API tools faq
paste
Guest User

FRST

a guest
Mar 10th, 2018
198
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.65 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.03.2018
  2. Ran by UTENTE (administrator) on DESKTOP-53PTRDK (10-03-2018 16:21:33)
  3. Running from D:\
  4. Loaded Profiles: UTENTE (Available Profiles: UTENTE)
  5. Platform: Windows 10 Pro Version 1709 16299.248 (X64) Language: Italiano (Italia)
  6. Internet Explorer Version 11 (Default browser: Chrome)
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
  15. (Tempo Semiconductor Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
  16. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
  17. (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\MsMpEng.exe
  18. (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
  19. (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\NisSrv.exe
  20. (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
  21. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  22. (Intel Corporation) C:\Windows\System32\igfxEM.exe
  23. (Intel Corporation) C:\Windows\System32\igfxHK.exe
  24. (Intel Corporation) C:\Windows\System32\igfxTray.exe
  25. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
  26. (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
  27. () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe
  28. (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
  29. (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
  30. (Microsoft Corporation) C:\Windows\System32\dllhost.exe
  31.  
  32. ==================== Registry (Whitelisted) ===========================
  33.  
  34. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  35.  
  36. HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
  37. HKU\S-1-5-21-4032428732-2652569770-1198461905-1001\...\Run: [8A9A198253BB3192DFA080CFFA978F96ED25D8DD._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1581912 2018-02-22] (Google Inc.)
  38.  
  39. ==================== Internet (Whitelisted) ====================
  40.  
  41. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  42.  
  43. HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings)
  44. ProxyEnable: [HKLM] => Proxy is enabled.
  45. ProxyEnable: [HKLM-x32] => Proxy is enabled.
  46. ProxyServer: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
  47. ProxyServer: [HKLM-x32] => http=127.0.0.1:8080;https=127.0.0.1:8080
  48. AutoConfigURL: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
  49. ProxyEnable: [S-1-5-21-4032428732-2652569770-1198461905-1001] => Proxy is enabled.
  50. ProxyServer: [S-1-5-21-4032428732-2652569770-1198461905-1001] => http=127.0.0.1:8080;https=127.0.0.1:8080
  51. Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
  52. Tcpip\..\Interfaces\{4649e4c7-bfda-4c27-8cb3-b1cf41d4a3ca}: [DhcpNameServer] 192.168.1.1
  53. Tcpip\..\Interfaces\{5bcfa3c4-a53c-4ab8-825d-a25830eb78aa}: [DhcpNameServer] 192.168.1.1
  54. ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080
  55.  
  56. Internet Explorer:
  57. ==================
  58. HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
  59.  
  60. FireFox:
  61. ========
  62. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-18] (Google Inc.)
  63. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-18] (Google Inc.)
  64. FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
  65.  
  66. Chrome:
  67. =======
  68. CHR HomePage: Default -> hxxp://www.google.it/
  69. CHR StartupUrls: Default -> "hxxp://www.google.it/"
  70. CHR Profile: C:\Users\UTENTE\AppData\Local\Google\Chrome\User Data\Default [2018-03-10]
  71. CHR Extension: (Presentazioni) - C:\Users\UTENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-10]
  72. CHR Extension: (Documenti) - C:\Users\UTENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-10]
  73. CHR Extension: (Google Drive) - C:\Users\UTENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-10]
  74. CHR Extension: (YouTube) - C:\Users\UTENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-10]
  75. CHR Extension: (Adblock Plus) - C:\Users\UTENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-29]
  76. CHR Extension: (Fogli) - C:\Users\UTENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-10]
  77. CHR Extension: (Google Documenti offline) - C:\Users\UTENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-10]
  78. CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\UTENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-10]
  79. CHR Extension: (Gmail) - C:\Users\UTENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-10]
  80. CHR Extension: (Chrome Media Router) - C:\Users\UTENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-05]
  81.  
  82. ==================== Services (Whitelisted) ====================
  83.  
  84. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  85.  
  86. R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [320472 2018-03-09] (Intel Corporation)
  87. R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6440736 2018-03-03] (Malwarebytes)
  88. S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-11-26] (Microsoft Corporation)
  89. R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [350224 2015-07-22] (Tempo Semiconductor Inc.)
  90. R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated)
  91. R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [356152 2018-03-06] (Microsoft Corporation)
  92. R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [106280 2018-03-06] (Microsoft Corporation)
  93.  
  94. ===================== Drivers (Whitelisted) ======================
  95.  
  96. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  97.  
  98. R3 AmUStor; C:\Windows\system32\drivers\AmUStor.SYS [90560 2018-03-09] (Alcorlink Corp.)
  99. R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [76200 2018-01-18] ()
  100. R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-03-09] (REALiX(tm))
  101. R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193248 2018-03-10] (Malwarebytes)
  102. R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [109800 2018-03-10] (Malwarebytes)
  103. R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [45960 2018-03-10] (Malwarebytes)
  104. R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-03-10] (Malwarebytes)
  105. R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [101600 2018-03-10] (Malwarebytes)
  106. R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [7959408 2018-03-09] (Realtek Semiconductor Corporation )
  107. S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [151552 2017-09-30] (Microsoft Corporation)
  108. R3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [561680 2015-07-22] (Tempo Semiconductor Inc.)
  109. R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [44952 2017-04-27] (Toshiba Client Solutions Co., Ltd.)
  110. S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46072 2018-03-06] (Microsoft Corporation)
  111. R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [288296 2018-03-06] (Microsoft Corporation)
  112. R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [129568 2018-03-06] (Microsoft Corporation)
  113.  
  114. ==================== NetSvcs (Whitelisted) ===================
  115.  
  116. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!