Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-06-2016
Ran by josep (2016-06-11 11:56:04)
Running from C:\Users\josep\Downloads
Windows 10 Pro Insider Preview Version 1607 (X64) (2016-06-08 23:47:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-133330048-1868551512-3514094457-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-133330048-1868551512-3514094457-503 - Limited - Disabled)
Guest (S-1-5-21-133330048-1868551512-3514094457-501 - Limited - Disabled)
josep (S-1-5-21-133330048-1868551512-3514094457-1001 - Administrator - Enabled) => C:\Users\josep
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: IObit Malware Fighter (Disabled - Out of date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.3.0 - IObit)
Age of Empires II - HD Edition (HKLM-x32\...\Age of Empires II - HD Edition_is1) (Version: 4.4.0.0 - Ensemble Studiost)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Contents (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
Corel FastFlick (HKLM-x32\...\_{10EC8494-8A92-49D8-9677-2483EB01F7F1}) (Version: 1.0.0.93 - Corel Corporation)
Dazzle Video Capture DVC100 X64 Driver 1.06 (x32 Version: 1.06.0000 - Pinnacle) Hidden
Driver Booster 3.4 (HKLM-x32\...\Driver Booster_is1) (Version: 3.4 - IObit)
DriversCloud.com (64 bits) (HKLM\...\{77EEC345-B758-45DF-94C2-25D91D520650}) (Version: 8.0.4.0 - Cybelsoft)
eMule (HKLM-x32\...\eMule) (Version: - )
eMuleTorrent (HKLM-x32\...\eMuleTorrent) (Version: 1.0.0.17 - eMule.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5520 series Basic Device Software (HKLM\...\{68C0736C-3E47-43A6-B14D-236BEF198A5F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Help (HKLM-x32\...\{7137E26A-10F7-4B1C-9980-0893579E92DA}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Product Improvement Study (HKLM\...\{DCC176F0-3CE3-4DA9-8FF9-3809C1B48C47}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Support Solutions Framework (HKLM-x32\...\{EB72DB50-C935-4C26-8349-69828F198902}) (Version: 12.4.18.7 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
ICA (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.1 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.4.0.119 - IObit)
IPM_VS_Pro (x32 Version: 1.0 - Corel Corporation) Hidden
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 92 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
MediaGet (HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\MediaGet) (Version: 2 - Banner LLC)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{35D9277C-1EB7-4FBE-8B41-C520DE4F7A60}) (Version: 1.9.0 - OfficialHawk)
Mises à jour NVIDIA 2.11.3.6 (Version: 2.11.3.6 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.11.3.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.6 - NVIDIA Corporation)
NVIDIA Graphics Driver 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OSC Third Party Libraries (Version: 1.1 - NVIDIA Corporation) Hidden
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Roxio Creator NXT Pro 3 (HKLM-x32\...\{7B4B9450-39C8-454A-AA2D-6548EE4D21EB}) (Version: 16.0.50.1 - Roxio)
Roxio Virtual Drive x64 (Version: 1.00.0000 - Roxio, Inc.) Hidden
Setup (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
Share (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.6 - NVIDIA Corporation) Hidden
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.0.2 - IObit)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
The Sims 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.797.20 - Electronic Arts)
The SIMS 4 v. 1.13.104.1010 (HKLM-x32\...\The SIMS 4_is1) (Version: - )
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Nom de votre société)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TomTom MyDrive Connect 4.1.0.2658 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.0.2658 - TomTom)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VSClassic (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
VSPro (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.0.5170 - WinISO Computing Inc.)
WinRAR 5.31 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.1 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-133330048-1868551512-3514094457-1001_Classes\CLSID\{1F6DE925-8416-40D4-BC66-D69DB9D4360B}\InprocServer32 -> C:\Program Files\Roxio Creator NXT Pro 3\Virtual Drive 10\DC_ShellExt64.dll (Corel Corporation)
CustomCLSID: HKU\S-1-5-21-133330048-1868551512-3514094457-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\josep\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-133330048-1868551512-3514094457-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0382D1B8-8572-4E31-BBDB-F22BC570A1AB} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {0A6BC496-A128-4B4D-A061-C37629B0A29A} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {13208D36-1E97-4F64-916D-DD376760E45B} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {1BC68856-6B14-4E4F-8CED-AAE2FDFA1971} - System32\Tasks\Start Driver Reviver Schedule => C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe [2016-05-29] ()
Task: {2C8F93C0-1557-4429-A23F-896DD401A516} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2016-06-04] (Microsoft Corporation)
Task: {3D082950-F9AB-4C38-93BA-6326492B3FCE} - System32\Tasks\PPTAssistantNotifyTask_josep => C:\Users\josep\AppData\Local\PPTAssist\notify.exe <==== ATTENTION
Task: {3F52CC66-E1E2-4FC2-B0F0-EE427A77023E} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {4477CACA-D880-4A20-9338-65253E442227} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-05-18] (IObit)
Task: {45D9C449-D409-4FD9-80AC-BB48D3366732} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {4A912D56-5C14-4D48-B91A-2D8706407A9D} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-04-18] (IObit)
Task: {4D43C81A-10CC-4C05-BBD3-0E5EBA2BF56F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-03] (Google Inc.)
