yes. It looks like KB explain. First time? I'm not sure. No restart since Windows reinstallation.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
Ran by Rafay Ingenieros (administrator) on RAF-DDP-CONSTRU (05-02-2016 09:45:53)
Running from C:\Users\Rafay Ingenieros\Desktop
Loaded Profiles: Rafay Ingenieros (Available Profiles: Rafay Ingenieros & Administrador)
Platform: Windows 8 Single Language (X64) Language: Español (España, internacional)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\ccSvcHst.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\ccSvcHst.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-21] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [363520 2012-08-02] (IVT Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2012-07-17] (EasyBits Software AS)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\RunOnce: [SymSilent] => C:\Program Files (x86)\SymSilent\SymSilent.exe [925080 2012-06-20] (Symantec Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2012-10-10] (EasyBits Software Corp.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{0C5BC7D7-4C02-46A3-A33F-3BBC810E4457}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{F062D7C3-0089-44CA-9A7F-F474A2AAEBA5}: [DhcpNameServer] 40.24.1.201 40.24.1.202
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.jp.msn.com/HPALL13/42
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.jp.msn.com/HPALL13/42
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL13/42
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL13/42
HKU\S-1-5-21-3512190692-2578643898-2366686823-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.jp.msn.com/HPALL13/42
HKU\S-1-5-21-3512190692-2578643898-2366686823-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL13/42
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ve.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ve.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-3512190692-2578643898-2366686823-1002 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-21-3512190692-2578643898-2366686823-1002 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ve.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\coIEPlg.dll [2012-07-20] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\IPS\IPSBHO.DLL [2012-06-11] (Symantec Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\coIEPlg.dll [2012-07-20] (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll [2012-07-10] (Skype Technologies)
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-11] ()
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn [2016-02-05] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn [2016-02-05] [not signed]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\Exts\Chrome.crx [2012-10-10]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-08] (Advanced Micro Devices, Inc.) [File not signed]
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1544192 2012-08-02] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-07-10] (IVT Corporation) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-10] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\ccSvcHst.exe [143928 2012-06-14] (Symantec Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-21] (IDT, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-25] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-22] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20120615.003\BHDrvx64.sys [1377440 2012-06-11] (Symantec