Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
- Ran by Dawid (administrator) on DESKTOP-I4PON84 (12-08-2018 00:48:55)
- Running from C:\Users\Dawid\Desktop
- Loaded Profiles: Dawid (Available Profiles: Dawid)
- Platform: Windows 10 Pro Version 1803 17134.165 (X64) Language: Angielski (Stany Zjednoczone)
- Internet Explorer Version 11 (Default browser: Chrome)
- Boot Mode: Normal
- Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Processes (Whitelisted) =================
- (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
- (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
- (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
- (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
- (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe
- (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
- (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
- (Micro-Star Int'l Co., Ltd.) G:\PROGRAMY\Gaming APP\GamingApp_Service.exe
- (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
- (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
- (Micro-Star INT'L CO., LTD.) G:\PROGRAMY\Gaming APP\GamingHotkey_Service.exe
- (Electronic Arts) E:\Origin Games\Origin\OriginWebHelperService.exe
- (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
- (MSI) C:\Windows\SysWOW64\muachost.exe
- (Micro-Star INT'L CO., LTD.) G:\PROGRAMY\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
- (Micro-Star INT'L CO., LTD.) G:\PROGRAMY\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
- (Micro-Star INT'L CO., LTD.) G:\PROGRAMY\Gaming APP\GamingHotkey.exe
- (Micro-Star Int'l Co., Ltd.) G:\PROGRAMY\Gaming APP\MSI_LED.exe
- (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe
- (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
- (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
- (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
- (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
- (NVIDIA Corporation) C:\Users\Dawid\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
- (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
- (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
- () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
- () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
- (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
- (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.165_none_eaf410441d6d7311\TiWorker.exe
- (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
- (Epic Games, Inc.) G:\GRY\EpicGames\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
- (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
- (Epic Games, Inc.) G:\GRY\EpicGames\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
- (Epic Games, Inc.) G:\GRY\EpicGames\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
- ==================== Registry (Whitelisted) ===========================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
- HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2018-04-05] (Realtek Semiconductor)
- HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
- HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
- HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
- HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
- HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [57954808 2018-03-04] (Discord Inc.)
- HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2018-05-30] (LogMeIn Inc.)
- HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
- HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
- HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\Run: [DAEMON Tools Lite Automount] => G:\PROGRAMY\DAEMON Tools Lite\DTAgent.exe [5263040 2018-01-30] (Disc Soft Ltd)
- HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3206432 2018-08-09] (Valve Corporation)
- HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\Run: [Discord] => C:\Users\Dawid\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
- HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\Run: [CCleaner Monitoring] => G:\PROGRAMY\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
- HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\Run: [EpicGamesLauncher] => G:\GRY\EpicGames\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32973712 2018-07-26] (Epic Games, Inc.)
- HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\RunOnce: [Application Restart #0] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI)
- HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\Winlogon: [Shell] C:\Windows\System32\cmd.exe [273920 2018-04-12] (Microsoft Corporation) <==== ATTENTION
- ==================== Internet (Whitelisted) ====================
- (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
- Tcpip\..\Interfaces\{05f01c30-ae2c-40f5-8921-a70a42555589}: [NameServer] 8.8.8.8
- Tcpip\..\Interfaces\{53a907c7-0068-11e8-8286-806e6f6e6963}: [NameServer] 8.8.8.8
- Tcpip\..\Interfaces\{8b6d7d5f-d3fa-423c-859b-89fb128a3299}: [DhcpNameServer] 192.168.1.1
- Tcpip\..\Interfaces\{ae28c06c-3666-4e8d-82a3-78eef270980e}: [NameServer] 8.8.8.8
- Tcpip\..\Interfaces\{cb38fbd2-c1d4-4382-beac-84460fe58627}: [NameServer] 8.8.8.8
- Tcpip\..\Interfaces\{f9daa187-0eab-47aa-806a-b94a0f5010ab}: [NameServer] 8.8.8.8
- Tcpip\..\Interfaces\{f9daa187-0eab-47aa-806a-b94a0f5010ab}: [DhcpNameServer] 192.168.0.1
- Internet Explorer:
- ==================
- FireFox:
- ========
- FF DefaultProfile: j6co5fv1.default
- FF ProfilePath: C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\j6co5fv1.default [2018-08-12]
- FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-15] ()
- FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
- FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-15] ()
- FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-06-01] (NVIDIA Corporation)
- FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-06-01] (NVIDIA Corporation)
- FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
- FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
- FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
- Chrome:
- =======
- CHR StartupUrls: Default -> "","hxxp://google.pl/"
- CHR DefaultSearchKeyword: Default -> google.pl_
- CHR Profile: C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default [2018-08-12]
- CHR Extension: (Prezentacje) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-23]
- CHR Extension: (Dokumenty) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-23]
- CHR Extension: (Dysk Google) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-23]
- CHR Extension: (YouTube) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-23]
- CHR Extension: (Adblock Plus) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-07-18]
- CHR Extension: (Adobe Acrobat) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-07-06]
- CHR Extension: (Arkusze) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-23]
- CHR Extension: (Dokumenty Google offline) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-23]
- CHR Extension: (No Coin - Block miners on the web!) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2018-03-21]
- CHR Extension: (Google Keep – notatki i listy) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2018-08-09]
- CHR Extension: (SmallringFX DarkBlue Theme) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfijmgohofmpjlcgmjplbpmkpchdhpk [2018-06-03]
- CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02]
- CHR Extension: (Gmail) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-23]
- CHR Extension: (Chrome Media Router) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-05]
- CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement