Jump to content


Photo

slow running laptop, possibly failing hdd


  • This topic is locked This topic is locked
7 replies to this topic

#1 grilli

grilli

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 21 February 2020 - 07:47 AM

Laptop was working fine up until a month or so ago, started running slow and then started freezing completely.
run a few tests and next thought is failing hdd
 
 
FRST report
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-02-2020
Ran by grilli (administrator) on GRILLI (TOSHIBA SATELLITE C50-B) (21-02-2020 12:47:49)
Running from C:\Users\grilli\Desktop
Loaded Profiles: grilli (Available Profiles: grilli)
Platform: Windows 8.1 (Update) (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Compal Electronics, Inc. -> TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA CORPORATION -> Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION -> TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(Toshiba Europe Gmbh -> Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-08] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-04] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-21] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2020-01-16] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-05] (Compal Electronics, Inc. -> TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA CORPORATION -> TOSHIBA)
HKU\S-1-5-21-2531035215-1632672022-4114497245-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2531035215-1632672022-4114497245-1001\...\MountPoints2: {bc3231b8-ae05-11e9-827a-3010b34e14ae} - "F:\startme.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.116\Installer\chrmstp.exe [2020-02-20] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C98CE32-7AF6-4A62-8253-A14E820109BB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {445024A9-D748-43E7-972D-F0C89D18A3EF} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [700040 2014-04-03] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {62B4EB41-B977-454D-8BB3-8F8C50EF5E57} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2810608 2014-02-21] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {633C3685-CB51-4DAB-995C-52F262B6CE39} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-01] (Google Inc -> Google LLC)
Task: {6B338BC7-475B-45C8-99CE-A52151CF2FD9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {71A26530-5993-4FB9-9F60-370322F167B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-01] (Google Inc -> Google LLC)
Task: {7FBBDDFD-93BF-46D0-BD8E-35A89472EA94} - System32\Tasks\Norton Security Scan for grilli => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.175\Nss.exe [848976 2018-03-26] (Symantec Corporation -> Symantec Corporation)
Task: {85CBB78E-BC4C-4AFC-9799-2128625636DD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-22] (Adobe Inc. -> Adobe)
Task: {A6DEB5EC-4523-4A83-A908-7F9AF5BF8B9B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {B6B373C5-A04A-4459-87F6-D7F4C56DFEF4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE25E233-08CD-43AD-BA13-2CF6D36DDC98} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {CE33E46D-E6EF-4606-8F91-B54D2C9D187A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_pepper.exe [1453624 2020-01-22] (Adobe Inc. -> Adobe)
Task: {F34B7AA9-1347-4E2E-8FE7-DB1269335D22} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {F3521DA0-2D7D-4D4E-AD88-32B27D579B9A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {FA3FA13F-9C90-4219-9697-CDB696586B7C} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [475720 2015-08-05] (Toshiba Europe Gmbh -> Toshiba Europe GmbH)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65536 2018-01-02] () [File not signed]
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{AD4E03C8-B2E1-440F-9AD3-3B33875025C9}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-2531035215-1632672022-4114497245-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2531035215-1632672022-4114497245-1001 -> DefaultScope {E30B6FC5-2974-4E60-9BED-6D696F737779} URL =
SearchScopes: HKU\S-1-5-21-2531035215-1632672022-4114497245-1001 -> {E30B6FC5-2974-4E60-9BED-6D696F737779} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2019-08-19] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] (WildTangent Inc -> )

Chrome:
=======
CHR Profile: C:\Users\grilli\AppData\Local\Google\Chrome\User Data\Default [2020-02-21]
CHR HomePage: Default -> hxxp://www.google.co.uk/
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
CHR Extension: (Slides) - C:\Users\grilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-26]
CHR Extension: (Docs) - C:\Users\grilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-26]
CHR Extension: (Google Drive) - C:\Users\grilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-26]
CHR Extension: (YouTube) - C:\Users\grilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-26]
CHR Extension: (Sheets) - C:\Users\grilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-26]
CHR Extension: (Google Docs Offline) - C:\Users\grilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-11]
CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\grilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-02-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\grilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-10]
CHR Extension: (Gmail) - C:\Users\grilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\grilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-08]
CHR Profile: C:\Users\grilli\AppData\Local\Google\Chrome\User Data\System Profile [2020-02-16]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-18] (Qualcomm Atheros -> Windows ® Win 7 DDK provider) [File not signed]
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-03] (DTS, Inc. -> )
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-25] (WildTangent Inc -> WildTangent)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Trusted Connect Service -> Intel® Corporation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-02-04] (Malwarebytes Inc -> Malwarebytes)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [118856 2015-08-05] (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [4265984 2014-12-11] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Broadcom Corporation -> Windows ® Win 7 DDK provider)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515792 2019-03-20] (Symantec Corporation -> Symantec Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-02-04] (Malwarebytes Corporation -> Malwarebytes)
S3 GENERICDRV; C:\Program Files (x86)\UEFI WinFlash\amifldrv64.sys [15640 2012-07-27] (American Megatrends, Inc. -> )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-02-12] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [226448 2020-02-21] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2020-02-21] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-02-21] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [119960 2020-02-12] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\system32\DRIVERS\netaapl64.sys [23040 2018-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 SMARTMouseFilterx64; C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys [18952 2019-05-14] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
S3 SMARTVHidMiniVistaAmd64; C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys [28168 2019-05-14] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-21] (Synaptics Incorporated -> Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [33168 2013-11-01] (TOSHIBA CORPORATION -> Windows ® Win 7 DDK provider)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
U2 SBKUPNT; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-21 12:47 - 2020-02-21 12:53 - 000018695 _____ C:\Users\grilli\Desktop\FRST.txt
2020-02-21 12:47 - 2020-02-21 12:47 - 000000000 ____D C:\Users\grilli\Desktop\FRST-OlderVersion
2020-02-21 12:39 - 2020-02-21 12:39 - 000226448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-02-20 17:28 - 2020-02-20 17:28 - 000000000 ____H C:\Users\grilli\Documents\Default.rdp
2020-02-13 21:29 - 2020-02-21 12:40 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-02-13 10:47 - 2020-02-13 10:55 - 000000752 _____ C:\Users\grilli\Desktop\Addition.txt
2020-02-13 09:07 - 2020-02-13 09:09 - 000000758 _____ C:\Users\grilli\Desktop\SALog.txt
2020-02-12 13:30 - 2020-02-21 12:52 - 000000000 ____D C:\FRST
2020-02-12 12:17 - 2020-02-20 08:39 - 005439032 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-02-12 11:47 - 2020-02-12 11:47 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-02-12 11:47 - 2020-02-12 11:47 - 000119960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-02-12 11:37 - 2020-02-21 12:39 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-02-12 11:33 - 2020-02-21 12:47 - 002279424 _____ (Farbar) C:\Users\grilli\Desktop\FRST64.exe
2020-02-12 11:32 - 2020-02-12 11:32 - 000899584 _____ C:\Users\grilli\Desktop\RGSA.exe
2020-02-11 19:13 - 2020-02-15 04:47 - 000000000 ____D C:\Users\grilli\Downloads\Charlies Angels.2019.HDRip.XviD.AC3-EVO
2020-02-11 19:13 - 2020-02-11 19:13 - 000013278 _____ C:\Users\grilli\Downloads\Spycies.2019.HDRip.XviD.AC3-EVO [TD] (1).torrent
2020-02-11 19:13 - 2020-02-11 19:13 - 000000000 ____D C:\Users\grilli\Downloads\Spycies.2019.HDRip.XviD.AC3-EVO
2020-02-11 19:12 - 2020-02-11 19:12 - 000014802 _____ C:\Users\grilli\Downloads\Charlies Angels.2019.HDRip.XviD.AC3-EVO [TD].torrent
2020-02-11 19:12 - 2020-02-11 19:12 - 000013278 _____ C:\Users\grilli\Downloads\Spycies.2019.HDRip.XviD.AC3-EVO [TD].torrent
2020-02-08 14:14 - 2020-02-08 14:14 - 000000000 ____D C:\Users\grilli\Downloads\The Royle Family S01-S03
2020-02-08 09:47 - 2020-02-08 09:52 - 000000000 ____D C:\Users\grilli\Downloads\Dolittle.2019.HDRip.XviD-EVO
2020-02-08 09:46 - 2020-02-08 09:50 - 000000000 ____D C:\Users\grilli\Downloads\Mr.Jones.2019.HDRip.XviD.AC3-EVO
2020-02-08 09:43 - 2020-02-08 09:43 - 000014209 _____ C:\Users\grilli\Downloads\Dolittle.2019.HDRip.XviD-EVO [TD].torrent
2020-02-08 09:43 - 2020-02-08 09:43 - 000013901 _____ C:\Users\grilli\Downloads\Mr.Jones.2019.HDRip.XviD.AC3-EVO [TD].torrent
2020-02-05 18:45 - 2020-02-05 18:45 - 000000000 ____D C:\MATS
2020-02-05 18:41 - 2020-02-05 18:41 - 000221662 _____ C:\Users\grilli\Downloads\MicrosoftProgram_Install_and_Uninstall.meta.diagcab
2020-02-04 23:53 - 2020-02-08 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2020-02-04 23:53 - 2020-02-04 23:53 - 000000000 ____D C:\Program Files\iPod
2020-02-04 23:41 - 2020-02-08 21:59 - 000000000 ____D C:\Program Files\iTunes
2020-02-04 19:00 - 2020-02-04 19:00 - 000000000 ____D C:\Users\grilli\AppData\Local\cache
2020-02-02 20:39 - 2020-02-02 20:39 - 000359861 _____ C:\Users\grilli\Downloads\story massage (2).zip
2020-02-02 20:39 - 2020-02-02 20:39 - 000359861 _____ C:\Users\grilli\Downloads\story massage (1).zip
2020-02-02 19:49 - 2020-02-02 19:49 - 000359861 _____ C:\Users\grilli\Downloads\story massage.zip
2020-02-02 12:56 - 2020-02-02 13:09 - 000000000 ____D C:\Users\grilli\Downloads\Microsoft.Office.2019.Professional.Plus-iNDiSO
2020-02-02 12:55 - 2020-02-02 12:55 - 000069526 _____ C:\Users\grilli\Downloads\Microsoft.Office.2019.Professional.Plus-iNDiSO [TD].torrent
2020-02-02 01:09 - 2020-02-02 01:09 - 000000000 ____D C:\Users\grilli\Desktop\Pathfinders
2020-02-02 01:04 - 2020-02-02 01:06 - 000000000 ____D C:\Users\grilli\Desktop\Ioan hmk
2020-01-30 23:34 - 2020-01-30 23:34 - 000000000 ____D C:\Users\grilli\Downloads\When All Is Said by Anne Griffin EPUB
2020-01-30 19:40 - 2018-12-08 00:53 - 803632554 _____ C:\Users\grilli\Downloads\venom.2018.bdrip.x264-sparks.mkv
2020-01-30 19:39 - 2019-01-22 20:26 - 1350593417 ____R C:\Users\grilli\Downloads\Grinch.2018.HDRip.XviD.AC3-EVO.avi
2020-01-30 19:39 - 2019-01-20 22:13 - 1408139428 ____R C:\Users\grilli\Downloads\Once.Upon.A.Deadpool.2018.HDRip.XviD.AC3-EVO.avi
2020-01-29 20:33 - 2020-01-29 20:36 - 000000000 ____D C:\Users\grilli\Downloads\A Shaun the Sheep Movie Farmageddon.2019.BDRip.XviD.AC3-EVO
2020-01-27 00:06 - 2020-01-27 00:06 - 000000000 ____D C:\Users\grilli\Downloads\Phoenix.Nights.S01-S02.DVDRip.XviD-TD
2020-01-26 17:53 - 2020-01-26 17:55 - 000000000 ____D C:\Users\grilli\Downloads\The.Mandalorian.S01.480p.x264-ZMNT
2020-01-26 13:42 - 2020-01-26 15:00 - 000000000 ____D C:\Users\grilli\Downloads\Fatal.Instinct.1993.720p.BluRay.x264-x0r
2020-01-25 21:11 - 2020-01-25 21:22 - 000000000 ____D C:\Users\grilli\Downloads\The.Mandalorian.S01E04.iNTERNAL.720p.WEB.H264-AMRAP
2020-01-25 21:08 - 2020-01-25 23:08 - 000000000 ____D C:\Users\grilli\Downloads\Star.Wars.Ewok.Adventures.Caravan.Of.Courage.1984.DVDRip.XviD-eXtaCY
2020-01-25 20:52 - 2020-01-25 21:42 - 000000000 ____D C:\Users\grilli\Downloads\Star.Wars.Episode.VII.The.Force.Awakens.2015.720p.BluRay.x264-x0r
2020-01-25 20:40 - 2020-01-26 00:13 - 000000000 ____D C:\Users\grilli\Downloads\Solo.A.Star.Wars.Story.2018.720p.BluRay.x264-x0r
2020-01-25 20:31 - 2020-01-25 21:09 - 000000000 ____D C:\Users\grilli\Downloads\Star.Wars.The.Last.Jedi.2017.720p.BluRay.x264-x0r
2020-01-25 19:54 - 2020-01-25 20:32 - 000000000 ____D C:\Users\grilli\Downloads\Rogue.One.A.Star.Wars.Story.2016.720p.BluRay.x264-x0r
2020-01-25 19:45 - 2020-01-25 20:45 - 000000000 ____D C:\Users\grilli\Downloads\Star.Wars.Episode.V.1980.720.BRRip.x264-x0r
2020-01-25 19:10 - 2020-01-25 20:12 - 000000000 ____D C:\Users\grilli\Downloads\Star.Wars.Episode.III.Revenge.of.the.Sith.2005.720p.BRRip.x264-x0r
2020-01-25 19:04 - 2020-01-25 20:12 - 000000000 ____D C:\Users\grilli\Downloads\Star.Wars.Episode.II.Attack.of.the.Clones.2002.720p.BRRip.x264-x0r
2020-01-25 18:42 - 2020-01-26 00:29 - 000000000 ____D C:\Users\grilli\Downloads\Star.Wars.Episode.VI.1983.720p.BRRip.x264-x0r
2020-01-25 18:42 - 2020-01-25 20:12 - 000000000 ____D C:\Users\grilli\Downloads\Star.Wars.Episode.I.The.Phantom.Menace.1999.720p.BRRip.x264-x0r
2020-01-25 18:41 - 2020-01-25 20:39 - 000000000 ____D C:\Users\grilli\Downloads\Star.Wars.Episode.IV.1977.720p.BRRip.x264-x0r
2020-01-25 18:38 - 2020-01-25 20:11 - 000000000 ____D C:\Users\grilli\Downloads\The.Star.Wars.Holiday.Special.1978.VHSRip.XviD-DaPOO
2020-01-23 23:41 - 2020-02-02 01:09 - 000000000 ____D C:\Users\grilli\Desktop\Longton Players
2020-01-23 23:40 - 2020-01-23 23:40 - 000486495 _____ C:\Users\grilli\Downloads\SOCIAL EVENING FEB 2020.pdf
2020-01-23 00:40 - 2020-02-02 11:54 - 000000000 ____D C:\Users\grilli\Downloads\Bob_Marley_And_The_Wailers-Legend_(30th_Anniversary_Deluxe_Edition)-(Remastered)-2014-SPLiFF
2020-01-23 00:28 - 2020-01-23 00:31 - 000000000 ____D C:\Users\grilli\Downloads\Guns_N_Roses--Use_Your_Illusion_II-CD-1991-WUS_INT
2020-01-23 00:23 - 2020-02-02 11:54 - 000000000 ____D C:\Users\grilli\Downloads\Aerosmith-The_Best_Of_Aerosmith-REMASTERED-CD-2007-G3L_INT
2020-01-22 08:13 - 2020-01-22 08:13 - 000000000 ____D C:\Users\grilli\Downloads\VA-Guardians_Of_The_Galaxy_Awesome_Mix_Vol._1-OST-2014-iTS
2020-01-22 00:27 - 2020-01-22 00:28 - 000000000 ____D C:\Users\grilli\Downloads\Nickelback-The_Best_Of_Nickelback_Volume_1-2013-C4
2020-01-22 00:07 - 2020-01-22 00:08 - 000000000 ____D C:\Users\grilli\Downloads\Ed_Sheeran-Plus-(Deluxe_Edition)-2011-pLAN9
2020-01-22 00:01 - 2020-01-22 00:03 - 000000000 ____D C:\Users\grilli\Downloads\Elvis_Presley-The_Essential-2CD-2010-COS

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-21 12:27 - 2013-08-22 15:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-02-21 10:54 - 2019-02-26 09:26 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2531035215-1632672022-4114497245-1001
2020-02-21 09:44 - 2013-08-22 14:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-21 07:57 - 2013-08-22 13:36 - 000000000 ____D C:\WINDOWS\Inf
2020-02-21 01:53 - 2019-02-26 21:52 - 000000000 ____D C:\Users\grilli\AppData\Roaming\uTorrent
2020-02-20 15:07 - 2014-03-18 15:25 - 000011390 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-20 14:51 - 2013-08-22 13:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2020-02-20 10:04 - 2019-09-01 22:31 - 000002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-20 10:04 - 2019-09-01 22:31 - 000002174 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-02-20 10:04 - 2019-09-01 22:31 - 000002174 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-02-20 08:39 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-02-16 19:36 - 2019-04-20 12:12 - 001405952 ___SH C:\Users\grilli\Desktop\Thumbs.db
2020-02-16 12:14 - 2019-04-18 22:48 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-02-16 11:27 - 2013-08-22 13:25 - 000000199 _____ C:\WINDOWS\win.ini
2020-02-16 11:23 - 2019-12-05 17:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-02-16 11:11 - 2019-12-05 16:59 - 120407888 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-02-15 10:51 - 2019-05-13 19:39 - 000000000 ____D C:\WINDOWS\Minidump
2020-02-13 21:56 - 2019-12-16 23:53 - 000003922 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{8E3081BE-9F50-4D9F-9EFC-6EDEB9DD0AC0}
2020-02-12 11:29 - 2019-02-26 09:19 - 000000000 ____D C:\Users\grilli\AppData\Local\Packages
2020-02-12 11:29 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-11 23:02 - 2019-07-01 10:49 - 000000000 ____D C:\Users\grilli\Desktop\Izzy Harvest Queen
2020-02-10 10:14 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-02-08 22:10 - 2020-01-01 22:35 - 000001770 _____ C:\Users\Public\Desktop\iTunes.lnk
2020-02-08 22:10 - 2020-01-01 22:35 - 000001770 _____ C:\ProgramData\Desktop\iTunes.lnk
2020-02-05 19:54 - 2019-07-15 08:24 - 000000000 ____D C:\Users\grilli\Desktop\Hillside Planning
2020-02-05 19:35 - 2019-10-03 23:25 - 000000000 ____D C:\ProgramData\Cloanto
2020-02-05 19:03 - 2019-08-06 15:44 - 000000000 ____D C:\Users\grilli\AppData\Local\ElevatedDiagnostics
2020-02-05 14:50 - 2019-09-01 22:30 - 000003334 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-05 14:50 - 2019-09-01 22:30 - 000003206 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-04 23:53 - 2019-03-05 22:25 - 000000000 ____D C:\ProgramData\Apple Computer
2020-02-04 19:00 - 2019-09-02 06:58 - 000001975 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-02-04 19:00 - 2019-09-02 06:58 - 000001975 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-02-04 18:39 - 2019-09-02 06:58 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-02-03 20:13 - 2019-02-26 09:12 - 000000000 ____D C:\Users\grilli
2020-02-03 19:04 - 2019-12-13 09:59 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-02-03 19:04 - 2019-12-13 09:59 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-02-02 18:04 - 2013-08-22 15:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-02 01:10 - 2019-04-18 23:12 - 000000000 ____D C:\Users\grilli\Documents\Cath
2020-02-02 01:09 - 2019-10-12 13:03 - 000000000 ____D C:\Users\grilli\Desktop\Application forms
2020-02-02 01:07 - 2019-08-17 10:11 - 000000000 ____D C:\Users\grilli\Desktop\Emilie
2020-01-30 23:45 - 2019-03-15 14:14 - 000000000 ____D C:\Users\grilli\AppData\Local\calibre-cache
2020-01-30 23:45 - 2019-03-15 14:13 - 000000000 ____D C:\Users\grilli\AppData\Roaming\calibre
2020-01-25 21:05 - 2020-01-10 21:03 - 000000000 ____D C:\Users\grilli\Downloads\Horrible.Histories.2009.S04.DVDRip.x264-FADE
2020-01-24 09:28 - 2020-01-06 01:02 - 000000000 ____D C:\Users\grilli\Downloads\90's.Movie.Pack.Part.2.720P.BRRIPS.XVID.AC3-MAJESTiC
2020-01-24 09:18 - 2020-01-06 01:17 - 000000000 ____D C:\Users\grilli\Downloads\90's.Movie.Pack.Part.1.720P.BRRIPS.XVID.AC3-MAJESTiC
2020-01-23 23:41 - 2019-12-06 21:12 - 000000000 ____D C:\Users\grilli\Documents\Outlook Files
2020-01-22 09:28 - 2020-01-09 22:56 - 000000000 ____D C:\Users\grilli\Downloads\The Beatles 1 @320Kbps - MaryJane
2020-01-22 08:17 - 2019-06-30 18:24 - 000004430 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-01-22 08:17 - 2019-06-30 18:24 - 000004282 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-01-22 08:17 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\Macromed