Corporation)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-08] (Ralink Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1400000.088\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3295984 2012-07-26] (Broadcom Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20120611.002\IDSVia64.sys [509088 2012-06-11] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20120616.009\ENG64.SYS [120440 2012-06-15] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20120616.009\EX64.SYS [2068600 2012-06-15] (Symantec Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [695392 2012-08-09] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1400000.088\SRTSP64.SYS [753312 2012-05-24] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1400000.088\SRTSPX64.SYS [37496 2012-01-11] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1400000.088\SYMDS64.SYS [485024 2012-05-24] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1400000.088\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1400000.088\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2012-10-10] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1400000.088\Ironx64.SYS [222368 2012-05-24] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1400000.088\SYMNETS.SYS [431224 2012-05-09] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34216 2012-07-26] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [258288 2012-07-26] (Microsoft Corporation)
S3 wdf_usb; C:\Windows\system32\drivers\usb2ser.sys [67192 2011-05-20] (MediaTek Inc.)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-05 12:01 - 2016-02-05 12:01 - 00262144 _____ C:\Windows\system32\config\userdiff
2016-02-05 12:01 - 2016-02-05 12:01 - 00000000 ____D C:\Windows.old
2016-02-05 11:23 - 2016-02-05 11:24 - 00000000 ___HD C:\$SysReset
2016-02-05 09:38 - 2016-02-05 09:38 - 00000117 _____ C:\Windows\system32\netcfg-3481349.txt
2016-02-05 09:20 - 2016-02-05 09:20 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_usb2ser_01009.Wdf
2016-02-05 09:20 - 2016-02-05 09:20 - 00000000 ____D C:\Windows\LastGood
2016-02-05 09:18 - 2016-02-05 09:18 - 00001185 _____ C:\Users\Rafay Ingenieros\Desktop\VTELCA Internet.lnk
2016-02-05 09:18 - 2016-02-05 09:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VTELCA Internet
2016-02-05 09:18 - 2016-02-05 09:18 - 00000000 ____D C:\Program Files (x86)\VTELCA Internet
2016-02-05 09:12 - 2016-02-05 09:12 - 00000000 ____D C:\Users\Rafay Ingenieros\AppData\Roaming\Hewlett-Packard
2016-02-05 09:02 - 2016-02-05 09:02 - 00000000 ____D C:\Users\Rafay Ingenieros\AppData\Roaming\ATI
2016-02-05 09:02 - 2016-02-05 09:02 - 00000000 ____D C:\Users\Rafay Ingenieros\AppData\Local\ATI
2016-02-05 09:02 - 2016-02-05 09:02 - 00000000 ____D C:\Users\Rafay Ingenieros\AppData\Local\AMD
2016-02-05 09:01 - 2016-02-05 09:12 - 00000000 ____D C:\Users\Rafay Ingenieros\AppData\Local\Hewlett-Packard
2016-02-05 09:01 - 2016-02-05 09:01 - 00000000 ____D C:\Users\Rafay Ingenieros\AppData\Local\bluesoleil
2016-02-05 09:00 - 2016-02-05 09:00 - 00026532 _____ C:\Users\Rafay Ingenieros\Desktop\Aplicaciones quitadas.html
2016-02-05 09:00 - 2016-02-05 09:00 - 00001418 _____ C:\Users\Rafay Ingenieros\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-05 09:00 - 2016-02-05 09:00 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-02-05 09:00 - 2016-02-05 09:00 - 00000000 ____D C:\Users\Rafay Ingenieros\AppData\Roaming\Adobe
2016-02-05 08:59 - 2012-08-24 06:14 - 00002100 _____ C:\Users\Public\Desktop\HP Games.lnk
2016-02-05 08:57 - 2016-02-05 08:57 - 00000000 ____D C:\Users\Rafay Ingenieros\AppData\Roaming\Synaptics
2016-02-05 08:57 - 2016-02-05 08:57 - 00000000 ____D C:\Users\Rafay Ingenieros\AppData\Local\Power2Go8
2016-02-05 08:56 - 2016-02-05 09:18 - 00000000 ____D C:\Users\Rafay Ingenieros\AppData\Local\VirtualStore
2016-02-05 08:51 - 2016-02-05 08:51 - 00000020 ___SH C:\Users\Rafay Ingenieros\ntuser.ini
2016-02-05 08:49 - 2016-02-05 08:50 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2016-02-05 08:47 - 2016-02-05 08:47 - 00007813 _____ C:\Users\Administrator\AppData\Local\Application.xml
2016-02-05 08:44 - 2016-02-05 08:44 - 00000000 _SHDL C:\Users\Rafay Ingenieros\Reciente
2016-02-05 08:44 - 2016-02-05 08:44 - 00000000 _SHDL C:\Users\Rafay Ingenieros\Plantillas
2016-02-05 08:44 - 2016-02-05 08:44 - 00000000 _SHDL C:\Users\Rafay Ingenieros\Mis documentos
2016-02-05 08:44 - 2016-02-05 08:44 - 00000000 _SHDL C:\Users\Rafay Ingenieros\Menú Inicio
2016-02-05 08:44 - 2016-02-05 08:44 - 00000000 _SHDL C:\Users\Rafay Ingenieros\Impresoras
2016-02-05 08:44 - 2016-02-05 08:44 - 00000000 _SHDL C:\Users\Rafay Ingenieros\Entorno de red
2016-02-05 08:44 - 2016-02-05 08:44 - 00000000 _SHDL C:\Users\Rafay Ingenieros\Documents\Mis vídeos
2016-02-05 08:44 - 2016-02-05 08:44 - 00000000 _SHDL C:\Users\Rafay Ingenieros\Documents\Mis imágenes
2016-02-05 08:44 - 2016-02-05 08:44 - 00000000 _SHDL C:\Users\Rafay Ingenieros\Documents\Mi música
2016-02-05 08:44 - 2016-02-05 08:44 - 00000000 _SHDL C:\Users\Rafay Ingenieros\Datos de programa
2016-02-05 08:44 - 2016-02-05 08:44 - 00000000 _SHDL C:\Users\Rafay Ingenieros\Configuración local
2016-02-05 08:44 - 2016-02-05 08:44 - 00000000 _SHDL C:\Users\Rafay Ingenieros\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-02-05 08:44 - 2016-02-05 08:44 - 00000000 _SHDL C:\Users\Rafay Ingenieros\AppData\Local\Historial
2016-02-05 08:44 - 2016-02-05 08:44 - 00000000 _SHDL C:\Users\Rafay Ingenieros\AppData\Local\Datos de programa
2016-02-05 08:44 - 2016-02-05 08:44 - 00000000 _SHDL C:\Users\Rafay Ingenieros\AppData\Local\Archivos temporales de Internet
2016-02-05 08:43 - 2016-02-05 09:00 - 00000000 ____D C:\Users\Rafay Ingenieros
2016-02-05 08:43 - 2016-02-05 08:47 - 00017148 _____ C:\Windows\diagwrn.xml
2016-02-05 08:43 - 2016-02-05 08:47 - 00017148 _____ C:\Windows\diagerr.xml
2016-02-05 08:43 - 2016-02-05 08:46 - 00000000 ___HD C:\Users\Rafay Ingenieros\Documents\hp.system.package.metadata
2016-02-05 08:43 - 2012-08-24 06:13 - 00000000 ___HD C:\Users\Rafay Ingenieros\Documents\hp.applications.package.appdata
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Users\Public\Documents\Mis vídeos
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Users\Public\Documents\Mis imágenes
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Users\Public\Documents\Mi música
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Users\Default\Reciente
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Users\Default\Plantillas
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Users\Default\Mis documentos
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Users\Default\Menú Inicio
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Users\Default\Impresoras
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Users\Default\Entorno de red
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Users\Default\Documents\Mis vídeos
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Users\Default\Documents\Mis imágenes
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Users\Default\Documents\Mi música
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Users\Default\Datos de programa
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Users\Default\Configuración local
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historial
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Datos de programa
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Archivos temporales de Internet
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\ProgramData\Plantillas
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\ProgramData\Menú Inicio
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\ProgramData\Escritorio
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\ProgramData\Documentos
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\ProgramData\Datos de programa
2016-02-05 08:41 - 2016-02-05 08:41 - 00000000 _SHDL C:\Program Files\Archivos comunes
2016-02-05 08:34 - 2016-02-05 08:34 - 00002324 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3512190692-2578643898-2366686823-500
2016-02-05 08:34 - 2016-02-05 08:34 - 00001139 _____ C:\Windows\system32\netcfg-141196.txt
2016-02-05 08:34 - 2016-02-05 08:34 - 00000109 _____ C:\Windows\system32\netcfg-109871.txt
2016-02-04 22:55 - 2016-02-04 22:55 - 00021867 _____ C:\ComboFix.txt
2016-02-04 20:55 - 2016-02-04 20:57 - 01979666 _____ C:\Users\Rafay Ingenieros\Desktop\events.rar
2016-02-04 20:51 - 2016-02-04 22:22 - 00001106 _____ C:\Users\Rafay Ingenieros\Desktop\MyEventViewer.cfg
2016-02-04 20:47 - 2016-02-04 20:48 - 184589536 _____ C:\Users\Rafay Ingenieros\Desktop\events.txt
2016-02-04 20:36 - 2015-08-15 19:06 - 00125536 _____ (NirSoft) C:\Users\Rafay Ingenieros\Desktop\MyEventViewer.exe
2016-02-04 20:36 - 2015-08-15 19:06 - 00018276 _____ C:\Users\Rafay Ingenieros\Desktop\MyEventViewer.chm
2016-02-04 20:36 - 2015-08-15 19:06 - 00018131 _____ C:\Users\Rafay Ingenieros\Desktop\readme.txt
2016-02-04 20:35 - 2016-02-04 20:35 - 00078059 _____ C:\Users\Rafay Ingenieros\Downloads\myeventviewer-x64.zip
2016-02-04 20:32 - 2016-02-04 20:32 - 00061440 _____ ( ) C:\Users\Rafay Ingenieros\Desktop\VEW.exe
2016-02-04 19:18 - 2016-02-04 19:18 - 00453083 _____ C:\Users\Rafay Ingenieros\Downloads\GrantPerms.zip
2016-02-04 19:18 - 2016-02-04 19:18 - 00453083 _____ C:\Users\Rafay Ingenieros\Desktop\GrantPerms.zip
2016-02-04 19:18 - 2016-02-04 19:18 - 00000000 ____D C:\Users\Rafay Ingenieros\Desktop\GrantPerms
2016-02-04 17:41 - 2016-02-04 17:43 - 00088070 _____ C:\junk.txt
2016-02-04 13:13 - 2016-02-04 13:13 - 00007221 _____ C:\Users\Rafay Ingenieros\Desktop\EPCP.exe.txt
2016-02-04 13:05 - 2016-02-04 13:07 - 02694816 _____ (Sysinternals - www.sysinternals.com) C:\Users\Rafay Ingenieros\Downloads\procexp.exe
2016-02-04 13:02 - 2016-02-04 13:02 - 00032778 _____ C:\Users\Rafay Ingenieros\Documents\cc_20160204_130220.reg
2016-02-03 21:15 - 2016-02-04 21:43 - 00000000 ____D C:\Users\Rafay Ingenieros\Desktop\mbar
2016-02-03 21:15 - 2016-02-03 21:14 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Rafay Ingenieros\Desktop\mbar-1.09.3.1001.exe
2016-02-03 21:13 - 2016-02-03 21:14 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Rafay Ingenieros\Downloads\mbar-1.09.3.1001.exe
2016-02-03 18:28 - 2016-02-03 18:28 - 00005093 _____ C:\Users\Rafay Ingenieros\Desktop\Fixlog.txt
2016-02-03 13:20 - 2016-02-03 07:47 - 05656479 ____R (Swearware) C:\Users\Rafay Ingenieros\Desktop\ComboFix.exe
2016-02-03 13:17 - 2016-02-03 13:17 - 00173119 _____ (Eric_71) C:\Users\Rafay Ingenieros\Desktop\Rooter.exe
2016-02-03 11:44 - 2016-02-04 22:39 - 00041016 _____ C:\Users\Rafay Ingenieros\Desktop\Addition.txt
2016-02-03 11:43 - 2016-02-05 09:46 - 00015105 _____ C:\Users\Rafay Ingenieros\Desktop\FRST.txt
2016-02-03 11:00 - 2016-02-03 07:49 - 02370560 _____ (Farbar) C:\Users\Rafay Ingenieros\Desktop\FRST64.exe
2016-02-03 10:58 - 2016-02-03 10:58 - 01402880 _____ C:\Users\Rafay Ingenieros\Downloads\HiJackThis.msi
2016-02-03 10:41 - 2016-02-04 13:07 - 02694816 _____ (Sysinternals - www.sysinternals.com) C:\Users\Rafay Ingenieros\Desktop\procexp.exe
2016-02-03 10:41 - 2016-01-29 02:50 - 00072154 _____ C:\Users\Rafay Ingenieros\Desktop\procexp.chm
2016-02-03 10:41 - 2015-01-26 09:19 - 00002009 _____ C:\Users\Rafay Ingenieros\Desktop\Eula.txt
2016-02-03 10:39 - 2016-02-03 10:40 - 01268096 _____ C:\Users\Rafay Ingenieros\Downloads\ProcessExplorer.zip
2016-02-03 10:08 - 2016-02-05 09:45 - 00000000 ____D C:\FRST
2016-02-03 09:31 - 2016-02-04 22:55 - 00000000 ____D C:\Qoobox
2016-02-03 07:48 - 2016-02-03 07:49 - 02370560 _____ (Farbar) C:\Users\Rafay Ingenieros\Downloads\FRST64.exe
2016-02-03 07:43 - 2016-02-03 07:47 - 05656479 _____ (Swearware) C:\Users\Rafay Ingenieros\Downloads\ComboFix.exe
2016-02-03 07:08 - 2016-02-03 07:08 - 00605826 _____ C:\Users\Rafay Ingenieros\Downloads\APU (1).pdf
2016-02-03 07:06 - 2016-02-03 07:06 - 00058757 _____ C:\Users\Rafay Ingenieros\Downloads\PRESUPUESTO REV 3.pdf
2016-02-02 09:52 - 2016-02-02 10:02 - 31262032 _____ (Adlice Software ) C:\Users\Rafay Ingenieros\Downloads\setup.exe
2016-02-02 09:30 - 2016-02-02 09:36 - 00000000 ____D C:\AdwCleaner
2016-02-02 09:27 - 2016-02-02 09:28 - 01508352 _____ C:\Users\Rafay Ingenieros\Downloads\AdwCleaner.exe
2016-02-02 09:25 - 2016-02-02 09:26 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\Rafay Ingenieros\Downloads\rkill.com
2016-02-02 09:20 - 2016-02-02 09:19 - 00217576 _____ (Kaspersky Lab ZAO) C:\Users\Rafay Ingenieros\Desktop\CleanAutoRun.exe
2016-02-02 09:18 - 2016-02-02 09:19 - 00217576 _____ (Kaspersky Lab ZAO) C:\Users\Rafay Ingenieros\Downloads\CleanAutoRun.exe
2016-02-02 08:55 - 2016-02-02 08:55 - 00920784 _____ C:\Users\Rafay Ingenieros\Downloads\wajam_uninstall.exe
2016-02-02 08:32 - 2016-02-02 08:32 - 00000946 _____ C:\Users\Rafay Ingenieros\Desktop\exe_fix_w8.zip
2016-02-02 08:32 - 2013-12-01 14:43 - 00002091 _____ C:\Users\Rafay Ingenieros\Desktop\exe_fix_w8.reg
2016-02-02 07:52 - 2016-02-02 07:52 - 00005828 _____ C:\Users\Rafay Ingenieros\Downloads\Default_EXE.reg
2016-02-01 23:13 - 2016-02-01 23:13 - 00000000 ____D C:\AMD
2016-02-01 20:35 - 2016-02-01 20:37 - 04952336 _____ (Advanced Micro Devices, Inc.) C:\Users\Rafay Ingenieros\Downloads\autodetectutility.exe
2016-02-01 20:34 - 2016-02-01 20:36 - 03049544 _____ (Innovative Solutions) C:\Users\Rafay Ingenieros\Downloads\Chipset-Advanced-Micro-Devices-Inc-AMD-SMBus.exe
2016-02-01 20:34 - 2016-02-01 20:36 - 02449376 _____ (Megaify Software ) C:\Users\Rafay Ingenieros\Downloads\DriverToolkitInstaller.exe
2016-02-01 20:30 - 2016-02-01 20:30 - 00000000 ____D C:\OSTotoFolder
2016-02-01 20:19 - 2016-02-01 20:29 - 10610952 _____ (OSToto Co., Ltd.) C:\Users\Rafay Ingenieros\Downloads\DriverTalent_setup.exe
2016-02-01 19:25 - 2016-02-01 19:29 - 06848512 _____ C:\Users\Rafay Ingenieros\Downloads\SkypeWebPlugin-3.2.0.23388.msi
2016-02-01 19:15 - 2016-02-01 19:16 - 01331064 _____ (Solvusoft Corporation ) C:\Users\Rafay Ingenieros\Downloads\Setup_WinSweeper_2015.exe
2016-02-01 08:09 - 2014-08-18 18:40 - 00000014 _____ C:\Users\Rafay Ingenieros\Desktop\password1234.txt
