Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-11-2016 Ran by Robert (08-11-2016 19:32:32) Running from C:\Users\Robert\Downloads Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2016-02-14 04:32:48) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1023542146-862895883-3640837297-500 - Administrator - Disabled) Guest (S-1-5-21-1023542146-862895883-3640837297-501 - Limited - Disabled) Robert (S-1-5-21-1023542146-862895883-3640837297-1000 - Administrator - Enabled) => C:\Users\Robert ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation) Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden Adobe AIR (HKLM\...\Adobe AIR) (Version: 21.0.0.176 - Adobe Systems Incorporated) Adobe Flash Player 9 ActiveX (HKLM\...\ShockwaveFlash) (Version: 9 - Adobe Systems) Adobe Reader XI (11.0.08) MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.0.301.4 - ALPS ELECTRIC CO., LTD) Atheros Driver Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.1 - Atheros) ATI Catalyst Install Manager (HKLM\...\{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}) (Version: 3.0.641.0 - ATI Technologies, Inc.) ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: - ATI Technologies, Inc.) Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.19.164 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM\...\{92a7fd6b-31e5-472f-862e-79214c5032ef}) (Version: 1.1.67.18988 - Avira Operations GmbH & Co. KG) Avira Launcher (Version: 1.1.67.18988 - Avira Operations GmbH & Co. KG) Hidden Bentley MicroStation V8i 08.11.05.17 (HKLM\...\{482E4A1D-0E77-4864-831D-CF433EE722E9}) (Version: 8.11.5.17 - Bentley Systems, Incorporated) Bonjour (HKLM\...\{2A981294-F14C-4F0F-9627-D793270922F8}) (Version: 2.0.4.0 - Apple Inc.) ccc-core-static (Version: 2007.0424.2145.36967 - ATI) Hidden CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 2.00.03 - TOSHIBA) C-GEO Edycja 2015 (HKLM\...\C-GEO_is1) (Version: - softline) Chanalyzer (HKLM\...\{0C5A4F9F-9DCB-4C8D-AAF9-DCA85E0CBE35}) (Version: 5.8.7.8 - MetaGeek, LLC) Desktop Dialer (HKLM\...\Desktop Dialer) (Version: - ) DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0002 - Microsoft Corporation) Doradca uaktualnienia systemu Windows 7 (HKLM\...\{E8706A0A-D596-4ef8-B924-2D69BD75D95E}) (Version: 2.0.5000.0 - Microsoft Corporation) DVD MovieFactory for TOSHIBA (HKLM\...\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}) (Version: 5.3 - Ulead Systems, Inc.) e-Deklaracje Desktop (HKLM\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 8.0.7 - Ministerstwo Finansow) e-Deklaracje Desktop (Version: 8.0.7 - Ministerstwo Finansow) Hidden Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.) Google Desktop (HKLM\...\Google Desktop) (Version: - - Google) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden Internet Offers (HKLM\...\Internet Offers from Toshiba) (Version: 6.2 - PeoplePC, Inc.) Java(TM) SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.) K1-2D XM (HKLM\...\ST6UNST #1) (Version: - ) Mah Jong Quest (HKLM\...\WT022090) (Version: WT022090 - WildTangent) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation) Mozilla Firefox 49.0.2 (x86 pl) (HKLM\...\Mozilla Firefox 49.0.2 (x86 pl)) (Version: 49.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla) MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia) oggcodecs 0.71.0946 (HKLM\...\oggcodecs) (Version: 0.71.0946 - illiminable) PC Connectivity Solution (HKLM\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia) Picasa 2 (HKLM\...\Picasa2) (Version: 2.0 - Google, Inc.) Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5406 - Realtek Semiconductor Corp.) Skins (Version: 2007.0424.2145.36967 - ATI) Hidden Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.16.5.201603301709 - Sony Mobile Communications Inc.) Sony PC Companion 2.10.303 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 12.2.11.0 - Synaptics Incorporated) Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{B54B8CD3-E12B-4C29-AF5A-2101E2FF5F53}) (Version: 2.00.0005 - Texas Instruments Inc.) TIPCI (Version: 2.00.0005 - Texas Instruments Inc.) Hidden TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.02 - ) TOSHIBA ConfigFree (HKLM\...\{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}) (Version: 7.00.29 - TOSHIBA) TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.0.0.8 - TOSHIBA Corporation) TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 1.20.10 - TOSHIBA Corporation) TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - TOSHIBA Corporation) TOSHIBA Flash Cards Support Utility (HKLM\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.0.3C - TOSHIBA) TOSHIBA Hardware Setup (HKLM\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.51.0.3C - TOSHIBA) TOSHIBA Music (HKLM\...\{0E9C4531-58C4-4349-AD2F-A4D999E451EC}) (Version: 1.00.1 - Toshiba America Information Systems) Toshiba Registration (HKLM\...\{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}) (Version: 1.00.0000 - Datalode Inc.) TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.8.1.1 - TOSHIBA) TOSHIBA Software Modem (HKLM\...\TOSHIBA Software Modem) (Version: 2.1.77 (SM2177ALD03) - Agere Systems) TOSHIBA Software Upgrades (HKLM\...\{425A2BC2-AA64-4107-9C29-484245BBEA05}) (Version: 4.2 - TOSHIBA) TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: - ) TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - ) TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - ) TOSHIBA Supervisor Password (HKLM\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 0.51.0.1C - TOSHIBA) TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.0.21 - TOSHIBA Corporation) Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.52a - Ghisler Software GmbH) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Utility Common Driver (Version: 0.0.1.1C - TOSHIBA) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN) Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia) Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - ) Zestaw zautomatyzowanej instalacji systemu Windows (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 2.0.0.0 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0E693F8E-7F65-4DA8-9820-91552070C8A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-19] (Google Inc.) Task: {1ADA271D-08A9-4DE4-A505-14D200BA11D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-19] (Google Inc.) Task: {69558AC2-2738-4346-A93D-5BBD7B3A7D5E} - System32\Tasks\{32F4A36A-639E-44B0-9ED5-F0BEC219F942} => pcalua.exe -a C:\b26173b.exe -d C:\ Task: {89906A6A-1632-49DB-BE8A-E3A74F6A3F09} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-18] (Microsoft Corporation) Task: {99975024-0441-46D4-8B75-788245DEA15B} - System32\Tasks\{CBA95B73-1460-46B1-854A-5D766880353B} => pcalua.exe -a C:\Users\Robert\Downloads\setup.exe -d C:\Users\Robert\Downloads Task: {EEBAF85F-ACDE-4329-80D6-5968955D0683} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2007-04-25 06:57 - 2007-04-25 06:57 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00080936 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CodeLog.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 01296424 _____ () C:\Program Files\EaseUS\Todo Backup\bin\libxml2.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00060968 _____ () C:\Program Files\EaseUS\Todo Backup\bin\zlib1.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00017448 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CompressFile.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00088616 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00022568 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CmcTbProxy.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00186408 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CMCPipeCenter.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00165928 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CMCAdapt.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00058408 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TBInfo.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00015912 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00108072 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ActivationOnline.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00077864 _____ () C:\Program Files\EaseUS\Todo Backup\bin\logsys.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00030760 _____ () C:\Program Files\EaseUS\Todo Backup\bin\DiskSearchImg.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00068136 _____ () C:\Program Files\EaseUS\Todo Backup\bin\MountImg.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00158248 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ImgFile.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00281128 _____ () C:\Program Files\EaseUS\Todo Backup\bin\DsImgFile.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00072232 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CheckImg.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00139816 _____ () C:\Program Files\EaseUS\Todo Backup\bin\vhdvmdk.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00037416 _____ () C:\Program Files\EaseUS\Todo Backup\bin\BootDriver.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00769064 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ExImage.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00193064 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EmailBackupSize.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00443944 _____ () C:\Program Files\EaseUS\Todo Backup\bin\AndroidImage.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00148008 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EnumDisk.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00076840 _____ () C:\Program Files\EaseUS\Todo Backup\bin\FatLib.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00207912 _____ () C:\Program Files\EaseUS\Todo Backup\bin\NTFSLib.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00111656 _____ () C:\Program Files\EaseUS\Todo Backup\bin\FileStorage.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00169512 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CloudInterface.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00501800 _____ () C:\Program Files\EaseUS\Todo Backup\bin\StorageMgr.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00024616 _____ () C:\Program Files\EaseUS\Todo Backup\bin\GetDriverInfo.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00020520 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CorrectMbr.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00032296 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EnumTapeDevice.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00034856 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TbTapeBrowse.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00064040 _____ () C:\Program Files\EaseUS\Todo Backup\bin\RegLib.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00025128 _____ () C:\Program Files\EaseUS\Todo Backup\bin\AccountManager.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00059944 _____ () C:\Program Files\EaseUS\Todo Backup\bin\NasOperator.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00201768 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EmailBrowser.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00077864 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CloudOperator.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00018984 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ActiveOnline.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00136232 _____ () C:\Program Files\EaseUS\Todo Backup\bin\VMConfig.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00020008 _____ () C:\Program Files\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll 2016-02-25 17:36 - 2015-12-10 06:04 - 00043048 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TbDataSwap.dll 2007-05-17 01:51 - 2007-01-26 01:47 - 00136816 _____ () C:\Toshiba\IVP\ISM\pinger.exe 2007-05-17 01:51 - 2007-01-26 01:50 - 00063096 _____ () c:\Toshiba\IVP\swupdate\swupdtmr.exe 2016-02-25 17:36 - 2015-12-10 06:14 - 00249384 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe 2016-02-25 17:36 - 2015-12-10 06:04 - 00224808 _____ () C:\Program Files\EaseUS\Todo Backup\bin\SmartBackup.dll 2006-11-07 01:14 - 2006-11-07 01:14 - 00034352 _____ () C:\Program Files\Toshiba\Utilities\KeNotify.exe ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1023542146-862895883-3640837297-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\Toshiba-1.JPG DNS Servers: 62.179.1.63 - 62.179.1.62 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: CFSvcs => 2 MSCONFIG\Services: EaseUS Agent => 2 MSCONFIG\Services: GoogleDesktopManager => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: TNaviSrv => 2 MSCONFIG\Services: TODDSrv => 2 MSCONFIG\Services: TosCoSrv => 2 MSCONFIG\Services: TOSHIBA Bluetooth Service => 2 MSCONFIG\startupfolder: C:^Users^Robert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup MSCONFIG\startupreg: 00TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe MSCONFIG\startupreg: ALLPlayer WiFi Remote => C:\Program Files\ALLPlayer Remote\ALLPlayerRemoteControl.exe MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe MSCONFIG\startupreg: Napisy24Update => "C:\Program Files\Napisy24\Napisy24Update.exe" "sleep" MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SmoothView => %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [{0E829469-AE1F-48BB-9570-28C15E764454}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{F11D6AF8-1AC3-4BE0-B954-EA46713D197F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{1BF37669-9F04-4B29-B04D-180D0592943B}] => (Allow) LPort=80 FirewallRules: [{C4F78CDF-8388-4B64-854C-F15D4ECD2C6C}] => (Allow) LPort=80 FirewallRules: [{2EDC861B-1418-4879-8D9B-9137F92A260F}] => (Allow) LPort=80 FirewallRules: [{051B88BC-AF81-4463-B8E0-09E9D0AA94C4}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{1F1C3CDC-2CDB-4D11-A9B4-ECBF1DCDFE84}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{C06B1C12-660B-4A92-8862-DD78A6A6EDE5}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{1CBAE6A0-4BD1-46EB-ACA1-9D89105F4E81}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{5E0F966A-A212-48BC-946D-1E5B7E8AB039}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{57EE1D57-7CBF-4491-9A65-B49ECA455526}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{3F27EB25-8D9D-4B2F-B9EE-F83E0C5605F3}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{40022F60-E9D4-4269-B4FD-755D54317CB2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{CA5D27E1-B5C4-4237-8848-AAE7D7EEEE85}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{3C541577-33E8-45E8-A606-0616E0D0C17C}C:\program files\xmind\xmind.exe] => (Block) C:\program files\xmind\xmind.exe FirewallRules: [UDP Query User{2AE0F98E-8A66-46BD-9F90-F004760E27C6}C:\program files\xmind\xmind.exe] => (Block) C:\program files\xmind\xmind.exe FirewallRules: [TCP Query User{351D4A1F-3D9D-4303-9255-3CC332B11F39}C:\program files\allplayer remote\allplayerremotecontrol.exe] => (Allow) C:\program files\allplayer remote\allplayerremotecontrol.exe FirewallRules: [UDP Query User{A5484E25-C329-4054-91FE-1BBE15C1766A}C:\program files\allplayer remote\allplayerremotecontrol.exe] => (Allow) C:\program files\allplayer remote\allplayerremotecontrol.exe FirewallRules: [{CD687C52-8D71-4B5F-B20C-7F036D674424}] => (Allow) C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{82291124-B47E-43ED-A8B2-71E5A9373513}] => (Allow) C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{EA5AC18D-6B08-4AD9-9E9A-2B97259A6D17}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [{964AAA8B-8D2B-420B-BEED-FD534EEF34C0}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{B796F169-9132-4136-B6D9-B8996D1329D8}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [TCP Query User{E4D7E143-F053-47FF-BB9C-83AF4ACB3880}C:\program files\xmind\xmind.exe] => (Allow) C:\program files\xmind\xmind.exe FirewallRules: [UDP Query User{29C652F7-D41D-45F3-BCB0-4DAB26842C81}C:\program files\xmind\xmind.exe] => (Allow) C:\program files\xmind\xmind.exe StandardProfile\AuthorizedApplications: [C:\TOSHIBA\ivp\NetInt\Netint.exe] => Enabled:NIE - Toshiba Software Upgrades Engine StandardProfile\AuthorizedApplications: [C:\TOSHIBA\Ivp\ISM\pinger.exe] => Enabled:Toshiba Software Upgrades Pinger ==================== Restore Points ========================= 05-07-2016 18:04:53 Windows Update 20-07-2016 19:58:06 Windows Update 04-11-2016 22:39:25 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/07/2016 08:01:20 PM) (Source: Perflib) (EventID: 1010) (User: ) Description: The Collect Procedure for the "EmdCache" service in DLL "C:\Windows\system32\emdmgmt.dll" generated an exception or returned an invalid status. The performance data returned by the counter DLL will not be returned in the Perf Data Block. The first four bytes (DWORD) of the Data section contains the exception code or status code. Error: (11/05/2016 09:10:35 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 13833295 Error: (11/05/2016 09:10:35 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 13833295 Error: (11/05/2016 09:10:30 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/01/2016 12:48:48 AM) (Source: EventSystem) (EventID: 4621) (User: ) Description: The COM+ Event System could not remove the EventSystem.EventSubscription object {CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The HRESULT was 80070005. Error: (10/29/2016 11:25:48 PM) (Source: EventSystem) (EventID: 4621) (User: ) Description: The COM+ Event System could not remove the EventSystem.EventSubscription object {CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The HRESULT was 80070005. Error: (10/27/2016 08:01:51 PM) (Source: EventSystem) (EventID: 4621) (User: ) Description: The COM+ Event System could not remove the EventSystem.EventSubscription object {CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The HRESULT was 80070005. Error: (10/26/2016 04:46:32 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: The entry in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error: (10/26/2016 04:46:30 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: The entry in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error: (10/20/2016 04:54:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application BootInfo.exe, version 6.6.39.0, time stamp 0x45feebbd, faulting module dlplay.dll, version 6.6.39.0, time stamp 0x45feebba, exception code 0xc0000005, fault offset 0x00005183, process id 0x11e8, application start time 0x01d22aea2ab20f80. System errors: ============= Error: (11/08/2016 08:29:06 AM) (Source: disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (11/08/2016 08:29:01 AM) (Source: disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (11/08/2016 08:28:57 AM) (Source: disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (11/08/2016 08:28:53 AM) (Source: disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (11/08/2016 08:28:46 AM) (Source: disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (11/08/2016 08:28:42 AM) (Source: disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (11/08/2016 08:26:27 AM) (Source: disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (11/08/2016 08:26:07 AM) (Source: disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (11/08/2016 08:25:45 AM) (Source: disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (11/08/2016 08:07:52 AM) (Source: Dhcp) (EventID: 1002) (User: ) Description: The IP address lease 192.168.1.102 for the Network Card with network address 001B9E3E11E0 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). CodeIntegrity: =================================== Date: 2016-02-19 23:14:45.303 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2016-02-19 23:14:45.165 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2016-02-19 23:14:45.027 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2016-02-19 23:14:44.888 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2016-02-19 23:14:44.733 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2016-02-19 20:18:30.106 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL because the set of per-page image hashes could not be found on the system. Date: 2016-02-19 16:55:38.293 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL because the set of per-page image hashes could not be found on the system. Date: 2016-02-14 12:43:09.047 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL because the set of per-page image hashes could not be found on the system. Date: 2016-02-14 11:46:24.971 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL because the set of per-page image hashes could not be found on the system. Date: 2016-02-14 11:03:46.385 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD Turion(tm) 64 X2 Mobile Technology TL-52 Percentage of memory in use: 63% Total physical RAM: 2429.32 MB Available physical RAM: 891.98 MB Total Virtual: 5111.2 MB Available Virtual: 2331.83 MB ==================== Drives ================================ Drive c: (SQ004409V05) (Fixed) (Total:90 GB) (Free:27.28 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (New Volume) (Fixed) (Total:57.58 GB) (Free:13.66 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149.1 GB) (Disk ID: 9A463AD2) Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27) Partition 2: (Active) - (Size=90 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=57.6 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================