Task: {525919CB-1B41-40DA-B8D7-6E4128630A6E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {55D6BAA2-1ABF-4BA4-9652-BA97030F8A57} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {6132B423-11BB-4B0F-8ECB-253AA1EF82BC} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {61E3992A-79BE-4F6E-B142-F0545127F256} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\UpgradeSubscription.exe [2016-06-04] (Microsoft Corporation)
Task: {63F74652-B8D7-4688-96E4-62D820BDF639} - System32\Tasks\Driver Booster SkipUAC (josep) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-05-23] (IObit)
Task: {6D67DD2B-F508-46AF-94EF-4F666BEE2DAA} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2016-06-04] (Microsoft Corporation)
Task: {6EF48916-E4B6-49C0-A472-7270E92F94A5} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2016-06-04] (Microsoft Corporation)
Task: {711D2F5D-D499-4FA8-9E31-76ACA75F0007} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-03] (Google Inc.)
Task: {740448C1-F9F8-47BD-AFC2-66D56F717403} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\UpgradeSubscription.exe [2016-06-04] (Microsoft Corporation)
Task: {79F6D33F-136C-4C83-93F6-6B5F400DAFB6} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {7CF61590-E941-4870-B90D-D2CC88CFB527} - \Microsoft\XblGameSave\XblGameSaveTask\Logon -> No File <==== ATTENTION
Task: {974F79B7-1A25-43A2-B743-F350E06BA8B2} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {BC77405B-B46F-49D0-8BD0-2565123C7C5F} - System32\Tasks\Start Driver Reviver Update => C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe [2016-05-29] ()
Task: {C349D0F1-7A97-4872-8F9D-CCF218405F76} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {CAA3C2AC-6E27-47D5-B736-61F88BE3EB39} - System32\Tasks\Microsoft\Windows\ApplicationData\AppHostRegistrationVerifier => C:\Windows\system32\AppHostRegistrationVerifier.exe
Task: {DE705366-7FE6-48A0-BE74-26BA0CEA4A7A} - System32\Tasks\Uninstaller_SkipUac_josep => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-06-01] (IObit)
Task: {DF1D82F1-16F7-4CFF-80F8-0B00A590FDD3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {E682D224-A876-4280-B748-B355E996C2C2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {E7B586C4-8832-45F4-A422-EB800CA34CA0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd)
Task: {E948B5AD-AC17-4737-8CFA-BDA90AA3D3B0} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2016-04-29] (IObit)
Task: {F0608FAD-BBBE-46E3-A33C-C76372EB287D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-16] (Hewlett-Packard)
Task: {F38550C3-F53F-4AC1-8D28-94A14757AB45} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-05-06] (IObit)
Task: {FA690D13-AF86-4BD1-AE57-B8864724E74D} - System32\Tasks\ASC9_SkipUac_josep => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-05-16] (IObit)
Task: {FB7EF538-6DD2-4325-AE4E-549230A4941E} - System32\Tasks\PPTAssistantUpdateTask_josep => C:\Users\josep\AppData\Local\PPTAssist\assistupdate.exe <==== ATTENTION
Task: {FC8F78C1-55B5-4E71-824F-78C31549DC5D} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\ASC9_SkipUac_josep.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\PPTAssistantNotifyTask_josep.job => C:\Users\josep\AppData\Local\PPTAssist\notify.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PPTAssistantUpdateTask_josep.job => C:\Users\josep\AppData\Local\PPTAssist\assistupdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_josep.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\josep\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
==================== Loaded Modules (Whitelisted) ==============
2014-01-22 01:04 - 2014-01-22 01:04 - 00022760 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
2016-05-18 16:33 - 2016-05-02 20:31 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-05-18 16:33 - 2016-05-02 20:31 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-18 16:33 - 2016-05-02 20:31 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-18 16:33 - 2016-05-02 20:31 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-04 09:08 - 2016-05-02 20:31 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-04 09:08 - 2016-05-02 20:31 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-04 09:08 - 2016-05-02 20:31 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-05-04 09:08 - 2016-05-02 20:31 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-06-04 09:34 - 2016-06-04 09:34 - 00237568 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-06-04 09:34 - 2016-06-04 09:34 - 02660456 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-06-09 01:29 - 2016-06-03 05:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-06-04 09:34 - 2016-06-04 09:34 - 02660456 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-06-04 09:34 - 2016-06-04 09:34 - 02660456 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-06-09 02:09 - 2016-06-09 02:09 - 00959168 _____ () C:\Users\josep\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-06-04 09:34 - 2016-06-04 09:34 - 00136192 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-06-04 09:36 - 2016-06-04 09:36 - 00453632 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-06-04 09:35 - 2016-06-04 11:49 - 09672192 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-04 09:35 - 2016-06-04 11:49 - 01314304 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-04 09:35 - 2016-06-04 11:49 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-06-04 09:35 - 2016-06-04 11:49 - 02252288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-04 09:35 - 2016-06-04 11:49 - 04846080 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-04 09:35 - 2016-06-04 11:49 - 00999936 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-05-18 16:33 - 2016-05-02 20:31 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-18 16:33 - 2016-05-02 20:31 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-01-06 18:41 - 2016-05-24 17:44 - 00022336 _____ () C:\Program Files\CCleaner\branding.dll
2016-05-13 18:44 - 2016-05-13 18:44 - 00069632 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2014-01-22 01:04 - 2014-01-22 01:04 - 03322600 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BEngine.dll
2014-01-22 01:04 - 2014-01-22 01:04 - 00108776 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\Logging.dll
2014-01-22 01:04 - 2014-01-22 01:04 - 00524520 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\TRREngine.dll
2016-06-06 09:54 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-05-24 17:36 - 2015-12-23 18:32 - 00355616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl
2016-05-24 17:36 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl
2016-05-24 17:36 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl
2016-06-06 10:50 - 2015-12-23 16:27 - 00355616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-06-06 10:50 - 2015-12-23 16:27 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-06-06 10:50 - 2015-12-23 16:27 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-05-04 09:08 - 2016-05-02 20:31 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\amazon.fr -> hxxps://amazon.fr
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\100sexlinks.com -> 100sexlinks.com
There are 4788 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 09:24 - 2016-06-06 06:13 - 00001224 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 idb.iobit.com
127.0.0.1 asc55.iobit.com
127.0.0.1 is360.iobit.com
127.0.0.1 asc.iobit.com
127.0.0.1 pf.iobit.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-133330048-1868551512-3514094457-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\josep\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: QQPCTray =>
MSCONFIG\startupreg: fastweb =>
MSCONFIG\startupreg: ISUSPM =>
MSCONFIG\startupreg: OneDrive =>
MSCONFIG\startupreg: PCFIXTRAYPURLX =>
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "ISUSPM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "RoxWatchTray"
HKLM\...\StartupApproved\Run32: => " QQPCTray"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\StartupApproved\Run: => "Advanced SystemCare 9"
HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\StartupApproved\Run: => "Dashlane"
HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\StartupApproved\Run: => "MediaGet2"
HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\StartupApproved\Run: => "WinStart"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [UDP Query User{7D2D06DF-12EF-4FAA-8965-694750D48F7E}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [TCP Query User{F3E95CB9-041E-48AF-B632-AE2B476E9A78}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [{008E5C02-2204-4600-852B-89C8A422A45A}] => (Allow) C:\Users\josep\AppData\Local\MediaGet2\mediaget.exe
FirewallRules: [{B42E0975-049E-4D15-88F6-A43F5EDF94B1}] => (Allow) C:\Users\josep\AppData\Local\MediaGet2\mediaget.exe
FirewallRules: [{91CAA591-AFAD-440E-B87C-C5C98D27EE98}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{38B7F2CF-A1C4-41D0-A451-9C0EF4F06BB8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{2398793D-D7F0-416C-8AC4-3F3B7C2C7F37}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{3468DDA2-FA46-4784-B6C5-1C5B1FE4A6EB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{42E8EF58-769F-4077-B19A-71E3C46035BB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{A40FB027-76D0-4E6D-B737-C07BFA8646DA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [UDP Query User{8DB64AFB-E78E-472E-ACAD-678D8A5936EC}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [TCP Query User{8AF33260-6A02-4F8E-92F4-D46F852C41D2}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [UDP Query User{71EA1318-6AAE-4E79-9AC9-AE02B56E942C}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [TCP Query User{63B6767F-569F-4559-BB86-65541EAB9648}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [UDP Query User{963069F7-E002-46AB-9449-5E92B66AC3A5}C:\program files\emuletorrent\emuletorrent.exe] => (Allow) C:\program files\emuletorrent\emuletorrent.exe
FirewallRules: [TCP Query User{B5C62EA1-41CC-4560-972E-A9910CC21DB8}C:\program files\emuletorrent\emuletorrent.exe] => (Allow) C:\program files\emuletorrent\emuletorrent.exe
FirewallRules: [{2A4F4252-B805-46E1-B8E2-BD843750DF4E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FE2A612D-4940-4F45-A422-2BF766B2632C}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe
FirewallRules: [{01A3E96E-1EE6-4A4F-9B74-DA8A398F6CBE}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{E60F7AE9-65DE-42C4-8126-2B508972C88B}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{04319306-8472-4CFD-879A-6DF37F3D38D3}C:\users\josep\appdata\local\mediaget2\mediaget.exe] => (Allow) C:\users\josep\appdata\local\mediaget2\mediaget.exe
FirewallRules: [UDP Query User{A754520F-B8A8-4A0B-A53C-2C56A5AF7766}C:\users\josep\appdata\local\mediaget2\mediaget.exe] => (Allow) C:\users\josep\appdata\local\mediaget2\mediaget.exe
==================== Restore Points =========================
10-06-2016 00:36:10 Installed HP Support Solutions Framework
==================== Faulty Device Manager Devices =============
Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/10/2016 12:36:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (06/09/2016 01:44:24 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupModificationEvent" whose target class "WSP_ReplicationGroupModificationEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
Error: (06/09/2016 01:44:24 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupDepartureEvent" whose target class "WSP_ReplicationGroupDepartureEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
Error: (06/09/2016 01:44:24 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupArrivalEvent" whose target class "WSP_ReplicationGroupArrivalEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
Error: (06/09/2016 01:44:24 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider attempted to register query "select * from WSP_ReplicationGroupModificationEvent" whose target class "WSP_ReplicationGroupModificationEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
Error: (06/09/2016 01:44:24 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider attempted to register query "select * from WSP_ReplicationGroupDepartureEvent" whose target class "WSP_ReplicationGroupDepartureEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
Error: (06/09/2016 01:44:24 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider attempted to register query "select * from WSP_ReplicationGroupArrivalEvent" whose target class "WSP_ReplicationGroupArrivalEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
Error: (06/09/2016 01:44:11 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: 0x8007085A
Error: (06/09/2016 01:40:40 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: 0x8007085A
Error: (06/09/2016 01:40:40 AM) (Source: MSDTC 2) (EventID: 4104) (User: )
Description: 0x8007085A
System errors:
=============
Error: (06/11/2016 11:47:49 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error:
%%268435456
Error: (06/11/2016 11:42:39 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Error: (06/11/2016 12:20:01 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The CDPUserSvc_34512 service terminated with the following error:
%%268435456
Error: (06/11/2016 12:19:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (06/10/2016 12:29:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error:
%%268435456
Error: (06/10/2016 12:29:14 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-2UHC3SN)
Description: C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}367{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (06/10/2016 12:23:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error:
%%268435456
Error: (06/10/2016 12:18:03 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2UHC3SN)
Description: application-specificLocalActivation{9E175B6D-F52A-11D8-B9A5-505054503030}{9E175B9C-F52A-11D8-B9A5-505054503030}DESKTOP-2UHC3SNjosepS-1-5-21-133330048-1868551512-3514094457-1001LocalHost (Using LRPC)Microsoft.MicrosoftEdge_38.14361.0.0_neutral__8wekyb3d8bbweS-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194
Error: (06/09/2016 11:37:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (06/09/2016 08:12:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error:
%%268435456
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 36%
Total physical RAM: 6023.13 MB
Available physical RAM: 3817.73 MB
Total Virtual: 7687.13 MB
Available Virtual: 5536.28 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.21 GB) (Free:229.94 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 13184B42)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by josep (2016-06-11 11:56:04)
Running from C:\Users\josep\Downloads
Windows 10 Pro Insider Preview Version 1607 (X64) (2016-06-08 23:47:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-133330048-1868551512-3514094457-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-133330048-1868551512-3514094457-503 - Limited - Disabled)
Guest (S-1-5-21-133330048-1868551512-3514094457-501 - Limited - Disabled)
josep (S-1-5-21-133330048-1868551512-3514094457-1001 - Administrator - Enabled) => C:\Users\josep
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: IObit Malware Fighter (Disabled - Out of date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.3.0 - IObit)
