API tools faq
paste
Guest User

FRST

a guest
Jul 26th, 2018
22
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 30.79 KB | None | 0 0
raw download clone embed print report
  1. Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 21.07.2018
  2. Uruchomiony przez SAMSUNG (administrator) NP550 (26-07-2018 08:55:46)
  3. Uruchomiony z C:\Users\SAMSUNG\Downloads
  4. Załadowane profile: SAMSUNG (Dostępne profile: SAMSUNG)
  5. Platform: Windows 10 Home Wersja 1709 16299.492 (X64) Język: Polski (Polska)
  6. Internet Explorer Wersja 11 (Domyślna przeglądarka: Edge)
  7. Tryb startu: Normal
  8. Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Procesy (filtrowane) =================
  11.  
  12. (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
  13.  
  14. () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
  15. (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
  16. (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
  17. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
  18. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
  19. (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe
  20. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
  21. (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
  22. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
  23. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  24. (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
  25. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
  26. (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsCmdServer.exe
  27. (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
  28. (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsEventHandler.exe
  29. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
  30. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
  31. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
  32. (Intel Corporation) C:\Windows\System32\igfxEM.exe
  33. (Intel Corporation) C:\Windows\System32\igfxHK.exe
  34. (Intel Corporation) C:\Windows\System32\igfxTray.exe
  35. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
  36. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
  37. (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
  38. (Intel Corporation) C:\Windows\System32\igfxext.exe
  39. () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
  40. (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
  41. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
  42. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
  43. (Greenshot) C:\Program Files\Greenshot\Greenshot.exe
  44. (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
  45. (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
  46. (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
  47. (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
  48. (Microsoft Corporation) C:\Windows\System32\dllhost.exe
  49. (Don HO [email protected]) C:\Program Files (x86)\Notepad++\notepad++.exe
  50. (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
  51. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  52. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  53. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  54. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  55. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  56. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  57. (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
  58. (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
  59. (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
  60. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  61. (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
  62. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  63. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  64. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  65. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  66. (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
  67. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  68. (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
  69. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  70. (Mozilla Foundation) C:\Program Files (x86)\Mozilla Firefox\updater.exe
  71.  
  72. ==================== Rejestr (filtrowane) ===========================
  73.  
  74. (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
  75.  
  76. HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
  77. HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor)
  78. HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
  79. HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795888 2015-08-08] (NVIDIA Corporation)
  80. HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Greenshot)
  81. HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
  82. HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
  83. HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
  84. HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
  85. HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2012-09-25] (Brother Industries, Ltd.)
  86. HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3754168 2018-07-13] (Dropbox, Inc.)
  87. HKU\S-1-5-21-1134291767-4150836631-2062890336-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\Office15\lync.exe [28164272 2017-10-17] (Microsoft Corporation)
  88. HKU\S-1-5-21-1134291767-4150836631-2062890336-1001\...\Run: [Google Update] => C:\Users\SAMSUNG\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-20] (Google Inc.)
  89. HKU\S-1-5-21-1134291767-4150836631-2062890336-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [410216 2014-11-03] (CyberGhost S.R.L.)
  90. HKU\S-1-5-21-1134291767-4150836631-2062890336-1001\...\Run: [AVG-Secure-Search-Update_0215tb] => C:\Program Files (x86)\AVG Web TuneUp\AVG-Secure-Search-Update_0215tb.exe [2794520 2015-03-12] ()
  91. HKU\S-1-5-21-1134291767-4150836631-2062890336-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50515584 2015-11-17] (Skype Technologies S.A.)
  92. HKU\S-1-5-21-1134291767-4150836631-2062890336-1001\...\Run: [Screencast-O-Matic Tray] => C:\Users\SAMSUNG\AppData\Local\Screencast-O-Matic\Screencast-O-Matic.exe [58480 2012-11-01] (Screencast-O-Matic)
  93. HKU\S-1-5-21-1134291767-4150836631-2062890336-1001\...\Run: [GoogleChromeAutoLaunch_3A3C42DB59973F6EE9C896D7206A1451] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1588568 2018-06-22] (Google Inc.)
  94. Startup: C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk [2013-05-29]
  95. ShortcutTarget: Wysyłanie do programu OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
  96.  
  97. ==================== Internet (filtrowane) ====================
  98.  
  99. (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
  100.  
