Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
- Ran by Agnieszka (03-12-2018 20:04:22)
- Running from C:\Users\Agnieszka\Downloads
- Windows 7 Home Premium Service Pack 1 (X64) (2017-03-28 21:05:59)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-1622766254-3777425526-3000543917-500 - Administrator - Disabled)
- Agnieszka (S-1-5-21-1622766254-3777425526-3000543917-1000 - Administrator - Enabled) => C:\Users\Agnieszka
- Guest (S-1-5-21-1622766254-3777425526-3000543917-501 - Limited - Disabled)
- HomeGroupUser$ (S-1-5-21-1622766254-3777425526-3000543917-1002 - Limited - Enabled)
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
- AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3}
- AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.2.8870 - Adobe Systems Inc.)
- Adobe Flash Player 31 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 31.0.0.153 - Adobe Systems Incorporated)
- Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
- Adobe Reader 9.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A92000000001}) (Version: 9.2.0 - Adobe Systems Incorporated)
- Aplikacja Blizzard (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
- Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
- Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
- Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
- Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
- ATI Catalyst Install Manager (HKLM\...\{C260A1C3-EB49-F99A-38BA-B59C020D4609}) (Version: 3.0.741.0 - ATI Technologies, Inc.)
- Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.59 - Bitdefender)
- Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.10.12 - Bitdefender)
- Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.00.15(T) - TOSHIBA CORPORATION)
- Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
- ccc-core-static (HKLM-x32\...\{6ABF4A27-C269-88EB-1CA8-5A1D78A2FF08}) (Version: 2009.0908.2225.38429 - ATI) Hidden
- Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
- D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
- Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
- Divine Divinity (HKLM-x32\...\1207658805_is1) (Version: 2.1.0.32 - GOG.com)
- GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
- Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
- Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
- Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
- Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
- Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
- Islandzki Trening od podstaw (HKLM-x32\...\Islandzki_trening_od_podstaw_is1) (Version: - )
- iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
- Java(TM) 6 Update 14 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)
- Junk Mail filter update (HKLM-x32\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
- Malwarebytes (wersja 3.6.1.2711) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
- Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
- Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
- Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
- Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
- Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
- Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
- Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
- Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
- Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
- Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
- Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
- Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
- Photo Service - powered by myphotobook (HKLM-x32\...\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.0.5-124 - myphotobook GmbH)
- PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
- Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek)
- Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5964 - Realtek Semiconductor Corp.)
- Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
- Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)
- Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
- Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.11.0 - Synaptics Incorporated)
- Toshiba Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.10 - TOSHIBA)
- TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}) (Version: 1.5.06.64 - TOSHIBA Corporation)
- TOSHIBA ConfigFree (HKLM-x32\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.25 - TOSHIBA Corporation)
- TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
- TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.1.06-A - TOSHIBA Corporation)
- TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.1.12.64 - TOSHIBA Corporation)
- TOSHIBA Extended Tiles for Windows Mobility Center (HKLM-x32\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: - )
- TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
- TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.4C - TOSHIBA CORPORATION)
- TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.16C - TOSHIBA CORPORATION)
- TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.4 - TOSHIBA Corporation)
- Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.00 - TOSHIBA)
- Toshiba Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.08.0001 - TOSHIBA)
- TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.5.1.64 - TOSHIBA Corporation)
- TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 x64 - TOSHIBA Corporation)
- TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
- TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}) (Version: 1.5.08.64 - TOSHIBA Corporation)
- TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
- TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.7C - TOSHIBA CORPORATION)
- Toshiba TEMPRO (HKLM-x32\...\{14555947-6F14-421F-8F61-6489E0FDFAE5}) (Version: 3.08 - Toshiba Europe GmbH)
- TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.9 - TOSHIBA Corporation)
- TRORMCLauncher (HKLM\...\{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.9 - TOSHIBA) Hidden
- TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: - )
- Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
- Utility Common Driver (HKLM-x32\...\{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.50.27C - TOSHIBA) Hidden
- VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
- Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
- Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
- Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
- WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- CustomCLSID: HKU\S-1-5-21-1622766254-3777425526-3000543917-1000_Classes\CLSID\{8be99a72-0f74-435c-80b3-5d62c3a6c8fa}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
- ContextMenuHandlers1: [tosBtShllExt] -> {6BEF3D0B-53F0-4b0d-B91C-C19ED3D4C9D1} => C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll [2009-06-18] (TOSHIBA)
- ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
- ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
- ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
- ContextMenuHandlers4: [tosBtShllExt] -> {6BEF3D0B-53F0-4b0d-B91C-C19ED3D4C9D1} => C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll [2009-06-18] (TOSHIBA)
- ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2009-09-08] (Advanced Micro Devices, Inc.)
- ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
- ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
- ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Task: {02B4A959-B247-4F9C-BABB-74A0F31AC96E} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-07-31] (Bitdefender)
- Task: {20054692-FD01-4918-968C-6590E8A53422} - System32\Tasks\{71CE00C5-C456-4D4D-ACCE-6C2F527B91CE} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.33.0.105&LastError=-9
- Task: {378C20D8-C76F-488D-97DA-AC1332AC7757} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-09-04] (Google Inc.)
- Task: {416EB07A-A6E0-4EF5-9BBA-90602FE43AD3} - System32\Tasks\{3D9BD535-D48F-44E3-8199-4C452E2B65B0} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.33.0.105&LastError=-9
- Task: {6B1557C9-B4D0-4EE6-AE33-04BDFA0BEB2F} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2009-10-28] (TOSHIBA CORPORATION)
- Task: {6D3C1368-18D4-490C-8054-2F2733B7C995} - System32\Tasks\{4A4E11A3-8623-420B-8361-620A470BC189} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.33.0.105&LastError=-9
- Task: {DC399653-E000-494D-86AF-E3F70E9B95D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-09-04] (Google Inc.)
- Task: {DDBEC1F2-9361-4201-9CDA-46C97122E24A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_pepper.exe [2018-11-21] (Adobe Systems Incorporated)
- Task: {E0475A8C-FCA4-46DB-841F-34AB06E7150C} - System32\Tasks\{2BC96852-98ED-45ED-A0C9-70472EB0DCB6} => C:\Windows\system32\pcalua.exe -a C:\Users\AGNIES~1\AppData\Local\Temp\VSDC428.tmp\DotNetFx35Client\DotNetFx35ClientSetup.exe -d C:\Users\Agnieszka\Downloads -c /lang:enu /passive /norestart <==== ATTENTION
- Task: {F6C285B6-A96F-4B44-AA07-6B722202B6FD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-21] (Adobe Systems Incorporated)
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- ==================== Shortcuts & WMI ========================
- (The entries could be listed to be restored or removed.)
- Shortcut: C:\Users\Agnieszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Polbox.TV\Clear Cache.lnk -> C:\Users\Agnieszka\AppData\Local\Polbox.TV\clearcache.bat ()
- ==================== Loaded Modules (Whitelisted) ==============
- 2017-05-09 00:44 - 2017-05-09 00:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
- 2017-03-16 16:08 - 2017-03-16 16:08 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
- 2009-10-18 14:20 - 2009-10-18 14:20 - 007959864 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
- 2009-11-03 12:26 - 2009-11-03 12:26 - 000053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
- 2009-12-03 16:59 - 2009-06-22 14:40 - 000022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll
- 2009-03-12 18:08 - 2009-03-12 18:08 - 000048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
- 2009-07-25 16:38 - 2009-07-25 16:38 - 000017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
- 2017-05-09 03:05 - 2017-05-09 03:05 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
- 2017-05-09 03:05 - 2017-05-09 03:05 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
- 2018-02-17 21:01 - 2018-06-07 08:46 - 000278280 _____ () C:\Program Files\Bitdefender Antivirus Free\txmlutil.dll
- 2009-05-04 09:45 - 2009-05-04 09:45 - 000016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
- 2017-03-28 20:36 - 2017-03-28 20:36 - 000270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
- 2018-10-12 21:27 - 2018-11-01 22:21 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
- 2009-11-05 09:18 - 2009-11-05 09:18 - 000079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