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-02-20 10:42
==================== End of FRST.txt ========================



Malawarebytes

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 21/02/2020
Scan Time: 12:59
Log File: f644c68c-54a9-11ea-a3cc-f8a963f3d783.json

-Software Information-
Version: 4.0.4.49
Components Version: 1.0.810
Update Package Version: 1.0.19552
Licence: Trial

-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Grilli\grilli

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 262750
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 11 min, 58 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)


Result of Security Analysis by Rocket Grannie (x86) Updated: 12th, January 2020
Running from:C:\Users\grilli\Desktop (13:25:28 - 02/21/2020)
***---------------------------------------------------------***
Microsoft Windows 8.1 X64
UAC is Enabled
Internet Explorer 11
Default Browser: Google Chrome
***------------Antivirus - Antispyware - Firewall-----------***
Windows Defender (Enabled - up to Date)
Windows Defender (Enabled - up to Date)
Windows Firewall (Enabled)
No other Firewall Installed
***-------Security Programs - Browsers - Miscellaneous------***
Adobe Flash Player NPAPI is not installed
CCleaner (5.63)
Google Chrome (80.0.3987.116)
Malwarebytes (4.0.4.49)
Microsoft Silverlight (1.0.0.0) ==> is out of Date

***----------------Analysis Complete-------------------------***

#2 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,318 posts

Posted 22 February 2020 - 06:39 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
 
No malware was found in your FRST.TXT log.
 
Run this fix.
 
Press the windows key Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
 
start::
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
CMD: netsh int ip reset
CMD: ipconfig /flushDNS
 
cmd: DISM.exe /Online /Cleanup-image /Restorehealth
cmd: sfc /scannow
CMD: ECHO Y|CHKDSK C: /F
EmptyTemp:
 
End::
 
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.
 
Run FRST and click Fix only once and wait.
 
The tool will create a log (Fixlog.txt) please post it to your reply.
===
 
I also need to see the Addition.txt log that was created by the Farbar program.
Please post it in you next reply.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#3 grilli

grilli

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 26 February 2020 - 06:18 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-02-2020
Ran by grilli (21-02-2020 13:04:47)
Running from C:\Users\grilli\Desktop
Windows 8.1 (Update) (X64) (2019-02-26 09:19:19)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2531035215-1632672022-4114497245-500 - Administrator - Disabled)
grilli (S-1-5-21-2531035215-1632672022-4114497245-1001 - Administrator - Enabled) => C:\Users\grilli
Guest (S-1-5-21-2531035215-1632672022-4114497245-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2531035215-1632672022-4114497245-1003 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.10 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.321 - Adobe)
Apple Application Support (32-bit) (HKLM-x32\...\{A7039CC9-4669-4799-92B1-C5CE346DBE3D}) (Version: 8.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{DA78A9DC-3599-4D81-A960-B679687A6C14}) (Version: 8.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Auslogics File Recovery (HKLM-x32\...\{D8F33108-139F-409A-A160-B9510DE736B3}_is1) (Version: 9.2.0.1 - Auslogics Labs Pty Ltd)
Bejeweled 3 (HKLM-x32\...\WTA-e69eb99b-c817-44d2-a107-26aca8257278) (Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{ED468F84-6B55-4FFD-A0C2-3C2064696A88}) (Version: 3.40.1 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Championship Manager 01-02 (HKLM-x32\...\Championship Manager 01-02) (Version:  - )
Cut the Rope (HKLM-x32\...\WTA-72b54753-546e-42c0-af0c-363f48729260) (Version: 3.0.2.38 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3817.05 - CyberLink Corp.)
DTS Sound (HKLM-x32\...\{9B17BBEC-CF31-4C23-949E-E65A14365CE1}) (Version: 1.01.6100 - DTS, Inc.)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
eBook Converter Bundle 3.19.212.422 (HKLM-x32\...\{74173236-3507-49A7-A0FC-1BDABF0A9338}_is1) (Version: 3.19.212.422 - eBook Converter Team)
Enchanted Cavern 2 (HKLM-x32\...\WTA-58ef51ea-34fb-4498-8d8e-9cf50df96a9f) (Version: 2.2.0.110 - WildTangent) Hidden
ePUBee Magic (HKLM-x32\...\ePUBee Magic) (Version: 1.0.0.11 - ePUBee)
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.116 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP ENVY 4520 series Basic Device Software (HKLM\...\{B46D9E8C-10FE-4873-996B-CA9EA3D7D9FE}) (Version: 40.11.1122.1796 - HP Inc.)
HP ENVY 4520 series Help (HKLM-x32\...\{201E58BD-2A1D-4C4D-BD6F-ADA7669FE3AE}) (Version: 36.0.0 - Hewlett Packard)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
iTunes (HKLM\...\{FB354E0A-FE39-4977-9386-0DE79B15AE01}) (Version: 12.10.3.1 - Apple Inc.)
Magic Academy (HKLM-x32\...\WTA-418ed80b-4283-4d89-b0de-c6e35368cd2f) (Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Artifacts (HKLM-x32\...\WTA-32a87bad-b82b-446e-9efb-893e4941f6f1) (Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 1.0.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
My Kingdom for the Princess 3 (HKLM-x32\...\WTA-2f15014a-06ce-41b3-b565-068a5a7ec6b3) (Version: 2.2.0.110 - WildTangent) Hidden
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.1.175 - Symantec Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Peggle Nights (HKLM-x32\...\WTA-77ec29bd-7817-4573-9bc6-0ae934b551a4) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-2bded982-87a3-48c2-8bd5-1e54e4daae42) (Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-9162527f-635f-4848-a5f8-3f5b96c5ae63) (Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
SoulseekQt version 2017.2.20 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2017.2.20 - Soulseek LLC)
Symbaloo (HKLM-x32\...\Symbaloo) (Version: 1.0.0 - Symbaloo Launcher by Toshiba Europe GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.3.0 - Synaptics Incorporated)
TechSmith Screen Capture Codec (HKLM-x32\...\{84FE50F5-B0F3-4D18-8BE8-A4DEEE0C37AD}) (Version: 4.1.1.0 - TechSmith Corporation) Hidden
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.04.6401 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{F64E9295-E1B3-4EEA-86D3-AF44A0087B06}) (Version: 1.1.16.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.2.6403 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.81.2C - TOSHIBA CORPORATION)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.19 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 2.0.0.15C - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 3.01.02.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{B1F241E1-90BF-4201-8977-A0DF85A38EBB}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.01.6402 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.9.1 - Toshiba Europe GmbH)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Utility Common Driver (HKLM-x32\...\{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.53.3 - Compal) Hidden
Utility Common Driver (HKLM-x32\...\InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.53.3 - Compal) Hidden
Virtual Villagers 5 - New Believers (HKLM-x32\...\WTA-11064e83-3ca1-4e30-94cc-352a058cef07) (Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba) (Version: 4.0.10.25 - WildTangent) Hidden
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Youda Jewel Shop (HKLM-x32\...\WTA-971dccec-9736-4476-a13e-2ea2b01b1b4a) (Version: 3.0.2.32 - WildTangent) Hidden
 
Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2019-03-01] (WildTangent Games)
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_3.1.2.8_neutral__343d40qqvtj1t [2019-02-28] (Amazon.com)
Cut The Rope -> C:\Program Files\WindowsApps\ZeptoLabUKLimited.CutTheRope_1.2.0.43_x86__sq9zxnwrk84pj [2019-02-28] (ZeptoLab UK Limited)
Doodle God™ Free for Toshiba -> C:\Program Files\WindowsApps\7E440FBB.DoodleGodFreeforToshiba_2.0.0.48_x64__pvm5kvqj2rwym [2014-05-22] (JoyBits-Ltd.)
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2019-02-28] (eBay, Inc)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_3.3.0.102_x86__q4d96b2w5wcc2 [2019-02-28] (Evernote)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe [2019-02-28] (Microsoft Corporation)
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-03-18] (Microsoft Corporation) [MS Ad]
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2019-02-28] (AMZN Mobile LLC)
McAfee® Central for Toshiba -> C:\Program Files\WindowsApps\McAfeeInc.04.McAfeeSecurityAdvisorforToshiba_5.0.170.1_x64__m0mgz90br52t0 [2019-03-01] (McAfee_Incorporated)
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2019-02-28] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2019-03-01] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2019-02-28] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2019-03-05] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2019-02-28] (Microsoft Corporation) [MS Ad]
My Toshiba -> C:\Program Files\WindowsApps\EnnovaResearch.ToshibaPlaces_2.2.38.0_x64__3s2an63h56yee [2019-03-01] (Ennova Research)
Parcelgenie for Toshiba -> C:\Program Files\WindowsApps\ParcelPokeLimited.ParcelgenieforToshiba_2.1.1.25_neutral__8xyyyq1qzh8hy [2019-02-28] (Parcel Poke Limited)
Skitch Touch -> C:\Program Files\WindowsApps\Evernote.Skitch_2.4.2000.1918_neutral__q4d96b2w5wcc2 [2014-05-22] (Evernote)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2019-03-01] (Skype) [MS Ad]
Skyscanner -> C:\Program Files\WindowsApps\Skyscanner.Skyscanner_1.4.2.0_neutral__623c9he0pwcym [2019-03-01] (Skyscanner)
The Telegraph -> C:\Program Files\WindowsApps\TelegraphMediaGroupLtd.TheTelegraph_2.0.1.134_x64__8zqgb9yvnry22 [2014-05-22] (Telegraph Media Group Ltd)
TOSHIBA Media Player by sMedio TrueLink+ -> C:\Program Files\WindowsApps\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_3.1.1.33_x64__679ekb9hp1h62 [2019-03-01] (sMedio)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2019-02-28] (Microsoft Corporation) [MS Ad]
Vimeo for Toshiba (UK) -> C:\Program Files\WindowsApps\DEA48DA5.VimeoforToshibaUK_1.4.0.0_neutral__20zyggj7fjyag [2014-05-22] (Vimeo, LLC  .)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2014-01-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 13:25 - 2013-08-22 13:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\
HKU\S-1-5-21-2531035215-1632672022-4114497245-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img7.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{5F8A9F9D-46C9-4339-B2A6-1CA64A3DA9B3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{E132791E-F910-4CEC-8D07-A4168011DB95}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{6A20E56E-ED81-41B2-AB77-01FC35549392}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{8732AB10-04AD-40B4-9D0A-55891D10D4B3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AFC8BF1D-833D-4977-A584-EBD8015E64B6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A8519971-2A13-4448-93D4-CFE1321A71FF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{54D015BA-6DFC-42B3-80B3-D15A6A7BA6A7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AF08BFA8-E0FA-422B-9252-8684B56852F1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{69113E05-3897-483A-83C3-149B81BADDE2}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [UDP Query User{91E1B275-B8A1-404B-859A-0A7F9B1706A0}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [{DAC904DF-9327-4CE1-B41C-0A87B214E117}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ED7A6260-2D1C-477D-9FF0-F68DA8EC2DF1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{34A6D772-78A3-4580-94F3-A79F5B93F8E6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{73414D51-CDCF-4C92-B71F-02A2E9011C21}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7585AAEF-C84A-4E1D-908F-55E728FD41C9}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{6DE37E66-8032-4D55-B88A-007ACA90287D}] => (Allow) LPort=5357
FirewallRules: [{D0B460E5-3C39-4B8F-ABF8-0CC7DCE0A681}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [TCP Query User{086F59C0-A7A0-4E5A-A87A-172EEA68FDA6}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Block) C:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [UDP Query User{E51306FA-E187-470D-986E-D56974C8902F}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Block) C:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [{75119F9B-A977-4C42-8FBF-6E22D4728830}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{78F3DD2C-546B-4EE0-81F8-AD7692F6B6CD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9038383-51C5-493C-A8B4-30D6180761DC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2D01460D-F8D3-4D0C-86CF-DBE0341FA3B9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EB81E27B-B1EF-404F-9561-B03341622FA8}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F38CD3AE-A199-4170-9B50-2D759EE9D464}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
21-02-2020 10:55:00 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (02/21/2020 01:03:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.19036 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 224
 
Start Time: 01d5e8b4b4c4818e
 
Termination Time: 1863
 
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Report Id: 85afb0e1-54aa-11ea-82ce-3010b34e14ae
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (02/21/2020 12:32:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15484
 
Error: (02/21/2020 12:32:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15484
 
Error: (02/21/2020 12:32:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/21/2020 12:21:17 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-02-21T13:45:52Z. Error Code: 0x8007045D.
 
Error: (02/21/2020 12:20:07 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: The rules engine failed to perform one or more scheduled actions.
Error Code:0x8007045D
Path:SERIALIZE_INTERNAL
Arguments:<none>
 
Error: (02/21/2020 12:19:25 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: The rules engine failed to perform one or more scheduled actions.
Error Code:0x8007045D
Path:SERIALIZE_INTERNAL
Arguments:<none>
 
Error: (02/21/2020 12:18:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 652890
 
 
System errors:
=============
Error: (02/21/2020 12:32:56 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (38:78:62:67:da:d5) failed.
 
