Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-01-2016 Ran by J-PC (2016-01-26 17:15:01) Running from C:\Users\J-PC\Downloads Windows 10 Home (X64) (2015-12-09 17:22:24) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-3088415727-1519323197-3262068295-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3088415727-1519323197-3262068295-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3088415727-1519323197-3262068295-1004 - Limited - Enabled) Invitado (S-1-5-21-3088415727-1519323197-3262068295-501 - Limited - Disabled) J-PC (S-1-5-21-3088415727-1519323197-3262068295-1000 - Administrator - Enabled) => C:\Users\J-PC ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.) Actualización de NVIDIA 2.5.15.54 (Version: 2.5.15.54 - NVIDIA Corporation) Hidden Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.) Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios) Akamai NetSession Interface (HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\Akamai) (Version: - Akamai Technologies, Inc) ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.24 - ASUS) ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.42 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus) ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.) Asus_GSeries_Screensaver (HKLM-x32\...\Asus_GSeries_Screensaver) (Version: 1.0.0001 - ASUS) AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK) Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0023 - ASUS) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.34.4278 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{09D96B90-87D9-410A-A1E8-BF2F2CF6394A}) (Version: 0.9.34.4278 - BlueStack Systems, Inc.) Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications) Bookworm Deluxe (HKLM-x32\...\Bookworm Deluxe) (Version: - Oberon Media Inc.) Clownfish for Skype (HKLM-x32\...\Clownfish) (Version: - ) Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation) Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation) Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation) Cooking Dash (HKLM-x32\...\Cooking Dash) (Version: - Oberon Media Inc.) Counter-Strike Nexon: Zombies (HKLM-x32\...\Steam App 273110) (Version: - Nexon) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Crusaders of the Lost Idols (HKLM-x32\...\Steam App 402840) (Version: - Codename Entertainment Inc.) CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC) Curse (HKLM-x32\...\{75080CC9-4C7A-45C4-B149-9C2790FA88F6}) (Version: 6.0.0.0 - Curse) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware) DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden Dolby Axon - 1.5.1.1 (HKLM-x32\...\{17936630-5344-4F18-9970-616129E2A114}_is1) (Version: 1.5.1.1 - Dolby Laboratories) Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) Dragon Age Inquisition (HKLM-x32\...\Dragon Age Inquisition_is1) (Version: 1.0.0.0 - Релиз от R.G. Steamgames) Driver Booster 3.0 (HKLM-x32\...\Driver Booster_is1) (Version: 3.0 - IObit) Dropbox (HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.) Endless Sky (HKLM-x32\...\Steam App 404410) (Version: - Michael Zahniser) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios) Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS) FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version: - Square Enix) Free Audio CD Burner version 2.0.25.1230 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: 2.0.25.1230 - DVDVideoSoft Ltd.) Fresco Logic USB3.0 Host Controller (HKLM\...\{B1E301A1-C2B4-4B0B-AF31-C71F8A53DCDA}) (Version: 3.0.119.1 - Fresco Logic Inc.) Galcon 2 (HKLM-x32\...\Steam App 294160) (Version: - Hassey Enterprises, Inc.) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Game Park Console (HKLM-x32\...\{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1) (Version: 6.2.1.1 - Oberon Media, Inc.) GameFast.exe (HKLM\...\GameFast_is1) (Version: 1.0.0.1 - ASUSTEK Computer Inc) Gameforge Live 2.0.4 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.4 - Gameforge) Geeks3D FurMark 1.15.2.2 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D) Ghost Recon Online (EU) (HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\d8be6c3f847d7d92) (Version: 1.35.3440.2 - Ubisoft) Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Governor of Poker (HKLM-x32\...\Governor of Poker) (Version: - Oberon Media Inc.) Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) HearthstoneTracker (HKLM-x32\...