- 2018-11-27 23:50 - 2018-11-16 05:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
- 2018-11-27 23:50 - 2018-11-16 05:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll
- 2018-09-30 13:56 - 2018-11-29 17:33 - 067919944 _____ () C:\Program Files (x86)\GOG Galaxy\libcef.dll
- 2018-09-30 13:56 - 2018-11-29 17:33 - 000503368 _____ () C:\Program Files (x86)\GOG Galaxy\PocoUtil.dll
- 2018-09-30 13:56 - 2018-11-29 17:33 - 000513608 _____ () C:\Program Files (x86)\GOG Galaxy\PocoXML.dll
- 2018-09-30 13:56 - 2018-11-29 17:32 - 000152648 _____ () C:\Program Files (x86)\GOG Galaxy\expat.dll
- 2018-09-30 13:56 - 2018-11-29 17:33 - 001656392 _____ () C:\Program Files (x86)\GOG Galaxy\PocoFoundation.dll
- 2018-09-30 13:56 - 2018-11-29 17:33 - 000426568 _____ () C:\Program Files (x86)\GOG Galaxy\pcre.dll
- 2018-09-30 13:56 - 2018-11-29 17:33 - 000107592 _____ () C:\Program Files (x86)\GOG Galaxy\zlib.dll
- 2018-09-30 13:56 - 2018-11-29 17:33 - 000327752 _____ () C:\Program Files (x86)\GOG Galaxy\PocoJSON.dll
- 2018-09-30 13:56 - 2018-11-29 17:33 - 001071176 _____ () C:\Program Files (x86)\GOG Galaxy\PocoNet.dll
- 2018-09-30 13:56 - 2018-11-29 17:33 - 001856072 _____ () C:\Program Files (x86)\GOG Galaxy\PocoData.dll
- 2018-09-30 13:56 - 2018-11-29 17:33 - 000387656 _____ () C:\Program Files (x86)\GOG Galaxy\PocoDataSQLite.dll
- 2018-09-30 13:56 - 2018-11-29 17:33 - 000681032 _____ () C:\Program Files (x86)\GOG Galaxy\sqlite.dll
- 2018-09-30 13:56 - 2018-11-29 17:33 - 000306248 _____ () C:\Program Files (x86)\GOG Galaxy\PocoNetSSL.dll
- 2018-09-30 13:56 - 2018-11-29 17:33 - 000157256 _____ () C:\Program Files (x86)\GOG Galaxy\PocoCrypto.dll
- 2018-09-30 13:56 - 2018-11-29 17:33 - 000130120 _____ () C:\Program Files (x86)\GOG Galaxy\xdelta3.dll
- 2018-09-30 13:56 - 2018-11-29 17:33 - 000270920 _____ () C:\Program Files (x86)\GOG Galaxy\PocoZip.dll
- 2009-12-03 17:02 - 2009-10-02 13:18 - 000058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
- 2018-09-30 13:56 - 2018-07-11 14:47 - 003176448 _____ () C:\Program Files (x86)\GOG Galaxy\libglesv2.dll
- 2018-09-30 13:56 - 2018-07-11 14:47 - 000079872 _____ () C:\Program Files (x86)\GOG Galaxy\libegl.dll
- ==================== Alternate Data Streams (Whitelisted) =========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- AlternateDataStreams: C:\Users\Agnieszka\Downloads\bitdefender_online.exe:BDU [0]
- AlternateDataStreams: C:\Users\Agnieszka\Downloads\cdbxp_setup_4.5.7.6521.exe:BDU [0]
- AlternateDataStreams: C:\Users\Agnieszka\Downloads\iTunes64Setup.exe:BDU [0]
- AlternateDataStreams: C:\Users\Agnieszka\Downloads\rcsetup152.exe:BDU [0]
- ==================== Safe Mode (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
- ==================== Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- ==================== Hosts content: ===============================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2009-07-14 02:34 - 2009-06-10 21:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-1622766254-3777425526-3000543917-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Agnieszka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
- HKU\S-1-5-21-1622766254-3777425526-3000543917-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12032018195644046\Control Panel\Desktop\\Wallpaper -> C:\Users\Agnieszka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
- DNS Servers: 192.168.1.254
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- Windows Firewall is enabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- If an entry is included in the fixlist, it will be removed.
- MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
- MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
- MSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
- MSCONFIG\startupreg: Toshiba Registration => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe
- MSCONFIG\startupreg: Toshiba TEMPRO => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
- MSCONFIG\startupreg: ToshibaServiceStation => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
- MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
- MSCONFIG\startupreg: TosReelTimeMonitor => %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
- MSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
- MSCONFIG\startupreg: TWebCamera => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [{F28DA22D-0EA6-4339-A62F-F6F65CBD6C64}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
- FirewallRules: [{26145E7D-1946-4228-831C-27D191DFD95C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
- FirewallRules: [{3916B502-2BE8-4B52-9EB8-9265F504503A}] => (Allow) svchost.exe
- FirewallRules: [{12C9DB40-2490-4220-83FC-935718AF6C98}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
- FirewallRules: [{E0562F1D-8520-48B8-A0E8-A6F8A62E6A30}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
- FirewallRules: [{EC7ABCDC-9F5C-4969-9E42-11E56F458B61}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [{25BF5BC0-ABFB-4355-B125-D639E23C2283}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [{1265EAE3-7140-4764-9ACA-ABFACD385964}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{3567B5B2-576D-40A5-9A85-4D0856223D78}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [TCP Query User{D8FBDED8-AEC2-4BB7-AD05-6323D8BDDAF3}C:\program files (x86)\blizzard app\battle.net.8657\battle.net.exe] => (Allow) C:\program files (x86)\blizzard app\battle.net.8657\battle.net.exe
- FirewallRules: [UDP Query User{52755C32-D338-4499-907E-14A1DF4C5737}C:\program files (x86)\blizzard app\battle.net.8657\battle.net.exe] => (Allow) C:\program files (x86)\blizzard app\battle.net.8657\battle.net.exe
- FirewallRules: [TCP Query User{9C081197-0C8C-4E6A-B0C3-E06D65A46966}C:\program files (x86)\blizzard app\battle.net.8733\battle.net.exe] => (Allow) C:\program files (x86)\blizzard app\battle.net.8733\battle.net.exe
- FirewallRules: [UDP Query User{189C37CE-7A54-43FB-8E96-1CF31CE297F9}C:\program files (x86)\blizzard app\battle.net.8733\battle.net.exe] => (Allow) C:\program files (x86)\blizzard app\battle.net.8733\battle.net.exe
- FirewallRules: [{872EB148-6562-4385-A9E6-5A538D9AE279}] => (Allow) C:\Program Files\iTunes\iTunes.exe
- FirewallRules: [TCP Query User{BED3EEE2-B814-40DA-B37D-4C1904C93407}C:\program files (x86)\blizzard app\battle.net.8839\battle.net.exe] => (Block) C:\program files (x86)\blizzard app\battle.net.8839\battle.net.exe
- FirewallRules: [UDP Query User{61A5EACE-C094-4165-AFE9-45C313D1DE7D}C:\program files (x86)\blizzard app\battle.net.8839\battle.net.exe] => (Block) C:\program files (x86)\blizzard app\battle.net.8839\battle.net.exe
- FirewallRules: [TCP Query User{1A1CC98A-A60F-4059-97D3-79FDD91A9C93}C:\program files (x86)\nival interactive\etherlords ii\etherlords2.exe] => (Allow) C:\program files (x86)\nival interactive\etherlords ii\etherlords2.exe
- FirewallRules: [UDP Query User{DEAF102E-9169-4FB9-AE9C-EB3D04FA04E2}C:\program files (x86)\nival interactive\etherlords ii\etherlords2.exe] => (Allow) C:\program files (x86)\nival interactive\etherlords ii\etherlords2.exe
- FirewallRules: [TCP Query User{0D94C784-944C-44A6-897B-DFE7207EB729}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
- FirewallRules: [UDP Query User{D69E32A4-9DEE-4E27-8301-BE76CDDFC42E}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
- FirewallRules: [{1F6A9701-D360-4EEE-80F6-6A415C1CA7CD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{B8178AAB-1616-4C35-835A-F7824B69373A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [TCP Query User{D7654B2F-BD33-4B09-9942-A609F7BAEA6A}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
- FirewallRules: [UDP Query User{4D312B3E-9CCB-4E3F-B27B-75028CFC928B}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
- FirewallRules: [{55EBC44E-A2EA-4349-862C-CBAB988B05F8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- ==================== Restore Points =========================
- 19-11-2018 16:30:29 Windows Update
- 22-11-2018 18:08:29 Windows Update
- 26-11-2018 17:45:27 Windows Update
- 02-12-2018 15:27:59 Windows Update
- 02-12-2018 23:46:22 Removed PlayReady PC Runtime amd64
- ==================== Faulty Device Manager Devices =============
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (12/01/2018 08:57:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
- Description: The program wmplayer.exe version 12.0.7601.24252 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
- Process ID: 1998
- Start Time: 01d489b86702814c
- Termination Time: 11
- Application Path: C:\Program Files (x86)\Windows Media Player\wmplayer.exe
- Report Id: b3a0dbcb-f5ab-11e8-9035-705ab67b698f
- Error: (11/23/2018 10:51:43 PM) (Source: SideBySide) (EventID: 33) (User: )
- Description: Activation context generation failed for "C:\Program Files (x86)\GOG Galaxy\Games\Divine Divinity\NlsFr.dll".
- Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
- Please use sxstrace.exe for detailed diagnosis.
- Error: (11/23/2018 10:51:43 PM) (Source: SideBySide) (EventID: 33) (User: )
- Description: Activation context generation failed for "C:\Program Files (x86)\GOG Galaxy\Games\Divine Divinity\NlsGer.dll".
- Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
- Please use sxstrace.exe for detailed diagnosis.
- Error: (11/23/2018 10:51:43 PM) (Source: SideBySide) (EventID: 33) (User: )
- Description: Activation context generation failed for "C:\Program Files (x86)\GOG Galaxy\Games\Divine Divinity\NlsEng.dll".
- Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
- Please use sxstrace.exe for detailed diagnosis.
- Error: (11/23/2018 10:51:43 PM) (Source: SideBySide) (EventID: 33) (User: )
- Description: Activation context generation failed for "C:\Program Files (x86)\GOG Galaxy\Games\Divine Divinity\NlsEng.dll".
- Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
- Please use sxstrace.exe for detailed diagnosis.
- Error: (11/23/2018 10:46:48 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: div.exe, version: 1.0.0.62, time stamp: 0x516d17a7
- Faulting module name: MSVCR90.dll, version: 9.0.30729.4940, time stamp: 0x4ca2ef57
- Exception code: 0xc0000005
- Fault offset: 0x00025e37
- Faulting process id: 0x2950
- Faulting application start time: 0x01d4837ce7afe9ab
- Faulting application path: C:\Program Files (x86)\GOG Galaxy\Games\Divine Divinity\div.exe
- Faulting module path: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\MSVCR90.dll
- Report Id: a887d5cd-ef71-11e8-b8af-705ab67b698f
- Error: (11/19/2018 06:16:25 PM) (Source: SideBySide) (EventID: 33) (User: )
- Description: Activation context generation failed for "C:\Program Files (x86)\GOG Galaxy\Games\Divine Divinity\NlsFr.dll".
- Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
- Please use sxstrace.exe for detailed diagnosis.
- Error: (11/19/2018 06:16:25 PM) (Source: SideBySide) (EventID: 33) (User: )
- Description: Activation context generation failed for "C:\Program Files (x86)\GOG Galaxy\Games\Divine Divinity\NlsGer.dll".
- Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
- Please use sxstrace.exe for detailed diagnosis.
- System errors:
- =============
- Error: (12/03/2018 07:02:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The Wondershare Driver Install Service service failed to start due to the following error:
- The system cannot find the file specified.
- Error: (12/02/2018 11:03:18 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
- Description: The Windows Update service hung on starting.
- Error: (12/02/2018 10:57:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The Wondershare Driver Install Service service failed to start due to the following error:
- The system cannot find the file specified.
- Error: (12/01/2018 07:06:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The Wondershare Driver Install Service service failed to start due to the following error:
- The system cannot find the file specified.
- Error: (12/01/2018 07:06:13 PM) (Source: EventLog) (EventID: 6008) (User: )
- Description: The previous system shutdown at 14:45:37 on 1.12.2018 was unexpected.
- Error: (12/01/2018 02:18:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The Wondershare Driver Install Service service failed to start due to the following error:
- The system cannot find the file specified.
- Error: (12/01/2018 02:18:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The Bitdefender Correlation Service service failed to start due to the following error:
- The service did not respond to the start or control request in a timely fashion.
- Error: (12/01/2018 02:18:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
- Description: A timeout was reached (30000 milliseconds) while waiting for the Bitdefender Correlation Service service to connect.
- ==================== Memory info ===========================
- Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
- Percentage of memory in use: 48%
- Total physical RAM: 6005.61 MB
- Available physical RAM: 3115.99 MB
- Total Virtual: 12009.35 MB
- Available Virtual: 8341.77 MB
- ==================== Drives ================================
- Drive c: (WINDOWS) (Fixed) (Total:232.42 GB) (Free:107.21 GB) NTFS
- Drive d: (Data) (Fixed) (Total:232.95 GB) (Free:219.14 GB) NTFS
- Drive e: (HeroesChronicles) (CDROM) (Total:1.83 GB) (Free:0 GB) CDFS
- \\?\Volume{7bb37853-13f5-11e7-a34c-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.39 GB) (Free:0.19 GB) NTFS
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: A60C54E2)
- Partition 1: (Active) - (Size=400 MB) - (Type=27)
- Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)
- Partition 3: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
- ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement