API tools faq
paste
Advertisement
Guest User

FRST.txt

a guest
Oct 24th, 2017
262
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 30.25 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-10-2017 01
  2. Ran by bgrze (administrator) on GRZELU-KOMPUTER (24-10-2017 16:56:48)
  3. Running from C:\Users\bgrze\Desktop\wind fix
  4. Loaded Profiles: bgrze (Available Profiles: bgrze)
  5. Platform: Windows 10 Pro Version 1703 15063.608 (X64) Language: Angielski (Stany Zjednoczone)
  6. Internet Explorer Version 11 (Default browser: Chrome)
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
  15. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
  16. (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe
  17. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
  18. (Cisco Systems, Inc.) C:\Program Files\Immunet\6.0.6\sfc.exe
  19. () C:\Windows\SysWOW64\PnkBstrA.exe
  20. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
  21. (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
  22. (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe
  23. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
  24. () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
  25. (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
  26. (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
  27. (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
  28. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  29. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  30. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  31. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  32. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  33. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  34. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  35. (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
  36. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
  37. () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareTray.exe
  38. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  39. (Flux Software LLC) C:\Users\bgrze\AppData\Local\FluxSoftware\Flux\flux.exe
  40. (Immunet) C:\Program Files\Immunet\6.0.6\iptray.exe
  41. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  42. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  43. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  44. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  45. (Razer USA Ltd) C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
  46. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  47. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  48. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  49. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  50. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  51. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  52. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  53. (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.410_none_9e914f9d2d85dacb\TiWorker.exe
  54. (Microsoft Corporation) C:\Windows\System32\wscript.exe
  55. (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
  56.  
  57. ==================== Registry (Whitelisted) ===========================
  58.  
  59. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  60.  
  61. HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
  62. HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8783616 2016-01-21] (Realtek Semiconductor)
  63. HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
  64. HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
  65. HKLM\...\Run: [AdAwareTray] => C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareTray.exe [4461016 2017-02-21] ()
  66. HKLM-x32\...\Run: [Immunet Protect] => C:\Program Files\Immunet\6.0.6\iptray.exe [3842752 2017-10-19] (Immunet)
  67. HKLM-x32\...\Run: [Razer Imperator Driver] => C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe [980504 2012-12-21] (Razer USA Ltd)
  68. HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Programy\Hamachi\hamachi-2-ui.exe [6153128 2017-05-22] (LogMeIn Inc.)
  69. HKU\S-1-5-21-966451903-2946700475-3315859100-1001\...\Run: [f.lux] => C:\Users\bgrze\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
  70. HKU\S-1-5-21-966451903-2946700475-3315859100-1001\...\Run: [Steam] => D:\Steam\steam.exe [3101984 2017-10-17] (Valve Corporation)
  71. HKU\S-1-5-21-966451903-2946700475-3315859100-1001\...\Run: [Discord] => C:\Users\bgrze\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
  72. HKU\S-1-5-21-966451903-2946700475-3315859100-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
  73. HKU\S-1-5-21-966451903-2946700475-3315859100-1001\...\Run: [GalaxyClient] => D:\Gry\GOG Galaxy\GalaxyClient.exe [5161536 2017-09-18] (GOG.com)
  74. HKU\S-1-5-21-966451903-2946700475-3315859100-1001\...\Run: [MiPhoneManager] => C:\Users\bgrze\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe [157624 2016-03-11] ()
  75. SSODL: EldosMountNotificator-cbfs6 - {29719B01-1E78-4989-A847-FE24ECE23992} - C:\WINDOWS\system32\cbfsMntNtf6.dll (/n software, Inc.)
  76. SSODL-x32: EldosMountNotificator-cbfs6 - {29719B01-1E78-4989-A847-FE24ECE23992} - C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll (/n software, Inc.)
  77. Startup: C:\Users\bgrze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2016-08-11] ()
  78. Startup: C:\Users\bgrze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-10-16]
  79. ShortcutTarget: Twitch.lnk -> C:\Users\bgrze\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
  80.  
  81. ==================== Internet (Whitelisted) ====================
  82.  
  83. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  84.  
  85. Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
  86. Tcpip\..\Interfaces\{66ca0cb9-9100-4cca-915e-b272476f6cb2}: [DhcpNameServer] 192.168.1.1
  87.  
  88. Internet Explorer:
  89. ==================
  90. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
  91. HKU\S-1-5-21-966451903-2946700475-3315859100-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
  92.  
  93. FireFox:
  94. ========
  95. FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
  96. FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
  97. FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
  98. FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
  99. FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-08] (NVIDIA Corporation)
  100. FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-08] (NVIDIA Corporation)
  101. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
  102. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
  103. FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
  104. FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
  105. FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
  106.  
  107. Chrome:
  108. =======
  109. CHR HomePage: Default -> hxxp://www.google.com/
  110. CHR StartupUrls: Default -> "hxxp://www.google.pl/","hxxps://www.google.pl/maps/mm"
  111. CHR Profile: C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default [2017-10-24]
  112. CHR Extension: (Prezentacje) - C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
  113. CHR Extension: (Dokumenty) - C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
  114. CHR Extension: (Dysk Google) - C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-21]
  115. CHR Extension: (Video AdBlock for Chrome) - C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2016-01-22]
  116. CHR Extension: (YouTube) - C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-21]
  117. CHR Extension: (Nimbus Screenshot & Screen Video Recorder) - C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2017-10-20]
  118. CHR Extension: (Google Search) - C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-21]
  119. CHR Extension: (CasinoRPG - Poker, Slots, Tycoon, MMORPG) - C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfadcimibgpdemlpghdofndlapaiciel [2016-04-27]
  120. CHR Extension: (Tampermonkey) - C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-09-25]
  121. CHR Extension: (Arkusze) - C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
  122. CHR Extension: (Pulpit zdalny Chrome) - C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-10-15]
  123. CHR Extension: (Dokumenty Google offline) - C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
  124. CHR Extension: (AdBlock) - C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-19]
  125. CHR Extension: (Battlestar Galactica Online) - C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbmdfdhanakpfoiaomnelodiejioflb [2017-03-06]
  126. CHR Extension: (Until AM Web App) - C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnk [2016-01-21]
  127. CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
  128. CHR Extension: (Gmail) - C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-21]
  129. CHR Extension: (Chrome Media Router) - C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-26]
  130. CHR Profile: C:\Users\bgrze\AppData\Local\Google\Chrome\User Data\System Profile [2017-10-11]
  131. CHR HKU\S-1-5-21-966451903-2946700475-3315859100-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
  132. CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
  133.  
  134. ==================== Services (Whitelisted) ====================
  135.  
  136. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  137.  
  138. S4 adawareantivirusservice; C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareService.exe [585784 2017-02-21] ()
  139. R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe [71512 2017-07-31] (Google Inc.)
  140. S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
  141. S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2017-06-16] (EasyAntiCheat Ltd)
  142. S3 GalaxyClientService; D:\Gry\GOG Galaxy\GalaxyClientService.exe [532544 2017-09-18] (GOG.com)
  143. S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8242752 2017-09-18] (GOG.com)
  144. S4 Hamachi2Svc; D:\Programy\Hamachi\x64\hamachi-2.exe [3760040 2017-05-22] (LogMeIn Inc.)
  145. S4 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [5615280 2016-06-08] (Hola Networks Ltd.) [File not signed] <==== ATTENTION
  146. R2 ImmunetProtect_6.0.6; C:\Program Files\Immunet\6.0.6\sfc.exe [1226968 2017-10-19] (Cisco Systems, Inc.)
  147. S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
  148. R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
  149. S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
  150. R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-08] (NVIDIA Corporation)
  151. R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-11] (NVIDIA Corporation)
  152. S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123104 2017-10-09] (Electronic Arts)
  153. R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3002720 2017-10-09] (Electronic Arts)
  154. R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2017-06-24] ()
  155. S3 scan; C:\Program Files\Immunet\tetra\scan.dll [627688 2017-10-19] (Bitdefender)
  156. S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-19] (Microsoft Corporation)
  157. S4 VMAuthdService; D:\VMware\vmware-authd.exe [99816 2017-03-21] (VMware, Inc.)
  158. S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
  159. S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
  160. S4 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
  161.  
  162. ===================== Drivers (Whitelisted) ======================
  163.  
  164. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  165.  
  166. S3 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-11-23] (BitDefender)
  167. S3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-11-23] (BitDefender)
  168. R1 bdfwfpf; C:\Program Files\adaware\adaware antivirus\AdAwareProxyEngine\1.0.0.8\bdfwfpf.sys [127312 2016-06-16] (BitDefender LLC)
  169. R1 cbfs6; C:\WINDOWS\system32\drivers\cbfs6.sys [460992 2016-09-21] (/n software, Inc.)
  170. R3 DroidCam; C:\WINDOWS\system32\DRIVERS\droidcam.sys [33592 2017-05-09] (Dev47Apps)
  171. R3 DroidCamVideo; C:\WINDOWS\system32\DRIVERS\droidcamvideo.sys [230712 2017-05-09] (Windows (R) Win 7 DDK provider)
  172. R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-02-03] (Disc Soft Ltd)
  173. R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-02-03] (Disc Soft Ltd)
  174. S3 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [178384 2017-02-08] (BitDefender LLC)
  175. R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
  176. R0 ignis; C:\WINDOWS\System32\drivers\ignis.sys [300840 2016-08-15] (Bitdefender)
  177. R2 ImmunetNetworkMonitorDriver; C:\WINDOWS\System32\Drivers\ImmunetNetworkMonitor.sys [119608 2017-10-19] (Cisco Systems, Inc.)
  178. R1 ImmunetProtectDriver; C:\WINDOWS\System32\Drivers\immunetprotect.sys [111936 2017-10-19] (Cisco Systems, Inc.)
  179. R1 ImmunetSelfProtectDriver; C:\WINDOWS\System32\Drivers\immunetselfprotect.sys [76096 2017-10-19] (Cisco Systems, Inc.)
  180. R3 imperator2; C:\WINDOWS\System32\drivers\imperator2.sys [11776 2012-12-10] (Razer USA Ltd)
  181. R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2d81f3535ced17c6\nvlddmkm.sys [14461344 2017-06-09] (NVIDIA Corporation)
  182. S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
  183. R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
  184. R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation)
  185. R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
  186. R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
  187. S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
  188. S3 sparkocam; C:\WINDOWS\system32\DRIVERS\sparkocam.sys [37200 2016-09-01] (Sparkosoft)
  189. S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [485512 2017-10-19] (BitDefender S.R.L.)
  190. R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
  191. R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [18624 2016-09-21] (/n software, Inc.)
  192. R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2016-09-30] (VMware, Inc.)
  193. S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
  194. S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
  195. S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
  196. S1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
  197. S1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
  198. S1 jcodphda; \??\C:\WINDOWS\system32\drivers\jcodphda.sys [X]
  199.  
  200. ==================== NetSvcs (Whitelisted) ===================
  201.  
  202. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  203.  
  204.  
  205. ==================== One Month Created files and folders ========
  206.  
  207. (If an entry is included in the fixlist, the file/folder will be moved.)
  208.  
  209. 2017-10-24 16:56 - 2017-10-24 16:56 - 000000000 ____D C:\FRST
  210. 2017-10-24 16:55 - 2017-10-24 16:55 - 000019289 _____ C:\Users\bgrze\Desktop\MBRCheck_10.24.17_16.55.22.txt
  211. 2017-10-24 16:52 - 2017-10-24 16:52 - 000000000 ____D C:\rsit
  212. 2017-10-24 16:52 - 2017-10-24 16:52 - 000000000 ____D C:\Program Files\trend micro
  213. 2017-10-24 16:48 - 2017-10-24 16:56 - 000000000 ____D C:\Users\bgrze\Desktop\wind fix
  214. 2017-10-24 16:39 - 2017-10-24 16:39 - 000140132 _____ C:\Users\bgrze\Desktop\fax00085622.pdf
  215. 2017-10-21 00:46 - 2017-10-21 00:46 - 000000108 ____H C:\Users\bgrze\Desktop\.~lock.Relic sheet 2.0- Electric Boogaloo.ods#
  216. 2017-10-21 00:45 - 2017-10-21 00:45 - 000027170 _____ C:\Users\bgrze\Desktop\Relic sheet 2.0- Electric Boogaloo.ods
  217. 2017-10-19 16:39 - 2017-10-19 16:39 - 000022981 _____ C:\Users\bgrze\Desktop\document1.pdf
  218. 2017-10-16 16:27 - 2017-10-19 22:44 - 000000000 ____D C:\Users\bgrze\AppData\Roaming\Twitch
  219. 2017-10-16 16:27 - 2017-10-16 16:27 - 000001089 _____ C:\Users\bgrze\Desktop\Twitch.lnk
  220. 2017-10-16 16:27 - 2017-10-16 16:27 - 000001075 _____ C:\Users\bgrze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk
  221. 2017-10-16 15:22 - 2017-10-17 00:29 - 000000000 ____D C:\Users\bgrze\AppData\Local\Deployment
  222. 2017-10-13 13:28 - 2017-10-13 13:28 - 000179422 _____ C:\Users\bgrze\Desktop\Neuss_Goldach_131017.pdf
  223. 2017-10-11 18:52 - 2017-10-11 18:52 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
  224. 2017-10-11 18:21 - 2017-10-11 18:21 - 000075992 _____ C:\Users\bgrze\Documents\cc_20171011_182123.reg
  225. 2017-10-11 18:17 - 2017-10-11 18:17 - 009809688 _____ (Piriform Ltd) C:\Users\bgrze\Desktop\ccsetup535.exe
  226. 2017-10-10 18:50 - 2017-10-10 18:50 - 000400178 _____ C:\Users\bgrze\Desktop\827155438773.pdf
  227. 2017-10-03 21:50 - 2017-10-19 22:12 - 000094528 _____ (Company) C:\WINDOWS\system32\Drivers\CiscoAMPHeurDriver.sys
  228. 2017-10-03 21:50 - 2017-10-19 22:12 - 000057664 _____ C:\WINDOWS\system32\Drivers\CiscoAMPCEFWDriver.sys
  229. 2017-10-03 18:57 - 2017-10-03 18:57 - 015756368 _____ (TeamViewer GmbH) C:\Users\bgrze\Desktop\TeamViewer_Setup (1).exe
  230. 2017-10-01 21:11 - 2017-10-01 21:11 - 000000000 ____D C:\Users\bgrze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
  231. 2017-10-01 19:36 - 2017-10-01 19:36 - 000025799 _____ C:\Users\bgrze\Desktop\Zlecenie_dla_przewoznika__10351_CE_ZL_09_2017__2017_09_29.pdf
  232. 2017-09-28 08:29 - 2017-09-28 08:29 - 000038406 _____ C:\Users\bgrze\Documents\exori.mcr
  233. 2017-09-28 00:08 - 2017-09-28 00:08 - 000000000 ____D C:\Users\bgrze\AppData\Roaming\Macro Recorder
  234. 2017-09-28 00:08 - 2017-09-28 00:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MacroRecorderLite
  235. 2017-09-28 00:08 - 2010-06-16 16:14 - 000044032 _____ (Jitbit Software) C:\WINDOWS\SysWOW64\SystemHookCore.dll
  236. 2017-09-28 00:08 - 2005-04-15 17:58 - 001351392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.ocx
  237. 2017-09-27 22:07 - 2017-09-27 22:07 - 000001208 _____ C:\Users\bgrze\Desktop\Tibia Auto.lnk
  238. 2017-09-25 19:03 - 2017-09-25 19:03 - 000308335 _____ C:\Users\bgrze\Desktop\tmp_09.11._Transportauftrag - Langenhagen nach Thiested MTD.PDF
  239.  
  240. ==================== One Month Modified files and folders ========
  241.  
  242. (If an entry is included in the fixlist, the file/folder will be moved.)
  243.  
  244. 2017-10-24 16:58 - 2016-01-21 02:25 - 000000000 ____D C:\Program Files\Immunet
  245. 2017-10-24 16:57 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
  246. 2017-10-24 16:41 - 2017-09-23 02:49 - 001259512 _____ C:\WINDOWS\system32\perfh015.dat
  247. 2017-10-24 16:41 - 2017-09-23 02:49 - 000294100 _____ C:\WINDOWS\system32\perfc015.dat
  248. 2017-10-24 16:41 - 2017-09-22 17:09 - 002723318 _____ C:\WINDOWS\system32\PerfStringBackup.INI
  249. 2017-10-24 16:36 - 2017-09-22 16:59 - 000000000 ____D C:\ProgramData\NVIDIA
  250. 2017-10-24 16:35 - 2017-09-22 17:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
  251. 2017-10-24 16:35 - 2017-09-22 17:00 - 000000000 ____D C:\Users\bgrze
  252. 2017-10-24 16:32 - 2016-01-21 10:52 - 000000000 ____D C:\Users\bgrze\AppData\Local\Battle.net
  253. 2017-10-24 16:25 - 2016-04-12 21:14 - 000000000 ____D C:\Users\bgrze\AppData\Local\Adobe
  254. 2017-10-24 16:18 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
  255. 2017-10-24 16:18 - 2017-03-18 13:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
  256. 2017-10-24 00:30 - 2016-01-21 02:09 - 000000000 ____D C:\Users\bgrze\AppData\Roaming\TS3Client
  257. 2017-10-24 00:05 - 2017-03-04 10:28 - 000001658 _____ C:\Users\bgrze\Desktop\a.txt
  258. 2017-10-23 19:41 - 2017-09-22 17:04 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  259. 2017-10-23 19:41 - 2017-09-22 17:04 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  260. 2017-10-23 19:41 - 2017-09-22 16:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
  261. 2017-10-23 19:41 - 2017-09-22 16:59 - 000000000 ____D C:\Program Files\NVIDIA Corporation
  262. 2017-10-23 19:41 - 2017-09-22 16:59 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
  263. 2017-10-23 19:40 - 2017-09-22 17:04 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  264. 2017-10-23 19:40 - 2017-09-22 17:04 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  265. 2017-10-23 19:40 - 2017-09-22 17:04 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  266. 2017-10-23 19:40 - 2017-09-22 17:04 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  267. 2017-10-23 19:40 - 2017-09-22 17:04 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  268. 2017-10-23 19:40 - 2017-09-22 17:04 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  269. 2017-10-22 20:02 - 2017-09-22 16:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
  270. 2017-10-22 12:53 - 2017-09-22 17:04 - 000004748 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
  271. 2017-10-22 12:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
  272. 2017-10-22 12:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
  273. 2017-10-21 14:18 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
  274. 2017-10-20 16:58 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
  275. 2017-10-19 22:31 - 2016-01-21 09:24 - 000000000 ____D C:\Users\bgrze\AppData\Local\ElevatedDiagnostics
  276. 2017-10-19 22:11 - 2017-02-08 14:52 - 000485512 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\Trufos.sys
  277. 2017-10-19 22:11 - 2016-10-09 01:17 - 000071096 _____ (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\ImmunetUtilDriver.sys
  278. 2017-10-19 22:11 - 2016-01-21 02:27 - 000000000 ____D C:\ProgramData\Immunet
  279. 2017-10-19 22:11 - 2016-01-21 02:25 - 000119608 _____ (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\ImmunetNetworkMonitor.sys
  280. 2017-10-19 22:11 - 2016-01-21 02:25 - 000111936 _____ (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\immunetprotect.sys
  281. 2017-10-19 22:11 - 2016-01-21 02:25 - 000076096 _____ (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\immunetselfprotect.sys
  282. 2017-10-16 15:30 - 2016-01-22 21:43 - 000000000 ____D C:\Users\bgrze\AppData\Roaming\uTorrent
  283. 2017-10-15 22:15 - 2017-06-11 10:37 - 000000000 ____D C:\Program Files (x86)\Origin
  284. 2017-10-13 02:21 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
  285. 2017-10-13 02:21 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
  286. 2017-10-11 18:53 - 2016-01-21 19:17 - 000000000 ____D C:\WINDOWS\system32\MRT
