Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 11.11.2018
- Uruchomiony przez SZYMON (administrator) 9LITE (11-11-2018 13:35:34)
- Uruchomiony z C:\Users\SZYMON\AppData\Local\Microsoft\Windows\INetCache\IE\O3H74ISP
- Załadowane profile: SZYMON (Dostępne profile: SZYMON)
- Platform: Windows 8.1 (Update) (X64) Język: Polski (Polska)
- Internet Explorer Wersja 11 (Domyślna przeglądarka: IE)
- Tryb startu: Normal
- Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Procesy (filtrowane) =================
- (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
- (AMD) C:\Windows\System32\atiesrxx.exe
- (AMD) C:\Windows\System32\atieclxx.exe
- (IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
- (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
- (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
- (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
- (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.11.0.41\nis.exe
- (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
- (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
- (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe
- (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
- (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
- (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
- (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.11.0.41\nis.exe
- (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsCmdServer.exe
- (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsEventHandler.exe
- (Microsoft Corporation) C:\Windows\System32\dllhost.exe
- (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
- (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
- (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
- (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
- (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
- (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
- (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
- (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
- (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
- (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.14\AllShareFrameworkManagerDMS.exe
- (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.14\AllShareFrameworkDMS.exe
- (Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
- (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
- () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
- (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
- (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
- (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
- (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
- (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
- (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
- (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
- (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
- (Farbar) C:\Users\SZYMON\AppData\Local\Microsoft\Windows\INetCache\IE\O3H74ISP\FRST64 (1).exe
- ==================== Rejestr (filtrowane) ===========================
- (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
- HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2889072 2013-03-25] (ELAN Microelectronics Corp.)
- HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64128 2013-04-24] ()
- HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [3965904 2013-06-06] ()
- HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
- HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [597576 2013-07-09] (Copyright 2013 SAMSUNG)
- HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-05-11] (Apple Inc.)
- HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
- HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
- HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
- HKU\S-1-5-21-204455593-1543837664-2498303104-1001\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-15] (Kaspersky Lab ZAO)
- SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
- SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
- GroupPolicy: Ograniczenia - Chrome <==== UWAGA
- CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
- ==================== Internet (filtrowane) ====================
- (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
- Tcpip\Parameters: [DhcpNameServer] 62.179.1.61 62.179.1.63
- Tcpip\..\Interfaces\{50F75B58-1C01-4C6F-958E-8A98476AC401}: [DhcpNameServer] 192.168.1.1
- Tcpip\..\Interfaces\{D1BE9B48-56F1-42D6-886B-4154248D56FB}: [DhcpNameServer] 62.179.1.61 62.179.1.63
- Internet Explorer:
- ==================
- HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=180&d=20140614
- HKU\S-1-5-21-204455593-1543837664-2498303104-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.pl/
- HKU\S-1-5-21-204455593-1543837664-2498303104-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
- SearchScopes: HKU\S-1-5-21-204455593-1543837664-2498303104-1001 -> DefaultScope {306586E7-F494-4E28-96D7-E8E9E9F6C4E5} URL =
- SearchScopes: HKU\S-1-5-21-204455593-1543837664-2498303104-1001 -> {306586E7-F494-4E28-96D7-E8E9E9F6C4E5} URL =
- BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-04-12] (IvoSoft)
- BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.11.0.41\coIEPlg.dll [2017-10-04] (Symantec Corporation)
- BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-04-24] (Qualcomm Atheros Commnucations)
- BHO: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll [2013-04-12] (IvoSoft)
- BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-04-12] (IvoSoft)
- BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine32\22.11.0.41\coIEPlg.dll [2017-10-04] (Symantec Corporation)
- BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL => Brak pliku
- BHO-x32: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll [2013-04-12] (IvoSoft)
- Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-04-12] (IvoSoft)
- Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.0.41\coIEPlg.dll [2017-10-04] (Symantec Corporation)
- Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-04-12] (IvoSoft)
- Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.11.0.41\coIEPlg.dll [2017-10-04] (Symantec Corporation)
- Toolbar: HKU\S-1-5-21-204455593-1543837664-2498303104-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.0.41\coIEPlg.dll [2017-10-04] (Symantec Corporation)
- Toolbar: HKU\S-1-5-21-204455593-1543837664-2498303104-1001 -> Brak nazwy - {C500C267-63BF-451F-8797-4D720C9A2ED9} - Brak pliku
- DPF: HKLM-x32 {68282C51-9459-467B-95BF-3C0E89627E55} hxxp://www.mks.com.pl/skaner/SkanerOnline.cab
- FireFox:
- ========
- FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.4.24\coFFAddon
- FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.4.24\coFFAddon [2018-09-30] [Przestarzałe]
- FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.4.24\coFFAddon
- FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
- FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
- FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
- FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-10] (Google Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-10] (Google Inc.)
- FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
- FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll [2013-07-09] (Samsung)
- Chrome:
- =======
- CHR DefaultProfile: Default
- CHR HomePage: Default -> hxxp://www.gazeta.pl/0,0.html?p=180&d=20140614
- CHR StartupUrls: Default -> "hxxps://www.google.pl/search?sourceid=chrome-psyapi2&ion=1&espv=&ie=UTF-8&q=google"
- CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908&prt=cr&chn=prev
- CHR DefaultSearchKeyword: Default -> NortonSafe
- CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
- CHR Profile: C:\Users\SZYMON\AppData\Local\Google\Chrome\User Data\Default [2018-11-11]
- CHR Extension: (Dokumenty) - C:\Users\SZYMON\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-10]
- CHR Extension: (Dysk Google) - C:\Users\SZYMON\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
- CHR Extension: (YouTube) - C:\Users\SZYMON\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
- CHR Extension: (Norton Security Toolbar) - C:\Users\SZYMON\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2018-06-10]
- CHR Extension: (Google Search) - C:\Users\SZYMON\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
- CHR Extension: (Dokumenty Google offline) - C:\Users\SZYMON\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-30]
- CHR Extension: (Norton Identity Safe) - C:\Users\SZYMON\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-10-15]
- CHR Extension: (Skype) - C:\Users\SZYMON\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-01-14]
- CHR Extension: (Norton Safe) - C:\Users\SZYMON\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2018-01-14]
- CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\SZYMON\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-10]
- CHR Extension: (Gmail) - C:\Users\SZYMON\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
- CHR Extension: (Chrome Media Router) - C:\Users\SZYMON\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-08]
- CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.0.41\Exts\Chrome.crx <nie znaleziono>
- CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.0.41\Exts\Chrome.crx <nie znaleziono>
- CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
- ==================== Usługi (filtrowane) ====================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated)
- R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.14\AllShareFrameworkManagerDMS.exe [404360 2013-06-18] (Samsung) [Brak podpisu cyfrowego]
- R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego]
- R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310400 2013-04-24] (Windows (R) Win 7 DDK provider) [Brak podpisu cyfrowego]
- R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-04-12] (IvoSoft) [Brak podpisu cyfrowego]
- R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-15] (Kaspersky Lab ZAO)
- R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.11.0.41\NIS.exe [326144 2017-10-04] (Symantec Corporation)
- R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [605768 2013-07-09] (Copyright 2013 SAMSUNG)
- R2 Settings Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe [1594928 2013-06-14] (Samsung Electronics CO., LTD.)
- R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
- R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
- R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
- R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
- R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-04-24] (Atheros) [Brak podpisu cyfrowego]
- S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\MobileTrans\DriverInstall.exe" [X]
- ===================== Sterowniki (filtrowane) ======================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- S2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [219360 2013-04-17] (AppEx Networks Corporation)
- R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdW86.sys [94208 2013-02-13] (Advanced Micro Devices)
- R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\BASHDefs\20150921.003\BHDrvx64.sys [1650936 2015-09-23] (Symantec Corporation)
- R3 BTATH_HID; C:\WINDOWS\system32\DRIVERS\btath_hid.sys [223432 2013-04-24] (Qualcomm Atheros)
- R3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-24] (Qualcomm Atheros)
- R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352448 2013-02-11] (EldoS Corporation)
- R1 ccSet_NIS; C:\WINDOWS\system32\drivers\NISx64\160B000.029\ccSetx64.sys [187520 2017-10-04] (Symantec Corporation)
- S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
- R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-12] (Symantec Corporation)
- S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-12] (Symantec Corporation)
- R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\IPSDefs\20150930.101\IDSVia64.sys [767224 2015-09-23] (Symantec Corporation)
- S3 Netaapl; C:\WINDOWS\system32\DRIVERS\netaapl64.sys [23040 2014-06-10] (Apple Inc.) [Brak podpisu cyfrowego]
- R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
- R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
- R3 SRTSP; C:\WINDOWS\System32\Drivers\NISx64\160B000.029\SRTSP64.SYS [812704 2017-10-04] (Symantec Corporation)
- R1 SRTSPX; C:\WINDOWS\system32\drivers\NISx64\160B000.029\SRTSPX64.SYS [49304 2017-10-04] (Symantec Corporation)
- S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
- R0 SymEFASI; C:\WINDOWS\System32\drivers\NISx64\160B000.029\SYMEFASI64.SYS [1868416 2017-10-04] (Symantec Corporation)
- S4 SymELAM; C:\WINDOWS\system32\drivers\NISx64\160B000.029\SymELAM.sys [24608 2017-10-04] (Symantec Corporation)
- R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [102568 2018-09-30] (Symantec Corporation)
- R1 SymIRON; C:\WINDOWS\system32\drivers\NISx64\160B000.029\Ironx64.SYS [301288 2017-10-04] (Symantec Corporation)
- R1 SymNetS; C:\WINDOWS\System32\Drivers\NISx64\160B000.029\SYMNETS.SYS [566912 2017-10-04] (Symantec Corporation)
- S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Apple, Inc.) [Brak podpisu cyfrowego]
- S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
- R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
- R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
- S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\VirusDefs\20151231.005\ENG64.SYS [X]
- S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\VirusDefs\20151231.005\EX64.SYS [X]
- ==================== NetSvcs (filtrowane) ===================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- ==================== Jeden miesiąc - utworzone pliki i foldery ========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2018-11-11 13:15 - 2018-11-11 13:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
- 2018-11-11 13:13 - 2018-11-11 13:13 - 000000000 ___RD C:\Users\SZYMON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
- 2018-11-11 13:07 - 2018-11-11 13:07 - 000003236 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
- 2018-11-11 11:36 - 2018-11-11 11:36 - 000046065 _____ C:\Users\SZYMON\Desktop\Shortcut.txt
- 2018-11-11 11:35 - 2018-11-11 11:35 - 000039398 _____ C:\Users\SZYMON\Desktop\Addition.txt
- 2018-11-11 11:35 - 2018-11-11 11:35 - 000027384 _____ C:\Users\SZYMON\Desktop\FRST.txt
- 2018-11-11 11:35 - 2018-11-11 11:35 - 000000910 _____ C:\Users\SZYMON\Desktop\Pobrane — skrót.lnk
- 2018-11-11 11:21 - 2018-11-11 11:21 - 000046062 _____ C:\Users\SZYMON\Downloads\Shortcut.txt
- 2018-11-11 11:19 - 2018-11-11 11:21 - 000039395 _____ C:\Users\SZYMON\Downloads\Addition.txt
- 2018-11-11 11:16 - 2018-11-11 11:21 - 000027381 _____ C:\Users\SZYMON\Downloads\FRST.txt
- 2018-11-11 11:16 - 2018-11-11 11:16 - 000000000 ____D C:\Users\SZYMON\Downloads\FRST-OlderVersion
- 2018-11-11 11:15 - 2018-11-11 13:35 - 000000000 ____D C:\FRST
- 2018-11-11 11:15 - 2018-11-11 11:16 - 002415616 _____ (Farbar) C:\Users\SZYMON\Downloads\FRST64.exe
- 2018-11-09 17:30 - 2018-11-09 17:30 - 000013268 _____ C:\Users\SZYMON\Downloads\Niepotwierdzony 341064.crdownload
- 2018-11-09 17:29 - 2018-11-09 17:29 - 000836772 _____ C:\Users\SZYMON\Downloads\Niepotwierdzony 36920.crdownload
- 2018-11-09 17:28 - 2018-11-09 17:28 - 000683316 _____ C:\Users\SZYMON\Downloads\Niepotwierdzony 849366.crdownload
- 2018-11-08 22:27 - 2018-11-08 22:28 - 002046576 _____ (WiperSoft) C:\Users\SZYMON\Downloads\WiperSoft-installer (1).exe
- 2018-11-08 22:27 - 2018-11-08 22:27 - 002046576 _____ (WiperSoft) C:\Users\SZYMON\Downloads\WiperSoft-installer.exe
- 2018-11-08 20:14 - 2018-11-08 20:14 - 002545888 _____ (Kaspersky Lab) C:\Users\SZYMON\Downloads\kfa19.0.0.1088abpl_15119.exe
- 2018-11-08 20:14 - 2018-11-08 20:14 - 002545888 _____ (Kaspersky Lab) C:\Users\SZYMON\Downloads\kfa19.0.0.1088abpl_15119 (1).exe
- 2018-11-08 20:12 - 2018-11-08 20:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
- 2018-11-08 20:06 - 2018-11-08 20:06 - 000001015 _____ C:\Users\SZYMON\Desktop\mks_vir skaner online.lnk
- 2018-11-08 20:06 - 2018-11-08 20:06 - 000000000 ____D C:\ProgramData\mks_vir
- 2018-11-08 20:05 - 2018-11-08 20:05 - 030182160 _____ (mks_vir) C:\Users\SZYMON\Downloads\mks_vir_online.exe
- ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2018-11-11 13:23 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
- 2018-11-11 13:16 - 2014-09-24 16:08 - 001825074 _____ C:\WINDOWS\system32\PerfStringBackup.INI
- 2018-11-11 13:16 - 2014-09-24 15:35 - 000807160 _____ C:\WINDOWS\system32\perfh015.dat
- 2018-11-11 13:16 - 2014-09-24 15:35 - 000163478 _____ C:\WINDOWS\system32\perfc015.dat
- 2018-11-11 13:15 - 2014-03-26 19:31 - 000003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-204455593-1543837664-2498303104-1001
- 2018-11-11 13:13 - 2013-07-23 17:19 - 000000000 ____D C:\ProgramData\WinClon
- 2018-11-11 13:11 - 2015-12-31 21:09 - 000000000 ____D C:\Users\SZYMON\OneDrive
- 2018-11-11 13:10 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
- 2018-11-11 13:09 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
- 2018-11-11 13:08 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
- 2018-11-11 13:07 - 2015-08-01 19:22 - 000000000 ____D C:\Program Files\Common Files\AV
- 2018-11-11 13:07 - 2013-07-23 17:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\NISx64
- 2018-11-11 13:06 - 2016-01-09 19:51 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
- 2018-11-11 13:06 - 2014-06-18 06:46 - 000002438 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
- 2018-11-11 13:04 - 2014-11-20 17:52 - 000000000 ____D C:\AdwCleaner
- 2018-11-11 11:23 - 2014-12-09 21:31 - 000003976 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6E88DA59-1B90-428F-8021-D5C29B7C5450}
- 2018-11-11 11:09 - 2014-11-20 18:16 - 000000000 ____D C:\ProgramData\Kaspersky Lab
- 2018-11-11 11:09 - 2014-11-20 18:16 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
- 2018-11-11 11:09 - 2012-07-26 09:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
- 2018-11-11 11:07 - 2013-07-23 17:26 - 000000000 ____D C:\Users\EasySurvey
- 2018-11-11 11:07 - 2012-07-26 06:37 - 000000000 ____D C:\Users\Default.migrated
- 2018-11-09 04:34 - 2014-02-15 09:32 - 000000000 ____D C:\Users\SZYMON\AppData\Local\CrashDumps
- 2018-11-08 22:22 - 2014-11-12 21:39 - 000000000 ____D C:\ProgramData\398c0b96-ebd3-4f67-a5c7-1899a15c12be
- 2018-11-08 20:23 - 2014-03-23 21:55 - 000000000 ____D C:\Users\SZYMON\AppData\Roaming\Samsung
- 2018-11-08 20:21 - 2014-12-02 17:02 - 000000000 ____D C:\ProgramData\Package Cache
- 2018-11-08 20:17 - 2013-07-23 17:22 - 000000000 ____D C:\ProgramData\PopCap Games
- 2018-11-08 20:16 - 2016-08-26 19:19 - 000000000 ____D C:\Users\SZYMON\AppData\Roaming\Wondershare
- 2018-11-08 20:16 - 2014-12-09 22:26 - 000000000 ____D C:\Program Files (x86)\Grupa IMAGE
- 2018-11-08 20:16 - 2014-12-02 17:07 - 000000000 ____D C:\Users\SZYMON
- 2018-11-08 20:15 - 2014-07-29 19:58 - 000000000 ____D C:\Program Files\Common Files\Apple
- 2018-11-08 19:03 - 2013-12-21 16:23 - 000002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
- 2018-11-08 19:03 - 2013-12-21 16:23 - 000002209 _____ C:\Users\Public\Desktop\Google Chrome.lnk
- ==================== Pliki w katalogu głównym wybranych folderów =======
- 2013-12-21 15:46 - 2014-07-08 18:31 - 000035533 _____ () C:\Users\SZYMON\AppData\Roaming\AbsoluteReminder.xml
- 2013-12-31 23:42 - 2013-12-31 23:42 - 000076976 _____ () C:\Users\SZYMON\AppData\Roaming\LoJackSetup.exe
- ==================== Bamital & volsnap ======================
- (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
- C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
- C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
- C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
- C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
- C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
- LastRegBack: 2016-12-09 09:52
- ==================== Koniec FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement