Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-11-2016
Ran by TOSHIBA (02-12-2016 02:42:49)
Running from C:\Users\TOSHIBA\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-02-03 07:00:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2462956341-1370525219-663813987-500 - Administrator - Disabled)
Guest (S-1-5-21-2462956341-1370525219-663813987-501 - Limited - Disabled)
TOSHIBA (S-1-5-21-2462956341-1370525219-663813987-1000 - Administrator - Enabled) => C:\Users\TOSHIBA
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.3.17.00279 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.3.17.00279 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{F856881A-D370-B1A7-2AFF-128F4AA93558}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.0.0.12 - Atheros Communications)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.12.13 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Bastion (HKLM-x32\...\Bastion_is1) (Version: - )
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.00.00(T) - TOSHIBA CORPORATION)
Cake Mania (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.51.2.63 - Conexant)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Golden Al-Wafi Translator (HKLM-x32\...\ST6UNST #1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
High-Definition Video Playback (x32 Version: 11.1.10500.2.65 - Nero AG) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.15.281 - SurfRight B.V.)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Java(TM) 6 Update 30 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216030FF}) (Version: 6.0.300 - Oracle)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
K-Lite Mega Codec Pack 8.3.2 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.3.2 - )
Light Image Resizer 4.0.4.14 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.0.4.14 - ObviousIdea)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version: - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero 11 Essentials (HKLM-x32\...\{F8635CF8-B797-4EFD-80BC-DE2D26C65D4F}) (Version: 11.0.00300 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Pandora Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - Pandora.TV) <==== ATTENTION
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Premium Sound HD (HKLM\...\{439A73C2-8CFA-4630-8484-36BCA2AEBB0A}) (Version: 1.12.0300 - SRS Labs, Inc.)
Pro Evolution Soccer 2015 version 1.0 (HKLM-x32\...\Pro Evolution Soccer 2015_is1) (Version: 1.0 - Konami) <==== ATTENTION
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 12.0) (Version: - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Skype™ 5.3 (HKLM-x32\...\{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}) (Version: 5.3.120 - Skype Technologies S.A.)
Subway Surfers (HKLM-x32\...\Subway Surfers) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.39.0 - Synaptics Incorporated)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.6.0.87 - KMP Media co., Ltd)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{2C486987-D447-4E36-8D61-86E48E24199C}) (Version: 1.3.10.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.11.03.00 - TOSHIBA)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.11 - TOSHIBA Corporation)
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.04 - TOSHIBA)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.5 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.7.7 - TOSHIBA CORPORATION)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 4.01.0000 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.15.64 - TOSHIBA Corporation)
TOSHIBA Places Icon Utility (HKLM-x32\...\{461F6F0D-7173-4902-9604-AB1A29108AF2}) (Version: 1.1.1.4 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.6.52020009 - TOSHIBA CORPORATION)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2004 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.13 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.0022.000104 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.11.03.00 - TOSHIBA)
TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.0021.640203 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.35 - TOSHIBA Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
welcome (x32 Version: 11.0.22500.0.0 - Nero AG) Hidden
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
الصيانة Samsung ML-1660 Series (HKLM-x32\...\Samsung ML-1660 Series) (Version: - Samsung Electronics Co., Ltd.)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2462956341-1370525219-663813987-1000_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\InprocServer32 -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll (Toshiba Corporation)
CustomCLSID: HKU\S-1-5-21-2462956341-1370525219-663813987-1000_Classes\CLSID\{45C6AFA5-2C13-402f-BC5D-45CC8172EF6B}\InprocServer32 -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtExt.dll (TOSHIBA)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0569CC01-BF88-4FB7-910C-7C453FA9314A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-29] (Adobe Systems Incorporated)
Task: {1D22179F-2346-45DD-88F1-2CBB23EB7AF7} - System32\Tasks\ReclaimerUpdateXML_TOSHIBA => C:\Users\TOSHIBA\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.05\agent\rnupgagent.exe [2016-11-30] (RealNetworks, Inc.)
Task: {316D4DD2-18D6-49D7-9109-47EEF7048D1F} - System32\Tasks\ReclaimerUpdateFiles_TOSHIBA => C:\Users\TOSHIBA\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.05\agent\rnupgagent.exe [2016-11-30] (RealNetworks, Inc.)
Task: {333BED6C-A51D-4EE9-AC43-3419013D507F} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-11-30] (AO Kaspersky Lab)
Task: {34D5794A-00A5-43CE-928D-410EDA55B83D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2462956341-1370525219-663813987-1000UA => C:\Users\TOSHIBA\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-10] (Facebook Inc.)
Task: {3F8B1E0B-BF07-4DCD-B129-32D940382A94} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2462956341-1370525219-663813987-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-09-27] (RealNetworks, Inc.)
Task: {4B5B3E30-C223-45C4-B8BB-5D6BDDE90160} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2462956341-1370525219-663813987-1000Core => C:\Users\TOSHIBA\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-10] (Facebook Inc.)
Task: {5D2C1593-25F8-4718-9393-82E52A9D07D8} - System32\Tasks\RNUpgradeHelperLogonPrompt_TOSHIBA => C:\Users\TOSHIBA\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.05\agent\rnupgagent.exe [2016-11-30] (RealNetworks, Inc.)
Task: {64AE745C-D49D-4089-B941-2183CB245A5D} - System32\Tasks\RNUpgradeHelperResumePrompt_TOSHIBA => C:\Users\TOSHIBA\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.05\agent\rnupgagent.exe [2016-11-30] (RealNetworks, Inc.)
Task: {741CD3D4-3EFF-4CCC-81B6-7D58BC0617E4} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert <==== ATTENTION
Task: {7C3BC224-5935-422B-9F0B-D8F7A877C01A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-12] (Google Inc.)
Task: {8D0D2A08-50B5-4C42-9D52-49E516467635} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-12] (Google Inc.)
Task: {921EFD10-C260-4F9D-8C7A-CEFC9BE49EAB} - \ShdUpdate -> No File <==== ATTENTION
Task: {96F2767A-3237-43A2-8D86-0F98D3DB87D5} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2462956341-1370525219-663813987-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-09-27] (RealNetworks, Inc.)
Task: {C73343B3-BD68-4623-B9B7-5943242A80DE} - System32\Tasks\Delta Toolbar Updater => C:\Users\TOSHIBA\AppData\Local\\delta\\delta\\2.0.2.1\Delta Toolbarupdt.exe
Task: {D02AAEEF-89FE-4F6B-BF9D-E46DE0EECB6D} - \EPUpdater -> No File <==== ATTENTION
Task: {ED8BE1F5-127A-4FC2-88B7-56EA6F21CD60} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-16] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2462956341-1370525219-663813987-1000Core.job => C:\Users\TOSHIBA\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2462956341-1370525219-663813987-1000UA.job => C:\Users\TOSHIBA\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-11-06 22:01 - 2012-08-21 16:07 - 00288768 _____ () C:\windows\System32\HP1100LM.DLL
2013-12-17 00:39 - 2011-06-22 10:48 - 00034304 _____ () C:\windows\System32\ssp7ml6.dll
2016-11-06 22:01 - 2012-08-21 16:07 - 00074240 _____ () C:\windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2013-02-03 17:38 - 2005-06-07 12:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2011-08-23 03:19 - 2011-08-23 03:19 - 11204992 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll
2010-12-16 03:19 - 2010-12-16 03:19 - 00124320 _____ () C:\Program Files\Toshiba\TECO\MUIHelp.dll
2016-11-16 00:25 - 2016-11-16 00:25 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1025.dll
2013-12-17 00:39 - 2011-07-05 23:31 - 00688128 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2012-01-20 16:13 - 2012-01-20 16:13 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-09 21:55 - 2011-11-09 21:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-12-17 00:39 - 2009-07-29 14:13 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2011-11-26 06:51 - 2011-11-26 06:51 - 00079784 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2013-02-22 18:56 - 2012-10-22 11:21 - 01277952 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avformat-53.dll
2013-02-22 18:56 - 2012-07-09 17:57 - 02090496 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avcodec-53.dll
2013-02-22 18:56 - 2011-12-06 16:19 - 00133632 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avutil-51.dll
2013-02-22 18:56 - 2012-03-23 10:07 - 00224768 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\libupnp.dll
2012-01-25 22:57 - 2012-01-25 22:57 - 00172032 _____ () C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosGatt.dll
2016-11-11 04:46 - 2016-11-09 00:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-11 04:46 - 2016-11-09 00:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [290]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2462956341-1370525219-663813987-1000\...\samsungsetup.com -> hxxp://www.samsungsetup.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 06:34 - 2009-06-11 01:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2462956341-1370525219-663813987-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\TOSHIBA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{4D2AC810-BEFF-469E-8971-C4D0E68BEE7C}C:\program files (x86)\google\chrome\application\chrome.exe] => C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{3C36E26D-11EF-4AC6-B5C8-795593B46900}C:\program files (x86)\google\chrome\application\chrome.exe] => C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{3C68090F-CD11-48F5-B39B-041C5CC7E7ED}] => C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
FirewallRules: [{AD6B6F67-153B-446C-A23E-27629135573D}] => C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
FirewallRules: [{F756240F-0D6C-40C9-AB33-C9513252E767}] => C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{6DB19228-BF83-41D4-9CE2-0A026DF5B568}] => C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
==================== Restore Points =========================
30-11-2016 08:51:52 نقطة تفتيش من قبل قاتل المحترف
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/02/2016 02:41:03 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: فشل إنشاء سياق التنشيط لـ "C:\Users\TOSHIBA\Downloads\esetsmartinstaller_fra.exe". حدث خطأ في ملف البيان أو ملف النهج "" في السطر .
يتعارض إصدار المكون المطلوب من قِبل التطبيق مع إصدار آخر لمكون نشط بالفعل.
المكونات المتعارضة:.
المكون 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
المكون 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/02/2016 02:41:03 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: فشل إنشاء سياق التنشيط لـ "C:\Users\TOSHIBA\Downloads\esetsmartinstaller_fra (1).exe". حدث خطأ في ملف البيان أو ملف النهج "" في السطر .
يتعارض إصدار المكون المطلوب من قِبل التطبيق مع إصدار آخر لمكون نشط بالفعل.
المكونات المتعارضة:.
المكون 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
المكون 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/01/2016 10:12:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/01/2016 02:45:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/30/2016 08:31:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/30/2016 07:42:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/30/2016 06:16:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/30/2016 04:46:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/30/2016 04:40:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/30/2016 04:33:40 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000218,(null),0,REG_BINARY,00000000018DEF30.72). hr = 0x80070005, تم رفض الوصول.
.
System errors:
=============
Error: (12/01/2016 02:03:20 PM) (Source: cdrom) (EventID: 7) (User: )
Description: الجهاز، \Device\CdRom0، به كتلة تالفة.
Error: (12/01/2016 02:45:11 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: تم استلام التنبيه الهام التالي: 70.
Error: (11/30/2016 07:43:04 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: تعتمد الخدمة PnP-X IP Bus Enumerator على الخدمة Function Discovery Provider Host التي فشلت في بدء التشغيل بسبب الخطأ التالي:
فشل في بدء تشغيل خدمة أو مجموعة التبعية.
Error: (11/30/2016 07:42:58 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: تعتمد الخدمة Network List Service على الخدمة Network Location Awareness التي فشلت في بدء التشغيل بسبب الخطأ التالي:
فشل في بدء تشغيل خدمة أو مجموعة التبعية.
Error: (11/30/2016 07:42:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: تعتمد الخدمة Network List Service على الخدمة Network Location Awareness التي فشلت في بدء التشغيل بسبب الخطأ التالي:
فشل في بدء تشغيل خدمة أو مجموعة التبعية.
Error: (11/30/2016 07:42:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: تعتمد الخدمة Network List Service على الخدمة Network Location Awareness التي فشلت في بدء التشغيل بسبب الخطأ التالي:
فشل في بدء تشغيل خدمة أو مجموعة التبعية.
Error: (11/30/2016 07:42:34 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: تعتمد الخدمة Network List Service على الخدمة Network Location Awareness التي فشلت في بدء التشغيل بسبب الخطأ التالي:
فشل في بدء تشغيل خدمة أو مجموعة التبعية.
Error: (11/30/2016 07:41:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: تعتمد الخدمة Network List Service على الخدمة Network Location Awareness التي فشلت في بدء التشغيل بسبب الخطأ التالي:
فشل في بدء تشغيل خدمة أو مجموعة التبعية.
Error: (11/30/2016 07:41:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: تعتمد الخدمة Network List Service على الخدمة Network Location Awareness التي فشلت في بدء التشغيل بسبب الخطأ التالي:
فشل في بدء تشغيل خدمة أو مجموعة التبعية.
Error: (11/30/2016 07:41:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: تعتمد الخدمة Network List Service على الخدمة Network Location Awareness التي فشلت في بدء التشغيل بسبب الخطأ التالي:
فشل في بدء تشغيل خدمة أو مجموعة التبعية.
CodeIntegrity:
===================================
Date: 2016-11-30 06:18:56.125
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-11-30 06:18:56.122
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-11-30 06:18:56.102
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-11-30 06:18:56.099
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-11-30 06:16:41.539
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-11-30 06:16:41.535
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-11-30 06:16:41.505
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-11-30 06:16:41.502
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-09-21 00:14:39.512
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\52922.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-09-21 00:14:39.481
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\52922.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3612QM CPU @ 2.10GHz
Percentage of memory in use: 41%
Total physical RAM: 6114.36 MB
Available physical RAM: 3580.83 MB
Total Virtual: 12226.91 MB
Available Virtual: 8999.15 MB
==================== Drives ================================
Drive c: (TI30862000A) (Fixed) (Total:578.98 GB) (Free:260.72 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: 2B924C23)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=579 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.7 GB) - (Type=17)
==================== End of Addition.txt ============================
Ran by TOSHIBA (02-12-2016 02:42:49)
Running from C:\Users\TOSHIBA\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-02-03 07:00:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2462956341-1370525219-663813987-500 - Administrator - Disabled)
Guest (S-1-5-21-2462956341-1370525219-663813987-501 - Limited - Disabled)
TOSHIBA (S-1-5-21-2462956341-1370525219-663813987-1000 - Administrator - Enabled) => C:\Users\TOSHIBA
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.3.17.00279 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.3.17.00279 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{F856881A-D370-B1A7-2AFF-128F4AA93558}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.0.0.12 - Atheros Communications)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.12.13 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Bastion (HKLM-x32\...\Bastion_is1) (Version: - )
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.00.00(T) - TOSHIBA CORPORATION)
Cake Mania (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.51.2.63 - Conexant)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Golden Al-Wafi Translator (HKLM-x32\...\ST6UNST #1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
High-Definition Video Playback (x32 Version: 11.1.10500.2.65 - Nero AG) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.15.281 - SurfRight B.V.)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Java(TM) 6 Update 30 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216030FF}) (Version: 6.0.300 - Oracle)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
K-Lite Mega Codec Pack 8.3.2 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.3.2 - )
Light Image Resizer 4.0.4.14 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.0.4.14 - ObviousIdea)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version: - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero 11 Essentials (HKLM-x32\...\{F8635CF8-B797-4EFD-80BC-DE2D26C65D4F}) (Version: 11.0.00300 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Pandora Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - Pandora.TV) <==== ATTENTION
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Premium Sound HD (HKLM\...\{439A73C2-8CFA-4630-8484-36BCA2AEBB0A}) (Version: 1.12.0300 - SRS Labs, Inc.)
Pro Evolution Soccer 2015 version 1.0 (HKLM-x32\...\Pro Evolution Soccer 2015_is1) (Version: 1.0 - Konami) <==== ATTENTION
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 12.0) (Version: - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Skype™ 5.3 (HKLM-x32\...\{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}) (Version: 5.3.120 - Skype Technologies S.A.)
Subway Surfers (HKLM-x32\...\Subway Surfers) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.39.0 - Synaptics Incorporated)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.6.0.87 - KMP Media co., Ltd)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{2C486987-D447-4E36-8D61-86E48E24199C}) (Version: 1.3.10.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.11.03.00 - TOSHIBA)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.11 - TOSHIBA Corporation)
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.04 - TOSHIBA)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.5 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.7.7 - TOSHIBA CORPORATION)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 4.01.0000 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.15.64 - TOSHIBA Corporation)
TOSHIBA Places Icon Utility (HKLM-x32\...\{461F6F0D-7173-4902-9604-AB1A29108AF2}) (Version: 1.1.1.4 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.6.52020009 - TOSHIBA CORPORATION)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2004 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.13 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.0022.000104 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.11.03.00 - TOSHIBA)
TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.0021.640203 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.35 - TOSHIBA Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
welcome (x32 Version: 11.0.22500.0.0 - Nero AG) Hidden
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
الصيانة Samsung ML-1660 Series (HKLM-x32\...\Samsung ML-1660 Series) (Version: - Samsung Electronics Co., Ltd.)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2462956341-1370525219-663813987-1000_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\InprocServer32 -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll (Toshiba Corporation)
CustomCLSID: HKU\S-1-5-21-2462956341-1370525219-663813987-1000_Classes\CLSID\{45C6AFA5-2C13-402f-BC5D-45CC8172EF6B}\InprocServer32 -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtExt.dll (TOSHIBA)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0569CC01-BF88-4FB7-910C-7C453FA9314A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-29] (Adobe Systems Incorporated)
Task: {1D22179F-2346-45DD-88F1-2CBB23EB7AF7} - System32\Tasks\ReclaimerUpdateXML_TOSHIBA => C:\Users\TOSHIBA\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.05\agent\rnupgagent.exe [2016-11-30] (RealNetworks, Inc.)
Task: {316D4DD2-18D6-49D7-9109-47EEF7048D1F} - System32\Tasks\ReclaimerUpdateFiles_TOSHIBA => C:\Users\TOSHIBA\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.05\agent\rnupgagent.exe [2016-11-30] (RealNetworks, Inc.)
Task: {333BED6C-A51D-4EE9-AC43-3419013D507F} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-11-30] (AO Kaspersky Lab)
Task: {34D5794A-00A5-43CE-928D-410EDA55B83D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2462956341-1370525219-663813987-1000UA => C:\Users\TOSHIBA\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-10] (Facebook Inc.)
Task: {3F8B1E0B-BF07-4DCD-B129-32D940382A94} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2462956341-1370525219-663813987-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-09-27] (RealNetworks, Inc.)
Task: {4B5B3E30-C223-45C4-B8BB-5D6BDDE90160} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2462956341-1370525219-663813987-1000Core => C:\Users\TOSHIBA\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-10] (Facebook Inc.)
Task: {5D2C1593-25F8-4718-9393-82E52A9D07D8} - System32\Tasks\RNUpgradeHelperLogonPrompt_TOSHIBA => C:\Users\TOSHIBA\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.05\agent\rnupgagent.exe [2016-11-30] (RealNetworks, Inc.)
Task: {64AE745C-D49D-4089-B941-2183CB245A5D} - System32\Tasks\RNUpgradeHelperResumePrompt_TOSHIBA => C:\Users\TOSHIBA\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.05\agent\rnupgagent.exe [2016-11-30] (RealNetworks, Inc.)
Task: {741CD3D4-3EFF-4CCC-81B6-7D58BC0617E4} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert <==== ATTENTION
Task: {7C3BC224-5935-422B-9F0B-D8F7A877C01A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-12] (Google Inc.)
Task: {8D0D2A08-50B5-4C42-9D52-49E516467635} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-12] (Google Inc.)
Task: {921EFD10-C260-4F9D-8C7A-CEFC9BE49EAB} - \ShdUpdate -> No File <==== ATTENTION
Task: {96F2767A-3237-43A2-8D86-0F98D3DB87D5} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2462956341-1370525219-663813987-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-09-27] (RealNetworks, Inc.)
Task: {C73343B3-BD68-4623-B9B7-5943242A80DE} - System32\Tasks\Delta Toolbar Updater => C:\Users\TOSHIBA\AppData\Local\\delta\\delta\\2.0.2.1\Delta Toolbarupdt.exe
Task: {D02AAEEF-89FE-4F6B-BF9D-E46DE0EECB6D} - \EPUpdater -> No File <==== ATTENTION
Task: {ED8BE1F5-127A-4FC2-88B7-56EA6F21CD60} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-16] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2462956341-1370525219-663813987-1000Core.job => C:\Users\TOSHIBA\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2462956341-1370525219-663813987-1000UA.job => C:\Users\TOSHIBA\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-11-06 22:01 - 2012-08-21 16:07 - 00288768 _____ () C:\windows\System32\HP1100LM.DLL
2013-12-17 00:39 - 2011-06-22 10:48 - 00034304 _____ () C:\windows\System32\ssp7ml6.dll
2016-11-06 22:01 - 2012-08-21 16:07 - 00074240 _____ () C:\windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2013-02-03 17:38 - 2005-06-07 12:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2011-08-23 03:19 - 2011-08-23 03:19 - 11204992 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll
2010-12-16 03:19 - 2010-12-16 03:19 - 00124320 _____ () C:\Program Files\Toshiba\TECO\MUIHelp.dll
2016-11-16 00:25 - 2016-11-16 00:25 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1025.dll
2013-12-17 00:39 - 2011-07-05 23:31 - 00688128 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2012-01-20 16:13 - 2012-01-20 16:13 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-09 21:55 - 2011-11-09 21:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-12-17 00:39 - 2009-07-29 14:13 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2011-11-26 06:51 - 2011-11-26 06:51 - 00079784 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2013-02-22 18:56 - 2012-10-22 11:21 - 01277952 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avformat-53.dll
2013-02-22 18:56 - 2012-07-09 17:57 - 02090496 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avcodec-53.dll
2013-02-22 18:56 - 2011-12-06 16:19 - 00133632 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avutil-51.dll
2013-02-22 18:56 - 2012-03-23 10:07 - 00224768 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\libupnp.dll
2012-01-25 22:57 - 2012-01-25 22:57 - 00172032 _____ () C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosGatt.dll
2016-11-11 04:46 - 2016-11-09 00:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-11 04:46 - 2016-11-09 00:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [290]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2462956341-1370525219-663813987-1000\...\samsungsetup.com -> hxxp://www.samsungsetup.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 06:34 - 2009-06-11 01:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2462956341-1370525219-663813987-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\TOSHIBA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{4D2AC810-BEFF-469E-8971-C4D0E68BEE7C}C:\program files (x86)\google\chrome\application\chrome.exe] => C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{3C36E26D-11EF-4AC6-B5C8-795593B46900}C:\program files (x86)\google\chrome\application\chrome.exe] => C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{3C68090F-CD11-48F5-B39B-041C5CC7E7ED}] => C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
FirewallRules: [{AD6B6F67-153B-446C-A23E-27629135573D}] => C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
FirewallRules: [{F756240F-0D6C-40C9-AB33-C9513252E767}] => C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{6DB19228-BF83-41D4-9CE2-0A026DF5B568}] => C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
==================== Restore Points =========================
30-11-2016 08:51:52 نقطة تفتيش من قبل قاتل المحترف
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/02/2016 02:41:03 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: فشل إنشاء سياق التنشيط لـ "C:\Users\TOSHIBA\Downloads\esetsmartinstaller_fra.exe". حدث خطأ في ملف البيان أو ملف النهج "" في السطر .
يتعارض إصدار المكون المطلوب من قِبل التطبيق مع إصدار آخر لمكون نشط بالفعل.
المكونات المتعارضة:.
