REKLAMA

FRST.txt

Błąd RunDLL po uruchomieniu Windows 8 - jak naprawić?

Proszę, pliki z FRST.


Pobierz plik - link do postu

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 17-10-2016
Uruchomiony przez Samsung (administrator) SAMSUNG-PC (18-10-2016 20:15:39)
Uruchomiony z C:\Users\Samsung\Downloads
Załadowane profile: Samsung (Dostępne profile: Samsung)
Platform: Windows 8.1 (Update) (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: IE)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Samsung Electronics Co., Ltd.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe


==================== Rejestr (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [RtHDVCpl] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13677784 2014-09-29] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] = & gt; C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818040 2013-09-19] (Motorola Solutions, Inc.)
HKLM\...\Run: [SynTPEnh] = & gt; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2793200 2013-11-29] (Synaptics Incorporated)
HKLM-x32\...\Run: [APSDaemon] = & gt; C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] = & gt; C:\Program Files\AVAST Software\Avast\AvastUI.exe [9083840 2016-10-14] (AVAST Software)
HKU\S-1-5-21-1672109240-1983113430-2773240728-1001\...\Run: [CCleaner Monitoring] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-1672109240-1983113430-2773240728-1001\...\RunOnce: [Uninstall C:\Users\Samsung\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] = & gt; C:\Windows\system32\cmd.exe /q /c rmdir /s /q " C:\Users\Samsung\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64 "
HKU\S-1-5-21-1672109240-1983113430-2773240728-1001\...\RunOnce: [Uninstall C:\Users\Samsung\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] = & gt; C:\Windows\system32\cmd.exe /q /c rmdir /s /q " C:\Users\Samsung\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64 "
AppInit_DLLs: C:\Windows\system32\nvinitx.dll = & gt; C:\Windows\system32\nvinitx.dll [184048 2013-11-11] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll = & gt; C:\Windows\SysWOW64\nvinit.dll [156256 2013-11-11] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-10-11] (AVAST Software)

