Jump to content

bad_spool_header BSOD almost daily


Recommended Posts

Hello,

I am having almost daily BSOD's on Windows 10. I finally decided to look for help, so installed the Debugging Tools for Windows 10. It seems the error is caused by the mbamservice.exe driver affecting the Windows NETIOS.sys module? Please help me figure it out, thank you! smile.gif 

Here is what my (huge 800Mb) memory dump file says:


Microsoft ® Windows Debugger Version 10.0.10586.567 AMD64
Copyright © Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.


************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred SRV*C:\Windows\symbol_cache*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*C:\Windows\symbol_cache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 10 Kernel Version 10240 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 10240.16590.amd64fre.th1_st1.151104-1714
Machine Name:
Kernel base = 0xfffff803`f168b000 PsLoadedModuleList = 0xfffff803`f19b0070
Debug session time: Fri Dec 18 12:39:23.774 2015 (UTC - 5:00)
System Uptime: 0 days 3:31:58.476
Loading Kernel Symbols
...............................................................
................................................................
................................................................
.......
Loading User Symbols
PEB is paged out (Peb.Ldr = 00000000`7fab8018). Type ".hh dbgerr001" for details
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck C2, {7, 1254, 0, ffffe000dc7c07d8}

*** ERROR: Module load completed but symbols could not be loaded for mwac.sys
Probably caused by : NETIO.SYS ( NETIO!NetioFreeMdl+2707f )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

BAD_POOL_CALLER (c2)
The current thread is making a bad pool request. Typically this is at a bad IRQL level or double freeing the same allocation, etc.
Arguments:
Arg1: 0000000000000007, Attempt to free pool which was already freed
Arg2: 0000000000001254, (reserved)
Arg3: 0000000000000000, Memory contents of the pool block
Arg4: ffffe000dc7c07d8, Address of the block of pool being deallocated

Debugging Details:
------------------


DUMP_CLASS: 1

DUMP_QUALIFIER: 401

BUILD_VERSION_STRING: 10240.16590.amd64fre.th1_st1.151104-1714

SYSTEM_MANUFACTURER: Gigabyte Technology Co., Ltd.

SYSTEM_PRODUCT_NAME: GA-990FXA-UD5

BIOS_VENDOR: Award Software International, Inc.

BIOS_VERSION: F11

BIOS_DATE: 10/26/2012

BASEBOARD_MANUFACTURER: Gigabyte Technology Co., Ltd.

BASEBOARD_PRODUCT: GA-990FXA-UD5

DUMP_TYPE: 1

BUGCHECK_P1: 7

BUGCHECK_P2: 1254

BUGCHECK_P3: 0

BUGCHECK_P4: ffffe000dc7c07d8

POOL_ADDRESS: ffffe000dc7c07d8 Nonpaged pool

FREED_POOL_TAG: Mdl

BUGCHECK_STR: 0xc2_7_Mdl

CPU_COUNT: 8

CPU_MHZ: dc4

CPU_VENDOR: AuthenticAMD

CPU_FAMILY: 15

CPU_MODEL: 2

CPU_STEPPING: 0

DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT

PROCESS_NAME: mbamservice.ex

CURRENT_IRQL: 2

ANALYSIS_SESSION_HOST: MATEO

ANALYSIS_SESSION_TIME: 12-18-2015 12:59:38.0034

ANALYSIS_VERSION: 10.0.10586.567 amd64fre

LAST_CONTROL_TRANSFER: from fffff803f18fef05 to fffff803f17da4d0

STACK_TEXT:
ffffd000`21accde8 fffff803`f18fef05 : 00000000`000000c2 00000000`00000007 00000000`00001254 00000000`00000000 : nt!KeBugCheckEx
ffffd000`21accdf0 fffff801`b0d791bf : ffffe000`dd7b98a0 ffffe000`dc7c0500 00000000`00000000 fffff801`b1090100 : nt!ExFreePool+0x23d
ffffd000`21acced0 fffff801`b0ef1cbe : ffffe000`e0e34de0 ffffe000`def8acb0 ffffe000`dd7b97a0 fffff801`b51290ee : NETIO!NetioFreeMdl+0x2707f
ffffd000`21accf20 fffff801`b0d51713 : ffffe000`dc7c05b0 00000000`00000001 00000000`00000000 00000000`00000000 : tcpip!FlpReturnNetBufferListChain+0x8e18e
ffffd000`21accf70 fffff801`b0d51456 : 00000000`00000000 00000000`00000000 00000000`00000000 ffffe000`e0e34de0 : NETIO!NetioDereferenceNetBufferList+0x163
ffffd000`21accfb0 fffff801`b0e10fac : ffffe000`dc7c05b0 00000000`00000000 00000000`00000000 ffffe000`df1a36c0 : NETIO!NetioDereferenceNetBufferListChain+0x2e6
ffffd000`21acd060 fffff801`b0e121b8 : fffff801`b0fb9310 ffffe000`db311010 00000000`00000001 00000000`00000001 : tcpip!IppReceiveHeaderBatch+0x34c
ffffd000`21acd160 fffff801`b0f5ab88 : ffffe000`dbd92ba0 ffffe000`e0e34de0 00000000`00000001 ffffe000`e288d400 : tcpip!IppFlcReceivePacketsCore+0x338
ffffd000`21acd280 fffff801`b1074de6 : fffff801`b4687802 ffffe000`d974f080 ffffd000`21acd460 fffff801`b0d518db : tcpip!IppInspectInjectReceive+0xf8
ffffd000`21acd2c0 fffff803`f1708925 : ffffd000`21acd460 ffffd000`21acd460 ffffe000`dd7b97a0 ffffe000`daa875c0 : fwpkclnt!FwppInjectionStackCallout+0x116
ffffd000`21acd350 fffff801`b10766c6 : ffffe000`da1ffd00 ffffe000`e288d400 ffffe000`da085800 00000000`00000002 : nt!KeExpandKernelStackAndCalloutInternal+0x85
ffffd000`21acd3a0 fffff801`b107631d : 00000000`00000000 ffffd000`21acd4d9 ffffe000`e288d430 ffffe000`e0e34de0 : fwpkclnt!NetioExpandKernelStackAndCallout+0x52
ffffd000`21acd3e0 fffff801`b51261b8 : ffffe000`def8acb0 00000000`00000000 ffffe000`dd7b9700 00000000`00000008 : fwpkclnt!FwpsInjectTransportReceiveAsync0+0x2ad
ffffd000`21acd520 fffff801`b51266bc : ffffe000`e0e34de0 00000000`00000003 ffffd000`21acd5f0 00000000`00000000 : mwac+0x61b8
ffffd000`21acd5b0 fffff801`b51265c8 : ffffe000`de9d4250 fffff801`00000002 ffffe000`de9d4201 ffffd000`21acd6b0 : mwac+0x66bc
ffffd000`21acd630 fffff801`b5126f51 : ffffe000`de9d4250 00000000`00000002 fffff801`b512e7c0 fffff801`b512e420 : mwac+0x65c8
ffffd000`21acd680 fffff801`b512451f : fffff801`b512ec80 fffff801`b512ec80 00000000`00000002 fffff801`b512e7c0 : mwac+0x6f51
ffffd000`21acd6b0 fffff801`b5123233 : 00000000`00000000 00000000`00000000 fffff801`b512eca0 fffff801`b5123315 : mwac+0x451f
ffffd000`21acd6e0 fffff801`b5122e9e : 00000000`00000000 00000000`00000002 fffff801`b512eca0 fffff803`f16d8781 : mwac+0x3233
ffffd000`21acd750 fffff801`b5124377 : fffff801`b512e7c0 00000000`00000000 ffffe000`e2bb3880 ffffd000`21acdb80 : mwac+0x2e9e
ffffd000`21acd780 fffff801`b51298e8 : ffffe000`e2bb3860 00000000`00000000 00000000`00000001 00000000`00000000 : mwac+0x4377
ffffd000`21acd7b0 fffff803`f1ac8c4d : 00000000`00000000 ffffd000`21acdb80 ffffd000`21acdb80 ffffc000`00000001 : mwac+0x98e8
ffffd000`21acd800 fffff803`f1ac8526 : 00000000`000012c0 00000000`51633560 00000000`00000001 00000000`2958ddf8 : nt!IopXxxControlFile+0x71d
ffffd000`21acda20 fffff803`f17e4b63 : ffffd000`746c6644 ffffd000`21acdb08 00000000`00000000 fffff803`f1aa7448 : nt!NtDeviceIoControlFile+0x56
ffffd000`21acda90 00000000`51631e52 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0db1ee68 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x51631e52


STACK_COMMAND: kb

THREAD_SHA1_HASH_MOD_FUNC: 1c662895ee107e6473854d5d443c0240a5b5331d

THREAD_SHA1_HASH_MOD_FUNC_OFFSET: a78bc9740dbfb686c5c0ba2b397608b31acfe066

THREAD_SHA1_HASH_MOD: 91dd9b0232768cfb302fbb9ae4e6737989437fe3

FOLLOWUP_IP:
NETIO!NetioFreeMdl+2707f
fffff801`b0d791bf 90 nop

FAULT_INSTR_CODE: 9020e990

SYMBOL_STACK_INDEX: 2

SYMBOL_NAME: NETIO!NetioFreeMdl+2707f

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: NETIO

IMAGE_NAME: NETIO.SYS

DEBUG_FLR_IMAGE_TIMESTAMP: 563ad315

BUCKET_ID_FUNC_OFFSET: 2707f

FAILURE_BUCKET_ID: 0xc2_7_Mdl__NETIO!NetioFreeMdl

BUCKET_ID: 0xc2_7_Mdl__NETIO!NetioFreeMdl

PRIMARY_PROBLEM_CLASS: 0xc2_7_Mdl__NETIO!NetioFreeMdl

TARGET_TIME: 2015-12-18T17:39:23.000Z

OSBUILD: 10240

OSSERVICEPACK: 0

SERVICEPACK_NUMBER: 0

OS_REVISION: 0

SUITE_MASK: 272

PRODUCT_TYPE: 1

OSPLATFORM_TYPE: x64

OSNAME: Windows 10

OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS

OS_LOCALE:

USER_LCID: 0

OSBUILD_TIMESTAMP: 2015-11-04 23:15:48

BUILDDATESTAMP_STR: 151104-1714

BUILDLAB_STR: th1_st1

BUILDOSVER_STR: 10.0.10240.16590.amd64fre.th1_st1.151104-1714

ANALYSIS_SESSION_ELAPSED_TIME: 24e3

ANALYSIS_SOURCE: KM

FAILURE_ID_HASH_STRING: km:0xc2_7_mdl__netio!netiofreemdl

FAILURE_ID_HASH: {f2c46e80-d936-89a0-13f9-f9b302dc640b}

Followup: MachineOwner
---------

Link to post
Share on other sites

Hello and welcome to Malwarebytes,

Please be aware the following P2P/Piracy Warning is a standard opening reply made here at Malwarebytes, we make no accusations but do make you aware of Forum Protocol....

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Please open Malwarebytes Anti-Malware.

  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear (if applicable), then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.


To get the log from Malwarebytes do the following:

  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:

      Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml)      - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


 

Next,

 

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


  • Double-click to run it. When the tool opens click Yes to disclaimer.
    (Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make logs named (Addition.txt) and Shortcut.txt Please attach those logs to your reply.


 

Let me see those logs...

 

Thank you,

 

Kevin...

Link to post
Share on other sites

Hello,

 

My Windows, Office, and graphics software (Corel) is legit. I did have a P2P software, but I closed it, I am hoping that's enough. I am not aware of anything else considered illegal software. I even buy my PC games ;) . Thank you for your fast reply and help :)

 

Here is the log from Malwarebytes:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/18/2015
Scan Time: 14:28
Logfile:
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2015.12.18.04
Rootkit Database: v2015.12.18.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: JuanCarlos

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 393015
Time Elapsed: 8 min, 21 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

Here is the FRST.txt content:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-12-2015
Ran by JuanCarlos (administrator) on MATEO (18-12-2015 14:49:50)
Running from E:\Memories\Install Files
Loaded Profiles: JuanCarlos (Available Profiles: JuanCarlos)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\Backblaze\bzserv.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Hauppauge Computer Works, Inc) C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\SickRage\Installer\nssm.exe
() C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\SickRage\Python\python.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenUSB.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Backblaze\bzbui.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwtxapps.exe
() C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAHWindow64.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Nico Mak Computing) C:\Program Files\WinZip\WZUpdateNotifier.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV8\WinTVTray.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Omni\Sound Blaster Omni Control Panel\SBOmni.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(GOG.com) D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
(Razer, Inc.) C:\Users\JuanCarlos\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
(Razer, Inc.) C:\Users\JuanCarlos\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(GOG.com) D:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) D:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) D:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxcr.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
() C:\Program Files (x86)\Backblaze\x64\bztransmit64.exe
() C:\Program Files (x86)\Backblaze\bzfilelist.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [Corel Update Helper] => c:\Program Files\Corel\Corel PaintShop Pro X7 (64-bit)\pua.exe [2004312 2015-05-19] (Corel Corporation)
HKLM\...\Run: [shadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15009400 2015-10-14] (Logitech Inc.)
HKLM\...\Run: [bdagent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1720488 2015-12-14] (Bitdefender)
HKLM\...\Run: [Creative SB Monitoring Utility Launcher] => RunDll32 SBAVMonL.dll,SBAVMonitorLauncher
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [APSDaemon] => c:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => c:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [71680 2015-11-23] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [592704 2015-09-29] (Razer Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1856184 2015-09-30] (Adobe Systems Inc.)
HKLM-x32\...\Run: [sound Blaster Omni Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Omni\Sound Blaster Omni Control Panel\SBOmni.exe [930304 2013-10-28] (Creative Technology Ltd)
HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\Run: [backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [490176 2015-06-30] ()
HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\Run: [spotify Web Helper] => C:\Users\JuanCarlos\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-17] (Spotify Ltd)
HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\Run: [iDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3931728 2015-12-11] (Tonec Inc.)
HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\Run: [steam] => D:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\Run: [GalaxyClient] => D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [7744568 2015-10-15] (GOG.com)
HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\Run: [bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe [1423288 2015-12-14] (Bitdefender)
HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [876216 2015-09-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\RunOnce: [uninstall C:\Users\JuanCarlos\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\JuanCarlos\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\RunOnce: [uninstall C:\Users\JuanCarlos\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\JuanCarlos\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\RunOnce: [uninstall C:\Users\JuanCarlos\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\JuanCarlos\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\MountPoints2: {451348f6-1ba7-11e5-824e-806e6f6e6963} - "M:\LaunchU3.exe" -a
HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\MountPoints2: {8ae2947c-066f-11e5-824f-806e6f6e6963} - "G:\Audio\setup.exe"
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2015-10-07]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk [2015-06-26]
ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-11-02]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-08-11]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2015-08-20]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-08-20]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2015-11-02]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk [2015-06-26]
ShortcutTarget: WinTV Recording Status.lnk -> C:\Program Files (x86)\WinTV\WinTV8\WinTVTray.exe (Hauppauge Computer Works, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-11-02]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 200.63.212.110
Tcpip\..\Interfaces\{45a433f7-9748-4a2e-a26f-b335779e048a}: [DhcpNameServer] 8.8.8.8 8.8.4.4 200.63.212.110

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3837890448-573517583-2739916161-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-12-14] (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-12-16] (Microsoft Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-08-20] (LastPass)
BHO: WinZip Courier BHO -> {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} -> C:\Program Files (x86)\WinZip Courier\wzwmcie64.dll [2015-07-22] (WinZip Computing, S.L.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-12-16] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-12-14] (Bitdefender)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-20] (Oracle Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-08-20] (LastPass)
BHO-x32: WinZip Courier BHO -> {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} -> C:\Program Files (x86)\WinZip Courier\wzwmcie32.dll [2015-07-22] (WinZip Computing, S.L.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-20] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-08-20] (LastPass)
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-12-14] (Bitdefender)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-08-20] (LastPass)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-12-14] (Bitdefender)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3837890448-573517583-2739916161-1001 -> Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-12-14] (Bitdefender)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\JuanCarlos\AppData\Roaming\Mozilla\Firefox\Profiles\6h4f41oq.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-08] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-08-20] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-08] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-20] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-08-20] (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-12-16] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3837890448-573517583-2739916161-1001: @citrixonline.com/appdetectorplugin -> C:\Users\JuanCarlos\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-07-02] (Citrix Online)
FF Plugin HKU\S-1-5-21-3837890448-573517583-2739916161-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\JuanCarlos\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3837890448-573517583-2739916161-1001: SkypePlugin -> C:\Users\JuanCarlos\AppData\Local\SkypePlugin\7.5.0.127\npGatewayNpapi.dll [2015-08-02] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-3837890448-573517583-2739916161-1001: SkypePlugin64 -> C:\Users\JuanCarlos\AppData\Local\SkypePlugin\7.5.0.127\npGatewayNpapi-x64.dll [2015-08-02] (Skype Technologies S.A.)
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\JuanCarlos\AppData\Roaming\Mozilla\Firefox\Profiles\6h4f41oq.default\extensions\artur.dubovoy@gmail.com [2015-12-05]
FF Extension: IDM integration - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2015-11-09]
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\\antispam32\bdwteff [2015-12-15]
FF Extension: LastPass - C:\Users\JuanCarlos\AppData\Roaming\Mozilla\Firefox\Profiles\6h4f41oq.default\extensions\support@lastpass.com [2015-12-17]
FF Extension: Video AdBlock for Firefox - C:\Users\JuanCarlos\AppData\Roaming\Mozilla\Firefox\Profiles\6h4f41oq.default\Extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2015-08-16] [not signed]
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\\antispam32\bdwteff
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2015-09-11] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2015-09-26] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{74c841e3-b59f-479e-8d7a-e26a942a87c8}] - C:\Program Files (x86)\WinZip Courier\FFExt
FF Extension: WinZip Courier - C:\Program Files (x86)\WinZip Courier\FFExt [2015-10-07] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\JuanCarlos\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\JuanCarlos\AppData\Roaming\IDM\idmmzcc5 [2015-12-18] [not signed]
FF HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi

Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?st=1
CHR StartupUrls: Default -> "hxxp://www.omniboxes.com/?type=hp&ts=1434917820&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=tti&uid=ST3000DM001-1CH166_Z1F4YG11XXXXZ1F4YG11"
CHR DefaultSearchKeyword: Default -> lp
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-27]
CHR Extension: (Entanglement Web App) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2015-06-27]
CHR Extension: (Google Docs) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-27]
CHR Extension: (Google Drive) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (SocialBro) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bagknoiagpifjfbempgignagkejmkljm [2015-06-27]
CHR Extension: (Open with Google Drive™ Viewer) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkpinfdldjdngmgfbifbdbgaoampkan [2015-06-27]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-12-01]
CHR Extension: (YouTube) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-03]
CHR Extension: (Google Cast) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-11-21]
CHR Extension: (Add to Amazon Wish List) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2015-06-27]
CHR Extension: (Google Search) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Bitdefender Wallet) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhejlifdlcgcmogbggeomfodgklfaem [2015-10-22]
CHR Extension: (Adobe Acrobat) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-10]
CHR Extension: (Google Sheets) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-27]
CHR Extension: (Google Docs Offline) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-03]
CHR Extension: (TweetDeck by Twitter) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2015-07-24]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-10-26]
CHR Extension: (Voice Search) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhfkcobomkalfdlmkongnhnhahkmnaad [2015-06-27]
CHR Extension: (Bitly
 Unleash the power of the link) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2015-06-27]
CHR Extension: (Google +1 Button) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgoepmocgafhnchmokaimcmlojpnlkhp [2015-06-27]
CHR Extension: (WinZip Courier) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lomojjnmhlhdepbfoknpkenickajcphi [2015-10-08]
CHR Extension: (Poppit!) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2015-06-27]
CHR Extension: (MailTrack for Gmail) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2015-12-03]
CHR Extension: (IDM Integration Module) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-12-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]
CHR Extension: (Gmail) - C:\Users\JuanCarlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-27]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-12-11]
CHR HKU\S-1-5-21-3837890448-573517583-2739916161-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lomojjnmhlhdepbfoknpkenickajcphi] - C:\Program Files (x86)\WinZip Courier\wzwmcgc.crx [2015-07-22]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-12-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [1417856 2015-10-07] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-10-16] (BitRaider, LLC)
R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [235712 2015-06-30] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2748600 2015-12-04] (Microsoft Corporation)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [429056 2013-10-28] (Creative Technology Ltd) [File not signed]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 FreeAgentGoFlex Service; C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe [91432 2011-02-10] (Seagate Technology LLC)
S3 GalaxyClientService; D:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-15] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7184440 2015-12-07] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
R2 Hauppauge WinTV Extender; C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe [63608 2015-04-16] (Hauppauge Computer Works, Inc) [File not signed]
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [586360 2015-04-16] (Hauppauge Computer Works) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-18] (IObit)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-10-14] (Logitech Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-16] (Electronic Arts)
S2 PowerAlert Agent; C:\Program Files (x86)\TrippLite\PowerAlert\engine\pal.exe [1660528 2012-05-10] (Tripp Lite)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [857288 2015-11-09] (Bitdefender)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-18] (Razer, Inc.)
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2015-08-08] () [File not signed]
R2 SickRage; C:\SickRage\Installer\nssm.exe [331264 2014-08-31] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6887696 2015-11-30] (TeamViewer GmbH)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [124488 2015-10-05] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1604080 2015-12-14] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdide64; C:\Windows\System32\drivers\amdide64.sys [11944 2013-03-08] (Advanced Micro Devices Inc.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1600512 2015-11-02] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [282000 2015-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [775424 2015-11-02] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2015-11-02] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [115800 2015-12-14] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-14] (BitDefender)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-11-02] (BitRaider)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows ® Win 7 DDK provider)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-11] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)
R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [271808 2015-11-02] (Bitdefender)
R3 ksaud; C:\Windows\system32\drivers\ksaud.sys [2081024 2015-04-30] (Creative Technology Ltd.)
R3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [37912 2015-10-07] (Microsoft Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-18] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [889584 2015-09-23] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-19] (Realsil Semiconductor Corporation)
S3 RzDxgk; C:\WINDOWS\system32\drivers\RzDxgk.sys [129472 2014-04-18] (Razer, Inc.)
S1 RzFilter; C:\WINDOWS\system32\drivers\RzFilter.sys [74432 2014-04-18] (Razer, Inc.)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129472 2015-06-26] (Razer, Inc.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-10-29] ()
R1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-10-29] ()
R1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700680 2014-10-29] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S1 BdfNdisf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-18 14:48 - 2015-12-18 14:49 - 00000000 ____D C:\FRST
2015-12-18 14:19 - 2015-12-18 14:19 - 00016148 _____ C:\WINDOWS\system32\MATEO_JuanCarlos_HistoryPrediction.bin
2015-12-18 12:58 - 2015-12-18 12:59 - 00000000 ____D C:\WINDOWS\symbol_cache
2015-12-18 12:55 - 2015-12-18 12:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-12-18 12:55 - 2015-12-18 12:55 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-12-18 12:40 - 2015-12-18 12:40 - 00356488 _____ C:\WINDOWS\Minidump\121815-25765-01.dmp
2015-12-18 10:29 - 2015-12-18 12:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-18 09:09 - 2015-12-18 09:09 - 00000000 ___HD C:\OneDriveTemp
2015-12-16 17:19 - 2015-12-16 17:19 - 00001036 _____ C:\Users\Public\Desktop\Dragon Age Inquisition.lnk
2015-12-16 17:19 - 2015-12-16 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age Inquisition
2015-12-16 16:09 - 2015-12-16 16:09 - 00357256 _____ C:\WINDOWS\Minidump\121615-31750-01.dmp
2015-12-15 16:43 - 2015-12-15 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com]
2015-12-13 15:26 - 2015-12-13 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-11 04:49 - 2015-12-10 03:53 - 00199152 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2015-12-09 08:58 - 2015-12-01 02:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-09 08:58 - 2015-12-01 01:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2015-12-09 08:58 - 2015-12-01 00:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-12-09 08:58 - 2015-12-01 00:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-12-09 08:58 - 2015-12-01 00:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-09 08:58 - 2015-12-01 00:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-09 08:58 - 2015-11-30 23:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-09 08:58 - 2015-11-25 00:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-12-09 08:58 - 2015-11-25 00:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2015-12-09 08:58 - 2015-11-25 00:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 08:58 - 2015-11-25 00:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-09 08:58 - 2015-11-25 00:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-09 08:58 - 2015-11-25 00:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2015-12-09 08:58 - 2015-11-25 00:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 08:58 - 2015-11-25 00:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-12-09 08:58 - 2015-11-25 00:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 08:58 - 2015-11-25 00:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 08:58 - 2015-11-25 00:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-09 08:58 - 2015-11-24 23:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2015-12-09 08:58 - 2015-11-24 23:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-09 08:58 - 2015-11-24 23:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-12-09 08:58 - 2015-11-24 23:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-09 08:58 - 2015-11-24 23:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2015-12-09 08:58 - 2015-11-24 23:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2015-12-09 08:58 - 2015-11-24 23:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2015-12-09 08:58 - 2015-11-24 23:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-09 08:58 - 2015-11-24 23:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-09 08:58 - 2015-11-24 23:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 08:58 - 2015-11-24 23:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-09 08:58 - 2015-11-24 23:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-12-09 08:58 - 2015-11-24 23:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-09 08:58 - 2015-11-24 23:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2015-12-09 08:58 - 2015-11-24 23:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 08:58 - 2015-11-24 23:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2015-12-09 08:58 - 2015-11-24 23:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2015-12-09 08:58 - 2015-11-24 23:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 08:58 - 2015-11-24 23:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-12-09 08:58 - 2015-11-24 23:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 08:58 - 2015-11-24 23:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2015-12-09 08:58 - 2015-11-24 23:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 08:58 - 2015-11-24 23:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 08:58 - 2015-11-24 23:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-12-09 08:58 - 2015-11-24 23:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-12-09 08:58 - 2015-11-24 23:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-09 08:58 - 2015-11-24 23:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-12-09 08:58 - 2015-11-24 23:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2015-12-09 08:58 - 2015-11-24 23:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-09 08:58 - 2015-11-24 23:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-09 08:58 - 2015-11-24 23:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-09 08:58 - 2015-11-24 23:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 08:58 - 2015-11-24 23:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-09 08:58 - 2015-11-24 23:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2015-12-09 08:58 - 2015-11-24 23:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-09 08:58 - 2015-11-24 23:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-09 08:58 - 2015-11-24 23:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-09 08:58 - 2015-11-24 23:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-09 08:58 - 2015-11-24 23:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-12-09 08:58 - 2015-11-24 23:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-12-09 08:58 - 2015-11-24 23:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-09 08:58 - 2015-11-24 23:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-09 08:58 - 2015-11-24 23:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-09 08:58 - 2015-11-24 23:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-09 08:58 - 2015-11-24 23:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-09 08:58 - 2015-11-24 23:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2015-12-09 08:58 - 2015-11-24 23:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-09 08:58 - 2015-11-24 23:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 08:58 - 2015-11-24 23:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 08:58 - 2015-11-24 23:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 08:58 - 2015-11-24 23:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-09 08:58 - 2015-11-24 23:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2015-12-09 08:58 - 2015-11-24 23:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 08:58 - 2015-11-24 23:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 08:58 - 2015-11-24 23:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-12-09 08:58 - 2015-11-24 23:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-09 08:58 - 2015-11-24 23:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-09 08:58 - 2015-11-24 23:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-09 08:58 - 2015-11-24 23:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-09 08:58 - 2015-11-24 23:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-09 08:58 - 2015-11-24 21:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-09 08:58 - 2015-11-24 21:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls
2015-12-07 11:56 - 2015-12-07 11:56 - 00025129 _____ C:\ProgramData\1449507407.bdinstall.bin
2015-12-07 11:56 - 2015-12-07 11:56 - 00003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2015-12-07 08:36 - 2015-12-07 08:36 - 00001048 _____ C:\Users\Public\Desktop\Deluge.lnk
2015-12-07 08:35 - 2015-12-07 08:35 - 00000714 _____ C:\Users\JuanCarlos\AppData\Local\recently-used.xbel
2015-12-06 21:54 - 2015-12-06 21:54 - 00002206 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-12-06 21:53 - 2015-11-24 13:42 - 00102704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-12-06 21:52 - 2015-11-24 18:07 - 42913912 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 37882672 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 22345336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 18389624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 16561320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 15839392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 14844304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 13533416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 12040952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 02876536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 02496816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435906.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435906.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 01016360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 01013960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00877872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00823232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00820856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00689784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00601424 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00503416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00501056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00446768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00445400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00422752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00413816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-12-06 21:52 - 2015-11-24 18:07 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-12-06 17:18 - 2015-12-06 17:18 - 00000000 ____D C:\Users\JuanCarlos\AppData\Roaming\Python-Eggs
2015-12-06 17:03 - 2015-12-06 17:03 - 00000000 ____D C:\SickRage
2015-12-06 17:03 - 2015-12-06 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SickRage
2015-12-03 20:43 - 2015-12-03 20:43 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2015-12-03 20:43 - 2015-12-03 20:43 - 00001028 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2015-11-27 19:11 - 2015-11-27 19:11 - 00000982 _____ C:\Users\JuanCarlos\Desktop\Ventrilo.lnk
2015-11-27 19:11 - 2015-11-27 19:11 - 00000210 _____ C:\WINDOWS\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
2015-11-27 19:11 - 2015-11-27 19:11 - 00000000 ____D C:\Users\JuanCarlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo
2015-11-27 19:11 - 2015-11-27 19:11 - 00000000 ____D C:\Program Files\Ventrilo
2015-11-27 19:06 - 2015-11-27 19:10 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-11-27 18:50 - 2015-11-27 19:09 - 00000000 ____D C:\Users\JuanCarlos\AppData\Roaming\Ventrilo
2015-11-22 12:27 - 2015-11-22 12:27 - 00000318 _____ C:\Users\JuanCarlos\Desktop\Curse Client.appref-ms
2015-11-22 12:27 - 2015-11-22 12:27 - 00000000 ____D C:\Users\JuanCarlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2015-11-22 12:16 - 2015-11-22 12:16 - 00362056 _____ C:\WINDOWS\Minidump\112215-23953-01.dmp
2015-11-20 12:18 - 2015-11-20 12:18 - 00049777 _____ C:\Users\JuanCarlos\Documents\Invoice for REPUCOM Deutschland GmbH - November 20 2015.pdf
2015-11-20 10:37 - 2015-11-15 22:54 - 01905456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435900.dll
2015-11-20 10:37 - 2015-11-15 22:54 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435900.dll
2015-11-20 10:28 - 2015-11-12 13:37 - 00112712 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-11-18 12:53 - 2015-11-18 12:53 - 00000000 ____D C:\Users\JuanCarlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Creative
2015-11-18 12:53 - 2015-11-18 12:53 - 00000000 ____D C:\Users\JuanCarlos\AppData\Roaming\Creative
2015-11-18 12:42 - 2015-11-18 12:53 - 00000000 ____D C:\ProgramData\Creative
2015-11-18 12:42 - 2015-11-18 12:42 - 00000000 ____D C:\Users\Public\Documents\Creative
2015-11-18 12:24 - 2015-11-18 12:24 - 00466520 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2015-11-18 12:24 - 2015-11-18 12:24 - 00445016 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2015-11-18 12:24 - 2015-11-18 12:24 - 00123480 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2015-11-18 12:24 - 2015-11-18 12:24 - 00109144 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2015-11-18 12:24 - 2015-11-18 12:24 - 00002398 _____ C:\Users\Public\Desktop\Creative Product Registration.lnk
2015-11-18 12:24 - 2014-04-25 16:33 - 01898496 ____N (Creative) C:\WINDOWS\system32\Sens_oal.dll
2015-11-18 12:24 - 2014-04-25 16:29 - 01609728 ____N (Creative) C:\WINDOWS\SysWOW64\Sens_oal.dll
2015-11-18 12:24 - 2014-04-17 11:06 - 00175104 ____N (Creative Technology Ltd) C:\WINDOWS\system32\CtUsAs64.DLL
2015-11-18 12:24 - 2014-04-17 11:06 - 00163840 ____N (Creative Technology Ltd) C:\WINDOWS\SysWOW64\CtUsAsio.DLL
2015-11-18 12:24 - 2013-04-25 16:07 - 00006505 ____N C:\WINDOWS\SysWOW64\CTOPT399.cat
2015-11-18 12:24 - 2013-04-03 14:01 - 00006601 ____N C:\WINDOWS\system32\CTOPT399.cat
2015-11-18 12:24 - 2013-04-03 09:55 - 00079360 ____N (Creative Technology Ltd) C:\WINDOWS\SysWOW64\CTOPT399.dll
2015-11-18 12:24 - 2013-04-03 09:54 - 00088576 _____ (Creative Technology Ltd) C:\WINDOWS\system32\CTOPT399.dll
2015-11-18 12:24 - 2008-12-22 20:13 - 00061440 ____N (Creative Technology Ltd) C:\WINDOWS\SysWOW64\CTChkAud.dll
2015-11-18 12:24 - 2008-12-22 20:13 - 00049664 ____N (Creative Technology Ltd) C:\WINDOWS\system32\CTChkAud.dll
2015-11-18 12:24 - 2006-10-06 14:17 - 00053248 ____N (Creative Technology Ltd ) C:\WINDOWS\Ctregrun.exe
2015-11-18 12:24 - 2003-06-12 23:25 - 00007062 _____ C:\WINDOWS\SysWOW64\audiopid.vxd
2015-11-18 12:24 - 2000-05-22 16:58 - 00647872 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Mscomct2.ocx
2015-11-18 12:23 - 2015-11-18 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2015-11-18 12:23 - 2015-04-27 10:10 - 00050936 _____ C:\WINDOWS\system32\kschimp.ini
2015-11-18 12:23 - 2014-11-28 13:41 - 00089600 _____ C:\WINDOWS\system32\CmdRtr64.DLL
2015-11-18 12:23 - 2014-11-28 13:41 - 00074240 _____ C:\WINDOWS\SysWOW64\CmdRtr.DLL
2015-11-18 12:23 - 2014-11-28 13:40 - 00365568 _____ C:\WINDOWS\system32\APOMgr64.DLL
2015-11-18 12:23 - 2014-11-28 13:38 - 00274944 _____ C:\WINDOWS\SysWOW64\APOMngr.DLL
2015-11-18 12:22 - 2015-11-18 12:23 - 00000258 ___RH C:\WINDOWS\ctfile.rfc
2015-11-18 12:22 - 2015-04-30 11:23 - 02081024 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\ksaud.sys
2015-11-18 12:22 - 2015-04-20 16:25 - 00032506 _____ C:\WINDOWS\system32\MixerDefault.reg
2015-11-18 12:22 - 2015-04-20 09:45 - 00036742 _____ C:\WINDOWS\system32\ksaud.ini
2015-11-18 12:22 - 2015-04-07 14:18 - 00002111 _____ C:\ProgramData\cfSB1560.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00306167 _____ C:\WINDOWS\system32\DeviceDefaultVista.reg
2015-11-18 12:22 - 2015-03-20 11:23 - 00052702 _____ C:\WINDOWS\ksaudENG.reg
2015-11-18 12:22 - 2015-03-20 11:23 - 00003077 _____ C:\ProgramData\cfSB1290A.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00003077 _____ C:\ProgramData\cfSB1290.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00002844 _____ C:\ProgramData\cfSB1240A.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00002844 _____ C:\ProgramData\cfSB1240.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00001772 _____ C:\ProgramData\cfSB1095A.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00001772 _____ C:\ProgramData\cfSB1095.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00001697 _____ C:\ProgramData\CfGH0250.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00001696 _____ C:\ProgramData\CfGH0280.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00001352 _____ C:\ProgramData\cfSB1090.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00001352 _____ C:\ProgramData\cfSB0910.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00001346 _____ C:\ProgramData\cfSB1100.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00001302 _____ C:\ProgramData\cfSB0300.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00001282 _____ C:\ProgramData\cfSB0471.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00001208 _____ C:\ProgramData\cfSB0490.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00001027 _____ C:\ProgramData\cfSB0560.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00001026 _____ C:\ProgramData\cfSB0271.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00001026 _____ C:\ProgramData\cfSB0270.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00000939 _____ C:\ProgramData\CfSB1170.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00000806 _____ C:\ProgramData\cfSB1300A.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00000806 _____ C:\ProgramData\cfSB1300.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00000715 _____ C:\ProgramData\cfSB1540.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00000715 _____ C:\ProgramData\CfSB1532.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00000715 _____ C:\ProgramData\CfSB1530.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00000715 _____ C:\ProgramData\CfSB1390.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00000715 _____ C:\ProgramData\CfSB1380.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00000715 _____ C:\ProgramData\CfSB1360.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 00000590 _____ C:\ProgramData\cfSB0950.ini
2015-11-18 12:22 - 2015-02-11 19:28 - 00236544 _____ (Creative Technology Limited) C:\WINDOWS\system32\KsDvInst.dll
2015-11-18 12:22 - 2014-11-28 13:46 - 00732600 _____ (Creative Technology Ltd) C:\WINDOWS\KSAIM64.exe
2015-11-18 12:22 - 2014-06-04 13:27 - 03100672 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\KsMalc64.DLL
2015-11-18 12:22 - 2014-06-04 13:26 - 02595328 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\KsMalc32.dll
2015-11-18 12:22 - 2014-03-11 18:37 - 00120320 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\SBAVMon.dll
2015-11-18 12:22 - 2014-02-26 15:02 - 00456704 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\KSVSPI64.dll
2015-11-18 12:22 - 2014-02-26 15:01 - 00333312 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\KSVSPI32.dll
2015-11-18 12:22 - 2013-11-13 15:34 - 00057856 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\SBAVMonL.dll
2015-11-18 12:22 - 2013-09-09 15:02 - 01140224 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\KSAPO64.dll
2015-11-18 12:22 - 2013-09-09 15:02 - 00057856 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\KSPPLD64.dll
2015-11-18 12:22 - 2013-09-09 15:01 - 00944640 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\KSAPO32.dll
2015-11-18 12:22 - 2013-09-09 15:01 - 00012769 _____ C:\WINDOWS\KSAPO64.hda
2015-11-18 12:22 - 2013-09-09 15:00 - 00011617 _____ C:\WINDOWS\KSAPO32.hda
2015-11-18 12:22 - 2012-04-18 11:39 - 00042496 _____ (Creative Technology Ltd.) C:\WINDOWS\AddCat.exe
2015-11-18 12:22 - 2011-06-03 10:28 - 00487424 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\JDetect.exe
2015-11-18 12:22 - 2010-07-14 16:52 - 00005537 _____ C:\WINDOWS\KSWrap64.hda
2015-11-18 12:22 - 2010-07-14 16:51 - 00005441 _____ C:\WINDOWS\KSWrap32.hda
2015-11-18 12:22 - 2010-07-08 09:42 - 00053760 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\KSPPCn64.dll
2015-11-18 12:22 - 2010-07-08 09:41 - 00074240 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\KSWrap64.dll
2015-11-18 12:22 - 2010-07-08 09:41 - 00044032 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\KSPPCn32.dll
2015-11-18 12:22 - 2010-07-08 09:40 - 00063488 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\KSWrap32.dll
2015-11-18 12:22 - 2010-05-07 16:08 - 00005441 _____ C:\WINDOWS\KSDGFX32.hda
2015-11-18 12:22 - 2010-05-07 16:06 - 00005513 _____ C:\WINDOWS\KSDGFX64.hda
2015-11-18 12:22 - 2010-05-06 11:16 - 00067584 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\KSDGFX64.dll
2015-11-18 12:22 - 2010-05-06 11:15 - 00059904 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\KSDGFX32.dll
2015-11-18 12:12 - 2015-12-18 12:40 - 831544130 _____ C:\WINDOWS\MEMORY.DMP
2015-11-18 12:12 - 2015-11-18 12:12 - 00266320 _____ C:\WINDOWS\Minidump\111815-7671-01.dmp
2015-11-18 11:41 - 2015-11-18 12:24 - 00000000 ____D C:\Program Files (x86)\Creative
2015-11-18 11:41 - 2015-11-18 11:41 - 00000000 ____D C:\Program Files\Creative
2015-11-18 11:41 - 2015-03-20 11:23 - 00003416 _____ C:\WINDOWS\system32\SBX.bmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-18 14:49 - 2015-08-02 18:27 - 00000000 ____D C:\Users\JuanCarlos\AppData\Roaming\DMCache
2015-12-18 14:48 - 2015-07-10 04:05 - 00000000 ____D C:\Windows
2015-12-18 14:41 - 2015-09-15 09:23 - 00000000 ____D C:\Program Files\Bitdefender Agent
2015-12-18 14:41 - 2015-06-27 17:15 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-18 14:28 - 2015-08-09 10:21 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-18 14:19 - 2015-07-06 16:49 - 00000000 ____D C:\Users\JuanCarlos\AppData\Roaming\FileZilla
2015-12-18 14:14 - 2015-07-02 13:05 - 00000604 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3837890448-573517583-2739916161-1001.job
2015-12-18 14:10 - 2015-10-07 16:37 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-18 13:12 - 2015-07-02 13:05 - 00000700 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3837890448-573517583-2739916161-1001.job
2015-12-18 13:11 - 2015-08-15 17:50 - 00000000 ____D C:\Users\JuanCarlos\AppData\LocalLow\LastPass
2015-12-18 12:55 - 2015-06-26 21:22 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-18 12:46 - 2015-07-29 18:46 - 00968010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-18 12:46 - 2015-07-10 06:02 - 00000000 ____D C:\WINDOWS\INF
2015-12-18 12:43 - 2015-07-09 11:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-18 12:41 - 2015-07-29 18:35 - 00000000 ____D C:\Users\JuanCarlos
2015-12-18 12:41 - 2015-06-27 17:15 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-18 12:41 - 2015-05-29 21:11 - 00000000 __RDO C:\Users\JuanCarlos\OneDrive
2015-12-18 12:40 - 2015-08-11 13:59 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-18 12:40 - 2015-07-10 07:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-18 12:40 - 2015-06-26 11:42 - 00000000 ____D C:\ProgramData\Hauppauge
2015-12-18 12:40 - 2015-06-25 21:18 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-18 09:12 - 2015-07-10 06:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-18 09:12 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-18 09:11 - 2015-08-20 13:05 - 00000000 ____D C:\Users\JuanCarlos\AppData\Local\Adobe
2015-12-18 09:11 - 2015-08-01 15:58 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{81F2B4B6-FED9-4A81-B458-076F76380126}
2015-12-17 21:59 - 2015-07-10 12:38 - 00000000 ____D C:\Users\JuanCarlos\AppData\Local\Spotify
2015-12-17 21:59 - 2015-07-10 04:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-17 21:59 - 2015-05-29 23:13 - 00138369 _____ C:\bdlog.txt
2015-12-17 21:56 - 2015-07-10 12:37 - 00000000 ____D C:\Users\JuanCarlos\AppData\Roaming\Spotify
2015-12-17 20:29 - 2015-08-22 10:39 - 00000000 ____D C:\Users\JuanCarlos\AppData\Local\CrashDumps
2015-12-17 16:47 - 2015-07-10 04:05 - 00065536 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-16 22:49 - 2015-10-16 10:28 - 00000000 ____D C:\ProgramData\Origin
2015-12-16 20:43 - 2015-05-30 11:26 - 00000000 ____D C:\Users\JuanCarlos\Documents\Outlook Files
2015-12-16 15:43 - 2015-06-27 17:16 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-16 13:20 - 2015-07-02 13:05 - 00003858 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-3837890448-573517583-2739916161-1001
2015-12-16 13:20 - 2015-07-02 13:05 - 00003762 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-3837890448-573517583-2739916161-1001
2015-12-16 11:02 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-12-16 10:32 - 2015-07-10 06:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-16 10:32 - 2015-06-26 18:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-16 10:27 - 2015-08-02 18:27 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2015-12-16 10:13 - 2015-08-02 18:27 - 00000000 ____D C:\Users\JuanCarlos\AppData\Roaming\IDM
2015-12-16 10:09 - 2015-08-21 14:01 - 00000000 ____D C:\ProgramData\ProductData
2015-12-14 09:45 - 2015-09-15 09:38 - 00087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2015-12-14 09:24 - 2015-07-27 15:27 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-13 22:30 - 2015-08-02 09:52 - 00000000 ____D C:\Users\JuanCarlos\AppData\Local\Battle.net
2015-12-13 22:28 - 2015-08-21 14:56 - 00000000 ____D C:\Users\JuanCarlos\AppData\Roaming\Skype
2015-12-13 17:23 - 2015-07-29 18:46 - 00002378 _____ C:\Users\JuanCarlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-13 15:26 - 2015-08-21 14:56 - 00002640 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-13 15:26 - 2015-08-21 14:56 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-13 15:26 - 2015-08-21 14:56 - 00000000 ____D C:\Users\JuanCarlos\AppData\Local\Skype
2015-12-13 15:26 - 2015-08-21 14:56 - 00000000 ____D C:\ProgramData\Skype
2015-12-12 18:47 - 2015-08-02 09:54 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-12-12 10:20 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\rescache
2015-12-11 14:09 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-10 19:08 - 2015-06-26 12:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-10 19:03 - 2015-06-26 12:53 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-10 18:55 - 2015-05-31 12:40 - 00000000 ____D C:\Users\JuanCarlos\Documents\Cotizaciones MiHospedaje.Net
2015-12-10 17:31 - 2015-05-31 12:40 - 00000000 ____D C:\Users\JuanCarlos\Documents\Cotizaciones Creaciones Digitales
2015-12-10 09:23 - 2015-07-10 07:20 - 04992208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-09 19:05 - 2015-06-26 19:42 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 19:05 - 2015-06-26 19:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 19:04 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-09 09:03 - 2015-07-10 05:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-09 09:03 - 2015-06-26 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-08 22:39 - 2015-06-26 12:53 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-12-08 16:22 - 2015-05-29 14:58 - 00000000 ____D C:\Users\JuanCarlos\AppData\Local\Packages
2015-12-08 10:48 - 2015-08-20 13:08 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-12-07 08:37 - 2015-07-04 17:07 - 00000000 ____D C:\Users\JuanCarlos\AppData\Roaming\deluge
2015-12-07 08:36 - 2015-07-04 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2015-12-07 08:36 - 2015-07-04 17:06 - 00000000 ____D C:\Program Files (x86)\Deluge
2015-12-06 21:54 - 2015-07-29 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-06 21:52 - 2015-07-29 18:30 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-05 22:53 - 2015-08-01 20:14 - 00000600 _____ C:\Users\JuanCarlos\AppData\Local\PUTTY.RND
2015-12-04 10:36 - 2015-06-27 17:15 - 00003976 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 10:36 - 2015-06-27 17:15 - 00003744 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-02 20:11 - 2015-08-20 13:08 - 00000000 ____D C:\Program Files\Adobe
2015-12-02 20:09 - 2015-08-20 15:34 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-02 20:06 - 2015-08-20 13:08 - 00001615 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-12-02 20:06 - 2015-08-20 13:08 - 00001603 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2015-12-01 20:26 - 2015-07-09 11:54 - 00001393 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2015-12-01 20:26 - 2015-07-09 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-12-01 20:26 - 2015-07-09 11:54 - 00000000 ____D C:\ProgramData\Freemake
2015-11-30 19:32 - 2015-10-03 14:10 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-30 19:32 - 2015-10-03 14:10 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-28 22:13 - 2015-08-12 22:03 - 00000000 ____D C:\Users\JuanCarlos\AppData\Local\Deployment
2015-11-28 15:33 - 2015-09-26 19:59 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2015-11-25 19:34 - 2015-08-11 10:30 - 11228488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-11-24 18:07 - 2015-08-31 15:17 - 15933400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-11-24 18:07 - 2015-08-11 10:30 - 18487360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-11-24 18:07 - 2015-08-11 10:30 - 12870384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-11-24 18:07 - 2015-08-11 10:30 - 03540360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-11-24 18:07 - 2015-08-11 10:30 - 03126800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-11-24 18:07 - 2015-07-23 04:02 - 00034494 _____ C:\WINDOWS\system32\nvinfo.pb
2015-11-24 18:07 - 2015-06-25 21:18 - 00112760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-11-24 18:07 - 2015-06-25 21:18 - 00105080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-11-24 14:32 - 2015-06-25 21:18 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-11-24 14:32 - 2015-06-25 21:18 - 02983032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-11-24 14:32 - 2015-06-25 21:18 - 02554672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-11-24 14:32 - 2015-06-25 21:18 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-11-24 14:32 - 2015-06-25 21:18 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-11-24 14:32 - 2015-06-25 21:18 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-11-24 09:47 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\SystemApps
2015-11-23 15:35 - 2015-06-25 21:18 - 06049858 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-11-22 19:22 - 2015-08-16 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-11-22 19:22 - 2015-08-16 17:58 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-11-22 12:30 - 2015-11-02 19:50 - 00000000 ____D C:\Users\JuanCarlos\AppData\Local\WinZip
2015-11-20 22:18 - 2015-08-01 18:38 - 00000000 ____D C:\Users\JuanCarlos\AppData\Roaming\qBittorrent
2015-11-20 10:28 - 2015-07-29 15:08 - 00001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-11-20 10:28 - 2015-07-29 15:08 - 00000000 ____D C:\Users\JuanCarlos\AppData\Local\NVIDIA Corporation
2015-11-18 15:11 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\registration
2015-11-18 14:59 - 2015-06-26 17:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-18 12:53 - 2015-07-10 06:04 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files

==================== Files in the root of some directories =======

2015-08-15 17:50 - 2015-08-20 15:57 - 16790552 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-08-20 13:29 - 2015-09-02 10:41 - 0000034 _____ () C:\Users\JuanCarlos\AppData\Roaming\AdobeWLCMCache.dat
2015-08-11 19:24 - 2015-08-22 19:25 - 0000532 _____ () C:\Users\JuanCarlos\AppData\Roaming\burnaware.ini
2015-08-01 20:14 - 2015-12-05 22:53 - 0000600 _____ () C:\Users\JuanCarlos\AppData\Local\PUTTY.RND
2015-12-07 08:35 - 2015-12-07 08:35 - 0000714 _____ () C:\Users\JuanCarlos\AppData\Local\recently-used.xbel
2015-09-13 12:36 - 2015-09-13 12:36 - 0007601 _____ () C:\Users\JuanCarlos\AppData\Local\Resmon.ResmonCfg
2015-09-15 09:38 - 2015-09-15 09:38 - 0429852 _____ () C:\ProgramData\1442327707.bdinstall.bin
2015-10-06 10:02 - 2015-10-06 10:02 - 0024818 _____ () C:\ProgramData\1444143752.bdinstall.bin
2015-10-08 12:45 - 2015-10-08 12:45 - 0024464 _____ () C:\ProgramData\1444326349.bdinstall.bin
2015-10-08 14:32 - 2015-10-08 14:32 - 0024470 _____ () C:\ProgramData\1444332723.bdinstall.bin
2015-12-07 11:56 - 2015-12-07 11:56 - 0025129 _____ () C:\ProgramData\1449507407.bdinstall.bin
2015-11-18 12:22 - 2015-03-20 11:23 - 0001697 _____ () C:\ProgramData\CfGH0250.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0001696 _____ () C:\ProgramData\CfGH0280.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0001026 _____ () C:\ProgramData\cfSB0270.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0001026 _____ () C:\ProgramData\cfSB0271.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0001302 _____ () C:\ProgramData\cfSB0300.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0001282 _____ () C:\ProgramData\cfSB0471.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0001208 _____ () C:\ProgramData\cfSB0490.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0001027 _____ () C:\ProgramData\cfSB0560.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0001352 _____ () C:\ProgramData\cfSB0910.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0000590 _____ () C:\ProgramData\cfSB0950.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0001352 _____ () C:\ProgramData\cfSB1090.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0001772 _____ () C:\ProgramData\cfSB1095.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0001772 _____ () C:\ProgramData\cfSB1095A.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0001346 _____ () C:\ProgramData\cfSB1100.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0000939 _____ () C:\ProgramData\CfSB1170.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0002844 _____ () C:\ProgramData\cfSB1240.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0002844 _____ () C:\ProgramData\cfSB1240A.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0003077 _____ () C:\ProgramData\cfSB1290.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0003077 _____ () C:\ProgramData\cfSB1290A.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0000806 _____ () C:\ProgramData\cfSB1300.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0000806 _____ () C:\ProgramData\cfSB1300A.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0000715 _____ () C:\ProgramData\CfSB1360.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0000715 _____ () C:\ProgramData\CfSB1380.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0000715 _____ () C:\ProgramData\CfSB1390.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0000715 _____ () C:\ProgramData\CfSB1530.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0000715 _____ () C:\ProgramData\CfSB1532.ini
2015-11-18 12:22 - 2015-03-20 11:23 - 0000715 _____ () C:\ProgramData\cfSB1540.ini
2015-11-18 12:22 - 2015-04-07 14:18 - 0002111 _____ () C:\ProgramData\cfSB1560.ini
2015-07-29 18:34 - 2015-07-29 18:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\JuanCarlos\AppData\Local\Temp\FreemakeVideoConverterFull.exe
C:\Users\JuanCarlos\AppData\Local\Temp\mirc743.exe
C:\Users\JuanCarlos\AppData\Local\Temp\npp.6.8.6.Installer.exe
C:\Users\JuanCarlos\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\JuanCarlos\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\JuanCarlos\AppData\Local\Temp\nvStInst.exe
C:\Users\JuanCarlos\AppData\Local\Temp\SkypeSetup.exe
C:\Users\JuanCarlos\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-12-13 10:06

==================== End of FRST.txt ============================

Link to post
Share on other sites

Sorry, I had to split the post, it was too long.

 

Here is the Addition.txt content:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-12-2015
Ran by JuanCarlos (2015-12-18 14:50:26)
Running from E:\Memories\Install Files
Windows 10 Pro (X64) (2015-07-29 23:43:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3837890448-573517583-2739916161-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3837890448-573517583-2739916161-503 - Limited - Disabled)
Guest (S-1-5-21-3837890448-573517583-2739916161-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3837890448-573517583-2739916161-1005 - Limited - Enabled)
JuanCarlos (S-1-5-21-3837890448-573517583-2739916161-1001 - Administrator - Enabled) => C:\Users\JuanCarlos

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.34 - GIGABYTE)
µTorrent (HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Aegisub 3.2.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 2.1.0 - philandro Software GmbH)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Backblaze (HKLM-x32\...\Backblaze) (Version:  - Backblaze, Inc)
Batman™: Arkham Knight (HKLM-x32\...\Steam App 208650) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.18.1035 - Bitdefender)
Bitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.18.1037 - Bitdefender)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BurnAware Free 8.3 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
Corel KPT Collection (HKLM-x32\...\_{B16DC136-9583-4C54-BE27-F001BBC546B1}) (Version: 1.0.0.109 - Corel Corporation)
Corel PaintShop Pro X7  (HKLM-x32\...\_{176F50D6-6857-49CE-B731-65F757EE3F0D}) (Version: 17.3.0.30 - Corel Corporation)
Corel VideoStudio Pro X7 (HKLM-x32\...\_{77B3BEA9-835C-4DDF-BCE7-1510271E4E37}) (Version: 17.1.0.22 - Corel Corporation)
CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Creative ASIO (USB) (HKLM-x32\...\Creative_ASIO(USB)) (Version: 1.00 - Creative Technology Limited)
Creative Content (x32 Version: 1.0.0.114 - Corel Corporation) Hidden
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Curse Client (HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Deluge 1.3.12 (HKLM-x32\...\Deluge) (Version:  - )
DIMM (HKLM-x32\...\DIMM) (Version: 1.0 - Servicio de Rentas Internas)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version:  - )
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON TX560WD Series Printer Uninstall (HKLM\...\EPSON TX560WD Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3b - SEIKO EPSON CORPORATION)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Freemake Video Converter version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Geeks3D FurMark 1.16.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GIGABYTE OC_GURU II (x32 Version: 1.88.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GoToMeeting 7.7.1.4099 (HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\GoToMeeting) (Version: 7.7.1.4099 - CitrixOnline)
Hauppauge WinTV 8 (HKLM-x32\...\Hauppauge WinTV 8) (Version: v8.0.33106 (CD 4.0 with Extend) - Hauppauge Computer Works)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Kits Configuration Installer (x32 Version: 10.1.10586.15 - Microsoft) Hidden
K-Lite Codec Pack 11.7.0 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.7.0 - )
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.75 (HKLM\...\Logitech Gaming Software) (Version: 8.75.30 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6366.2036 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710F4C1C-CC18-4C49-8CBF-51240C89A1A2}) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  - )
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.43 - mIRC Co. Ltd.)
Mozilla Firefox 43.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Graphics Driver 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.62 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Plex Media Server (HKLM-x32\...\{5a054eae-1147-460c-990a-0859dc73c194}) (Version: 0.9.1213 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.1213 - Plex, Inc.) Hidden
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 1.8.5 - Vaclav Slavik)
PowerAlert Local Software (HKLM-x32\...\{88E7FC62-7948-4262-93E2-1D0B1E992C84}) (Version: 12.04.41 - Tripp Lite)
PuTTY release 0.65 (HKLM-x32\...\PuTTY_is1) (Version: 0.65 - Simon Tatham)
qBittorrent 3.2.3 (HKLM-x32\...\qBittorrent) (Version: 3.2.3 - The qBittorrent project)
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27748 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.4 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.4 - VS Revo Group, Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.8 - Samsung Electronics)
SDK Debuggers (x32 Version: 10.1.10586.15 - Microsoft Corporation) Hidden
Seagate Drive Settings Installer (HKLM-x32\...\InstallShield_{91DDF870-EE18-44D8-9D93-F4C122B80908}) (Version: 1.00.0000 - Seagate Technologies LLC)
SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
SickRage (master) (HKLM\...\{B0D7EA3E-CC34-4BE6-95D5-3C3D31E9E1B2}_is1) (Version: master - SickRage)
Skype Web Plugin (HKLM-x32\...\{F7C13D74-E0FD-4A76-896A-E8687769767D}) (Version:  - )
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
Sound Blaster Omni Surround 5.1 (HKLM-x32\...\{DD0AD523-C679-4844-A9E7-F446273C43D0}) (Version: 1.01.07 - Creative Technology Limited)
Sound Blaster Omni Surround 5.1 Extras (HKLM-x32\...\{C9120656-8F23-409A-8B4D-278FEAA33856}) (Version: 1.0 - Creative Technology Limited)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.52465 - TeamViewer)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.11.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.0.10.0 - GOG.com)
Unity Web Player (HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
Windows Software Development Kit - Windows 10.0.10586.15 (HKLM-x32\...\{28a123e5-1799-4f20-9bd8-7c46f30eb7bf}) (Version: 10.1.10586.15 - Microsoft Corporation)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. )
WinZip Courier (HKLM-x32\...\{D011655B-0753-4C2A-B870-946C5B02F54E}) (Version: 6.5.11568 - WinZip Computing, S.L. )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Your Software Deals 1.0.0 (HKLM-x32\...\Your Software Deals_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG) <==== ATTENTION
Zombie Army Trilogy (HKLM-x32\...\Steam App 301640) (Version:  - Rebellion)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3837890448-573517583-2739916161-1001_Classes\CLSID\{0825CC0E-34BD-4FE4-B78D-EF6582A94B6A}\InprocServer32 -> C:\Users\JuanCarlos\AppData\Local\SkypePlugin\7.5.0.127\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3837890448-573517583-2739916161-1001_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files (x86)\WinZip Courier\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3837890448-573517583-2739916161-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\JuanCarlos\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3837890448-573517583-2739916161-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\JuanCarlos\AppData\Local\Citrix\GoToMeeting\2759\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3837890448-573517583-2739916161-1001_Classes\CLSID\{8E00BFA9-1C7B-4E45-BF2F-0FAEA236E1CC}\localserver32 -> C:\Users\JuanCarlos\AppData\Local\SkypePlugin\7.5.0.127\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3837890448-573517583-2739916161-1001_Classes\CLSID\{943F19B2-32F9-4373-8D4C-DBE62B95F2CF}\InprocServer32 -> C:\Program Files (x86)\WinZip Courier\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3837890448-573517583-2739916161-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3837890448-573517583-2739916161-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\JuanCarlos\AppData\Local\SkypePlugin\7.5.0.127\EdgeCalling.exe (Skype Technologies S.A.)

==================== Restore Points =========================

28-11-2015 18:10:27 Revo Uninstaller Pro's restore point - The Elder Scrolls Online
07-12-2015 12:00:49 Scheduled Checkpoint
10-12-2015 19:03:13 Windows Update
16-12-2015 17:19:39 Installed DirectX
18-12-2015 12:52:56 Windows Software Development Kit - Windows 10.0.10586.15

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2015-12-18 14:40 - 00002357 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 eltelegrafo.com.ec
127.0.0.1 andes.info.ec

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {020A98E2-6C4A-4A5F-92EA-9DD0AC468341} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {07D404E1-9CBA-4EA4-8326-C94EBFD061B3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {117F964F-0845-4D64-B327-75A498CF9533} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {1AA1D6D5-C141-4C4D-ABF6-3671AC5E364C} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-11-19] ()
Task: {20E00BEB-C404-462C-B594-538B07DB715B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {21BB379C-B505-47B9-A6B5-37E17D0E759B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {26A5B696-B52F-4F2F-9467-2E9874830948} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-jdonoso@creacionesdigitales.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {2C784092-1B0E-4E5C-8F7D-CBC6FB956702} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe
Task: {2E105938-1577-4E89-BE6A-EAF7E3E9E1CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2E2A96D4-4A42-4212-AFF2-19ADB762296F} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2015-10-16] (Samsung Electronics.)
Task: {2F3901B5-77A0-4815-9DD2-C6B3929596AA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-12-04] (Microsoft Corporation)
Task: {34D49202-A9E0-40A3-90E1-A21ADF28BBA2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {35056503-6EDF-4B45-90CB-C87EFDD18F2B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {393174E3-D683-431A-910E-6C2865186323} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-08] (Adobe Systems Incorporated)
Task: {47321819-975A-4132-9E8E-2DAAD5106761} - System32\Tasks\{156FEE36-B1CA-43DB-AE68-EEBDEF73DAEC} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.8.0.102/en/go/help.faq.installer?source=lightinstaller&LastError=1638
Task: {499C5618-3491-4DEA-87A9-E26F6117E2CA} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {62DFBC82-825F-436B-847E-3BD7EDBDC293} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-27] (Google Inc.)
Task: {6A57DDD6-9364-4824-BF11-F93AE3D52730} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-12-16] (Microsoft Corporation)
Task: {6CCFFEF1-0209-41C1-B465-60A7617A7D70} - System32\Tasks\G2MUpdateTask-S-1-5-21-3837890448-573517583-2739916161-1001 => C:\Users\JuanCarlos\AppData\Local\Citrix\GoToMeeting\4099\g2mupdate.exe [2015-12-16] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {739160F8-FCEB-4F39-A9B6-F092F1287037} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {74B78E96-C912-49AF-8392-E2FDE88DF4B5} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {7DDAF014-41D0-479C-8A11-ABA7BC576B5E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-12-04] (Microsoft Corporation)
Task: {7F216DA1-42A0-4D89-AF20-4E8B3498999B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {869657A9-41F1-4C33-BA5B-5F6564F2AA6C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {8826F06F-909B-4974-BED6-DF2A8C843D6C} - System32\Tasks\{8F79A36D-7B6D-4DE1-BAD9-94873CDDA9F9} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.8.0.102/en/go/help.faq.installer?LastError=1638
Task: {886D0E13-E181-4E59-988C-6484C0BAD381} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8E05ED1F-C1DF-46B6-91D8-91FC91CF0B27} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9065CC95-7B10-4395-AC30-976C2A4EC96C} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {96A5EC57-CC22-48E3-ACFF-D57813DC29CF} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {97BFE999-E1A1-48AF-8E90-1C7CEAC09F76} - System32\Tasks\G2MUploadTask-S-1-5-21-3837890448-573517583-2739916161-1001 => C:\Users\JuanCarlos\AppData\Local\Citrix\GoToMeeting\4099\g2mupload.exe [2015-12-16] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {9E25057F-19DE-491A-BC2A-652BCC03C9C4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-10] (Microsoft Corporation)
Task: {A57061AE-B738-42DE-ADDD-637ACFA08DF9} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {BD897B2F-DB23-4E9C-AF62-6AA0E6AAE759} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {BDE0E083-2296-4FF4-B435-F9B592814C18} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C6297D81-CDC7-4843-ADEC-40346A9DD59E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {CA1A5D8A-051D-4C8B-B0C0-44F3641E2DA7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {CBB088E6-8596-45E1-9494-E1FE67292F41} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {CBF10572-667B-470B-AB44-7B0EA856851A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {D353FA8E-35D8-4C11-8FFE-BA0FAD30EEE0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {DC048936-75D7-4736-A9EB-F3F6726E0911} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {E564530B-06DD-474D-BDA8-B060D4E50DE0} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2015-11-09] (Bitdefender)
Task: {E76D1C3A-ED70-4703-A013-748A5899D8CC} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {EAB426FA-AF20-4CCB-B556-A123A4F701A9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {ECB86EAB-6497-4944-927D-92FFA3CBF285} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {EE09999B-4C5C-4774-83A7-668E3335BB82} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F324FBE2-6713-4730-B728-3E2B8688AAFE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-27] (Google Inc.)
Task: {F9B20135-25BE-4695-996C-DA58A306A340} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F9DB9A92-61B6-427E-BFD5-FE2BEB75FDB3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {FC767A3D-4EE0-419D-911F-E79770236B1C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {FCC9DCD0-2904-4A4E-B1B1-CC009A1698C6} - System32\Tasks\{9FBEDC5B-9EC8-4399-8C3C-87218050D5EB} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.8.0.102/en/go/help.faq.installer?source=lightinstaller&LastError=1638

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3837890448-573517583-2739916161-1001.job => C:\Users\JuanCarlos\AppData\Local\Citrix\GoToMeeting\4099\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3837890448-573517583-2739916161-1001.job => C:\Users\JuanCarlos\AppData\Local\Citrix\GoToMeeting\4099\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=14383&utm_medium=desktop&x-pos=Metro