المكون 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
المكون 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/02/2016 02:41:03 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: فشل إنشاء سياق التنشيط لـ "C:\Users\TOSHIBA\Downloads\esetsmartinstaller_fra (1).exe". حدث خطأ في ملف البيان أو ملف النهج "" في السطر .
يتعارض إصدار المكون المطلوب من قِبل التطبيق مع إصدار آخر لمكون نشط بالفعل.
المكونات المتعارضة:.
المكون 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
المكون 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/01/2016 10:12:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/01/2016 02:45:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/30/2016 08:31:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/30/2016 07:42:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/30/2016 06:16:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/30/2016 04:46:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/30/2016 04:40:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/30/2016 04:33:40 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000218,(null),0,REG_BINARY,00000000018DEF30.72). hr = 0x80070005, تم رفض الوصول.
.
System errors:
=============
Error: (12/01/2016 02:03:20 PM) (Source: cdrom) (EventID: 7) (User: )
Description: الجهاز، \Device\CdRom0، به كتلة تالفة.
Error: (12/01/2016 02:45:11 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: تم استلام التنبيه الهام التالي: 70.
Error: (11/30/2016 07:43:04 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: تعتمد الخدمة PnP-X IP Bus Enumerator على الخدمة Function Discovery Provider Host التي فشلت في بدء التشغيل بسبب الخطأ التالي:
فشل في بدء تشغيل خدمة أو مجموعة التبعية.
Error: (11/30/2016 07:42:58 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: تعتمد الخدمة Network List Service على الخدمة Network Location Awareness التي فشلت في بدء التشغيل بسبب الخطأ التالي:
فشل في بدء تشغيل خدمة أو مجموعة التبعية.
Error: (11/30/2016 07:42:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: تعتمد الخدمة Network List Service على الخدمة Network Location Awareness التي فشلت في بدء التشغيل بسبب الخطأ التالي:
فشل في بدء تشغيل خدمة أو مجموعة التبعية.
Error: (11/30/2016 07:42:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: تعتمد الخدمة Network List Service على الخدمة Network Location Awareness التي فشلت في بدء التشغيل بسبب الخطأ التالي:
فشل في بدء تشغيل خدمة أو مجموعة التبعية.
Error: (11/30/2016 07:42:34 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: تعتمد الخدمة Network List Service على الخدمة Network Location Awareness التي فشلت في بدء التشغيل بسبب الخطأ التالي:
فشل في بدء تشغيل خدمة أو مجموعة التبعية.
Error: (11/30/2016 07:41:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: تعتمد الخدمة Network List Service على الخدمة Network Location Awareness التي فشلت في بدء التشغيل بسبب الخطأ التالي:
فشل في بدء تشغيل خدمة أو مجموعة التبعية.
Error: (11/30/2016 07:41:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: تعتمد الخدمة Network List Service على الخدمة Network Location Awareness التي فشلت في بدء التشغيل بسبب الخطأ التالي:
فشل في بدء تشغيل خدمة أو مجموعة التبعية.
Error: (11/30/2016 07:41:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: تعتمد الخدمة Network List Service على الخدمة Network Location Awareness التي فشلت في بدء التشغيل بسبب الخطأ التالي:
فشل في بدء تشغيل خدمة أو مجموعة التبعية.
CodeIntegrity:
===================================
Date: 2016-11-30 06:18:56.125
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-11-30 06:18:56.122
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-11-30 06:18:56.102
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-11-30 06:18:56.099
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-11-30 06:16:41.539
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-11-30 06:16:41.535
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-11-30 06:16:41.505
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-11-30 06:16:41.502
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-09-21 00:14:39.512
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\52922.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-09-21 00:14:39.481
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\52922.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3612QM CPU @ 2.10GHz
Percentage of memory in use: 41%
Total physical RAM: 6114.36 MB
Available physical RAM: 3580.83 MB
Total Virtual: 12226.91 MB
Available Virtual: 8999.15 MB
==================== Drives ================================
Drive c: (TI30862000A) (Fixed) (Total:578.98 GB) (Free:260.72 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: 2B924C23)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=579 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.7 GB) - (Type=17)
==================== End of Addition.txt ============================