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Hosts: 0x2320436F707972696768742028632920313939332D32303039204D6963726F736F667420436F72702E0D0A230D0A23205468697320697320612073616D706C6520484F5354532066696C652075736564206279204D6963726F736F6674205443502F495020666F722057696E646F77732E0D0A230D0A2320546869732066696C6520636F6E7461696E7320746865206D617070696E6773206F662049502061646472657373657320746F20686F7374206E616D65732E20456163680D0A2320656E7472792073686F756C64206265206B657074206F6E20616E20696E646976696475616C206C696E652E2054686520495020616464726573732073686F756C640D0A2320626520706C6163656420696E2074686520666972737420636F6C756D6E20666F6C6C6F7765642062792074686520636F72726573706F6E64696E6720686F7374206E616D652E0D0A2320546865204950206164647265737320616E642074686520686F7374206E616D652073686F756C6420626520736570617261746564206279206174206C65617374206F6E650D0A232073706163652E0D0A230D0A23204164646974696F6E616C6C792C20636F6D6D656E747320287375636820617320746865736529206D617920626520696E736572746564206F6E20696E646976696475616C0D0A23206C696E6573206F7220666F6C6C6F77696E6720746865206D616368696E65206E616D652064656E6F7465642062792061202723272073796D626F6C2E0D0A230D0A2320466F72206578616D706C653A0D0A230D0A232020202020203130322E35342E39342E393720202020207268696E6F2E61636D652E636F6D202020202020202020202320736F75726365207365727665720D0A232020202020202033382E32352E36332E31302020202020782E61636D652E636F6D202020202020202020202020202023207820636C69656E7420686F73740D0A0D0A23206C6F63616C686F7374206E616D65207265736F6C7574696F6E2069732068616E646C65642077697468696E20444E5320697473656C662E0D0A23093132372E302E302E31202020202020206C6F63616C686F73740D0A23093A3A31202020202020202020202020206C6F63616C686F73740D0A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000D0A0D0A2320756E636865636B795F626567696E0D0A232054686573652072756C657320776572652061646465642062792074686520556E636865636B792070726F6772616D20696E206F7264657220746F20626C6F636B206164766572746973696E6720736F667477617265206D6F64756C65730D0A302E302E302E3020302E302E302E3020232066697820666F72207472616365726F75746520616E64206E65747374617420646973706C617920616E6F6D616C790D0A302E302E302E3020747261636B696E672E6F70656E63616E64792E636F6D2E73332E616D617A6F6E6177732E636F6D0D0A302E302E302E30206D656469612E6F70656E63616E64792E636F6D0D0A302E302E302E302063646E2E6F70656E63616E64792E636F6D0D0A302E302E302E3020747261636B696E672E6F70656E63616E64792E636F6D0D0A302E302E302E30206170692E6F70656E63616E64792E636F6D0D0A302E302E302E30206170692E7265636F6D6D656E64656473772E636F6D0D0A302E302E302E3020696E7374616C6C65722E626574746572696E7374616C6C65722E636F6D0D0A302E302E302E3020696E7374616C6C65722E66696C6562756C6C646F672E636F6D0D0A302E302E302E302064336F78746E31783362386437692E636C6F756466726F6E742E6E65740D0A302E302E302E3020696E6E6F2E62697372762E636F6D0D0A302E302E302E30206E7369732E62697372762E636F6D0D0A302E302E302E302063646E2E66696C65326465736B746F702E636F6D0D0A302E302E302E302063646E2E676F617465617374636163682E75730D0A302E302E302E302063646E2E677574746173746174646B2E75730D0A302E302E302E302063646E2E696E736B696E6D656469612E636F6D0D0A302E302E302E302063646E2E696E7374612E6F6962756E646C6573322E636F6D0D0A302E302E302E302063646E2E696E7374612E706C617962727974652E636F6D0D0A302E302E302E302063646E2E6C6C6F67657466617374636163682E75730D0A302E302E302E302063646E2E6D6F6E74696572612E636F6D0D0A302E302E302E302063646E2E6D7364776E6C642E636F6D0D0A302E302E302E302063646E2E6D7970636261636B75702E636F6D0D0A302E302E302E302063646E2E7070646F776E6C6F61642E636F6D0D0A302E302E302E302063646E2E72696365617465617374636163682E75730D0A302E302E302E302063646E2E73687961706F7461746F2E75730D0A302E302E302E302063646E2E736F6C696D62612E636F6D0D0A302E302E302E302063646E2E7475746F3470632E636F6D0D0A302E302E302E302063646E2E617070726F756E642E62697A0D0A302E302E302E302063646E2E626967737065656470726F2E636F6D0D0A302E302E302E302063646E2E62697370642E636F6D0D0A302E302E302E302063646E2E62697372762E636F6D0D0A302E302E302E302063646E2E63646E64702E636F6D0D0A302E302E302E302063646E2E646F776E6C6F61642E73776565747061636B732E636F6D0D0A302E302E302E302063646E2E6470646F776E6C6F61642E636F6D0D0A302E302E302E302063646E2E76697375616C6265652E6E65740D0A2320756E636865636B795F656E640D0A
Tcpip\Parameters: [DhcpNameServer] 62.21.99.94 62.21.99.95
Tcpip\..\Interfaces\{1F8D2C61-B773-44D9-AA5D-D669037B82C6}: [DhcpNameServer] 62.21.99.94 62.21.99.95