==================== Loaded Modules (Whitelisted) ==============

2015-07-29 21:24 - 2015-07-29 21:24 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-15 09:38 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2015-12-03 21:18 - 2015-12-03 21:18 - 00876888 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttpbr.mdl
2015-12-03 21:18 - 2015-12-03 21:18 - 00742976 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttpdsp.mdl
2015-12-03 21:18 - 2015-12-03 21:18 - 02803536 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttpph.mdl
2015-12-03 21:18 - 2015-12-03 21:18 - 01415584 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttprbl.mdl
2015-06-25 21:18 - 2015-11-24 14:32 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-08 16:44 - 2015-12-04 03:52 - 00162472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2013-08-30 19:47 - 2013-08-30 19:47 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-22 14:42 - 2012-10-22 14:42 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-10-22 14:41 - 2012-10-22 14:41 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2015-08-18 18:09 - 2015-08-11 04:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-06-30 12:44 - 2015-06-30 12:44 - 00235712 _____ () C:\Program Files (x86)\Backblaze\bzserv.exe
2015-06-23 14:11 - 2015-06-23 14:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-12-06 17:03 - 2014-08-31 07:34 - 00331264 _____ () C:\SickRage\Installer\nssm.exe
2015-10-07 11:24 - 2015-10-07 11:24 - 01417856 _____ () C:\Program Files (x86)\AnyDesk\AnyDesk.exe
2015-05-23 09:44 - 2015-05-23 09:44 - 00026624 _____ () C:\SickRage\Python\python.exe
2015-05-23 09:44 - 2015-05-23 09:44 - 02223104 _____ () C:\SickRage\Python\DLLs\_ssl.pyd
2015-05-23 09:44 - 2015-05-23 09:44 - 00047616 _____ () C:\SickRage\Python\DLLs\_socket.pyd
2015-05-23 09:44 - 2015-05-23 09:44 - 01567232 _____ () C:\SickRage\Python\DLLs\_hashlib.pyd
2015-05-23 09:44 - 2015-05-23 09:44 - 00166912 _____ () C:\SickRage\Python\DLLs\_elementtree.pyd
2015-05-23 09:44 - 2015-05-23 09:44 - 00164352 _____ () C:\SickRage\Python\DLLs\pyexpat.pyd
2015-05-23 09:44 - 2015-05-23 09:44 - 00112640 _____ () C:\SickRage\Python\DLLs\_ctypes.pyd
2015-05-23 09:44 - 2015-05-23 09:44 - 00010752 _____ () C:\SickRage\Python\DLLs\select.pyd
2015-12-06 17:03 - 2013-09-04 13:30 - 00071168 _____ () C:\SickRage\Python\lib\site-packages\OpenSSL\crypto.pyd
2015-12-06 17:03 - 2013-09-04 13:30 - 00010752 _____ () C:\SickRage\Python\lib\site-packages\OpenSSL\rand.pyd
2015-12-06 17:03 - 2013-09-04 13:30 - 00052224 _____ () C:\SickRage\Python\lib\site-packages\OpenSSL\SSL.pyd
2015-05-23 09:44 - 2015-05-23 09:44 - 00080896 _____ () C:\SickRage\Python\DLLs\bz2.pyd
2015-05-23 09:44 - 2015-05-23 09:44 - 00060416 _____ () C:\SickRage\Python\DLLs\_sqlite3.pyd
2015-05-23 09:42 - 2015-05-23 09:42 - 00535040 _____ () C:\SickRage\Python\DLLs\sqlite3.dll
2015-05-23 09:44 - 2015-05-23 09:44 - 00689664 _____ () C:\SickRage\Python\DLLs\unicodedata.pyd
2015-12-06 17:04 - 2015-12-06 17:04 - 00191488 _____ () C:\SickRage\SickRage\lib\unrar2\UnRARDLL\x64\unrar64.dll
2015-05-23 09:44 - 2015-05-23 09:44 - 00031744 _____ () C:\SickRage\Python\DLLs\_multiprocessing.pyd
2015-09-30 21:51 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 21:51 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-16 10:30 - 2015-12-16 10:30 - 08903848 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2015-09-30 21:51 - 2015-09-17 00:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-09 08:58 - 2015-11-24 23:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-09 08:58 - 2015-11-24 23:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-09 08:58 - 2015-11-24 23:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-30 21:51 - 2015-09-17 00:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 06:00 - 2015-07-10 08:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-03-06 19:07 - 2015-03-06 19:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-10-14 11:35 - 2015-10-14 11:35 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-06 19:07 - 2015-03-06 19:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-10-14 11:35 - 2015-10-14 11:35 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-11-18 12:23 - 2014-11-28 13:41 - 00089600 _____ () C:\WINDOWS\SYSTEM32\CmdRtr64.DLL
2015-11-18 12:23 - 2014-11-28 13:40 - 00365568 _____ () C:\WINDOWS\SYSTEM32\APOMgr64.DLL
2015-06-30 12:44 - 2015-06-30 12:44 - 00490176 _____ () C:\Program Files (x86)\Backblaze\bzbui.exe
2015-07-09 11:54 - 2015-11-23 16:05 - 00071680 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2015-07-08 01:58 - 2015-07-08 01:58 - 00292352 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2015-06-30 12:44 - 2015-06-30 12:44 - 03272896 _____ () C:\Program Files (x86)\Backblaze\x64\bztransmit64.exe
2015-06-30 12:44 - 2015-06-30 12:44 - 00304320 _____ () C:\Program Files (x86)\Backblaze\bzfilelist.exe
2015-06-26 11:42 - 2011-08-23 13:04 - 00057344 _____ () C:\Program Files (x86)\WinTV\TVServer\libhdhomerun.dll
2015-06-26 11:42 - 2015-04-07 17:46 - 00025600 _____ () C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll
2015-08-21 14:01 - 2015-08-18 16:56 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-07-29 15:08 - 2015-11-12 13:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-25 21:25 - 2015-10-16 00:46 - 00021600 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2015-12-11 09:55 - 2015-11-10 14:55 - 00778752 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2015-08-08 17:58 - 2015-07-03 11:12 - 04962816 _____ () D:\Program Files (x86)\Steam\v8.dll
2015-12-15 09:12 - 2015-12-14 15:01 - 02547280 _____ () D:\Program Files (x86)\Steam\video.dll
2015-08-08 17:58 - 2015-07-03 11:12 - 01556992 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2015-08-08 17:58 - 2015-07-03 11:12 - 01187840 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2015-10-08 11:47 - 2015-09-23 19:33 - 02549248 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2015-10-08 11:47 - 2015-09-23 19:33 - 00491008 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2015-10-08 11:47 - 2015-09-23 19:33 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2015-10-08 11:47 - 2015-09-23 19:33 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2015-10-08 11:47 - 2015-09-23 19:33 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2015-12-15 09:12 - 2015-12-14 15:01 - 00804432 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-11-06 09:28 - 2015-11-03 17:00 - 00201728 _____ () D:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-10-01 01:28 - 2015-10-01 01:28 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-07-30 10:28 - 2014-11-25 21:12 - 40622592 _____ () C:\Users\JuanCarlos\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll
2015-12-11 09:55 - 2015-11-16 19:31 - 47846176 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll
2015-07-30 10:28 - 2014-11-25 21:12 - 40622592 _____ () C:\Users\JuanCarlos\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2015-08-18 09:46 - 2015-09-09 09:40 - 45069312 _____ () D:\Program Files (x86)\GalaxyClient\libcef.dll
2015-08-18 09:46 - 2015-09-09 09:41 - 00566272 _____ () D:\Program Files (x86)\GalaxyClient\PocoUtil.dll
2015-08-18 09:46 - 2015-09-09 09:41 - 01202176 _____ () D:\Program Files (x86)\GalaxyClient\PocoNet.dll
2015-08-18 09:46 - 2015-09-09 09:40 - 02579456 _____ () D:\Program Files (x86)\GalaxyClient\PocoData.dll
2015-08-18 09:46 - 2015-09-09 09:41 - 00476672 _____ () D:\Program Files (x86)\GalaxyClient\PocoDataSQLite.dll
2015-08-18 09:46 - 2015-09-09 09:41 - 00515072 _____ () D:\Program Files (x86)\GalaxyClient\PocoXML.dll
2015-08-18 09:46 - 2015-09-09 09:41 - 00340480 _____ () D:\Program Files (x86)\GalaxyClient\PocoZip.dll
2015-08-18 09:46 - 2015-09-09 09:41 - 01785344 _____ () D:\Program Files (x86)\GalaxyClient\PocoFoundation.dll
2015-08-18 09:46 - 2015-09-09 09:41 - 00332288 _____ () D:\Program Files (x86)\GalaxyClient\PocoNetSSL.dll
2015-08-18 09:46 - 2015-09-09 09:41 - 00414208 _____ () D:\Program Files (x86)\GalaxyClient\PocoJSON.dll
2015-08-18 09:46 - 2015-09-09 09:41 - 00666624 _____ () D:\Program Files (x86)\GalaxyClient\sqlite.dll
2015-08-18 09:46 - 2015-08-04 18:57 - 00139776 _____ () D:\Program Files (x86)\GalaxyClient\expat.dll
2015-08-18 09:46 - 2015-09-09 09:40 - 00412672 _____ () D:\Program Files (x86)\GalaxyClient\pcre.dll
2015-08-18 09:46 - 2015-08-04 18:58 - 00094208 _____ () D:\Program Files (x86)\GalaxyClient\zlib.dll
2015-08-18 09:46 - 2015-09-09 09:40 - 00172032 _____ () D:\Program Files (x86)\GalaxyClient\PocoCrypto.dll
2015-08-18 09:46 - 2015-08-04 18:58 - 00107520 _____ () D:\Program Files (x86)\GalaxyClient\ZLIB1.dll
2015-07-30 10:28 - 2014-11-25 21:12 - 00911360 _____ () C:\Users\JuanCarlos\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2015-07-30 10:28 - 2014-11-25 21:12 - 00134144 _____ () C:\Users\JuanCarlos\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2015-07-30 10:28 - 2014-11-25 21:12 - 00911360 _____ () C:\Users\JuanCarlos\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libglesv2.dll
2015-07-30 10:28 - 2014-11-25 21:12 - 00134144 _____ () C:\Users\JuanCarlos\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libegl.dll
2015-08-18 09:46 - 2015-09-09 09:40 - 01643008 _____ () D:\Program Files (x86)\GalaxyClient\libglesv2.dll
2015-08-18 09:46 - 2015-09-09 09:40 - 00074752 _____ () D:\Program Files (x86)\GalaxyClient\libegl.dll
2015-12-17 16:29 - 2015-12-17 16:29 - 01114648 _____ () C:\Users\JuanCarlos\AppData\Roaming\Mozilla\Firefox\Profiles\6h4f41oq.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\JuanCarlos\Downloads\ESETUninstaller.exe:BDU
AlternateDataStreams: C:\Users\JuanCarlos\Downloads\TitlerEx.exe:BDU
AlternateDataStreams: C:\Users\JuanCarlos\Documents\AFI.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Armik isla del sol.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Arturo Fuerte - Passion.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Asereje.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Bond.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Carrera - Domingo -  Pavaroti - Los Tres Tenores Metha.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\CD 1 Mech Warrior 4.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\CD 2 Mech Warrior 4.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\CD Dia de la madre 2003.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\CD Eitos.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\CD MP3 V1.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\CD MP3 V2.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\CD MP3 V3.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\CD MP3 V4.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\CD Utilitarios V1.0.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\CD Utilitarios V2.0.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\CD Utilitarios V3.0.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\CD Utilitarios V5.0.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Con un sencillo Hasta Luego.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\CONTRATO_HOSTING.JPG:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\CTV.png:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\daddyto day 2003.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\DISEÑO1.JPG:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\DISEÑO2.JPG:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\El escamoso.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\epoca de oro del tango.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\favag.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Foto Luis.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\foto1.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Gilberto Santa Rosa & Marc Anthony.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\heavy 4 u.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\historia_iracundos.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\History.cl5.rcl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\History.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Holocausto en N.Y.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Ice-Age.mov:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Ice-Age2.mov:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Isabel Pantoja.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\jc_2003.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\jc_2003.png:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Juan Luis Guerra - La Llave de Mi Corazon.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\JUAN.JPG:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\JUAN2.JPG:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Leo Dan.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\LIBRETAJP.JPG:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Lionel Richie.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\LUIS_ABRIL2099.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\LUIS_AGOSTO1799A.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\LUIS_AGOSTO1799B.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\LUIS_JUNIO199A.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\LUIS_JUNIO199B.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\LUIS_JUNIO899.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\LUIS_MARZO299.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\mariano mores.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\musica_siempre.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\neeyda - la oreja de van gogh.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\nelson maldonado.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\NFS5 Porsche Unsleashed.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\PABLITO.JPG:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Paco De Lucia - Esta es mi historia.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\passion.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Placido Domingo y P San Basilio - Por fin Juntos.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\PUPPY.JPG:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Quake3.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\Rocio Durcal.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\salmon.asf:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\SportundMarkt2008.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\SportundMarkt2012.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\tango argentino.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\THANKYOU.gif:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\tomografia.png:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\violines famosos.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\wtc_devilface.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\JuanCarlos\Documents\XMAS1999.jpg:Roxio EMC Stream

