Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 10-01-2022 01
Uruchomiony przez Dorcia (administrator)  DORCIA-DELL (Dell Inc. Vostro 3550) (11-01-2022 21:09:42)
Uruchomiony z C:\Users\Dorcia\Downloads
Załadowane profile: Dorcia & mario
Platforma: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Język: Polski (Polska)
Domyślna przeglądarka: Opera
Tryb startu: Normal

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Atheros Communications Inc. -> Atheros Commnucations) [Brak podpisu cyfrowego] C:\Program Files\Dell Wireless\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. -> Atheros) [Brak podpisu cyfrowego] C:\Program Files\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Dell Inc -> ) C:\Program Files\Dell\UpdateService\ServiceShell.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(Validity Sensors, Inc -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe

==================== Rejestr (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [501624 2011-04-12] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2245722547-3673346212-225114556-1000\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\Dorcia\AppData\Local\WhatsApp\Update.exe [2252496 2021-09-10] (WhatsApp, Inc -> )
HKU\S-1-5-21-2245722547-3673346212-225114556-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2245722547-3673346212-225114556-1000\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2245722547-3673346212-225114556-1000\...\MountPoints2: {4c0d0b91-56e7-11ec-8c0f-3859f97d459e} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2245722547-3673346212-225114556-1000\...\MountPoints2: {4c0d0c7a-56e7-11ec-8c0f-3859f97d459e} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2245722547-3673346212-225114556-1000\...\MountPoints2: {7c1e141f-db73-11eb-8bc6-3859f97d459e} - E:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-11] (Google LLC -> Google LLC)
Startup: C:\Users\Dorcia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2018-09-04]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [Brak podpisu cyfrowego]

==================== Zaplanowane zadania (filtrowane) ============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {1AD0E5BD-C153-4F84-B22C-030F1E7DD757} - System32\Tasks\{091438A5-DCE2-49B5-9464-9E15CCF7DAFD} => C:\Windows\system32\pcalua.exe -a C:\Users\Dorcia\AppData\Local\Temp\scoped_dir6916_13342\irfanview_lang_polski.exe -d C:\Users\Dorcia\AppData\Local\Temp\scoped_dir6916_13342 <==== UWAGA
Task: {3A3BD7D2-ADD4-4E60-8A58-57DBA6462881} - System32\Tasks\{619E5CD8-9F09-409A-ADD9-ECF5E1D4C699} => C:\Windows\system32\pcalua.exe -a C:\AMD\Support\13-4_mobility_vista_win7_win8_32_dd_ccc_whql\Setup.exe -d C:\AMD\Support\13-4_mobility_vista_win7_win8_32_dd_ccc_whql
Task: {5DC4EB51-2F24-4B53-8A55-55CB2E809E63} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {79D7F3C0-5F5C-48B4-AEBB-70FD905DBC96} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {8C6D13B1-EAF6-4F81-9279-364E983CB7E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-06-02] (Google Inc -> Google Inc.)
Task: {90848425-B7C6-44F6-9F2F-E7540F508153} - System32\Tasks\AdobeAAMUpdater-1.0-Dorcia-DELL-Dorcia => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {BCDC6B32-CBFF-434A-865E-2C7880724D6A} - System32\Tasks\Opera scheduled assistant Autoupdate 1579814509 => C:\Program Files\Opera\launcher.exe [1753808 2021-12-21] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {C395C0A9-9ECF-42CC-B978-A40C11C65DC3} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F2B0CFE8-3A72-49DD-BEC0-351E9F1CDDAB} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1553880 2020-05-03] (Dell Inc. -> Dell Inc.)
Task: {F87B6CDC-23C9-41CE-8C77-271FF53EDF88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-06-02] (Google Inc -> Google Inc.)
Task: {FD114F92-5925-44F8-8944-1A2E774F6796} - System32\Tasks\Opera scheduled Autoupdate 1528012582 => C:\Program Files\Opera\launcher.exe [1753808 2021-12-21] (Opera Software AS -> Opera Software)
Task: {FEB37BAD-B65A-4E45-A086-0E5E28DCF5CC} - System32\Tasks\{CFAD9BD8-B635-4D79-A036-0D8295A75763} => C:\Windows\system32\pcalua.exe -a E:\_____SUPPORTED_ORIG_delldriverS\Video_ATI_W7_A10_Setup-G22HG_ZPE.exe -d E:\_____SUPPORTED_ORIG_delldriverS

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [94208 2006-02-28] (Apple Computer, Inc.) [Brak podpisu cyfrowego]
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{84729339-0B04-42C6-81FB-54636017DA1D}: [DhcpNameServer] 192.168.0.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Dorcia\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-09]
Edge HKLM\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 6sovya1r.default-1527956543972
FF ProfilePath: C:\Users\Dorcia\AppData\Roaming\Mozilla\Firefox\Profiles\6sovya1r.default-1527956543972 [2022-01-11]
FF Session Restore: Mozilla\Firefox\Profiles\6sovya1r.default-1527956543972 -> [funkcja włączona]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Dorcia\AppData\Roaming\Mozilla\Firefox\Profiles\6sovya1r.default-1527956543972\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-12-14]
FF Extension: (Old Layout for Facebook) - C:\Users\Dorcia\AppData\Roaming\Mozilla\Firefox\Profiles\6sovya1r.default-1527956543972\Extensions\{8792af17-0df8-40ab-81d3-6cc777171564}.xpi [2020-12-04]
FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Dorcia\AppData\Roaming\Mozilla\Firefox\Profiles\6sovya1r.default-1527956543972\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-12-01]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-01-22] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Dorcia\AppData\Local\Google\Chrome\User Data\Default [2022-01-11]
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=152c9255-b7fc-4115-b898-dc43296d0b45&affid=111583&searchtype=hp&babsrc=lnkry","hxxps://www.google.com/"
CHR Session Restore: Default -> [funkcja włączona]
CHR Extension: (Prezentacje) - C:\Users\Dorcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-02]
CHR Extension: (Theme Creator) - C:\Users\Dorcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2018-06-02]
CHR Extension: (Dokumenty) - C:\Users\Dorcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-02]
CHR Extension: (Dysk Google) - C:\Users\Dorcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\Dorcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-02]
CHR Extension: (Arkusze) - C:\Users\Dorcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dorcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-12]
CHR Extension: (AdBlock — najlepszy bloker reklam) - C:\Users\Dorcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-04]
CHR Extension: (Breakout) - C:\Users\Dorcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmidaaeoomjidgncokgnjocidapkdbee [2018-06-02]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Dorcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-25]
CHR Extension: (Gmail) - C:\Users\Dorcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\Dorcia\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-01-04]
CHR Profile: C:\Users\Dorcia\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-09]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera: 
=======
OPR Profile: C:\Users\Dorcia\AppData\Roaming\Opera Software\Opera Stable [2022-01-11]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Session Restore: Opera Stable -> [funkcja włączona]
OPR Extension: (Translator) - C:\Users\Dorcia\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2021-12-07]
OPR Extension: (The Printliminator) - C:\Users\Dorcia\AppData\Roaming\Opera Software\Opera Stable\Extensions\ddlmnofhlaecjnfohaphgklgbiofiigl [2021-12-07]
OPR Extension: (Rich Hints Agent) - C:\Users\Dorcia\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-24]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Dorcia\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-12]
OPR Extension: (Zainstaluj rozszerzenia Chrome) - C:\Users\Dorcia\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-12-04]

LastRegBack: 2022-01-07 00:41
==================== Koniec  FRST.txt ========================