Internet Explorer:
==================
HKU\S-1-5-21-1672109240-1983113430-2773240728-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.pl/
BHO: avast! Online Security - & gt; {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - & gt; C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-11] (AVAST Software)
BHO: Brak nazwy - & gt; {95B7759C-8C7F-4BF1-B163-73684A933233} - & gt; Brak pliku
BHO-x32: Lync Browser Helper - & gt; {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - & gt; C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-09-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-10-07] (Oracle Corporation)
BHO-x32: avast! Online Security - & gt; {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - & gt; C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-11] (AVAST Software)
BHO-x32: Microsoft OneDrive for Business Browser Helper - & gt; {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - & gt; C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-07] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-11]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-11]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-20] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-05] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-20] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-09-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default - & gt; " hxxps://www.google.pl/ "
CHR Profile: C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default [2016-10-18]
CHR Extension: (Prezentacje Google) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-20]
CHR Extension: (Dokumenty Google) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-20]
CHR Extension: (Dysk Google) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-20]
CHR Extension: (YouTube) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-20]
CHR Extension: (Avast SafePrice) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-10-12]
CHR Extension: (Arkusze Google) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20]
CHR Extension: (Extract Image ) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfbalcfdaaglkcbjhfokkonbocdfomlj [2016-10-11]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-20]
CHR Extension: (Chrome Media Router) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-18]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-10-11] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3190976 2016-09-05] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593664 2015-06-19] (Samsung Electronics CO., LTD.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3287848 2016-02-24] (Samsung Electronics Co., Ltd.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-10-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-10-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-10-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-10-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-10-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-10-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-10-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-10-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-18] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-08-22] (Intel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 SBIOSIO; \??\C:\Users\Samsung\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-10-18 20:15 - 2016-10-18 20:15 - 00024382 _____ C:\Users\Samsung\Downloads\FRST.txt
2016-10-18 20:10 - 2016-10-18 20:15 - 00000000 ____D C:\FRST
2016-10-18 20:09 - 2016-10-18 20:09 - 02407424 _____ (Farbar) C:\Users\Samsung\Downloads\FRST64.exe
2016-10-18 15:23 - 2016-10-18 15:23 - 00052224 _____ C:\Users\Samsung\Downloads\Extras.Txt