Age of Empires II - HD Edition (HKLM-x32\...\Age of Empires II - HD Edition_is1) (Version: 4.4.0.0 - Ensemble Studiost)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Contents (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
Corel FastFlick (HKLM-x32\...\_{10EC8494-8A92-49D8-9677-2483EB01F7F1}) (Version: 1.0.0.93 - Corel Corporation)
Dazzle Video Capture DVC100 X64 Driver 1.06 (x32 Version: 1.06.0000 - Pinnacle) Hidden
Driver Booster 3.4 (HKLM-x32\...\Driver Booster_is1) (Version: 3.4 - IObit)
DriversCloud.com (64 bits) (HKLM\...\{77EEC345-B758-45DF-94C2-25D91D520650}) (Version: 8.0.4.0 - Cybelsoft)
eMule (HKLM-x32\...\eMule) (Version: - )
eMuleTorrent (HKLM-x32\...\eMuleTorrent) (Version: 1.0.0.17 - eMule.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5520 series Basic Device Software (HKLM\...\{68C0736C-3E47-43A6-B14D-236BEF198A5F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Help (HKLM-x32\...\{7137E26A-10F7-4B1C-9980-0893579E92DA}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Product Improvement Study (HKLM\...\{DCC176F0-3CE3-4DA9-8FF9-3809C1B48C47}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Support Solutions Framework (HKLM-x32\...\{EB72DB50-C935-4C26-8349-69828F198902}) (Version: 12.4.18.7 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
ICA (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.1 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.4.0.119 - IObit)
IPM_VS_Pro (x32 Version: 1.0 - Corel Corporation) Hidden
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 92 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
MediaGet (HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\MediaGet) (Version: 2 - Banner LLC)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{35D9277C-1EB7-4FBE-8B41-C520DE4F7A60}) (Version: 1.9.0 - OfficialHawk)
Mises à jour NVIDIA 2.11.3.6 (Version: 2.11.3.6 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.11.3.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.6 - NVIDIA Corporation)
NVIDIA Graphics Driver 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OSC Third Party Libraries (Version: 1.1 - NVIDIA Corporation) Hidden
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Roxio Creator NXT Pro 3 (HKLM-x32\...\{7B4B9450-39C8-454A-AA2D-6548EE4D21EB}) (Version: 16.0.50.1 - Roxio)
Roxio Virtual Drive x64 (Version: 1.00.0000 - Roxio, Inc.) Hidden
Setup (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
Share (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.6 - NVIDIA Corporation) Hidden
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.0.2 - IObit)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
The Sims 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.797.20 - Electronic Arts)
The SIMS 4 v. 1.13.104.1010 (HKLM-x32\...\The SIMS 4_is1) (Version: - )
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Nom de votre société)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TomTom MyDrive Connect 4.1.0.2658 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.0.2658 - TomTom)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VSClassic (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
VSPro (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.0.5170 - WinISO Computing Inc.)
WinRAR 5.31 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.1 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-133330048-1868551512-3514094457-1001_Classes\CLSID\{1F6DE925-8416-40D4-BC66-D69DB9D4360B}\InprocServer32 -> C:\Program Files\Roxio Creator NXT Pro 3\Virtual Drive 10\DC_ShellExt64.dll (Corel Corporation)
CustomCLSID: HKU\S-1-5-21-133330048-1868551512-3514094457-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\josep\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-133330048-1868551512-3514094457-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0382D1B8-8572-4E31-BBDB-F22BC570A1AB} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {0A6BC496-A128-4B4D-A061-C37629B0A29A} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {13208D36-1E97-4F64-916D-DD376760E45B} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {1BC68856-6B14-4E4F-8CED-AAE2FDFA1971} - System32\Tasks\Start Driver Reviver Schedule => C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe [2016-05-29] ()
Task: {2C8F93C0-1557-4429-A23F-896DD401A516} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2016-06-04] (Microsoft Corporation)
Task: {3D082950-F9AB-4C38-93BA-6326492B3FCE} - System32\Tasks\PPTAssistantNotifyTask_josep => C:\Users\josep\AppData\Local\PPTAssist\notify.exe <==== ATTENTION
Task: {3F52CC66-E1E2-4FC2-B0F0-EE427A77023E} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {4477CACA-D880-4A20-9338-65253E442227} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-05-18] (IObit)
Task: {45D9C449-D409-4FD9-80AC-BB48D3366732} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {4A912D56-5C14-4D48-B91A-2D8706407A9D} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-04-18] (IObit)
Task: {4D43C81A-10CC-4C05-BBD3-0E5EBA2BF56F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-03] (Google Inc.)