\HearthstoneTracker) (Version: 1.9.23.39449 - HearthstoneTracker.com) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Hotel Dash Suite Success (HKLM-x32\...\Hotel Dash Suite Success) (Version: - Oberon Media Inc.) Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.) Intel Processor Diagnostic Tool 64bit (HKLM\...\{F24BC99D-3FC1-4503-BEFA-5DDD16C6265A}) (Version: 2.20.0.0 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation) Intel(R) Processor Identification Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.1.0.20 - IObit) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Life Is Strange (HKLM-x32\...\Life Is Strange_is1) (Version: - ) Life Is Strange Episode 2 (HKLM-x32\...\Life Is Strange Episode 2_is1) (Version: - ) Life Is Strange Episode 4 (HKLM-x32\...\Life Is Strange Episode 4_is1) (Version: - ) Life Is Strange Episode 5 (HKLM-x32\...\Life Is Strange Episode 5_is1) (Version: - ) LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.9.38 - www.leaguereplays.com) Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios) Malwarebytes Anti-Malware versión 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) McPixel version 1.0.4 (HKLM-x32\...\McPixel_is1) (Version: 1.0.4 - Sos) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Minecraft Note Block Studio version 3.2.1 (HKLM-x32\...\{84077DA9-3075-4AE5-BC82-345202B8CD4F}_is1) (Version: 3.2.1 - David Norgren) Monitor de la tecnología Intel® Turbo Boost 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel) Mozilla Firefox 43.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 en-US)) (Version: 43.0.4 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla) Mumble 1.3.0 (HKLM\...\{9F212824-2E9D-47D4-A38E-5EA972CD682A}) (Version: 1.3.0 - The Mumble team) My.com Game Center (HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\MyComGames) (Version: 3.140 - My.com B.V.) Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.) NVIDIA Controlador de 3D Vision 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.00 - NVIDIA Corporation) NVIDIA Controlador de audio HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Controlador de gráficos 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.00 - NVIDIA Corporation) NVIDIA Controlador de la controladora 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.) Panel de control de NVIDIA 359.00 (Version: 359.00 - NVIDIA Corporation) Hidden Pathuku (HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\pathuku-098360997bde3cfa934849d3924b85f9) (Version: 1.30 - Robert Baker) Prism, convertidor de vídeos (HKLM-x32\...\Prism) (Version: 2.44 - NCH Software) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden RaidCall (HKLM-x32\...\RaidCall) (Version: 8.1.8-1.0.3110.145 - raidcall.com.ru) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.1.38.0 - Razer Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.) Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.) Risk of Rain (HKLM-x32\...\GOGPACKRISKOFRAIN_is1) (Version: 2.0.0.2 - GOG.com) Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios) SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden skyforge_mycom (HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\skyforge_mycom) (Version: 1.29 - My.com B.V.) Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.) Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.2 - IObit) Sony Mobile Emma (HKLM-x32\...\Emma) (Version: 2.14.15.201410271230 - Sony Mobile Communications Inc.) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Stranded In Time (HKLM-x32\...\Steam App 385150) (Version: - DQ Team) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) THX TruStudio (HKLM-x32\...\{B11AB9C8-18A6-41DC-98B4-4988CC030136}) (Version: 1.03.01 - Creative Technology Limited) Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.7 - Tunngle.net GmbH) Ultima PsOBB 3.3 (HKLM-x32\...\Ultima PsOBB 3.3) (Version: - ) UltraISO Premium V9.65 (HKLM-x32\...\UltraISO_is1) (Version: - ) Unchecky v0.4.2 (HKLM-x32\...\Unchecky) (Version: 0.4.2 - RaMMicHaeL) Unity Web Player (HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS) VideoLAN Movie Creator (HKLM-x32\...\VLMC) (Version: - ) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS) WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation) גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation) بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation) معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden 適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\J-PC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\J-PC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\J-PC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\J-PC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\J-PC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\J-PC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\J-PC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\J-PC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\J-PC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\J-PC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0B407F78-3807-491F-90BC-9C8C03F3D7A1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {1B418249-9936-4AC6-9E4A-E9E97895D013} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {26475DD0-4672-475A-BB1A-94DA3E49171D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {2F0DDE78-35D3-449A-987B-759F5084DE46} - System32\Tasks\{88FF4C17-40B4-4E5D-ACF9-DDBB41765B04} => pcalua.exe -a "D:\Steam\steamapps\common\Left 4 Dead 2\bin\addoninstaller.exe" -d "D:\Steam\steamapps\common\Left 4 Dead 2" -c /register Task: {41F07FBC-9CB9-45F8-B9CB-5D444669D23B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {4503CD4C-D0CD-4830-95C1-B6F4E5AEB577} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {60B228DE-0B3B-42F6-B5FE-4B4A3416429A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated) Task: {60F398C6-F009-4FEB-B4EF-955537F134F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-29] (Google Inc.) Task: {62286367-77A1-406E-B295-59B8F4DEA13F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {6E2D6D8E-F76C-44F8-A97B-832AB3826FAB} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08] (Oracle Corporation) Task: {71D703DE-9E7E-4E68-9491-6DDF3A1BAC1B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-13] (Microsoft Corporation) Task: {74035DA5-70E0-45D2-9D43-A0E002375ACF} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-19] (Realtek Semiconductor) Task: {84A77F86-B445-48DE-B57F-B89B693CD5C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-29] (Google Inc.) Task: {8694E9D3-2464-4B09-9F56-CF623E27E793} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {9F6F2ACD-AE46-423A-AD04-DC7E0CE3F283} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {B09756A4-43D0-4796-B0B1-17DB418279BE} - System32\Tasks\{3AD30C55-22B1-434A-A6F2-FA838B923D34} => pcalua.exe -a F:\SETUP.EXE -d F:\ Task: {B1CF58A9-4EA7-4D72-AD19-95EC2AA9F4A1} - System32\Tasks\{55642143-C894-478E-886E-A75EB63A782E} => D:\Battle.net\Battle.net Launcher.exe [2015-12-16] (Blizzard Entertainment) Task: {CB549B32-8EAF-4812-B9A3-A8C81808CBBF} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-09-14] (ASUSTek Computer Inc.) Task: {D22B0CEC-178B-4444-9184-CDB1D4205848} - \CCleanerSkipUAC -> No File <==== ATTENTION Task: {DB2ADF06-659E-4DCD-9F17-BB722F62CF2C} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-11-10] (ASUS) Task: {DE6C760C-A1CD-41BD-9174-ADA1E2D6F556} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-03-03] (IObit) Task: {E76FC06F-305A-4357-9E42-38643A63D9B3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {EC59A568-2A46-43AF-9548-D36AF2233744} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-19] (Realtek Semiconductor) Task: {F835478E-EF89-4CEB-8D92-271B104D6E4F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {FEF6F029-E0EF-499A-87E6-6B021A70CB2B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-09 18:04 - 2015-11-14 07:20 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-12-09 18:31 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2010-07-14 16:11 - 2010-07-14 16:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll 2015-12-09 18:31 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\Users\J-PC\AppData\Local\MEGAsync\ShellExtX64.dll 2015-12-18 01:23 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-18 01:23 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-01-13 01:43 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-13 01:43 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-13 01:43 - 2016-01-05 02:24 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-13 01:43 - 2016-01-05 02:26 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-01-26 16:32 - 2016-01-26 16:32 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-01-26 16:50 - 2015-05-14 11:54 - 00422600 _____ () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe 2015-08-07 14:51 - 2014-10-16 09:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2015-07-27 17:21 - 2015-11-05 18:00 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-11-26 02:27 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl 2015-11-26 02:27 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl 2015-11-26 02:27 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl 2016-01-26 16:32 - 2016-01-26 16:32 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-26 16:32 - 2016-01-26 16:32 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\100sexlinks.com -> 100sexlinks.com There are 4788 more sites. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2016-01-26 16:53 - 00451909 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com There are 15495 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\Control Panel\Desktop\\Wallpaper -> c:\users\j-pc\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\papel tapiz de galería fotográfica de windows live.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AsusUacSvc => 2 MSCONFIG\Services: AtherosSvc => 2 MSCONFIG\startupfolder: C:^Users^J-PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: CLMLServer => MSCONFIG\startupreg: CPMonitor => MSCONFIG\startupreg: FLxHCIm => "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" MSCONFIG\startupreg: HControlUser => MSCONFIG\startupreg: LogMeIn Hamachi Ui => MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: RazerCortex => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe -autorun MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SynAsusAcpi => %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: THX TruStudio NB Settings => "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r MSCONFIG\startupreg: THXCfg64 => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 MSCONFIG\startupreg: Wireless Console 3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe HKLM\...\StartupApproved\Run: => "SynAsusAcpi" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run32: => "BlueStacks Agent" HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\StartupApproved\Run: => "Advanced SystemCare Ultimate" HKU\S-1-5-21-3088415727-1519323197-3262068295-1000\...\StartupApproved\Run: => "OneDrive" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [UDP Query User{80DE45C6-6951-42AF-A42E-9D8497218F99}H:\overwatch\gameclientapp.exe] => (Allow) H:\overwatch\gameclientapp.exe FirewallRules: [TCP Query User{635C2DB8-3C89-4B10-A426-5D84FF6F2DE1}H:\overwatch\gameclientapp.exe] => (Allow) H:\overwatch\gameclientapp.exe FirewallRules: [{24EFD2C5-1D89-4B08-A063-C2EA26193824}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{2AF7ADDA-8DB1-4787-9C12-EEAEB5A2BE8C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{2042E726-7F3E-4BE1-A88A-ABE3F1D2C69C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{3668B3BB-2564-4273-9BC4-E02BCB280A3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{D633AFCD-0BA1-4D4D-89E5-4FFE931AA315}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{9E916D2E-331B-4F5C-8AEB-83B90582291B}] => (Allow) H:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe FirewallRules: [{E7AD33FF-8D1E-4BFC-9296-019B46FFD207}] => (Allow) H:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe FirewallRules: [{9ABB13FF-7A28-4FCC-BDE7-DB7F14C200BF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0917B88E-6231-4E6D-84C9-2CED01E905F0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{91A96AAE-6D4D-43DA-8F2B-3AB8543356CF}H:\games\risk of rain\risk of rain.exe] => (Allow) H:\games\risk of rain\risk of rain.exe FirewallRules: [TCP Query User{936A02B9-2718-46BA-BBA9-513EBF976B7C}H:\games\risk of rain\risk of rain.exe] => (Allow) H:\games\risk of rain\risk of rain.exe FirewallRules: [{DCC68C42-9227-44CE-999F-9C94A8F8D465}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{A142B36B-8AAC-4394-802A-4B17E37E61EB}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{C92CC9E4-6D60-461D-B3AE-C5BEF941E898}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{242026DD-5E39-40FF-91DD-1C114C471654}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{5273F322-0542-4175-A9BE-83A9DEAC745B}] => (Allow) D:\Steam\SteamApps\common\Crusaders of the Lost Idols\Crusaders of the Lost Idols.exe FirewallRules: [{28F59F41-D3B0-45BD-9F5D-20FC1688319B}] => (Allow) D:\Steam\SteamApps\common\Crusaders of the Lost Idols\Crusaders of the Lost Idols.exe FirewallRules: [{76831A6F-0FD8-4BEA-AA04-FC5DDD28090A}] => (Allow) D:\Steam\SteamApps\common\Endless Sky\EndlessSky.exe FirewallRules: [{B7FA69FE-48E5-4B7D-9B84-3BEFAF965B2A}] => (Allow) D:\Steam\SteamApps\common\Endless Sky\EndlessSky.exe FirewallRules: [{A094D7AE-83A7-444F-95F3-417A6C767737}] => (Allow) H:\SteamLibrary\steamapps\common\Galcon 2\galcon2.exe FirewallRules: [{8BC3B862-2656-428E-B438-978E272D4A17}] => (Allow) H:\SteamLibrary\steamapps\common\Galcon 2\galcon2.exe FirewallRules: [{7FE8A0E5-E739-49AD-9CCA-1D0BC12D8D10}] => (Allow) C:\Program Files (x86)\RaidCall.RU\rcplugin.exe FirewallRules: [{281AF5CA-ACCF-4A91-85E1-80D806F42DE7}] => (Allow) C:\Program Files (x86)\RaidCall.RU\rcplugin.exe FirewallRules: [{F241AD7C-D268-4BCE-AEBA-EF1B803645EF}] => (Allow) C:\Program Files (x86)\RaidCall.RU\rcplugin.exe FirewallRules: [{23E26C38-19AF-4693-91EE-205A2240F65F}] => (Allow) C:\Program Files (x86)\RaidCall.RU\rcplugin.exe FirewallRules: [{286C61E8-3A75-4B97-BF82-D43919E8C516}] => (Allow) H:\SteamLibrary\steamapps\common\Stranded In Time\StrandedInTime_Win.exe FirewallRules: [{5963CA3A-A411-48FC-B24C-9559949EAC1E}] => (Allow) H:\SteamLibrary\steamapps\common\Stranded In Time\StrandedInTime_Win.exe FirewallRules: [{566B48B1-5FC0-4064-B140-45E3FD726D7A}] => (Allow) H:\SteamLibrary\steamapps\common\Magicka\Magicka.exe FirewallRules: [{D94F8C0A-B49B-4C95-A856-4C4C10E89B46}] => (Allow) H:\SteamLibrary\steamapps\common\Magicka\Magicka.exe FirewallRules: [UDP Query User{E32A5270-3050-49D6-91FC-AAF251142C04}C:\users\j-pc\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\j-pc\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{6C9BF4F4-1CD5-4C45-AE23-7137A08468AB}C:\users\j-pc\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\j-pc\appdata\local\akamai\netsession_win.exe FirewallRules: [{EF712553-78EF-4A8F-8320-6FB89E1852AC}] => (Allow) H:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{BE3883C6-7DED-44A3-B6FC-9CCA337ADBE7}] => (Allow) H:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [UDP Query User{327E2E57-B9B3-4962-997C-A3C6D9907F55}C:\users\j-pc\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\j-pc\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{1588C315-7210-480B-8C24-3FAB814C7A75}C:\users\j-pc\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\j-pc\appdata\local\akamai\netsession_win.exe FirewallRules: [{50D76052-134E-46DB-AF8E-63827F883C0F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}] => (Allow) LPort=2869 FirewallRules: [{B827E1C7-5A7A-484C-9653-2FE388A8B888}] => (Allow) LPort=1900 FirewallRules: [{25BDD843-A815-48A8-A216-66D065687049}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}] => (Allow) LPort=5353 FirewallRules: [{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}] => (Allow) LPort=8182 FirewallRules: [{2E65F2CD-7EB6-4C5A-8F90-839197FAA485}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{7501098F-6898-4471-92E6-60D493E56ADB}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{8A172E44-DA5C-433C-A91D-72C19F4B4CC8}] => (Allow) D:\Skype\Phone\Skype.exe FirewallRules: [{4CAE4F47-C1B0-4415-8C55-8EFA1F0365D4}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{AE8370D3-1AC7-4997-BA18-7D45BF245232}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{886F3F5F-26A5-4F39-A95F-436F83F245DC}] => (Allow) D:\Steam\SteamApps\common\Age2HD\Launcher.exe FirewallRules: [{DA092247-AA04-4F9D-B800-B609505F6CA3}] => (Allow) D:\Steam\SteamApps\common\Age2HD\Launcher.exe FirewallRules: [{ED2F1350-353D-4667-9FD6-12D411B18384}] => (Allow) C:\Users\J-PC\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{5C090B08-88E5-4232-8ECF-CC515D6C60F0}] => (Allow) C:\Users\J-PC\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E460A691-D609-45CA-B477-13C1DECB7621}] => (Allow) C:\Users\J-PC\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{0CCCF949-2AD8-46B5-9896-ECA52EB706A4}] => (Allow) C:\Users\J-PC\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{54BC4098-8CFE-4743-8DD4-6FD8713C728D}C:\users\j-pc\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\j-pc\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{CB8B5C53-74E2-4A9D-9552-1C734F71BA34}C:\users\j-pc\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\j-pc\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{52831D68-8AB5-4541-8F2B-3F2B3CA3884D}] => (Allow) D:\Battle.net\Battle.net.exe FirewallRules: [{2C73658B-A1D5-4406-8BBB-EB84FE0704F6}] => (Allow) D:\Battle.net\Battle.net.exe FirewallRules: [{07A983C5-F1F6-4761-863A-002DF942E632}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{3C074474-3650-447D-9588-44172BB2F300}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{F4DABFD4-E4F5-491D-AB0E-F60E223C746D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe FirewallRules: [{E40B9837-FC3A-4243-985B-B8BD2CC0C3ED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe FirewallRules: [{3E8E4E73-031B-407C-8CA3-71E295067C9C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe FirewallRules: [{12C8EA6D-1DC5-402E-9FA1-256A4C37A057}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe FirewallRules: [{BE7EEAA8-B5B4-4F1A-9288-3DB391A0705D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{5FF15ECC-E0D0-44F9-9F13-62E73FE6FA89}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{EF468BF0-AEE1-4F45-80EC-9ADAE3B6648F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{C212D142-7EB0-4080-8560-AD899953D8AE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{F5771B46-A485-4B86-AF6A-0DBF0C890E28}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe FirewallRules: [{41B0860B-BFCF-4D7F-8B23-6AE7E8C2F078}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe FirewallRules: [{1A9B2EFF-6F7B-4670-A9C0-F2D8597A787B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe FirewallRules: [{B8FDE971-9DA0-42FD-8BB0-9634B1013C65}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe FirewallRules: [{4B33C0AE-57D5-426B-801E-56153965B33F}] => (Allow) D:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{1B0570B9-532D-4783-9047-0BF9FE963ECD}] => (Allow) D:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{4A9BEF46-2A10-4323-BC3B-21B560F407FC}] => (Allow) D:\GameforgeLive\gfl_client.exe FirewallRules: [{F68DEDB7-C5EA-4931-B9AD-C2F7A97A347E}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{7F596C3B-2005-4D0D-8781-9532C7B6F096}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{4CBFA4AA-12C1-454F-BE10-4ABA7C7A694A}] => (Allow) C:\Program Files (x86)\DolbyAxon\Axon.exe FirewallRules: [{9E04EC36-F169-416E-81A7-A87D5CA5B31B}] => (Allow) C:\Program Files (x86)\DolbyAxon\Axon.exe FirewallRules: [{5705554A-F4B0-4617-A678-F27EA0E10474}] => (Allow) C:\Program Files (x86)\DolbyAxon\Axon.exe FirewallRules: [{A24D2954-0228-49E8-8775-248C9456CD03}] => (Allow) C:\Program Files (x86)\DolbyAxon\Axon.exe FirewallRules: [{AF511F15-5F6A-447B-8AD9-DA74CB671C0C}] => (Allow) C:\Program Files (x86)\Sony Mobile\Emma\Emma.exe FirewallRules: [{4B969BF0-0F35-4224-A348-2E621FC7BBF8}] => (Allow) C:\Program Files (x86)\Sony Mobile\Emma\Emma.exe FirewallRules: [TCP Query User{F16E74DD-72D0-41C4-9DC1-E39B294FFE35}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{7BD4E7C4-EF8A-4867-A53A-D1CBE170F161}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{ADB5F1F1-575C-47BD-9DD9-6A5811EB7A88}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{260AECE9-194E-4A33-9B42-3F4C6854235E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{72832FFB-5751-496B-BA60-DF160F265E60}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{199E7C1F-0C00-4550-BCAD-B8B4A082C57D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{884FDF52-C95E-4D55-8203-FAD1DA542795}] => (Allow) G:\SteamLibrary\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe FirewallRules: [{0B731784-7ECC-4BB7-A1B7-DF331FF5269B}] => (Allow) G:\SteamLibrary\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe FirewallRules: [TCP Query User{6439A1F9-1D83-478C-9DB5-AA08BA564E72}C:\users\j-pc\desktop\warcraft iii\war3.exe] => (Allow) C:\users\j-pc\desktop\warcraft iii\war3.exe FirewallRules: [UDP Query User{B763E4E7-60FC-4381-B4C7-9AA303FD6E79}C:\users\j-pc\desktop\warcraft iii\war3.exe] => (Allow) C:\users\j-pc\desktop\warcraft iii\war3.exe FirewallRules: [TCP Query User{742F9841-351A-45C5-92A5-6E540B5819E6}C:\users\j-pc\desktop\the stanley parable\stanley.exe] => (Block) C:\users\j-pc\desktop\the stanley parable\stanley.exe FirewallRules: [UDP Query User{BE92648B-9300-4AB1-BE27-D72D6B1A8D62}C:\users\j-pc\desktop\the stanley parable\stanley.exe] => (Block) C:\users\j-pc\desktop\the stanley parable\stanley.exe FirewallRules: [TCP Query User{1F83ABA0-A00F-4901-89D9-08C014914522}C:\users\j-pc\lolreplay\lolreplay.exe] => (Allow) C:\users\j-pc\lolreplay\lolreplay.exe FirewallRules: [UDP Query User{BAA21524-47B9-4EDE-949A-54A781B25FA0}C:\users\j-pc\lolreplay\lolreplay.exe] => (Allow) C:\users\j-pc\lolreplay\lolreplay.exe FirewallRules: [TCP Query User{34C356BA-CD40-434D-AF21-4070AC88587B}C:\program files (x86)\java\jre1.8.0_51\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\jp2launcher.exe FirewallRules: [UDP Query User{77C5680F-6369-4DA5-91BA-78107CCA0407}C:\program files (x86)\java\jre1.8.0_51\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\jp2launcher.exe FirewallRules: [TCP Query User{C89276FE-1AD7-49D2-A902-FDE572F8292C}G:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) G:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{17D1A98C-54D7-4AA8-B8D6-B58B39FECEF9}G:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) G:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe FirewallRules: [{5A3ACF91-0F0A-4717-8ABF-07E23AE04081}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{E5215CE7-793B-4CCF-96E7-1F15C612C1A2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [TCP Query User{5167B9AA-E516-4CB1-9289-FA26E883ED52}C:\users\j-pc\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\j-pc\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{CB1298E9-C8CD-4E23-9425-DF1759BB3B25}C:\users\j-pc\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\j-pc\appdata\local\mycomgames\mycomgames.exe FirewallRules: [{289C6E62-3026-4D13-AC70-F75E29ACE583}] => (Allow) H:\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe FirewallRules: [{3B53044E-BF27-45AD-9A6C-91709BC94322}] => (Allow) H:\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe FirewallRules: [TCP Query User{178EE935-A13D-4CC1-907C-EBFE94B2F5B6}G:\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe] => (Allow) G:\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{FA58BDE9-B633-4F19-8047-48864D5C608B}G:\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe] => (Allow) G:\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe FirewallRules: [{79BE6BE9-B92B-4B89-B6B5-9955B412ACC1}] => (Allow) H:\SteamLibrary\steamapps\common\Rust\Rust.exe FirewallRules: [{C2B531DF-E489-4C04-8440-2A92FC5AA2F6}] => (Allow) H:\SteamLibrary\steamapps\common\Rust\Rust.exe FirewallRules: [{82D56E70-D003-4A7A-923C-31E4534994D4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{8558E683-74B4-4A14-80D3-D86E984F1E1E}] => (Allow) H:\SteamLibrary\steamapps\common\CSNZ\Bin\cstrike-online.exe FirewallRules: [{90C0B673-8DE6-4A2E-B678-96A3EC9772EF}] => (Allow) H:\SteamLibrary\steamapps\common\CSNZ\Bin\cstrike-online.exe ==================== Restore Points ========================= 21-01-2016 21:10:01 Punto de control programado 22-01-2016 16:11:58 JRT Pre-Junkware Removal 26-01-2016 14:25:49 Operación de restauración 26-01-2016 15:35:58 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/26/2016 05:13:36 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Error al generar el contexto de activación para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Error en el archivo de manifiesto o directiva "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" en la línea C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3. Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo. Los componentes en conflicto son:. Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Error: (01/26/2016 04:50:23 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Error al generar el contexto de activación para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Error en el archivo de manifiesto o directiva "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" en la línea C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3. Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo. Los componentes en conflicto son:. Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Error: (01/26/2016 04:50:22 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Error al generar el contexto de activación para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Error en el archivo de manifiesto o directiva "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" en la línea C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3. Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo. Los componentes en conflicto son:. Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Error: (01/26/2016 04:45:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: J-PC-PC) Description: No se pudo activar la aplicación Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge debido al error: -2147023170. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información. Error: (01/26/2016 04:45:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: MicrosoftEdge.exe, versión: 11.0.10586.63, marca de tiempo: 0x568b202a Nombre del módulo con errores: eModel.dll, versión: 11.0.10586.63, marca de tiempo: 0x568b1c63 Código de excepción: 0xc0000409 Desplazamiento de errores: 0x000000000012bfdf Identificador del proceso con errores: 0x262c Hora de inicio de la aplicación con errores: 0xMicrosoftEdge.exe0 Ruta de acceso de la aplicación con errores: MicrosoftEdge.exe1 Ruta de acceso del módulo con errores: MicrosoftEdge.exe2 Identificador del informe: MicrosoftEdge.exe3 Nombre completo del paquete con errores: MicrosoftEdge.exe4 Identificador de aplicación relativa del paquete con errores: MicrosoftEdge.exe5 Error: (01/26/2016 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity(). Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft. System Error: Acceso denegado. . Error: (01/26/2016 03:18:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: backgroundTaskHost.exe, versión: 10.0.10586.0, marca de tiempo: 0x5632d8f0 Nombre del módulo con errores: Cortana.Core.dll, versión: 0.0.0.0, marca de tiempo: 0x568b1b1b Código de excepción: 0xc0000005 Desplazamiento de errores: 0x000000000001325d Identificador del proceso con errores: 0x15b8 Hora de inicio de la aplicación con errores: 0xbackgroundTaskHost.exe0 Ruta de acceso de la aplicación con errores: backgroundTaskHost.exe1 Ruta de acceso del módulo con errores: backgroundTaskHost.exe2 Identificador del informe: backgroundTaskHost.exe3 Nombre completo del paquete con errores: backgroundTaskHost.exe4 Identificador de aplicación relativa del paquete con errores: backgroundTaskHost.exe5 Error: (01/26/2016 03:13:45 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: ) Description: Controlador no válido Error: (01/26/2016 03:13:45 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: ) Description: Controlador no válido Error: (01/26/2016 02:41:29 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (1280) SRUJet: Error -1811 (0xfffff8ed) al abrir un archivo de registro C:\WINDOWS\system32\SRU\SRU0026B.log. System errors: ============= Error: (01/26/2016 04:59:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: %%1275 Error: (01/26/2016 04:59:52 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\J-PC\AppData\Local\Temp\ehdrv.sys Error: (01/26/2016 04:59:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: %%1275 Error: (01/26/2016 04:59:51 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\J-PC\AppData\Local\Temp\ehdrv.sys Error: (01/26/2016 04:59:51 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\J-PC\AppData\Local\Temp\ehdrv.sys Error: (01/26/2016 04:59:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: %%1275 Error: (01/26/2016 04:58:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: %%1275 Error: (01/26/2016 04:58:12 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\J-PC\AppData\Local\Temp\ehdrv.sys Error: (01/26/2016 04:58:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: %%1275 Error: (01/26/2016 04:58:11 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\J-PC\AppData\Local\Temp\ehdrv.sys CodeIntegrity: =================================== Date: 2016-01-26 17:02:44.717 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-26 17:02:44.707 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-26 17:02:44.691 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-26 17:02:44.682 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-26 17:02:44.664 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-26 17:02:44.653 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-26 17:02:30.595 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-26 17:02:30.586 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-26 17:02:30.572 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-26 17:02:30.564 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz Percentage of memory in use: 29% Total physical RAM: 8169.15 MB Available physical RAM: 5764.2 MB Total Virtual: 18281.15 MB Available Virtual: 15761.54 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:185.87 GB) (Free:108.73 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (DATA) (Fixed) (Total:246.31 GB) (Free:116.43 GB) NTFS Drive g: (Nuevo vol) (Fixed) (Total:97.75 GB) (Free:32.85 GB) NTFS Drive h: (Nuevo vol) (Fixed) (Total:368 GB) (Free:231.66 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: AA9693FE) Partition 1: (Not Active) - (Size=25 GB) - (Type=1C) Partition 2: (Active) - (Size=185.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=254.5 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 465.8 GB) (Disk ID: 000B8A5F) Partition 1: (Not Active) - (Size=97.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=368 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================