2016-10-18 15:22 - 2016-10-18 15:22 - 00123422 _____ C:\Users\Samsung\Downloads\OTL.Txt
2016-10-18 15:11 - 2016-10-18 15:12 - 00601088 _____ (OldTimer Tools) C:\Users\Samsung\Downloads\OTL 3.2.70.2.exe
2016-10-18 14:42 - 2016-10-18 20:14 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-18 14:42 - 2016-10-18 14:42 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-10-18 14:42 - 2016-10-18 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-10-18 14:42 - 2016-10-18 14:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-10-18 14:42 - 2016-10-18 14:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-10-18 14:42 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-10-18 14:42 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-10-18 14:42 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-10-18 14:40 - 2016-10-18 14:40 - 22851472 _____ (Malwarebytes ) C:\Users\Samsung\Downloads\mbam-setup-2.2.1.1043.exe
2016-10-18 14:32 - 2016-10-18 14:32 - 03874368 _____ C:\Users\Samsung\Downloads\adwcleaner_6.021.exe
2016-10-18 14:24 - 2016-10-18 14:24 - 03874368 _____ C:\Users\Samsung\Downloads\adwcleaner_6.021.exe.au3nr7l (1).partial
2016-10-18 13:44 - 2016-10-18 14:36 - 00000000 ____D C:\AdwCleaner
2016-10-18 13:43 - 2016-10-18 14:23 - 03874368 _____ C:\Users\Samsung\Downloads\adwcleaner_6.021.exe.au3nr7l.partial
2016-10-17 22:49 - 2016-10-17 22:50 - 00000000 ____D C:\Users\Samsung\Desktop\Zdjęcia z telefonu
2016-10-12 15:38 - 2016-10-12 15:38 - 00002140 _____ C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto YouTube Downloader.lnk
2016-10-12 15:38 - 2016-10-12 15:38 - 00001490 _____ C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall Flvto YouTube Downloader.lnk
2016-10-12 15:36 - 2016-10-12 15:37 - 00270344 _____ (Hotger) C:\Users\Samsung\Downloads\FYDLoad_inconv2_9.exe
2016-10-12 14:27 - 2016-10-12 15:18 - 00000000 ____D C:\Users\Samsung\Desktop\Audiobook
2016-10-12 00:25 - 2016-10-18 13:49 - 00000000 ____D C:\Program Files\Google
2016-10-12 00:25 - 2016-10-12 00:25 - 00002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-10-12 00:25 - 2016-10-12 00:25 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-12 00:25 - 2016-10-12 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-10-12 00:25 - 2016-10-12 00:25 - 00000000 ____D C:\Program Files\CCleaner
2016-10-12 00:18 - 2016-10-12 00:18 - 00000000 ____D C:\Users\Samsung\Documents\ConvertXtoVideo Ultimate
2016-10-12 00:15 - 2016-10-17 22:53 - 00000000 ____D C:\Users\Samsung\AppData\Roaming\Vso
2016-10-12 00:15 - 2016-10-17 22:52 - 00099384 _____ C:\Users\Samsung\AppData\Roaming\inst.exe
2016-10-12 00:15 - 2016-10-17 22:52 - 00082816 _____ (VSO Software) C:\Users\Samsung\AppData\Roaming\pcouffin.sys
2016-10-12 00:15 - 2016-10-17 22:52 - 00007859 _____ C:\Users\Samsung\AppData\Roaming\pcouffin.cat
2016-10-12 00:15 - 2016-10-12 00:18 - 00000000 ____D C:\ProgramData\VSO
2016-10-12 00:15 - 2016-10-12 00:15 - 00000000 ____D C:\Users\Samsung\Documents\PcSetup
2016-10-12 00:13 - 2016-10-12 00:13 - 08244656 _____ (Piriform Ltd) C:\Users\Samsung\Downloads\ccsetup522.exe
2016-10-12 00:12 - 2016-10-12 00:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-11 23:53 - 2016-10-12 00:16 - 00003962 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1476222799
2016-10-11 23:53 - 2016-10-12 00:15 - 00001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-10-11 23:53 - 2016-10-11 23:53 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-10-11 23:53 - 2016-10-11 23:53 - 00001059 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-10-11 23:51 - 2016-10-11 23:51 - 00001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-10-11 23:51 - 2016-10-11 23:51 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-10-11 23:51 - 2016-10-11 23:51 - 00000000 ____D C:\Users\Samsung\AppData\Roaming\AVAST Software
