API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 11th, 2018
1,516
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.39 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
  2. Ran by Dawid (administrator) on DESKTOP-I4PON84 (12-08-2018 00:48:55)
  3. Running from C:\Users\Dawid\Desktop
  4. Loaded Profiles: Dawid (Available Profiles: Dawid)
  5. Platform: Windows 10 Pro Version 1803 17134.165 (X64) Language: Angielski (Stany Zjednoczone)
  6. Internet Explorer Version 11 (Default browser: Chrome)
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
  15. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
  16. (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
  17. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
  18. (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
  19. (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
  20. (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe
  21. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
  22. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
  23. (Micro-Star Int'l Co., Ltd.) G:\PROGRAMY\Gaming APP\GamingApp_Service.exe
  24. (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
  25. (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
  26. (Micro-Star INT'L CO., LTD.) G:\PROGRAMY\Gaming APP\GamingHotkey_Service.exe
  27. (Electronic Arts) E:\Origin Games\Origin\OriginWebHelperService.exe
  28. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
  29. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
  30. (MSI) C:\Windows\SysWOW64\muachost.exe
  31. (Micro-Star INT'L CO., LTD.) G:\PROGRAMY\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
  32. (Micro-Star INT'L CO., LTD.) G:\PROGRAMY\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
  33. (Micro-Star INT'L CO., LTD.) G:\PROGRAMY\Gaming APP\GamingHotkey.exe
  34. (Micro-Star Int'l Co., Ltd.) G:\PROGRAMY\Gaming APP\MSI_LED.exe
  35. (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe
  36. (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
  37. (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
  38. (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
  39. (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
  40. (NVIDIA Corporation) C:\Users\Dawid\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
  41. (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
  42. (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
  43. () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
  44. () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
  45. (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
  46. (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.165_none_eaf410441d6d7311\TiWorker.exe
  47. (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
  48. (Epic Games, Inc.) G:\GRY\EpicGames\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
  49. (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
  50. (Epic Games, Inc.) G:\GRY\EpicGames\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
  51. (Epic Games, Inc.) G:\GRY\EpicGames\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
  52.  
  53. ==================== Registry (Whitelisted) ===========================
  54.  
  55. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  56.  
  57. HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
  58. HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2018-04-05] (Realtek Semiconductor)
  59. HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
  60. HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
  61. HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
  62. HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
  63. HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [57954808 2018-03-04] (Discord Inc.)
  64. HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2018-05-30] (LogMeIn Inc.)
  65. HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
  66. HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
  67. HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\Run: [DAEMON Tools Lite Automount] => G:\PROGRAMY\DAEMON Tools Lite\DTAgent.exe [5263040 2018-01-30] (Disc Soft Ltd)
  68. HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3206432 2018-08-09] (Valve Corporation)
  69. HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\Run: [Discord] => C:\Users\Dawid\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
  70. HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\Run: [CCleaner Monitoring] => G:\PROGRAMY\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
  71. HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\Run: [EpicGamesLauncher] => G:\GRY\EpicGames\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32973712 2018-07-26] (Epic Games, Inc.)
  72. HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\RunOnce: [Application Restart #0] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI)
  73. HKU\S-1-5-21-3848223809-3660055808-2796009117-1001\...\Winlogon: [Shell] C:\Windows\System32\cmd.exe [273920 2018-04-12] (Microsoft Corporation) <==== ATTENTION
  74.  
  75. ==================== Internet (Whitelisted) ====================
  76.  
  77. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  78.  
  79. Tcpip\..\Interfaces\{05f01c30-ae2c-40f5-8921-a70a42555589}: [NameServer] 8.8.8.8
  80. Tcpip\..\Interfaces\{53a907c7-0068-11e8-8286-806e6f6e6963}: [NameServer] 8.8.8.8
  81. Tcpip\..\Interfaces\{8b6d7d5f-d3fa-423c-859b-89fb128a3299}: [DhcpNameServer] 192.168.1.1
  82. Tcpip\..\Interfaces\{ae28c06c-3666-4e8d-82a3-78eef270980e}: [NameServer] 8.8.8.8
  83. Tcpip\..\Interfaces\{cb38fbd2-c1d4-4382-beac-84460fe58627}: [NameServer] 8.8.8.8
  84. Tcpip\..\Interfaces\{f9daa187-0eab-47aa-806a-b94a0f5010ab}: [NameServer] 8.8.8.8
  85. Tcpip\..\Interfaces\{f9daa187-0eab-47aa-806a-b94a0f5010ab}: [DhcpNameServer] 192.168.0.1
  86.  
  87. Internet Explorer:
  88. ==================
  89.  
  90. FireFox:
  91. ========
  92. FF DefaultProfile: j6co5fv1.default
  93. FF ProfilePath: C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\j6co5fv1.default [2018-08-12]
  94. FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-15] ()
  95. FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
  96. FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-15] ()
  97. FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-06-01] (NVIDIA Corporation)
  98. FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-06-01] (NVIDIA Corporation)
  99. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
  100. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
  101. FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
  102. FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
  103.  
  104. Chrome:
  105. =======
  106. CHR StartupUrls: Default -> "","hxxp://google.pl/"
  107. CHR DefaultSearchKeyword: Default -> google.pl_
  108. CHR Profile: C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default [2018-08-12]
  109. CHR Extension: (Prezentacje) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-23]
  110. CHR Extension: (Dokumenty) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-23]
  111. CHR Extension: (Dysk Google) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-23]
  112. CHR Extension: (YouTube) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-23]
  113. CHR Extension: (Adblock Plus) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-07-18]
  114. CHR Extension: (Adobe Acrobat) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-07-06]
  115. CHR Extension: (Arkusze) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-23]
  116. CHR Extension: (Dokumenty Google offline) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-23]
  117. CHR Extension: (No Coin - Block miners on the web!) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2018-03-21]
  118. CHR Extension: (Google Keep – notatki i listy) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2018-08-09]
  119. CHR Extension: (SmallringFX DarkBlue Theme) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfijmgohofmpjlcgmjplbpmkpchdhpk [2018-06-03]
  120. CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02]
  121. CHR Extension: (Gmail) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-23]
  122. CHR Extension: (Chrome Media Router) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-05]
  123. CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!