Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
Ran by TOSHIBA (22-08-2016 15:38:26)
Running from C:\Users\TOSHIBA\Desktop
Windows 10 Home Single Language Version 1511 (X64) (2015-11-21 20:48:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2841341764-4259199002-3796252902-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2841341764-4259199002-3796252902-503 - Limited - Disabled)
Guest (S-1-5-21-2841341764-4259199002-3796252902-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2841341764-4259199002-3796252902-1003 - Limited - Enabled)
TOSHIBA (S-1-5-21-2841341764-4259199002-3796252902-1001 - Administrator - Enabled) => C:\Users\TOSHIBA

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2841341764-4259199002-3796252902-1001\...\uTorrent) (Version: 3.4.8.42449 - BitTorrent Inc.)
12.0.0.0 (HKLM-x32\...\{FECB3E96-76A8-45A9-B73C-D7304DE02190}_is1) (Version:  - Adobe Photoshop CS5 ME by Magic-M)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.30.3 - Mirillis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{026B819B-4D60-4C8B-892D-33A0D8666F60}) (Version: 2.0.0.1 - Atheros Communications)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{3792811C-832F-4392-B44A-24092901EDDC}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Cambridge Advanced Learner's Dictionary - 3rd Edition (HKLM-x32\...\NSIS_cald3) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden
Cisco Packet Tracer 6.1 Student (HKLM-x32\...\Cisco Packet Tracer 6.1 Student_is1) (Version:  - Cisco Systems, Inc.)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
EaseUS Partition Master 9.2.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
Focus 500,000 Images (HKLM-x32\...\InstallShield_{445D8BDE-8E58-418A-BAE4-2443F0D7B2A7}) (Version: 3.20.0000 - Focus)
Focus 500,000 Images (x32 Version: 3.20.0000 - Focus) Hidden
GNS3 1.3.10 (HKLM-x32\...\GNS3) (Version: 1.3.10 - )
Golden Al-Wafi Translator (HKLM-x32\...\ST6UNST #1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc‎.‎)
Google Update Helper (x32 Version: 1.3.23.0 - BonanzaDeals) Hidden <==== ATTENTION
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Internet Everywhere (HKLM-x32\...\InternetEverywhere) (Version: 3.0 - Internet Everywhere)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{C706D102-D77E-4D45-B631-2A43C55F0F01}) (Version: 8.0.3.287 - Kaspersky Lab)
Kaspersky Password Manager (x32 Version: 8.0.3.287 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
K-Lite Codec Pack 12.2.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.2.5 - KLCP)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Premium Sound HD (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.4600 - SRS Labs, Inc.)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6794 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Reflector 2 (HKLM-x32\...\{077557D9-E582-47CD-BB0A-1700BA1F3189}) (Version: 2.4.0.0 - Squirrels)
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
Rosetta Stone Ltd Services (HKLM-x32\...\{7BB2EF8A-5376-4BAE-96D0-38BE49501F40}) (Version: 3.2.17 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (x32 Version: 4.1.1 - Rosetta Stone, Ltd) Hidden
Rosetta Stone TOTALe (x32 Version: 4.1.15.1 - Rosetta Stone, Ltd) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.1.5 - Lenovo Group Limited)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15104.7 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15104.7 - Samsung Electronics Co., Ltd.) Hidden
Snagit 11 (HKLM-x32\...\{44BD21C2-9132-48DB-B65B-23817E4C6F4B}) (Version: 11.2.0 - TechSmith Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
Topaz  InFocus (HKLM-x32\...\Topaz  InFocus) (Version: 1.0.0 - Topaz Labs)
Topaz  InFocus (x32 Version: 1.0.0 - Topaz Labs) Hidden
Topaz Adjust 4 (HKLM-x32\...\Topaz Adjust 4) (Version: 4.1.0 - Topaz Labs)
Topaz Adjust 4 (x32 Version: 4.1.0 - Topaz Labs) Hidden
Topaz Clean 2 (HKLM-x32\...\{3D4B5330-CEA9-4D58-8355-74729AE527CD}) (Version: 2.1.0 - Topaz Labs)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.0.2 - Topaz Labs)
Topaz Clean 3 (x32 Version: 3.0.2 - Topaz Labs) Hidden
Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.0.2 - Topaz Labs)
Topaz DeJpeg 4 (x32 Version: 4.0.2 - Topaz Labs) Hidden
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.0.1 - Topaz Labs)
Topaz DeNoise 5 (x32 Version: 5.0.1 - Topaz Labs) Hidden
Topaz Detail 2 (HKLM-x32\...\Topaz Detail 2) (Version: 2.0.5 - Topaz Labs)
Topaz Detail 2 (x32 Version: 2.0.5 - Topaz Labs) Hidden
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.2.0 - Topaz Labs, LLC)
Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.0.1 - Topaz Labs)
Topaz Fusion Express 2 (x32 Version: 2.0.1 - Topaz Labs) Hidden
Topaz ReMask 2 (HKLM-x32\...\Topaz ReMask 2) (Version: 2.0.5 - Topaz Labs)
Topaz ReMask 2 (x32 Version: 2.0.5 - Topaz Labs) Hidden
Topaz Simplify 3 (HKLM-x32\...\Topaz Simplify 3) (Version: 3.0.2 - Topaz Labs)
Topaz Simplify 3 (x32 Version: 3.0.2 - Topaz Labs) Hidden
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.0007.00002 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
Toshiba Password Utility (HKLM-x32\...\InstallShield_{6D35FF17-A8B3-43D3-917E-5A1F2C3FB628}) (Version: 2.00.910 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
Toshiba Places Icon Utility (HKLM\...\{C991A8C4-307C-4FDD-8AAE-A1BF44881E95}) (Version: 2.1.1 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0012 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.2.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version:  - Microsoft)
VCE Exam Simulator Demo (HKLM-x32\...\VCE Exam Simulator Demo_is1) (Version:  - Avanset)
Viber (HKU\S-1-5-21-2841341764-4259199002-3796252902-1001\...\Viber) (Version: 5.2.0.2546 - Viber Media Inc)
Virtual WiFi Router version 3.0 (HKLM-x32\...\{F5F33265-5CAA-4F12-AA8F-7F8384BF2A57}_is1) (Version: 3.0 - Virtual WiFi Router, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WebcamMax (HKLM-x32\...\WebcamMax) (Version: 7.1.3.2.MultiLanguage - )
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
Wireshark 1.12.4 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.4 - The Wireshark developer community, hxxp://www.wireshark.org)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.7.2.20130217 - Xilisoft)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2841341764-4259199002-3796252902-1001_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\InprocServer32 -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll (Toshiba Corporation)
CustomCLSID: HKU\S-1-5-21-2841341764-4259199002-3796252902-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\TOSHIBA\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {10F645F9-2BC0-4F39-9934-43A1AD8E741D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {262DDD4F-3B33-4A8C-A45A-FBE68CC2A82D} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2012-08-10] (Toshiba Europe GmbH)
Task: {2848877C-ADAD-494D-8E67-B85DD3D23E6D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {29AB2A06-DBAD-46E9-BD4C-3C4890D16512} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2FBBD736-F7D6-4E06-8C6C-CBA0EABB78CD} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\TOSHIBA\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-21] (Microsoft Corporation)
Task: {3137EDDF-6AEE-418A-99DB-51D1EB66CDE6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {31C3E2DF-6126-40F3-9F34-2213E0027DE3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {358D2DF9-F601-4C10-AA63-F8519595A006} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {3739F668-3EA8-4DCA-9F5E-2B9AEEA7FDEB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {38323810-FE4C-4017-B135-E4A08249EA39} - \AutoKMS -> No File <==== ATTENTION
Task: {38D7D236-6ADD-4AEA-AA3C-B3F9C76EAC81} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2841341764-4259199002-3796252902-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {43244643-E956-41FF-BA01-28D9F323DD58} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {45F4087C-ADD6-4E1A-B544-83C1AD7307D6} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-18] (Adobe Systems Incorporated)
Task: {48484ED3-8937-42D1-8D32-E846A7C8DDA7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {54148399-229B-4991-B6B5-BF865D24EE65} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2841341764-4259199002-3796252902-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5D401822-F02D-4163-B52C-CF1698E691AE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {64748C4D-BBD6-41C5-BA03-D9E299F45D6C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-06] (Lenovo)
Task: {6F8E4EC5-89C9-42A8-A605-9A62FB364181} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {73E88E57-D0EF-4ECF-BD3B-86DA42A27A12} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {7419851C-4684-40F1-A113-7DA6A96F77E7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {87DFA6BD-6BEC-41D4-B0AD-0C4E5294FBC6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {894F128D-AC04-4B04-A2D6-FBCBB4432BAF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {9252894D-DA52-474B-A9B4-DDFFE515C1C6} - System32\Tasks\{BC2B1518-FC3A-4125-B44E-8649FE13BC07} => pcalua.exe -a C:\Users\TOSHIBA\AppData\Local\Mobogenie\driver\Unzip_Files\samsung_4523a0530\samsung.exe -d C:\Users\TOSHIBA\AppData\Local\Mobogenie\driver\Unzip_Files\samsung_4523a0530
Task: {92774DA2-FF5B-4D20-AF2A-E530E7BDF0B0} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)
Task: {A294DC87-86EC-4E77-936A-85367BCB7AA4} - System32\Tasks\AdobeAAMUpdater-1.0-pc-TOSHIBA => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated)
Task: {C6C57F24-416F-4090-AE6E-C23364B14DAE} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {D085AC34-8D14-47D3-89E8-3FC4A8E3BC22} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D260A17A-A634-4D34-9C98-E2DAFE29A124} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D404AAEA-D44D-4883-9AF9-491117F449A9} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2841341764-4259199002-3796252902-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {D40629E6-D761-4F41-A3CF-83BE0D1ED37C} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-10-08] (Synaptics Incorporated)
Task: {DF1A04D0-5940-48B6-BDDE-66C375A47567} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2841341764-4259199002-3796252902-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {EE0436F3-2EAE-466C-AC3A-16614968253E} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-07-07] ()
Task: {F0314982-2966-4464-8602-0475B431F8E8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F79AFD8C-8EE3-4698-A55E-A2F811B32EBB} - \DTReg -> No File <==== ATTENTION
Task: {FAB0A49E-D46F-43B2-8989-2434455D8FBF} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2841341764-4259199002-3796252902-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-12 16:50 - 2012-10-23 19:42 - 00347120 ____N () C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Service.exe
2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2016-04-20 10:02 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-13 15:09 - 2015-10-13 15:09 - 08901184 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-08-01 13:19 - 2011-03-02 13:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2015-04-30 09:48 - 2015-04-30 09:48 - 01011200 _____ () C:\Program Files (x86)\BlueStacks\HD-Adb.exe
2015-07-09 00:18 - 2015-07-09 00:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\kpcengine.2.3.dll
2015-10-13 15:09 - 2015-10-13 15:09 - 08901184 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-11-25 22:50 - 2014-10-31 16:37 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-11-25 22:50 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-08-09 00:29 - 2016-08-03 02:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-09 00:29 - 2016-08-03 02:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2012-09-06 08:32 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2841341764-4259199002-3796252902-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 62.240.32.5 - 62.68.42.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Snagit 11.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Launcher.lnk"
HKLM\...\StartupApproved\Run: => "TecoResident"
HKLM\...\StartupApproved\Run: => "TSleepSrv"
HKLM\...\StartupApproved\Run: => "SRS Premium Sound HD"
HKLM\...\StartupApproved\Run: => "TCrdMain"
HKLM\...\StartupApproved\Run: => "TODDMain"
HKLM\...\StartupApproved\Run: => "TosWaitSrv"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "TPUReg"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "mobilegeni daemon"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "TkBellExe"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-2841341764-4259199002-3796252902-1001\...\StartupApproved\Run: => "WebcamMaxAutoRun"
HKU\S-1-5-21-2841341764-4259199002-3796252902-1001\...\StartupApproved\Run: => "Viber"
HKU\S-1-5-21-2841341764-4259199002-3796252902-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2841341764-4259199002-3796252902-1001\...\StartupApproved\Run: => "Nimbuzz"
HKU\S-1-5-21-2841341764-4259199002-3796252902-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2841341764-4259199002-3796252902-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2841341764-4259199002-3796252902-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-2841341764-4259199002-3796252902-1001\...\StartupApproved\Run: => "kpm.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{7FDEF2EB-E8A7-42D9-9083-432A7711D16A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B86B557F-9BFD-4AC3-8C5D-6F9C4BA4E398}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FA898563-3C7A-4960-8D0F-212436820E9B}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [{C991DB89-3AF8-4C65-B111-0D48A3D587C3}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{014CF151-48BA-408B-A9C5-6809BB3D88AE}] => (Allow) C:\Program Files (x86)\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll
FirewallRules: [{CCD1C424-B91F-415F-976A-CD3C1EA17DA9}] => (Allow) C:\Program Files (x86)\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll
FirewallRules: [{E3164CC0-00A4-4762-8C40-5C0CB4B1A8BD}] => (Allow) C:\Program Files (x86)\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll
FirewallRules: [{87293806-8A19-4D26-801A-A8C9745755E2}] => (Allow) C:\Program Files (x86)\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll
FirewallRules: [{30A5B12C-74EA-43A0-BB34-4EB6EE0302C9}] => (Allow) C:\WINDOWS\SysWOW64\router.exe
FirewallRules: [{EB57D217-DCFE-4351-8DCF-BBD24997DEAE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A562A5C1-4B40-477B-9089-67077DE1F897}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0CEC3444-62A6-47D4-8427-A0F21D9CDCD5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D2F6CB77-AAFD-4DFF-887C-7DF1527870E8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D705C41C-8400-447F-8657-51EF8F46BA6E}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{87D682AC-34B7-42D0-8629-A37ECC7D2358}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{892E2608-6CEB-40F9-A9C3-3F232061EC8D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{39794737-3397-4BFE-8ADC-9B608B2E5B35}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{C460F504-73E4-4777-94C8-4268565A0077}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{D1C763D8-31DD-4EB6-955F-99393D959476}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{1AE975D8-6EFC-46C6-8D00-3DAEE4642ED8}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{AACE2BC8-222B-4554-AB85-7C7B81D68E67}] => (Allow) C:\Users\TOSHIBA\AppData\Local\Viber\Viber.exe
FirewallRules: [{2D5BC514-1CC6-461A-B94D-D9932E7DCA50}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{DB654CDA-D3B6-4B98-95FE-C89B88F1CEC4}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{122633C5-27D3-419E-BF60-B595E983BBC6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0803CE69-1016-49E3-AB81-6B2BD699FF83}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C03300D5-4235-4C06-89D9-C78A050470F0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D0B93A2B-5085-4BB3-90EA-74F4665BDFF6}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{948E757C-C96C-491F-80E6-E68231718422}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{653B1D79-8AAD-420A-B253-C22E52947600}] => (Allow) C:\Program Files (x86)\Reflector 2\Reflector2.exe
FirewallRules: [{1F6F92C4-B56B-40C1-8777-14974E5DD437}] => (Allow) C:\Users\TOSHIBA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{94516925-BED4-4F13-BF00-95FEC3817EF9}] => (Allow) C:\Users\TOSHIBA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{32A8B172-6C7C-4350-8A68-315FF36741D5}] => (Allow) C:\Users\TOSHIBA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{979D8467-39B0-4AF3-9BB5-C34DAC69F389}] => (Allow) C:\Users\TOSHIBA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F4548305-E6A8-4AEF-9C68-039E85C41649}] => (Allow) C:\Users\TOSHIBA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{75D634B1-9006-40FF-B045-7DF0A0E316AB}] => (Allow) C:\Users\TOSHIBA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F8958287-1F42-4E85-9596-DC5096F4F851}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

31-07-2016 12:32:50 Scheduled Checkpoint
09-08-2016 00:19:31 Revo Uninstaller Pro's restore point - µTorrent
18-08-2016 23:01:35 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/22/2016 03:18:21 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - Access is denied.

Error: (08/22/2016 03:18:19 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - Access is denied.

Error: (08/22/2016 02:56:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (08/22/2016 02:56:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (08/22/2016 02:51:26 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - Access is denied.

Error: (08/22/2016 02:51:26 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - Access is denied.

Error: (08/22/2016 12:33:23 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - Access is denied.

Error: (08/22/2016 12:33:22 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - Access is denied.

Error: (08/22/2016 11:13:27 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - Access is denied.

Error: (08/22/2016 10:42:06 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - Access is denied.


System errors:
=============
Error: (08/22/2016 10:19:29 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1030) (User: pc)
Description: The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this user or computer. Look in the details tab for error code and description. Windows will automatically retry this operation at the next refresh cycle. Computers joined to the domain must have proper name resolution and network connectivity to a domain controller for discovery of new Group Policy objects and settings. An event will be logged when Group Policy is successful.

Error: (08/22/2016 10:18:02 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:39:07 AM on ‎8/‎22/‎2016 was unexpected.

Error: (08/22/2016 10:17:34 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212265131157936

Error: (08/22/2016 08:50:51 AM) (Source: DCOM) (EventID: 10010) (User: pc)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (08/22/2016 08:50:51 AM) (Source: DCOM) (EventID: 10010) (User: pc)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (08/22/2016 08:50:51 AM) (Source: DCOM) (EventID: 10010) (User: pc)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (08/22/2016 08:50:51 AM) (Source: DCOM) (EventID: 10010) (User: pc)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (08/22/2016 08:50:51 AM) (Source: DCOM) (EventID: 10010) (User: pc)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (08/22/2016 08:50:51 AM) (Source: DCOM) (EventID: 10010) (User: pc)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (08/22/2016 08:50:51 AM) (Source: DCOM) (EventID: 10010) (User: pc)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}


CodeIntegrity:
===================================
  Date: 2016-05-16 20:25:04.099
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-16 19:16:14.487
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-16 07:41:24.938
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-16 07:01:37.006
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-22 07:21:08.610
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-22 05:17:25.299
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-21 05:53:39.384
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-23 09:21:19.012
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-12 07:29:55.603
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 19:37:11.576
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 68%
Total physical RAM: 6097.7 MB
Available physical RAM: 1904.23 MB
Total Virtual: 7121.7 MB
Available Virtual: 2290.11 MB

==================== Drives ================================

Drive c: (TI30964900A) (Fixed) (Total:194.88 GB) (Free:42.14 GB) NTFS
Drive e: (D) (Fixed) (Total:392.02 GB) (Free:35.36 GB) NTFS
Drive g: (Seagate Backup Plus Drive) (Fixed) (Total:931.51 GB) (Free:262.58 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 08C8418F)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 99C86040)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================