  287. 2017-10-11 18:52 - 2016-01-21 19:17 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
  288. 2017-10-11 18:20 - 2017-09-17 22:00 - 000000000 ___DC C:\WINDOWS\Panther
  289. 2017-10-11 18:20 - 2017-03-31 20:37 - 000000000 ____D C:\Users\bgrze\AppData\Roaming\MPC-HC
  290. 2017-10-11 18:20 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
  291. 2017-10-11 18:20 - 2016-02-03 16:24 - 000000000 ____D C:\Users\bgrze\AppData\Roaming\DAEMON Tools Lite
  292. 2017-10-11 18:20 - 2016-01-21 04:06 - 000000000 ____D C:\Users\bgrze\AppData\Local\CrashDumps
  293. 2017-10-11 18:18 - 2016-10-29 01:39 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
  294. 2017-10-11 03:05 - 2017-07-23 21:23 - 000186304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
  295. 2017-10-11 03:05 - 2017-07-23 21:23 - 000152512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
  296. 2017-10-11 03:05 - 2017-07-23 21:23 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
  297. 2017-10-11 03:05 - 2017-07-23 21:23 - 000050624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
  298. 2017-10-11 03:05 - 2017-06-11 11:36 - 001796032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
  299. 2017-10-11 03:05 - 2017-06-11 11:36 - 001577920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
  300. 2017-10-11 03:05 - 2017-06-11 11:36 - 000918976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
  301. 2017-10-11 01:26 - 2017-06-11 11:33 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
  302. 2017-10-07 14:21 - 2016-01-23 11:57 - 000000000 ____D C:\Users\bgrze\Documents\The Witcher 3
  303. 2017-10-03 21:50 - 2016-10-09 01:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immunet
  304. 2017-10-01 21:11 - 2016-09-27 23:16 - 000002278 _____ C:\Users\bgrze\Desktop\Discord.lnk
  305. 2017-10-01 21:11 - 2016-09-27 23:16 - 000000000 ____D C:\Users\bgrze\AppData\Roaming\discord
  306. 2017-10-01 21:10 - 2016-09-27 23:16 - 000000000 ____D C:\Users\bgrze\AppData\Local\Discord
  307. 2017-09-30 16:54 - 2016-12-31 19:04 - 000000000 ____D C:\Users\bgrze\AppData\Local\NFS Underground 2
  308. 2017-09-28 08:29 - 2017-09-22 16:58 - 000260640 _____ C:\WINDOWS\system32\FNTCACHE.DAT
  309. 2017-09-26 20:48 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
  310. 2017-09-26 18:13 - 2017-05-31 00:16 - 000002278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
  311. 2017-09-26 18:13 - 2017-05-31 00:16 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk
  312.  
  313. ==================== Files in the root of some directories =======
  314.  
  315. 2016-01-21 10:40 - 2017-05-12 17:49 - 000007600 _____ () C:\Users\bgrze\AppData\Local\Resmon.ResmonCfg
  316. 2017-09-22 16:59 - 2017-09-22 16:59 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
  317. 2017-05-09 19:50 - 2017-05-16 17:20 - 000000035 _____ () C:\ProgramData\droidcam-settings
  318.  
  319. ==================== Bamital & volsnap ======================
  320.  
  321. (There is no automatic fix for files that do not pass verification.)
  322.  
  323. C:\WINDOWS\system32\winlogon.exe => File is digitally signed
  324. C:\WINDOWS\system32\wininit.exe => File is digitally signed
  325. C:\WINDOWS\explorer.exe => File is digitally signed
  326. C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
  327. C:\WINDOWS\system32\svchost.exe => File is digitally signed
  328. C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
  329. C:\WINDOWS\system32\services.exe => File is digitally signed
  330. C:\WINDOWS\system32\User32.dll => File is digitally signed
  331. C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
  332. C:\WINDOWS\system32\userinit.exe => File is digitally signed
  333. C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
  334. C:\WINDOWS\system32\rpcss.dll => File is digitally signed
  335. C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
  336. C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
  337. C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
  338.  
  339. LastRegBack: 2017-10-20 17:26
  340.  
  341. ==================== End of FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!