Witam. Dopadło mnie paskudztwo jak w temacie i nijak nie mogę się tego pozbyć. Proszę mądrych ludzi o pomoc. Mimo skanowania: adwcleaner, ccleaner czy Wise Care 365 nadal wirus jest. Poczytałem forum i w załączeniu przesyłam FRST i Addition z góry dziękuje :D
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 24.12.2018
Uruchomiony przez Sendii (administrator) SENDII-KOMPUTER (26-12-2018 21:54:34)
Uruchomiony z C:\Users\Sendii\Desktop
Załadowane profile: Sendii (Dostępne profile: Sendii)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 8 (Domyślna przeglądarka: FF)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.16.2.22\NortonSecurity.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.16.2.22\NortonSecurity.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Rejestr (filtrowane) ===========================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [RtHDVCpl] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388928 2018-10-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] = & gt; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] = & gt; C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [ControlCenter4] = & gt; C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] = & gt; C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [] = & gt; [X]
HKU\S-1-5-20\...\Run: [] = & gt; [X]
HKU\S-1-5-21-3292672684-3512189314-3431724092-1000\...\Run: [ChomikBox] = & gt; C:\Program Files (x86)\ChomikBox\chomikbox.exe [3941376 2017-02-22] ( )
HKU\S-1-5-21-3292672684-3512189314-3431724092-1000\...\Run: [Steam] = & gt; C:\Program Files (x86)\Steam\steam.exe [3131680 2018-11-26] (Valve Corporation)
HKU\S-1-5-21-3292672684-3512189314-3431724092-1000\...\Run: [Sendii] = & gt; explorer.exe hxxp://dipladoks.org & lt; ==== UWAGA
HKU\S-1-5-21-3292672684-3512189314-3431724092-1000\...\Policies\Explorer: []
HKU\S-1-5-21-3292672684-3512189314-3431724092-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3292672684-3512189314-3431724092-1000\Control Panel\Desktop\\SCRNSAVE.EXE - & gt;
HKLM\...\Drivers32: [MSVideo8] = & gt; C:\Windows\system32\VfWWDM32.dll [68096 2010-11-21] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll = & gt; C:\Windows\System32\nvinitx.dll [171712 2018-01-24] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll = & gt; C:\Windows\System32\nvinitx.dll [171712 2018-01-24] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll = & gt; C:\Windows\System32\nvinitx.dll [171712 2018-01-24] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll = & gt; C:\Windows\System32\nvinitx.dll [171712 2018-01-24] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll = & gt; C:\Windows\System32\nvinitx.dll [171712 2018-01-24] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll = & gt; C:\Windows\System32\nvinitx.dll [171712 2018-01-24] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll = & gt; C:\Windows\system32\nvinitx.dll [171712 2018-01-24] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll = & gt; C:\Windows\SysWOW64\nvinit.dll [149736 2018-01-24] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2017-01-03]
ShortcutTarget: Bluetooth.lnk - & gt; C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Ograniczenia ? & lt; ==== UWAGA
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Tcpip\Parameters: [DhcpNameServer] 195.62.64.1 188.241.28.28
Tcpip\..\Interfaces\{2038ADFC-9613-4BB4-9C9B-8670FD802844}: [DhcpNameServer] 195.62.64.1 188.241.28.28
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie & ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie & ar=msnhome
HKU\S-1-5-21-3292672684-3512189314-3431724092-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie & ar=iesearch
HKU\S-1-5-21-3292672684-3512189314-3431724092-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp
BHO: Norton Password Manager - & gt; {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - & gt; C:\Program Files (x86)\Norton Security\Engine\22.16.2.22\coIEPlg.dll [2018-11-03] (Symantec Corporation)
BHO: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre-9.0.1\bin\ssv.dll = & gt; Brak pliku
BHO: Office Document Cache Handler - & gt; {B4F3A835-0E21-4959-BA22-42B3008E02FF} - & gt; C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre-9.0.1\bin\jp2ssv.dll [2018-01-07] (Oracle Corporation)
BHO-x32: Norton Password Manager - & gt; {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - & gt; C:\Program Files (x86)\Norton Security\Engine32\22.16.2.22\coIEPlg.dll [2018-11-03] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - & gt; {B4F3A835-0E21-4959-BA22-42B3008E02FF} - & gt; C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.16.2.22\coIEPlg.dll [2018-11-03] (Symantec Corporation)
Toolbar: HKLM - Brak nazwy - {32099AAC-C132-4136-9E9A-4E364A424E17} - Brak pliku
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.16.2.22\coIEPlg.dll [2018-11-03] (Symantec Corporation)
Toolbar: HKLM-x32 - Brak nazwy - {32099AAC-C132-4136-9E9A-4E364A424E17} - Brak pliku
Toolbar: HKU\S-1-5-21-3292672684-3512189314-3431724092-1000 - & gt; Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.16.2.22\coIEPlg.dll [2018-11-03] (Symantec Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: utfk9sks.default-1513885655156
FF ProfilePath: C:\Users\Sendii\AppData\Roaming\Mozilla\Firefox\Profiles\8ercmxoy.default-1497162745186 [2017-06-11]
FF ProfilePath: C:\Users\Sendii\AppData\Roaming\Mozilla\Firefox\Profiles\utfk9sks.default-1513885655156 [2018-12-26]
FF Extension: (DAEMON Tools Toolbar) - C:\Users\Sendii\AppData\Roaming\Mozilla\Firefox\Profiles\utfk9sks.default-1513885655156\Extensions\DTToolbar@toolbarnet.com [2018-04-23] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (AntiGameOrigin v6) - C:\Users\Sendii\AppData\Roaming\Mozilla\Firefox\Profiles\utfk9sks.default-1513885655156\Extensions\shole@ogame.us.xpi [2018-12-26]
FF Extension: (Firefox ESR configurer for OLDJAWS screen reader ) - C:\Program Files (x86)\Mozilla Firefox\browser\features\jaws-esr@mozilla.org.xpi [2018-12-26] [Przestarzałe] [Brak podpisu cyfrowego]
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-06] ()
FF Plugin: @java.com/DTPlugin,version=12.0.1.0 - & gt; C:\Program Files\Java\jre-9.0.1\bin\dtplugin\npDeployJava1.dll [2018-01-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=12.0.1.0 - & gt; C:\Program Files\Java\jre-9.0.1\bin\plugin2\npjp2.dll [2018-01-07] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - & gt; C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - & gt; C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3292672684-3512189314-3431724092-1000: ubisoft.com/uplaypc - & gt; C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2018-12-16] ()
Chrome:
=======
CHR Profile: C:\Users\Sendii\AppData\Local\Google\Chrome\User Data\Default [2018-12-26]
CHR Extension: (Prezentacje) - C:\Users\Sendii\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-24]
CHR Extension: (Dokumenty) - C:\Users\Sendii\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-24]
CHR Extension: (Dysk Google) - C:\Users\Sendii\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-24]
CHR Extension: (YouTube) - C:\Users\Sendii\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-24]
CHR Extension: (Norton Security Toolbar) - C:\Users\Sendii\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2018-05-21]
CHR Extension: (Arkusze) - C:\Users\Sendii\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Sendii\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-12]
CHR Extension: (Norton Identity Safe) - C:\Users\Sendii\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2018-01-24]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Sendii\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-19]
CHR Extension: (Gmail) - C:\Users\Sendii\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-24]
CHR Extension: (Chrome Media Router) - C:\Users\Sendii\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-12]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.16.2.22\Exts\Chrome.crx & lt; nie znaleziono & gt;
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.16.2.22\Exts\Chrome.crx & lt; nie znaleziono & gt;
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Usługi (filtrowane) ====================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2017-05-13] (Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Brak podpisu cyfrowego]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2000-01-01] (Intel Corporation)
R2 NortonSecurity; C:\Program Files (x86)\Norton Security\Engine\22.16.2.22\NortonSecurity.exe [328648 2018-11-03] (Symantec Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519240 2018-01-24] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519240 2018-01-24] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [658600 2018-07-20] (WiseCleaner.com)
R2 NVDisplay.ContainerLocalSystem; " C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe " -s NVDisplay.ContainerLocalSystem -f " C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log " -l 3 -d " C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem " -r -p 30000
R2 NvTelemetryContainer; " C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe " -s NvTelemetryContainer -f " C:\ProgramData\NVIDIA\NvTelemetryContainer.log " -l 3 -d " C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins " -r
===================== Sterowniki (filtrowane) ======================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) & lt; ==== UWAGA (Brak ServiceDLL)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\BASHDefs\20181217.001\BHDrvx64.sys [1925104 2018-09-18] (Symantec Corporation)
R1 ccSet_NGC; C:\Windows\System32\drivers\NGCx64\1610020.016\ccSetx64.sys [189120 2018-11-03] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515792 2018-11-29] (Symantec Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] () [Brak podpisu cyfrowego]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [15968 2014-11-18] () [Brak podpisu cyfrowego]
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153296 2018-11-30] (Symantec Corporation)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] () [Brak podpisu cyfrowego]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] () [Brak podpisu cyfrowego]
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-10-29] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\IPSDefs\20181224.061\IDSvia64.sys [1305072 2018-10-09] (Symantec Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2000-01-01] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30280 2018-01-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69544 2018-10-29] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2018-01-04] (NVIDIA Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [788696 2000-01-01] (Realsil Semiconductor Corporation)
S3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [377560 2000-01-01] (Realsil Semiconductor Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2017-01-04] ()
R1 SRTSP; C:\Windows\System32\drivers\NGCx64\1610020.016\SRTSP64.SYS [847344 2018-11-03] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\drivers\NGCx64\1610020.016\SRTSPX64.SYS [49648 2018-11-03] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1610020.016\SYMEFASI64.SYS [1969328 2018-11-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [99920 2018-06-11] (Symantec Corporation)
S4 SymEvnt; C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\SymPlatform\SymEvnt.sys [675544 2018-12-12] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\drivers\NGCx64\1610020.016\Ironx64.SYS [308416 2018-11-03] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\drivers\NGCx64\1610020.016\symnets.sys [567024 2018-11-03] (Symantec Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [33864 2018-12-26] (wisecleaner.com)
S3 WiseRegNotify; C:\Windows\WiseRegNotify.sys [51272 2018-12-26] (WiseCleaner.com)
S3 wpCtrlDrv_NGC; C:\Windows\System32\drivers\NGCx64\1610020.016\wpCtrlDrv.sys [1011056 2018-11-03] (Symantec Corporation)
U3 a0ykmht2; Brak ImagePath
U3 adde9c95; C:\Windows\System32\Drivers\adde9c95.sys [0 ] (Microsoft Corporation) & lt; ==== UWAGA (zerobajtowy plik/folder)
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20170129.002\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20170129.002\EX64.SYS [X]
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2018-12-26 21:53 - 2018-12-26 21:53 - 000000000 ____D C:\Windows\System32\Tasks\Remediation
2018-12-26 21:20 - 2018-12-26 21:20 - 000422016 _____ C:\Windows\system32\FNTCACHE.DAT
2018-12-26 21:18 - 2018-12-26 21:20 - 000000430 _____ C:\Windows\Tasks\Wise Turbo Checker.job
2018-12-26 21:18 - 2018-12-26 21:20 - 000000402 _____ C:\Windows\Tasks\Wise Care 365.job
2018-12-26 21:18 - 2018-12-26 21:18 - 000033864 _____ (wisecleaner.com) C:\Windows\WiseHDInfo64.dll
2018-12-26 21:18 - 2018-12-26 21:18 - 000003100 _____ C:\Windows\System32\Tasks\Wise Turbo Checker
2018-12-26 21:18 - 2018-12-26 21:18 - 000002830 _____ C:\Windows\System32\Tasks\Wise Care 365
2018-12-26 21:08 - 2018-12-26 21:08 - 000110456 _____ C:\Users\Sendii\AppData\Local\GDIPFONTCACHEV1.DAT
2018-12-26 20:54 - 2018-12-26 20:54 - 000051272 _____ (WiseCleaner.com) C:\Windows\WiseRegNotify.sys
2018-12-26 20:49 - 2018-12-26 21:21 - 000000000 ____D C:\Users\Sendii\AppData\Roaming\Wise Care 365
2018-12-26 20:49 - 2018-12-26 20:49 - 000001166 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2018-12-26 20:49 - 2018-12-26 20:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2018-12-26 20:49 - 2018-12-26 20:49 - 000000000 ____D C:\Program Files (x86)\Wise
2018-12-26 17:33 - 2018-12-26 17:33 - 000023786 _____ C:\Users\Sendii\Downloads\fixlist.txt
2018-12-26 15:17 - 2018-12-26 21:55 - 000022494 _____ C:\Users\Sendii\Desktop\FRST.txt
2018-12-26 15:17 - 2018-12-26 21:54 - 000000000 ____D C:\FRST
2018-12-26 15:15 - 2018-12-26 15:15 - 002421760 _____ (Farbar) C:\Users\Sendii\Desktop\FRST64.exe
2018-12-17 07:26 - 2018-12-26 21:48 - 000000000 ____D C:\Users\Sendii\Desktop\Medevac
2018-12-16 08:35 - 2018-12-16 08:36 - 000000000 ____D C:\Users\Sendii\AppData\Roaming\smc
2018-12-14 20:19 - 2018-12-14 20:19 - 000000000 ____D C:\Users\Sendii\AppData\Roaming\supertuxkart
2018-12-11 23:47 - 2018-12-17 23:06 - 000000000 ____D C:\Users\Sendii\AppData\Local\SuperCrateBox_YoYo
2018-12-09 10:40 - 2018-12-09 10:40 - 000000000 ____D C:\Users\Sendii\AppData\Local\GOG.com
2018-12-09 10:28 - 2018-12-09 10:30 - 000000000 ____D C:\Users\Sendii\Documents\OpenTTD
2018-12-02 13:43 - 2018-12-02 13:43 - 000003520 _____ C:\Windows\System32\Tasks\Sendii
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2018-12-26 21:27 - 2009-07-14 05:45 - 000024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-12-26 21:27 - 2009-07-14 05:45 - 000024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-12-26 21:24 - 2011-03-21 20:49 - 000741764 _____ C:\Windows\system32\perfh015.dat
2018-12-26 21:24 - 2011-03-21 20:49 - 000156780 _____ C:\Windows\system32\perfc015.dat
2018-12-26 21:24 - 2009-07-14 06:13 - 001674092 _____ C:\Windows\system32\PerfStringBackup.INI
2018-12-26 21:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-12-26 21:22 - 2017-02-21 00:51 - 000000000 ____D C:\Users\Sendii\AppData\Local\ChomikBox
2018-12-26 21:21 - 2017-07-28 22:24 - 000000000 ____D C:\Program Files (x86)\Steam
2018-12-26 21:21 - 2017-01-03 19:43 - 000000000 ____D C:\Users\Sendii\AppData\LocalLow\Mozilla
2018-12-26 21:20 - 2017-08-16 17:49 - 000000000 ____D C:\ProgramData\NVIDIA
2018-12-26 21:20 - 2017-02-21 00:51 - 000000000 ____D C:\Users\Sendii\.gstreamer-0.10
2018-12-26 21:20 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-26 21:19 - 2018-01-08 20:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-12-26 21:19 - 2018-01-08 20:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-12-26 21:15 - 2018-01-26 19:17 - 000000000 ____D C:\NVIDIA
2018-12-26 21:15 - 2017-01-19 05:40 - 000000000 ____D C:\Users\Sendii\AppData\Roaming\uTorrent
2018-12-26 21:15 - 2017-01-08 06:41 - 000000000 ____D C:\Users\Sendii\AppData\Roaming\MPC-HC
2018-12-26 21:15 - 2017-01-04 20:57 - 000000000 ____D C:\Users\Sendii\AppData\Roaming\DAEMON Tools Lite
2018-12-26 20:50 - 2017-01-04 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2018-12-26 20:50 - 2017-01-04 01:31 - 000000000 ____D C:\Users\Sendii\AppData\Local\CrashDumps
2018-12-26 20:50 - 2017-01-03 10:20 - 000000000 ____D C:\Windows\Panther
2018-12-26 20:50 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\Downloaded Program Files
2018-12-26 18:05 - 2017-02-21 20:53 - 000000000 ____D C:\ProgramData\Autodesk
2018-12-26 18:04 - 2017-02-23 19:36 - 000000000 ____D C:\Program Files\Autodesk
2018-12-26 18:04 - 2017-02-21 23:29 - 000000000 ____D C:\Users\Public\Documents\Autodesk
2018-12-26 18:04 - 2017-02-21 20:53 - 000000000 ____D C:\Users\Sendii\AppData\Roaming\Autodesk
2018-12-26 17:48 - 2017-01-03 20:20 - 001646698 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-12-26 17:45 - 2018-10-29 18:59 - 000000000 ____D C:\ProgramData\ProductData
2018-12-26 17:44 - 2017-11-21 19:31 - 000000000 ____D C:\Program Files\Opera
2018-12-26 17:44 - 2017-01-19 16:21 - 000000000 ____D C:\Users\Sendii\AppData\Roaming\Opera Software
2018-12-26 17:44 - 2017-01-19 16:21 - 000000000 ____D C:\Users\Sendii\AppData\Local\Opera Software
2018-12-26 17:44 - 2017-01-03 18:48 - 000001461 _____ C:\Users\Sendii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-12-26 17:44 - 2017-01-03 18:48 - 000001427 _____ C:\Users\Sendii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2018-12-26 15:06 - 2017-01-04 00:29 - 000000000 ____D C:\AdwCleaner
2018-12-23 22:16 - 2017-01-23 01:54 - 000000000 ____D C:\Users\Sendii\AppData\Local\Battle.net
2018-12-23 20:49 - 2017-02-16 23:25 - 000000000 ____D C:\Users\Sendii\Documents\StarCraft II
2018-12-23 20:47 - 2017-01-23 01:54 - 000000000 ____D C:\Users\Sendii\AppData\Roaming\Battle.net
2018-12-21 06:01 - 2017-02-24 21:51 - 000000000 ____D C:\Users\Sendii\AppData\Local\Ubisoft Game Launcher
2018-12-17 22:39 - 2018-01-24 17:28 - 000003482 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-17 22:39 - 2018-01-24 17:28 - 000003354 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-14 18:29 - 2018-01-24 17:30 - 000002236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-14 18:22 - 2018-10-29 18:58 - 000000000 ____D C:\ProgramData\IObit
2018-12-09 10:44 - 2018-05-04 14:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2018-12-09 10:44 - 2018-05-04 14:55 - 000000000 ____D C:\ProgramData\GOG.com
2018-12-08 01:07 - 2017-03-31 19:15 - 000000000 ____D C:\Users\Sendii\AppData\Roaming\AIMP3
2018-12-06 17:30 - 2018-02-21 00:32 - 000004590 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-12-06 17:30 - 2017-11-20 18:16 - 000004424 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-12-06 17:30 - 2017-01-04 16:11 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-12-06 17:30 - 2017-01-04 16:11 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-06 17:30 - 2017-01-04 16:11 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-12-06 17:30 - 2017-01-04 16:11 - 000000000 ____D C:\Windows\system32\Macromed
2018-12-06 16:39 - 2018-03-13 16:30 - 000004578 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-12-01 22:04 - 2018-05-05 17:57 - 000000000 ____D C:\Users\Sendii\Documents\Euro Truck Simulator 2
==================== Pliki w katalogu głównym wybranych folderów =======
2017-08-12 00:51 - 2017-08-12 00:51 - 000007642 _____ () C:\Users\Sendii\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:\Windows\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo
LastRegBack: 2018-12-24 11:23
==================== Koniec FRST.txt ============================