  101. Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt
  102. Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 193.106.244.10 193.106.244.20
  103. Tcpip\..\Interfaces\{68673413-5542-45aa-a49c-b9fa4010b436}: [DhcpNameServer] 91.218.211.210 91.218.203.61
  104. Tcpip\..\Interfaces\{fa3c5c72-fc4a-4dd8-a30e-707ef15d727b}: [DhcpNameServer] 192.168.2.1 193.106.244.10 193.106.244.20
  105.  
  106. Internet Explorer:
  107. ==================
  108. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
  109. HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
  110. HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
  111. HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
  112. SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  113. SearchScopes: HKU\S-1-5-21-1134291767-4150836631-2062890336-1001 -> DefaultScope {24588FA4-10F1-41D7-B19D-6E22361E47FA} URL = hxxp://www.baidu.com/s?wd={searchTerms}&tn=site888_1_pg&cl=3&ie=utf-8
  114. SearchScopes: HKU\S-1-5-21-1134291767-4150836631-2062890336-1001 -> {24588FA4-10F1-41D7-B19D-6E22361E47FA} URL = hxxp://www.baidu.com/s?wd={searchTerms}&tn=site888_1_pg&cl=3&ie=utf-8
  115. BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation)
  116. BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
  117. BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation)
  118. BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-03-01] (Oracle Corporation)
  119. BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
  120. BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-01] (Oracle Corporation)
  121. Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
  122.  
  123. FireFox:
  124. ========
  125. FF ProfilePath: C:\Users\SAMSUNG\AppData\Roaming\Mozilla\Firefox\Profiles\6if5elqf.default-1450174467703 [2018-07-26]
  126. FF Extension: (EPUBReader) - C:\Users\SAMSUNG\AppData\Roaming\Mozilla\Firefox\Profiles\6if5elqf.default-1450174467703\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2017-08-01]
  127. FF Extension: (ScrapBook) - C:\Users\SAMSUNG\AppData\Roaming\Mozilla\Firefox\Profiles\6if5elqf.default-1450174467703\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2016-09-03] [Przestarzałe]
  128. FF Extension: (WebCompat Reporter) - C:\Program Files (x86)\Mozilla Firefox\browser\features\[email protected] [2018-07-26] [Przestarzałe] [Brak podpisu cyfrowego]
  129. FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Fiddler2\FiddlerHook
  130. FF Extension: (FiddlerHook) - C:\Program Files (x86)\Fiddler2\FiddlerHook [2015-09-01] [Przestarzałe] [Brak podpisu cyfrowego]
  131. FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-11] ()
  132. FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
  133. FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
  134. FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-11] ()
  135. FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll [2013-05-14] ( )
  136. FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-01] (Oracle Corporation)
  137. FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-01] (Oracle Corporation)
  138. FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-27] (Microsoft Corporation)
  139. FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
  140. FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
  141. FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-07-24] (Nullsoft, Inc.)
  142. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
  143. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
  144. FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
  145. FF Plugin HKU\S-1-5-21-1134291767-4150836631-2062890336-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\SAMSUNG\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
  146. FF Plugin HKU\S-1-5-21-1134291767-4150836631-2062890336-1001: @talk.google.com/O1DPlugin -> C:\Users\SAMSUNG\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
  147. FF Plugin HKU\S-1-5-21-1134291767-4150836631-2062890336-1001: @tools.google.com/Google Update;version=3 -> C:\Users\SAMSUNG\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
  148. FF Plugin HKU\S-1-5-21-1134291767-4150836631-2062890336-1001: @tools.google.com/Google Update;version=9 -> C:\Users\SAMSUNG\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
  149. FF Plugin ProgramFiles/Appdata: C:\Users\SAMSUNG\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
  150. FF Plugin ProgramFiles/Appdata: C:\Users\SAMSUNG\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
  151.  
  152. Chrome:
  153. =======
  154. CHR DefaultProfile: Default
  155. CHR Profile: C:\Users\SAMSUNG\AppData\Local\Google\Chrome\User Data\Default [2018-07-26]
  156. CHR Extension: (Dokumenty) - C:\Users\SAMSUNG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-10]
  157. CHR Extension: (Dysk Google) - C:\Users\SAMSUNG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
  158. CHR Extension: (YouTube) - C:\Users\SAMSUNG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-16]
  159. CHR Extension: (Google Search) - C:\Users\SAMSUNG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
  160. CHR Extension: (Dokumenty Google offline) - C:\Users\SAMSUNG\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-13]
  161. CHR Extension: (Free Online PDF Unlocker) - C:\Users\SAMSUNG\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkdknbehfogkgogcennnagfokmnimpab [2014-10-22]
  162. CHR Extension: (SmoothScroll) - C:\Users\SAMSUNG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbokbjkabcmbfdlbddjidfmibcpneigj [2017-02-10]
  163. CHR Extension: (Google Hangouts) - C:\Users\SAMSUNG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2018-05-30]
  164. CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\SAMSUNG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-17]
  165. CHR Extension: (Gmail) - C:\Users\SAMSUNG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01]
  166. CHR Extension: (Chrome Media Router) - C:\Users\SAMSUNG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-13]
  167. CHR Profile: C:\Users\SAMSUNG\AppData\Local\Google\Chrome\User Data\System Profile [2016-01-07]
  168. CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
  169.  
  170. ==================== Usługi (filtrowane) ====================
  171.  
  172. (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
  173.  
  174. HKLM\SYSTEM\CurrentControlSet\Services\avgSP <==== UWAGA (Rootkit!)
  175. HKLM\SYSTEM\CurrentControlSet\Services\avgMonFlt <==== UWAGA (Rootkit!)
  176. HKLM\SYSTEM\CurrentControlSet\Services\avgSnx <==== UWAGA (Rootkit!)
  177.  
  178. S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Brak podpisu cyfrowego]
  179. R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
  180. S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-04] (Dropbox, Inc.)
  181. S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-04] (Dropbox, Inc.)
  182. R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51392 2018-07-13] (Dropbox, Inc.)
  183. R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
  184. R2 osrss; C:\WINDOWS\system32\osrss.dll [131288 2018-06-27] (Microsoft Corporation)
  185. S4 sedsvc; C:\Program Files\rempl\sedsvc.exe [295976 2018-07-16] (Microsoft Corporation)
  186. R2 Settings Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe [1594176 2015-06-24] (Samsung Electronics CO., LTD.)
  187. S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego]
  188. S2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3289448 2016-05-11] (Samsung Electronics Co., Ltd.)
  189. R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [256120 2016-02-01] (Synaptics Incorporated)
  190. R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6634224 2018-02-02] (TeamViewer GmbH)
  191. S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [Brak podpisu cyfrowego]
  192. S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [Brak podpisu cyfrowego]
  193. R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
  194. R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
  195. R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-03-16] ()
  196. R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
  197. S2 wust; C:\OSRSS\wust.exe [X]
  198.  
  199. ===================== Sterowniki (filtrowane) ======================
  200.  
  201. (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
  202.  
  203. R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2017-09-29] (Intel Corporation)
  204. R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
  205. R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
  206. R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek )
  207. S3 tapstrong; C:\WINDOWS\system32\DRIVERS\tapstrong.sys [38760 2014-07-14] (The OpenVPN Project)
  208. R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
  209. R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-07-09] (Oracle Corporation)
  210. R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-07-09] (Oracle Corporation)
  211. S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
  212. R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
  213. R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
  214. R3 XHCIPort; C:\WINDOWS\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
  215.  
  216. ==================== NetSvcs (filtrowane) ===================
  217.  
  218. (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
  219.  
  220.  
  221. ==================== Jeden miesiąc - utworzone pliki i foldery ========
  222.  
  223. (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
  224.  
  225. 2018-07-26 08:57 - 2018-07-26 08:57 - 000000000 ___HD C:\$WINDOWS.~BT
  226. 2018-07-26 08:55 - 2018-07-26 09:00 - 000021521 _____ C:\Users\SAMSUNG\Downloads\FRST.txt
  227. 2018-07-26 08:54 - 2018-07-26 08:55 - 000000000 ____D C:\FRST
  228. 2018-07-26 08:53 - 2018-07-26 08:54 - 002412544 _____ (Farbar) C:\Users\SAMSUNG\Downloads\FRST64.exe
  229. 2018-07-26 08:33 - 2018-06-29 02:46 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
  230. 2018-07-26 08:33 - 2018-06-29 02:46 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
  231. 2018-07-23 11:22 - 2018-07-23 11:22 - 000073728 _____ C:\Users\SAMSUNG\Downloads\23 July 2018 04_12_12.pdf
  232. 2018-07-23 10:18 - 2018-07-23 10:18 - 000104583 _____ C:\Users\SAMSUNG\Downloads\Proforma-8471.pdf
  233. 2018-07-16 07:23 - 2018-07-16 07:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
  234. 2018-07-13 08:18 - 2018-07-13 08:19 - 000004628 _____ C:\Users\SAMSUNG\Downloads\Oferta linkowania.txt
  235. 2018-07-13 04:01 - 2018-07-13 04:01 - 000051392 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
  236. 2018-07-13 04:01 - 2018-07-13 04:01 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
  237. 2018-07-13 04:01 - 2018-07-13 04:01 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
  238. 2018-07-13 04:01 - 2018-07-13 04:01 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
  239. 2018-07-10 07:39 - 2018-07-10 07:39 - 000000000 ___HD C:\OneDriveTemp
  240. 2018-07-03 07:34 - 2018-07-03 07:34 - 000036149 _____ C:\Users\SAMSUNG\Downloads\invoice-UM-63_7_2018.pdf
  241. 2018-07-02 10:12 - 2018-07-02 10:12 - 000033878 _____ C:\Users\SAMSUNG\Downloads\pre_invoice-UMB9C7N7.pdf
  242.  