Error: (02/21/2020 12:19:02 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (38:78:62:67:da:d5) failed.
 
Error: (02/21/2020 12:03:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007045d: 2020-02 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Server 2012 R2 for x64 (KB4538124).
 
Error: (02/21/2020 11:02:56 AM) (Source: DCOM) (EventID: 10010) (User: Grilli)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Error: (02/21/2020 10:09:50 AM) (Source: volsnap) (EventID: 8) (User: )
Description: The flush and hold writes operation on volume C: timed out while waiting for a release writes command.
 
Error: (02/21/2020 10:06:58 AM) (Source: volsnap) (EventID: 14) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.
 
Error: (02/21/2020 09:58:33 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
 
Error: (02/21/2020 09:43:14 AM) (Source: DCOM) (EventID: 10010) (User: Grilli)
Description: The server {4545DEA0-2DFC-4906-A728-6D986BA399A9} did not register with DCOM within the required timeout.
 
 
Windows Defender:
===================================
Date: 2020-02-20 11:12:48.280
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {EA3A5354-89C8-4B4F-AC27-030BE4C03F63}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-02-16 13:39:00.417
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {B82B2071-3C07-4B0F-807E-260DF623D80C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-02-16 13:22:36.089
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {55F542C2-6544-491E-82FA-3A4103F24958}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-02-09 11:28:14.115
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {6E4840DE-8701-483F-8E2E-6846C400FFB5}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-02-05 09:35:13.160
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {92EF8DCD-2A64-4266-9761-8D98B0AA2130}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-02-17 10:15:08.018
Description: 
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x8007045d
Error description: The request could not be performed because of an I/O device error. 
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
 
Date: 2020-02-17 10:15:08.018
Description: 
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error 
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
 
Date: 2020-02-17 10:14:58.542
Description: 
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x8007045d
Error description: The request could not be performed because of an I/O device error. 
Reason: The filter driver has restarted scanning items and is out of pass through mode.
 
Date: 2020-02-17 10:04:00.390
Description: 
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x8007045d
Error description: The request could not be performed because of an I/O device error. 
Reason: The system is missing updates that are required for running Network Inspection System.  Install the required updates and restart the computer.
 
Date: 2020-02-12 23:24:29.556
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 119.0.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version: 
Previous Engine Version: 2.1.14600.4
Error code: 0x8007045d
Error description: The request could not be performed because of an I/O device error. 
 
CodeIntegrity:
===================================
 
Date: 2020-02-20 10:49:59.741
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-02-16 13:19:02.966
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-02-12 11:36:20.462
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-02-12 11:36:19.702
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-02-12 10:05:50.803
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-02-08 03:11:26.880
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-02-06 08:25:51.204
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-02-05 18:43:44.641
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: TOSHIBA 5.10 08/10/2015
Motherboard: TOSHIBA ZBWAA
Processor: Intel® Celeron® CPU N2840 @ 2.16GHz
Percentage of memory in use: 50%
Total physical RAM: 3981.93 MB
Available physical RAM: 1958.05 MB
Total Virtual: 8077.93 MB
Available Virtual: 5602.62 MB
 
==================== Drives ================================
 
Drive c: (TI31338200A) (Fixed) (Total:687.22 GB) (Free:391.9 GB) NTFS
 
\\?\Volume{9966df1b-fb84-4984-bae5-743049eafa6d}\ (System) (Fixed) (Total:1 GB) (Free:0.33 GB) NTFS
\\?\Volume{f8c2bf49-b6b2-494e-8b17-965bbce33601}\ (Recovery) (Fixed) (Total:10.19 GB) (Free:0.93 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: B5EC8203)
 
Partition: GPT.
 
==================== End of Addition.txt =======================


#4 grilli

grilli

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 27 February 2020 - 01:50 AM

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-02-2020
Ran by grilli (27-02-2020 00:05:54) Run:1
Running from C:\Users\grilli\Desktop
Loaded Profiles: grilli (Available Profiles: grilli)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
CMD: netsh int ip reset
CMD: ipconfig /flushDNS
 
cmd: DISM.exe /Online /Cleanup-image /Restorehealth
cmd: sfc /scannow
CMD: ECHO Y|CHKDSK C: /F
EmptyTemp:
 
 
*****************
 
Restore point was successfully created.
Processes closed successfully.
 
========= netsh int ip reset =========
 
Resetting Global, OK!
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
========= ipconfig /flushDNS =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
========= DISM.exe /Online /Cleanup-image /Restorehealth =========
 
 
Deployment Image Servicing and Management tool
Version: 6.3.9600.19408
 
Image Version: 6.3.9600.19397
 
 
Error: 0x80240021
 
DISM failed. No operation was performed. 
For more information, review the log file.
 
The DISM log file can be found at C:\WINDOWS\Logs\DISM\dism.log
 
========= End of CMD: =========
 
 
========= sfc /scannow =========
 
 
 
Beginning system scan.  This process will take some time.
 
 
 
Beginning verification phase of system scan.
 