2016-10-11 23:51 - 2016-10-11 23:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-10-11 23:50 - 2016-10-13 11:51 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-10-11 23:50 - 2016-10-11 23:51 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-10-11 23:50 - 2016-10-11 23:51 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-10-11 23:50 - 2016-10-11 23:50 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-10-11 23:50 - 2016-10-11 23:50 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-10-11 23:50 - 2016-10-11 23:50 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-10-11 23:50 - 2016-10-11 23:50 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-10-11 23:50 - 2016-10-11 23:50 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-10-11 23:50 - 2016-10-11 23:50 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-10-11 23:50 - 2016-10-11 23:50 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-10-11 23:50 - 2016-10-11 23:50 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-10-11 23:49 - 2016-10-11 23:53 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-11 23:49 - 2016-10-11 23:53 - 00000000 ____D C:\Program Files\AVAST Software
2016-10-11 23:49 - 2016-10-11 23:49 - 06253648 _____ (AVAST Software) C:\Users\Samsung\Downloads\avast_free_antivirus_setup_online.exe
2016-10-11 23:43 - 2016-10-11 23:45 - 00000000 ____D C:\Users\Samsung\Downloads\Tomek
2016-10-11 23:40 - 2016-10-12 13:58 - 00000000 ____D C:\Users\Samsung\Desktop\m
2016-10-11 23:37 - 2016-10-11 23:37 - 00000000 ____D C:\Users\Samsung\Desktop\druk
2016-10-10 19:42 - 2016-10-10 19:42 - 00000693 _____ C:\Users\Samsung\Documents\Pulpit — skrót.lnk
2016-10-07 13:43 - 2016-10-18 20:16 - 00000422 _____ C:\Windows\Tasks\Samsung_insopen.job
2016-10-07 13:43 - 2016-10-18 20:16 - 00000420 _____ C:\Windows\Tasks\Samsung_drivdrle.job
2016-10-07 13:43 - 2016-10-07 13:43 - 00003334 _____ C:\Windows\System32\Tasks\Samsung_insopen
2016-10-07 13:43 - 2016-10-07 13:43 - 00003332 _____ C:\Windows\System32\Tasks\Samsung_drivdrle
2016-10-07 13:43 - 2016-10-07 13:43 - 00000422 _____ C:\Windows\Tasks\Public_insopen.job
2016-10-07 13:43 - 2016-10-07 13:43 - 00000422 _____ C:\Windows\Tasks\Default_insopen.job
2016-10-07 13:43 - 2016-10-07 13:43 - 00000422 _____ C:\Windows\Tasks\Default User_insopen.job
2016-10-07 13:43 - 2016-10-07 13:43 - 00000422 _____ C:\Windows\Tasks\All Users_insopen.job
2016-10-07 13:43 - 2016-10-07 13:43 - 00000420 _____ C:\Windows\Tasks\Public_drivdrle.job
2016-10-07 13:43 - 2016-10-07 13:43 - 00000420 _____ C:\Windows\Tasks\Default_drivdrle.job
2016-10-07 13:43 - 2016-10-07 13:43 - 00000420 _____ C:\Windows\Tasks\Default User_drivdrle.job
2016-10-07 13:43 - 2016-10-07 13:43 - 00000420 _____ C:\Windows\Tasks\All Users_drivdrle.job
2016-10-07 13:37 - 2016-10-07 13:37 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-10-07 13:37 - 2016-10-07 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-10-07 13:37 - 2016-10-07 13:37 - 00000000 ____D C:\Program Files (x86)\Java
2016-10-02 01:10 - 2016-10-02 01:12 - 00000000 ____D C:\ProgramData\Oracle
2016-10-02 01:10 - 2016-10-02 01:10 - 00000000 ____D C:\Users\Samsung\AppData\Roaming\Sun
2016-10-02 01:10 - 2016-10-02 01:10 - 00000000 ____D C:\Users\Samsung\AppData\LocalLow\Sun
2016-10-02 01:10 - 2016-10-02 01:10 - 00000000 ____D C:\Users\Samsung\.oracle_jre_usage
2016-09-28 21:45 - 2016-09-28 21:45 - 00025348 _____ C:\Users\Samsung\Desktop\IB4.pdf
2016-09-28 00:40 - 2016-09-28 00:40 - 00000000 ____D C:\Windows\LastGood
2016-09-20 21:09 - 2016-09-20 21:09 - 00000000 ____D C:\Program Files\Common Files\DESIGNER

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-10-18 20:14 - 2016-03-20 01:55 - 00000000 __SHD C:\Users\Samsung\IntelGraphicsProfiles
2016-10-18 20:13 - 2016-03-20 01:41 - 00001074 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-18 20:13 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-18 20:12 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\FileManager
2016-10-18 19:58 - 2016-03-20 01:41 - 00001078 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-18 15:54 - 2016-03-20 01:39 - 00004000 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CDE47EED-1390-4575-B5D8-9FC817BC904A}
2016-10-18 15:43 - 2016-03-20 01:41 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1672109240-1983113430-2773240728-1001
2016-10-18 15:01 - 2016-03-20 01:46 - 00000000 ____D C:\ProgramData\WinClon
2016-10-18 14:24 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-10-18 14:16 - 2016-03-20 01:41 - 00002221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-18 14:16 - 2016-03-20 01:41 - 00002209 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-18 14:05 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-10-18 13:49 - 2016-03-20 01:40 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-17 23:19 - 2016-03-20 01:35 - 00000000 ____D C:\Users\Samsung
2016-10-17 22:51 - 2016-03-20 01:40 - 00000000 ____D C:\Users\Samsung\AppData\Local\Google
2016-10-17 20:35 - 2014-11-21 06:46 - 01825074 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-17 20:35 - 2014-11-21 06:07 - 00807160 _____ C:\Windows\system32\perfh015.dat
2016-10-17 20:35 - 2014-11-21 06:07 - 00163478 _____ C:\Windows\system32\perfc015.dat
2016-10-17 16:37 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-10-14 08:30 - 2016-06-09 13:54 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-10-14 08:29 - 2016-06-09 13:53 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-12 15:38 - 2016-06-26 12:08 - 00000000 ____D C:\Users\Samsung\AppData\Local\ChomikBox
2016-10-12 14:36 - 2016-06-26 12:09 - 00000000 ____D C:\Users\Samsung\Downloads\ChomikBox
2016-10-12 14:26 - 2016-06-26 12:08 - 00000000 ____D C:\Users\Samsung\.gstreamer-0.10
2016-10-12 00:52 - 2016-03-20 01:24 - 00000000 ____D C:\Windows\Panther
2016-10-12 00:11 - 2016-03-20 01:53 - 00000000 ____D C:\ProgramData\Avg
2016-10-12 00:11 - 2016-03-20 01:53 - 00000000 ____D C:\Program Files (x86)\AVG
2016-10-12 00:10 - 2016-03-20 01:52 - 00000000 ____D C:\Users\Samsung\AppData\Local\AvgSetupLog
2016-10-12 00:06 - 2016-03-20 01:56 - 00000000 ____D C:\ProgramData\MFAData
2016-10-12 00:06 - 2016-03-20 01:52 - 00000000 ____D C:\Users\Samsung\AppData\Local\Avg
2016-10-12 00:04 - 2016-03-20 01:57 - 00000000 ___HD C:\$AVG
2016-10-12 00:04 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-10-11 23:51 - 2016-03-20 01:58 - 00000000 ____D C:\Program Files\Common Files\AV
2016-10-08 19:50 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-10-07 13:27 - 2013-08-22 16:44 - 00483104 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-04 19:04 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2016-10-03 17:46 - 2016-06-19 12:28 - 00000000 ____D C:\ProgramData\Origin
2016-10-03 17:46 - 2016-06-19 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-09-20 22:27 - 2016-03-20 23:20 - 00000000 ____D C:\Program Files\Microsoft Office
2016-09-20 21:09 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-20 21:09 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

==================== Pliki w katalogu głównym wybranych folderów =======

2016-10-12 00:15 - 2016-10-17 22:52 - 0099384 _____ () C:\Users\Samsung\AppData\Roaming\inst.exe
2016-10-12 00:15 - 2016-10-17 22:52 - 0007859 _____ () C:\Users\Samsung\AppData\Roaming\pcouffin.cat
2016-10-12 00:15 - 2016-10-17 22:52 - 0001167 _____ () C:\Users\Samsung\AppData\Roaming\pcouffin.inf
2016-10-12 00:15 - 2016-10-17 22:53 - 0000055 _____ () C:\Users\Samsung\AppData\Roaming\pcouffin.log
2016-10-12 00:15 - 2016-10-17 22:52 - 0082816 _____ (VSO Software) C:\Users\Samsung\AppData\Roaming\pcouffin.sys
2016-03-20 02:05 - 2016-03-20 02:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Niektóre pliki w TEMP:
====================
C:\Users\Samsung\AppData\Local\Temp\libeay32.dll
C:\Users\Samsung\AppData\Local\Temp\msvcr120.dll
C:\Users\Samsung\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\Windows\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo


LastRegBack: 2016-10-12 08:16

==================== Koniec FRST.txt ============================