  243. ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
  244.  
  245. (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
  246.  
  247. 2018-07-26 08:57 - 2017-01-11 17:39 - 000000000 ____D C:\Users\SAMSUNG\AppData\LocalLow\Mozilla
  248. 2018-07-26 08:57 - 2013-05-29 16:34 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
  249. 2018-07-26 08:56 - 2016-12-02 23:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
  250. 2018-07-26 08:54 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
  251. 2018-07-26 08:53 - 2013-05-29 16:56 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
  252. 2018-07-26 08:51 - 2018-05-29 13:54 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\Packages
  253. 2018-07-26 08:51 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
  254. 2018-07-26 08:51 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
  255. 2018-07-26 08:48 - 2013-05-29 22:45 - 000000000 ____D C:\Users\SAMSUNG\AppData\Roaming\Notepad++
  256. 2018-07-26 08:40 - 2018-05-29 14:09 - 001914802 _____ C:\WINDOWS\system32\PerfStringBackup.INI
  257. 2018-07-26 08:40 - 2017-09-30 16:29 - 000852622 _____ C:\WINDOWS\system32\perfh015.dat
  258. 2018-07-26 08:40 - 2017-09-30 16:29 - 000167900 _____ C:\WINDOWS\system32\perfc015.dat
  259. 2018-07-26 08:39 - 2018-06-08 08:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
  260. 2018-07-26 08:38 - 2013-05-29 16:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
  261. 2018-07-26 08:37 - 2015-02-04 19:50 - 000000000 __RDL C:\Users\SAMSUNG\OneDrive
  262. 2018-07-26 08:35 - 2017-06-09 14:09 - 000000000 ___RD C:\Users\SAMSUNG\3D Objects
  263. 2018-07-26 08:35 - 2016-02-13 19:52 - 000000000 __RHD C:\Users\Public\AccountPictures
  264. 2018-07-26 08:34 - 2018-05-29 13:53 - 000000000 ____D C:\Users\SAMSUNG
  265. 2018-07-26 08:34 - 2018-05-25 07:58 - 000000000 ___DC C:\WINDOWS\Panther
  266. 2018-07-26 08:34 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
  267. 2018-07-26 08:34 - 2014-10-02 10:32 - 000000000 __SHD C:\Users\SAMSUNG\IntelGraphicsProfiles
  268. 2018-07-26 08:33 - 2018-05-29 14:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
  269. 2018-07-26 08:33 - 2018-05-29 13:47 - 005157792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
  270. 2018-07-26 08:33 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
  271. 2018-07-26 08:33 - 2016-10-12 08:41 - 000000000 ____D C:\ProgramData\NVIDIA
  272. 2018-07-26 08:32 - 2017-09-29 10:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
  273. 2018-07-26 08:29 - 2018-05-29 13:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
  274. 2018-07-26 08:29 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
  275. 2018-07-26 08:29 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\F12
  276. 2018-07-26 08:29 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\TextInput
  277. 2018-07-26 08:29 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
  278. 2018-07-26 08:29 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
  279. 2018-07-26 08:29 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
  280. 2018-07-26 08:29 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\system32\Dism
  281. 2018-07-26 08:13 - 2018-05-29 14:08 - 000004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C10F46A0-1D76-4107-8BCE-94CCB2793498}
  282. 2018-07-24 09:04 - 2017-10-10 20:46 - 000000000 ____D C:\Program Files\rempl
  283. 2018-07-24 07:16 - 2017-04-30 21:03 - 000458024 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw2b534abe893837e2.tmp
  284. 2018-07-24 07:11 - 2015-09-09 14:08 - 000000600 _____ C:\Users\SAMSUNG\AppData\Roaming\winscp.rnd
  285. 2018-07-23 11:44 - 2018-05-23 15:48 - 000001409 _____ C:\Users\SAMSUNG\Documents\danekrakvet.txt
  286. 2018-07-19 07:16 - 2017-06-07 16:30 - 000000000 ____D C:\Users\SAMSUNG\AppData\Local\CrashDumps
  287. 2018-07-17 11:49 - 2013-06-30 10:43 - 000000000 ____D C:\Program Files (x86)\TeamViewer
  288. 2018-07-16 07:23 - 2018-06-04 12:31 - 000000000 ____D C:\Program Files (x86)\Dropbox
  289. 2018-07-12 08:06 - 2018-05-29 14:08 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
  290. 2018-07-12 08:05 - 2015-11-20 09:17 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
  291. 2018-07-11 10:49 - 2014-01-24 22:26 - 000000000 ____D C:\scrapebox
  292. 2018-07-11 09:29 - 2013-08-11 13:10 - 000000000 ____D C:\WINDOWS\system32\MRT
  293. 2018-07-11 09:22 - 2013-05-29 16:48 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
  294. 2018-07-11 09:21 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
  295. 2018-07-11 07:56 - 2018-05-29 14:08 - 000004672 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
  296. 2018-07-11 07:56 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
  297. 2018-07-11 07:56 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
  298. 2018-07-10 07:39 - 2018-05-29 14:08 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1134291767-4150836631-2062890336-1001
  299. 2018-07-10 07:39 - 2018-03-06 14:29 - 000002452 _____ C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
  300. 2018-07-09 10:22 - 2018-05-23 14:54 - 000010820 _____ C:\Users\SAMSUNG\Documents\domeny.txt
  301. 2018-06-27 12:10 - 2018-03-01 15:01 - 000131288 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
  302. 2018-06-27 08:05 - 2013-05-31 20:16 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
  303. 2018-06-26 08:14 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\NDF
  304.  
  305. ==================== Pliki w katalogu głównym wybranych folderów =======
  306.  
  307. 2014-09-15 22:46 - 2014-09-15 22:46 - 000000088 _____ () C:\Users\SAMSUNG\AppData\Roaming\.95d691779473f3e03bc4b4e56319d74c.key
  308. 2014-09-15 22:46 - 2014-09-15 22:46 - 000000088 _____ () C:\Users\SAMSUNG\AppData\Roaming\.c79792229cdae4d8fe4e261fc4d6976b.key
  309. 2014-09-16 14:46 - 2014-09-16 14:46 - 000000088 _____ () C:\Users\SAMSUNG\AppData\Roaming\GWMC-I92M
  310. 2014-03-28 10:30 - 2014-03-28 10:30 - 000000132 _____ () C:\Users\SAMSUNG\AppData\Roaming\Preferencje Adobe CS5 dla formatu BMP
  311. 2013-06-06 23:39 - 2015-08-26 10:50 - 000000132 _____ () C:\Users\SAMSUNG\AppData\Roaming\Preferencje Adobe CS5 dla formatu GIF
  312. 2013-06-06 23:40 - 2018-06-15 12:08 - 000000132 _____ () C:\Users\SAMSUNG\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
  313. 2014-09-15 22:46 - 2014-09-16 14:48 - 000000236 _____ () C:\Users\SAMSUNG\AppData\Roaming\RO39-2M3Q
  314. 2015-09-09 14:08 - 2018-07-24 07:11 - 000000600 _____ () C:\Users\SAMSUNG\AppData\Roaming\winscp.rnd
  315. 2013-06-06 00:11 - 2018-06-20 15:17 - 000001496 _____ () C:\Users\SAMSUNG\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs
  316. 2013-10-03 09:54 - 2015-11-19 16:47 - 000000600 _____ () C:\Users\SAMSUNG\AppData\Local\PUTTY.RND
  317. 2013-05-29 19:59 - 2013-05-29 19:59 - 000007605 _____ () C:\Users\SAMSUNG\AppData\Local\Resmon.ResmonCfg
  318. 2013-05-28 21:59 - 2013-05-28 21:59 - 000021525 _____ () C:\Users\SAMSUNG\AppData\Local\WiDiSetupLog.20130528.215900.txt
  319.  
  320. ==================== Bamital & volsnap ======================
  321.  
  322. (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
  323.  
  324. C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
  325. C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
  326. C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
  327. C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
  328. C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
  329. C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
  330. C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
  331. C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
  332. C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
  333. C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
  334. C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
  335. C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
  336. C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
  337. C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
  338. C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
  339.  
  340. LastRegBack: 2018-07-23 10:48
  341.  
  342. ==================== Koniec FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!