Verification 0% complete.Verification 0% complete.Verification 1% complete.Verification 1% complete.Verification 2% complete.Verification 2% complete.Verification 3% complete.Verification 3% complete.Verification 4% complete.Verification 4% complete.Verification 5% complete.Verification 5% complete.Verification 6% complete.Verification 6% complete.Verification 7% complete.Verification 7% complete.Verification 8% complete.Verification 8% complete.Verification 9% complete.Verification 9% complete.Verification 10% complete.Verification 10% complete.Verification 11% complete.Verification 11% complete.Verification 12% complete.Verification 12% complete.Verification 13% complete.Verification 13% complete.Verification 14% complete.Verification 14% complete.Verification 15% complete.Verification 15% complete.Verification 16% complete.Verification 16% complete.Verification 17% complete.Verification 17% complete.Verification 18% complete.Verification 18% complete.Verification 19% complete.Verification 19% complete.Verification 20% complete.Verification 20% complete.Verification 21% complete.Verification 21% complete.Verification 22% complete.Verification 22% complete.Verification 23% complete.Verification 23% complete.Verification 24% complete.Verification 24% complete.Verification 25% complete.Verification 25% complete.Verification 26% complete.Verification 26% complete.Verification 27% complete.Verification 27% complete.Verification 28% complete.Verification 28% complete.Verification 29% complete.Verification 29% complete.Verification 30% complete.Verification 30% complete.Verification 31% complete.Verification 31% complete.Verification 32% complete.Verification 32% complete.Verification 33% complete.Verification 33% complete.Verification 34% complete.Verification 34% complete.Verification 35% complete.Verification 35% complete.Verification 36% complete.Verification 36% complete.Verification 37% complete.Verification 37% complete.Verification 38% complete.Verification 38% complete.Verification 39% complete.Verification 39% complete.Verification 40% complete.Verification 40% complete.Verification 41% complete.Verification 41% complete.Verification 42% complete.Verification 42% complete.Verification 43% complete.Verification 43% complete.Verification 44% complete.Verification 44% complete.Verification 45% complete.Verification 45% complete.Verification 46% complete.Verification 46% complete.Verification 47% complete.Verification 47% complete.Verification 47% complete.Verification 48% complete.Verification 48% complete.Verification 49% complete.Verification 49% complete.Verification 50% complete.Verification 50% complete.Verification 51% complete.Verification 51% complete.Verification 52% complete.Verification 52% complete.Verification 53% complete.Verification 53% complete.Verification 54% complete.Verification 54% complete.Verification 55% complete.Verification 55% complete.Verification 56% complete.Verification 56% complete.Verification 57% complete.Verification 57% complete.Verification 58% complete.Verification 58% complete.Verification 59% complete.Verification 59% complete.Verification 60% complete.Verification 60% complete.Verification 61% complete.Verification 61% complete.Verification 62% complete.Verification 62% complete.Verification 63% complete.Verification 63% complete.Verification 64% complete.Verification 64% complete.Verification 65% complete.Verification 65% complete.Verification 66% complete.Verification 66% complete.Verification 67% complete.Verification 67% complete.Verification 68% complete.Verification 68% complete.Verification 69% complete.Verification 69% complete.Verification 70% complete.Verification 70% complete.Verification 71% complete.Verification 71% complete.Verification 72% complete.Verification 72% complete.Verification 73% complete.Verification 73% complete.Verification 74% complete.Verification 74% complete.Verification 75% complete.Verification 75% complete.Verification 76% complete.Verification 76% complete.Verification 77% complete.Verification 77% complete.Verification 78% complete.Verification 78% complete.Verification 79% complete.Verification 79% complete.Verification 80% complete.Verification 80% complete.Verification 81% complete.Verification 81% complete.Verification 82% complete.Verification 82% complete.Verification 83% complete.Verification 83% complete.Verification 84% complete.Verification 84% complete.Verification 85% complete.Verification 85% complete.Verification 86% complete.Verification 86% complete.Verification 87% complete.Verification 87% complete.Verification 88% complete.Verification 88% complete.Verification 89% complete.Verification 89% complete.Verification 90% complete.Verification 90% complete.Verification 91% complete.Verification 91% complete.Verification 92% complete.Verification 92% complete.Verification 93% complete.Verification 93% complete.Verification 94% complete.Verification 94% complete.Verification 94% complete.Verification 95% complete.Verification 95% complete.Verification 96% complete.Verification 96% complete.Verification 97% complete.Verification 97% complete.Verification 98% complete.Verification 98% complete.Verification 99% complete.Verification 99% complete.Verification 100% complete.
 
 
Windows Resource Protection found corrupt files but was unable to fix some 
 
of them. Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For 
 
example C:\Windows\Logs\CBS\CBS.log. Note that logging is currently not 
 
supported in offline servicing scenarios.
 
 
========= End of CMD: =========
 
 
========= ECHO Y|CHKDSK C: /F =========
 
The type of the file system is NTFS.
Cannot lock current drive.
 
Chkdsk cannot run because the volume is in use by another
process.  Would you like to schedule this volume to be
checked the next time the system restarts? (Y/N) Y
 
This volume will be checked the next time the system restarts.
 
========= End of CMD: =========
 
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 28902975 B
Java, Flash, Steam htmlcache => 1140 B
Windows/system/drivers => 109526045 B
Edge => 0 B
Chrome => 44255889 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 42574 B
systemprofile32 => 42702 B
LocalService => 42702 B
NetworkService => 19830934 B
grilli => 50817315 B
 
RecycleBin => 2312174 B
EmptyTemp: => 251.9 MB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 01:34:25 ====


#5 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,318 posts

Posted 27 February 2020 - 06:59 AM

 
Hi,
 
The CHECK DISK failed. On Windows 8.1 lets use this command.
 
Navigate to this page.
 
Select this option.
24 - CHKDSK in Windows 8 or 8.1
 
Follow the instructions to execute this command at the DOS prompt.
CMD: C: /f /r /x
 
p.s
You should be able to copy and paste the command.
 
Let me know what problem persists.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#6 grilli

grilli

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 04 March 2020 - 02:47 PM

i did as above and it see,ed to fail, however the pc is running a lot better now. any recommendations of what to do next?



#7 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,318 posts

Posted 05 March 2020 - 06:37 AM

Hi,

 

i did as above and it see,ed to fail,

 

 

What did you mean?


nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#8 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,318 posts

Posted 12 March 2020 - 06:43 AM

Since the issue appears to be resolved this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




Member of UNITE
Support SpywareInfo Forum - click the button