Task: {525919CB-1B41-40DA-B8D7-6E4128630A6E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {55D6BAA2-1ABF-4BA4-9652-BA97030F8A57} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {6132B423-11BB-4B0F-8ECB-253AA1EF82BC} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {61E3992A-79BE-4F6E-B142-F0545127F256} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\UpgradeSubscription.exe [2016-06-04] (Microsoft Corporation)
Task: {63F74652-B8D7-4688-96E4-62D820BDF639} - System32\Tasks\Driver Booster SkipUAC (josep) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-05-23] (IObit)
Task: {6D67DD2B-F508-46AF-94EF-4F666BEE2DAA} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2016-06-04] (Microsoft Corporation)
Task: {6EF48916-E4B6-49C0-A472-7270E92F94A5} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2016-06-04] (Microsoft Corporation)
Task: {711D2F5D-D499-4FA8-9E31-76ACA75F0007} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-03] (Google Inc.)
Task: {740448C1-F9F8-47BD-AFC2-66D56F717403} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\UpgradeSubscription.exe [2016-06-04] (Microsoft Corporation)
Task: {79F6D33F-136C-4C83-93F6-6B5F400DAFB6} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {7CF61590-E941-4870-B90D-D2CC88CFB527} - \Microsoft\XblGameSave\XblGameSaveTask\Logon -> No File <==== ATTENTION
Task: {974F79B7-1A25-43A2-B743-F350E06BA8B2} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {BC77405B-B46F-49D0-8BD0-2565123C7C5F} - System32\Tasks\Start Driver Reviver Update => C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe [2016-05-29] ()
Task: {C349D0F1-7A97-4872-8F9D-CCF218405F76} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {CAA3C2AC-6E27-47D5-B736-61F88BE3EB39} - System32\Tasks\Microsoft\Windows\ApplicationData\AppHostRegistrationVerifier => C:\Windows\system32\AppHostRegistrationVerifier.exe
Task: {DE705366-7FE6-48A0-BE74-26BA0CEA4A7A} - System32\Tasks\Uninstaller_SkipUac_josep => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-06-01] (IObit)
Task: {DF1D82F1-16F7-4CFF-80F8-0B00A590FDD3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {E682D224-A876-4280-B748-B355E996C2C2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {E7B586C4-8832-45F4-A422-EB800CA34CA0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd)
Task: {E948B5AD-AC17-4737-8CFA-BDA90AA3D3B0} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2016-04-29] (IObit)
Task: {F0608FAD-BBBE-46E3-A33C-C76372EB287D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-16] (Hewlett-Packard)
Task: {F38550C3-F53F-4AC1-8D28-94A14757AB45} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-05-06] (IObit)
Task: {FA690D13-AF86-4BD1-AE57-B8864724E74D} - System32\Tasks\ASC9_SkipUac_josep => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-05-16] (IObit)
Task: {FB7EF538-6DD2-4325-AE4E-549230A4941E} - System32\Tasks\PPTAssistantUpdateTask_josep => C:\Users\josep\AppData\Local\PPTAssist\assistupdate.exe <==== ATTENTION
Task: {FC8F78C1-55B5-4E71-824F-78C31549DC5D} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\ASC9_SkipUac_josep.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\PPTAssistantNotifyTask_josep.job => C:\Users\josep\AppData\Local\PPTAssist\notify.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PPTAssistantUpdateTask_josep.job => C:\Users\josep\AppData\Local\PPTAssist\assistupdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_josep.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\josep\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
==================== Loaded Modules (Whitelisted) ==============
2014-01-22 01:04 - 2014-01-22 01:04 - 00022760 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
2016-05-18 16:33 - 2016-05-02 20:31 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-05-18 16:33 - 2016-05-02 20:31 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-18 16:33 - 2016-05-02 20:31 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-18 16:33 - 2016-05-02 20:31 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-04 09:08 - 2016-05-02 20:31 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-04 09:08 - 2016-05-02 20:31 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-04 09:08 - 2016-05-02 20:31 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-05-04 09:08 - 2016-05-02 20:31 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-06-04 09:34 - 2016-06-04 09:34 - 00237568 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-06-04 09:34 - 2016-06-04 09:34 - 02660456 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-06-09 01:29 - 2016-06-03 05:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-06-04 09:34 - 2016-06-04 09:34 - 02660456 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-06-04 09:34 - 2016-06-04 09:34 - 02660456 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-06-09 02:09 - 2016-06-09 02:09 - 00959168 _____ () C:\Users\josep\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-06-04 09:34 - 2016-06-04 09:34 - 00136192 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-06-04 09:36 - 2016-06-04 09:36 - 00453632 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-06-04 09:35 - 2016-06-04 11:49 - 09672192 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-04 09:35 - 2016-06-04 11:49 - 01314304 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-04 09:35 - 2016-06-04 11:49 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-06-04 09:35 - 2016-06-04 11:49 - 02252288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-04 09:35 - 2016-06-04 11:49 - 04846080 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-04 09:35 - 2016-06-04 11:49 - 00999936 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-05-18 16:33 - 2016-05-02 20:31 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-18 16:33 - 2016-05-02 20:31 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-01-06 18:41 - 2016-05-24 17:44 - 00022336 _____ () C:\Program Files\CCleaner\branding.dll
2016-05-13 18:44 - 2016-05-13 18:44 - 00069632 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2014-01-22 01:04 - 2014-01-22 01:04 - 03322600 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BEngine.dll
2014-01-22 01:04 - 2014-01-22 01:04 - 00108776 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\Logging.dll
2014-01-22 01:04 - 2014-01-22 01:04 - 00524520 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\TRREngine.dll
2016-06-06 09:54 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-05-24 17:36 - 2015-12-23 18:32 - 00355616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl
2016-05-24 17:36 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl
2016-05-24 17:36 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl
2016-06-06 10:50 - 2015-12-23 16:27 - 00355616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-06-06 10:50 - 2015-12-23 16:27 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-06-06 10:50 - 2015-12-23 16:27 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-05-04 09:08 - 2016-05-02 20:31 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\amazon.fr -> hxxps://amazon.fr
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\100sexlinks.com -> 100sexlinks.com
There are 4788 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 09:24 - 2016-06-06 06:13 - 00001224 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 idb.iobit.com
127.0.0.1 asc55.iobit.com
127.0.0.1 is360.iobit.com
127.0.0.1 asc.iobit.com
127.0.0.1 pf.iobit.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-133330048-1868551512-3514094457-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\josep\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: QQPCTray =>
MSCONFIG\startupreg: fastweb =>
MSCONFIG\startupreg: ISUSPM =>
MSCONFIG\startupreg: OneDrive =>
MSCONFIG\startupreg: PCFIXTRAYPURLX =>
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "ISUSPM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "RoxWatchTray"
HKLM\...\StartupApproved\Run32: => " QQPCTray"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\StartupApproved\Run: => "Advanced SystemCare 9"
HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\StartupApproved\Run: => "Dashlane"
HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\StartupApproved\Run: => "MediaGet2"
HKU\S-1-5-21-133330048-1868551512-3514094457-1001\...\StartupApproved\Run: => "WinStart"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [UDP Query User{7D2D06DF-12EF-4FAA-8965-694750D48F7E}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [TCP Query User{F3E95CB9-041E-48AF-B632-AE2B476E9A78}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [{008E5C02-2204-4600-852B-89C8A422A45A}] => (Allow) C:\Users\josep\AppData\Local\MediaGet2\mediaget.exe
FirewallRules: [{B42E0975-049E-4D15-88F6-A43F5EDF94B1}] => (Allow) C:\Users\josep\AppData\Local\MediaGet2\mediaget.exe
FirewallRules: [{91CAA591-AFAD-440E-B87C-C5C98D27EE98}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{38B7F2CF-A1C4-41D0-A451-9C0EF4F06BB8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{2398793D-D7F0-416C-8AC4-3F3B7C2C7F37}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{3468DDA2-FA46-4784-B6C5-1C5B1FE4A6EB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{42E8EF58-769F-4077-B19A-71E3C46035BB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{A40FB027-76D0-4E6D-B737-C07BFA8646DA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [UDP Query User{8DB64AFB-E78E-472E-ACAD-678D8A5936EC}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [TCP Query User{8AF33260-6A02-4F8E-92F4-D46F852C41D2}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [UDP Query User{71EA1318-6AAE-4E79-9AC9-AE02B56E942C}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [TCP Query User{63B6767F-569F-4559-BB86-65541EAB9648}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [UDP Query User{963069F7-E002-46AB-9449-5E92B66AC3A5}C:\program files\emuletorrent\emuletorrent.exe] => (Allow) C:\program files\emuletorrent\emuletorrent.exe
FirewallRules: [TCP Query User{B5C62EA1-41CC-4560-972E-A9910CC21DB8}C:\program files\emuletorrent\emuletorrent.exe] => (Allow) C:\program files\emuletorrent\emuletorrent.exe
FirewallRules: [{2A4F4252-B805-46E1-B8E2-BD843750DF4E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FE2A612D-4940-4F45-A422-2BF766B2632C}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe
FirewallRules: [{01A3E96E-1EE6-4A4F-9B74-DA8A398F6CBE}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{E60F7AE9-65DE-42C4-8126-2B508972C88B}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{04319306-8472-4CFD-879A-6DF37F3D38D3}C:\users\josep\appdata\local\mediaget2\mediaget.exe] => (Allow) C:\users\josep\appdata\local\mediaget2\mediaget.exe
FirewallRules: [UDP Query User{A754520F-B8A8-4A0B-A53C-2C56A5AF7766}C:\users\josep\appdata\local\mediaget2\mediaget.exe] => (Allow) C:\users\josep\appdata\local\mediaget2\mediaget.exe
==================== Restore Points =========================
10-06-2016 00:36:10 Installed HP Support Solutions Framework
==================== Faulty Device Manager Devices =============
Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/10/2016 12:36:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (06/09/2016 01:44:24 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupModificationEvent" whose target class "WSP_ReplicationGroupModificationEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
Error: (06/09/2016 01:44:24 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupDepartureEvent" whose target class "WSP_ReplicationGroupDepartureEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
Error: (06/09/2016 01:44:24 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupArrivalEvent" whose target class "WSP_ReplicationGroupArrivalEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
Error: (06/09/2016 01:44:24 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider attempted to register query "select * from WSP_ReplicationGroupModificationEvent" whose target class "WSP_ReplicationGroupModificationEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
Error: (06/09/2016 01:44:24 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider attempted to register query "select * from WSP_ReplicationGroupDepartureEvent" whose target class "WSP_ReplicationGroupDepartureEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
Error: (06/09/2016 01:44:24 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider attempted to register query "select * from WSP_ReplicationGroupArrivalEvent" whose target class "WSP_ReplicationGroupArrivalEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
Error: (06/09/2016 01:44:11 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: 0x8007085A
Error: (06/09/2016 01:40:40 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: 0x8007085A
Error: (06/09/2016 01:40:40 AM) (Source: MSDTC 2) (EventID: 4104) (User: )
Description: 0x8007085A
System errors:
=============
Error: (06/11/2016 11:47:49 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error:
%%268435456
Error: (06/11/2016 11:42:39 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Error: (06/11/2016 12:20:01 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The CDPUserSvc_34512 service terminated with the following error:
%%268435456
Error: (06/11/2016 12:19:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (06/10/2016 12:29:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error:
%%268435456
Error: (06/10/2016 12:29:14 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-2UHC3SN)
Description: C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}367{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (06/10/2016 12:23:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error:
%%268435456
Error: (06/10/2016 12:18:03 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2UHC3SN)
Description: application-specificLocalActivation{9E175B6D-F52A-11D8-B9A5-505054503030}{9E175B9C-F52A-11D8-B9A5-505054503030}DESKTOP-2UHC3SNjosepS-1-5-21-133330048-1868551512-3514094457-1001LocalHost (Using LRPC)Microsoft.MicrosoftEdge_38.14361.0.0_neutral__8wekyb3d8bbweS-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194
Error: (06/09/2016 11:37:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (06/09/2016 08:12:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error:
%%268435456
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 36%
Total physical RAM: 6023.13 MB
Available physical RAM: 3817.73 MB
Total Virtual: 7687.13 MB
Available Virtual: 5536.28 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.21 GB) (Free:229.94 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 13184B42)
Partition: GPT.
==================== End of Addition.txt ============================