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.pl/
CHR StartupUrls: Default -> "hxxp://google.pl/"
CHR DefaultSearchURL: Default -> hxxp://www.web-pl.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> szukaj
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2019-05-31]
CHR Extension: (Prezentacje) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-28]
CHR Extension: (Dokumenty) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-28]
CHR Extension: (Dysk Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-28]
CHR Extension: (Tree Branches) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgdeemcfmmabkdhbnhmkhpadancpkgol [2019-03-29]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-28]
CHR Extension: (Arkusze) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-28]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-28]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-25]