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3837890448-573517583-2739916161-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "AutoStart IR.lnk"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKU\S-1-5-21-3837890448-573517583-2739916161-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F161EB6D-7C10-4BBF-8441-9E19CBD9A94C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D98366AA-24D2-4A31-8978-CF9A3F0649D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D82E2109-AFA4-4F8A-9E25-00A964A3FAE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{11EB8B16-8864-429C-AD1A-E6332F069D25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{82148674-8211-4FAE-941C-5CE51EA8FB43}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E60DFF1C-8605-4809-BFAF-6E869665DC6E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8A7FDCBC-1DDB-4F72-83C8-975A62C15890}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DF4660C7-510B-488D-ADAD-E1B14C9293BE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A9FF4BE7-072A-41DA-AFEF-7668DF20F9CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [uDP Query User{10D2C7BE-0F8D-4FA2-AD52-76418A9C4DB4}C:\program files (x86)\java\jre1.8.0_45\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\jp2launcher.exe
FirewallRules: [TCP Query User{8A7B948A-EB5F-49F0-BEB2-82775AE3D44B}C:\program files (x86)\java\jre1.8.0_45\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\jp2launcher.exe
FirewallRules: [{B2800993-7F6A-4A4F-A6FC-7F3FC3D7D005}] => (Allow) c:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{F63353E1-B086-4244-A6E3-192C74DFC4ED}] => (Allow) C:\Users\JuanCarlos\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{5FA58DDA-5214-4EAA-9E49-478E43CED3EA}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [{B263EF85-F7B9-4037-B41C-1C602867209F}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [{4BCEEFBB-0115-4BB3-884B-2D620FCF8A11}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{E6CD5968-06BC-4B02-B126-C190B792ED9B}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{2EA2E6C4-B601-4E9A-AD75-50914FAB3B61}] => (Allow) C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe
FirewallRules: [{1BF7E374-587E-4A4A-9BA0-ECB44D68F8D9}] => (Allow) C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe
FirewallRules: [{96F75C86-DB71-4E93-B6DA-FFE095A50C44}] => (Allow) C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe
FirewallRules: [{C0D54A1B-361E-4F8D-BD70-4656F5B8AA05}] => (Allow) C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe
FirewallRules: [{3892868D-8AE1-4953-8027-BCDAD8D174CF}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{0028F0ED-6E62-4D7A-A82C-6A6520C68E30}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{88221409-C9D5-48BC-89C1-650251007006}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{7173065A-92A7-41CF-91C1-E1DADE0181C9}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{9FFC87DC-E283-4596-AC3B-1F6D55565AE8}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe
FirewallRules: [{D65FB5E3-81C9-4603-B898-909DFD5AFEBE}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe
FirewallRules: [{B2CF92D0-B05E-47C1-B3E0-67DFBE2CCB7B}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe
FirewallRules: [{D32231CF-EC91-44BB-A971-AF9B39122A43}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe
FirewallRules: [TCP Query User{81C3D538-7CAE-4629-A6B9-84FD89189C9B}C:\users\juancarlos\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\juancarlos\appdata\roaming\spotify\spotify.exe
FirewallRules: [uDP Query User{CBA76E4E-BB6A-4827-8A42-459163EA4FE7}C:\users\juancarlos\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\juancarlos\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4B3A0CBB-041C-404E-BB2F-874CC8BD04E8}C:\program files (x86)\wintv\wintv8\wintv8.exe] => (Allow) C:\program files (x86)\wintv\wintv8\wintv8.exe
FirewallRules: [uDP Query User{64F756EE-7F90-4159-B004-2AF67691180F}C:\program files (x86)\wintv\wintv8\wintv8.exe] => (Allow) C:\program files (x86)\wintv\wintv8\wintv8.exe
FirewallRules: [{FEF87206-3AAD-46A2-835F-A5F70B5C74BA}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{904C6484-C25A-4897-B2A9-3694F5CAC0A8}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{99184582-5282-4E82-A0CC-699A91B725C1}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D9B45071-5180-4462-A82A-76FAFB440BD5}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FBAA192E-6C26-4154-87F9-A0B9865432CB}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7F925149-8C8C-4B85-8868-B61E331DCBA6}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7C280A46-E659-46EC-A0BB-39E972B03D88}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dawn of war 2\DOW2.exe
FirewallRules: [{F46364F6-A8F5-47C6-BE24-9432715BED01}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dawn of war 2\DOW2.exe
FirewallRules: [{BFC532DC-A05A-4FCD-847F-5B7B80C49997}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{C13A4A16-CB50-4ECF-8451-854AA8BF7F6D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{1E3D1DE4-34A0-4C9B-9F7F-F7C279FD1632}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\America's Army\AAPG\Binaries\AALauncher32.exe
FirewallRules: [{991E0923-E6FC-4F1E-AA36-AD4CEB757FF6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\America's Army\AAPG\Binaries\AALauncher32.exe
FirewallRules: [{3D272B65-9405-493C-842B-9D0448A9408B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{514FE836-1916-4BB8-A185-D012B8DA3C6C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{3DFD5931-E120-4D54-82EA-E0B4CE592AB7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{F5391837-FC0E-419F-B62E-29F424FD3F81}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{8914D875-F24D-4FB1-AFDB-9198434D9DDF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{2ABD1F48-5BEB-4EA2-9B0F-FFED57CCE706}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{C85C07B9-002C-46E0-AC61-F28892B9F3E0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{EB338E74-1725-4B14-859B-BF5810B18857}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{79DFFB4A-793F-4B81-BD02-6D8120447991}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7516D9BB-309A-4976-9A5D-06616E926789}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe
FirewallRules: [{1B57C26E-3650-4E99-A0B8-16A7AA993251}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe
FirewallRules: [{6FE27699-6B16-406E-8410-5CB7B8DB00D5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{5A3D9317-AD4E-44F2-8B52-24A2C39593BA}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{3635619D-8061-4D84-A656-3A8F23311BEB}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{FAB8B232-DAB9-4298-B2BB-66FA38CE8237}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
FirewallRules: [{11DC773F-0FE0-48F7-9A5C-0C6FC4B72F64}] => (Allow) D:\Program Files (x86)\Origin Games\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{5FCD51A1-DF85-4BBA-A418-266A7A29514F}] => (Allow) D:\Program Files (x86)\Origin Games\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{85070D6B-820A-4AD9-85DD-6BBC2E587FCF}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{6A3A722A-D6C5-4260-BF2B-8798443C3B05}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{CFE168CE-03FB-457F-9022-FF5C1EB467E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{66B8CDA9-E74A-48E6-ABFB-3FD73037106D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1F690988-F0D2-455E-998C-AB5B514AB51D}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{708DF3CD-BBE8-46D4-8BF8-A8ACB0C19A37}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{BD348FCA-1070-4C51-85B4-E93D392EBDE7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{F6AF8835-846D-4B52-91F3-B0E70F8E3AB6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{8419094C-A586-46E4-AE25-175F2B2EA3AB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{B2FCA772-BBD9-43B3-8685-17695D04ED18}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{BA1A1F94-2707-4D37-BAE7-45F44353F365}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{870DCB7E-8DD7-4234-9B14-6F9A8D5C4609}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{E0908248-E4F3-4801-A9D1-6CC744871659}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{A47C7D26-C493-4B40-B77A-A862CD4AF765}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{715E4B93-484C-438E-9107-66835DC7856A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{692D94CD-78AC-4C91-93B4-1745838FD211}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F5FDE677-80B1-4F4E-BE44-14F863779261}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BF6EAB8A-3974-441B-8CA7-886E7D7F0236}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3EAC9EBB-3018-46B0-A7D7-50908AC90F80}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{1E294879-517E-4CBF-8A00-39C6143ED357}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{C6224197-081A-4575-9FEF-3B53A36D6222}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D3F12EBE-13CF-4A39-83CA-2B82879220CF}] => (Allow) D:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{E4DA311D-94DD-427C-9880-B06DFC40601B}] => (Allow) D:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{41AA9513-C4A3-4172-8290-D1CE9ED5D9DE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe
FirewallRules: [{9ABB29E5-C4B5-4A39-84DA-C5DFF7040AF2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe
FirewallRules: [{9148BB2C-55F4-43F8-A05E-D89C387E73C7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{5AE8487F-2F13-4699-8F04-8F678515504E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{5139E575-D365-4D08-B321-A0D4CE7DC873}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{5EF94816-0BFA-4766-8333-924B323A0017}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/18/2015 12:52:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (12/18/2015 12:40:49 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
   at SetupAfterRebootService.SetupARService.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/18/2015 10:22:44 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (8372) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (12/18/2015 10:22:44 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (8372) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).

Error: (12/18/2015 10:22:33 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (8372) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (12/18/2015 10:22:33 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (8372) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).

Error: (12/18/2015 10:22:23 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (8372) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (12/18/2015 10:22:23 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (8372) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).

Error: (12/18/2015 10:22:13 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (8372) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (12/18/2015 10:22:13 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (8372) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).


System errors:
=============
Error: (12/18/2015 12:40:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PowerAlert Agent service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/18/2015 12:40:45 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000c2 (0x0000000000000007, 0x0000000000001254, 0x0000000000000000, 0xffffe000dc7c07d8)C:\WINDOWS\MEMORY.DMP121815-25765-01

Error: (12/18/2015 12:40:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:38:33 PM on ‎12/‎18/‎2015 was unexpected.

Error: (12/18/2015 11:30:12 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (12/18/2015 09:08:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PowerAlert Agent service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/17/2015 09:59:27 PM) (Source: DCOM) (EventID: 10010) (User: MATEO)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (12/17/2015 09:59:27 PM) (Source: DCOM) (EventID: 10010) (User: MATEO)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (12/17/2015 09:59:26 PM) (Source: DCOM) (EventID: 10010) (User: MATEO)
Description: App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca

Error: (12/17/2015 09:59:26 PM) (Source: DCOM) (EventID: 10010) (User: MATEO)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (12/17/2015 09:59:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.


CodeIntegrity:
===================================
  Date: 2015-10-01 10:58:17.062
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-10-01 10:58:17.044
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-10-01 10:58:16.963
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-10-01 10:58:16.945
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-10-01 10:58:16.914
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-10-01 10:58:16.895
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-10-01 10:58:16.868
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-10-01 10:58:16.814
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-10-01 10:58:16.738
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-10-01 10:58:16.710
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD FX-8320 Eight-Core Processor
Percentage of memory in use: 56%
Total physical RAM: 8168.22 MB
Available physical RAM: 3517.71 MB
Total Virtual: 10344.22 MB
Available Virtual: 4980.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:836.97 GB) (Free:600.61 GB) NTFS
Drive d: () (Fixed) (Total:2794.39 GB) (Free:1541.22 GB) NTFS
Drive e: (Local Disk) (Fixed) (Total:931.51 GB) (Free:764.61 GB) NTFS
Drive f: (Seagate Expansion Drive) (Fixed) (Total:3726.02 GB) (Free:1602.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 2794.5 GB) (Disk ID: 0A8E17A3)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5B59A7FB)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 3.

==================== End of Addition.txt ============================

Link to post
Share on other sites

Dump files indicate a sound card driver to be at fault, can you go to device manager check the sound card for driver update.

Hi,

 

Sorry I could not reply sooner, but I got busy yesterday.

 

Can you specify perhaps which sound card? I have the integrated sound card (Realtek) which I currently don't use, and an external USB sound card (Sound Blaster Omni Surround 5.1) which is the one I am using. The driver for the external sound card is up-to-date. I'll verify the other.

 

Thank you!

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.