2016-02-01 08:09 - 2014-06-24 13:34 - 00000023 _____ C:\Users\Rafay Ingenieros\Desktop\release.nfo
2016-02-01 08:06 - 2016-02-01 08:07 - 01115897 _____ C:\Users\Rafay Ingenieros\Downloads\Download2015__8197_.zip
2016-02-01 07:40 - 2016-02-01 07:42 - 03901072 _____ (solvusoft Corporation ) C:\Users\Rafay Ingenieros\Downloads\WinThruster_2016_Setup.exe
2016-01-29 12:23 - 2012-06-08 03:20 - 00280651 _____ C:\Users\Rafay Ingenieros\Desktop\Windows6.1-KB2719594-x64.msu
2016-01-29 12:22 - 2016-01-29 12:23 - 00405560 _____ C:\Users\Rafay Ingenieros\Downloads\449179_intl_x64_zip.exe
2016-01-29 12:15 - 2016-01-29 12:19 - 15562240 _____ C:\Users\Rafay Ingenieros\Downloads\ApplicationVerifier.amd64.msi
2016-01-29 12:06 - 2016-01-29 12:10 - 25527544 _____ C:\Users\Rafay Ingenieros\Downloads\SeaToolsforWindowsSetup.exe
2016-01-29 11:13 - 2016-01-29 11:19 - 08508752 _____ ( ) C:\Users\Rafay Ingenieros\Downloads\DllTool.exe
2016-01-29 11:13 - 2016-01-29 11:16 - 08551224 _____ (SpeedyPC Software) C:\Users\Rafay Ingenieros\Downloads\SpeedyPC Pro Installer_226C4915-F479-46BC-B8E8-6DDFF90F998E_.exe
2016-01-29 10:27 - 2016-01-29 10:27 - 00121069 _____ C:\Users\Rafay Ingenieros\Downloads\memtest86+-5.01.usb.installer.zip
2016-01-29 10:22 - 2016-01-29 10:23 - 00367912 _____ (RegNow.com) C:\Users\Rafay Ingenieros\Downloads\Download_ReimageRepair (2).exe
2016-01-29 10:16 - 2016-01-29 10:17 - 00367912 _____ (RegNow.com) C:\Users\Rafay Ingenieros\Downloads\Download_ReimageRepair (1).exe
2016-01-29 10:11 - 2016-01-29 10:11 - 00367912 _____ (RegNow.com) C:\Users\Rafay Ingenieros\Downloads\Download_ReimageRepair.exe
2016-01-28 08:40 - 2016-01-28 08:40 - 00460909 ____T C:\Users\Rafay Ingenieros\Desktop\CURRICULUM ESTEFANY OJEDA 2016.pdf
2016-01-28 07:22 - 2016-01-28 07:22 - 00197120 _____ C:\Users\Rafay Ingenieros\Desktop\Solicitud de permiso.xls
2016-01-26 13:35 - 2016-01-26 13:35 - 00426228 _____ C:\Users\Rafay Ingenieros\Desktop\FCAS-OLEODUCTO42.pdf
2016-01-25 13:33 - 2016-01-25 13:33 - 00249192 _____ C:\Users\Rafay Ingenieros\Downloads\Statement (1).PDF
2016-01-25 08:02 - 2016-01-25 08:02 - 00019300 _____ C:\Users\Rafay Ingenieros\Documents\cc_20160125_080235.reg
2016-01-22 09:26 - 2016-01-22 09:28 - 00404929 _____ C:\Users\Rafay Ingenieros\Desktop\Monoboyas-FaseIII_REPORTE-Semanal-220116.pdf
2016-01-20 13:45 - 2016-01-20 13:50 - 01454944 _____ (Microsoft Corporation) C:\Users\Rafay Ingenieros\Downloads\vcredist_arm.exe
2016-01-20 12:56 - 2016-01-20 12:01 - 14177341 _____ C:\Users\Rafay Ingenieros\Desktop\Lenovo.zip
2016-01-20 12:56 - 2012-11-07 20:02 - 00000000 ____D C:\Users\Rafay Ingenieros\Desktop\Lenovo
2016-01-20 12:56 - 2011-05-20 15:29 - 01718392 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoinstaller01009.dll
2016-01-20 12:56 - 2011-05-20 15:28 - 00067192 _____ (MediaTek Inc.) C:\Windows\system32\Drivers\usb2ser.sys
2016-01-20 11:52 - 2016-01-20 12:01 - 14177341 _____ C:\Users\Rafay Ingenieros\Downloads\Lenovo.zip
2016-01-20 11:18 - 2016-01-20 11:18 - 00340136 _____ (PC Drivers HeadQuarters LP) C:\Users\Rafay Ingenieros\Downloads\DriverDetective (1).exe
2016-01-20 11:14 - 2016-01-20 11:14 - 00340136 _____ (PC Drivers HeadQuarters LP) C:\Users\Rafay Ingenieros\Downloads\DriverDetective.exe
2016-01-20 10:48 - 2016-01-20 11:00 - 04275596 _____ (DriverIdentifier ) C:\Users\Rafay Ingenieros\Downloads\driverdouble_setup.exe
2016-01-20 09:55 - 2016-01-20 09:56 - 00042918 _____ C:\Users\Rafay Ingenieros\Documents\cc_20160120_095545.reg
2016-01-20 09:09 - 2016-01-20 09:09 - 00070694 _____ C:\Users\Rafay Ingenieros\Desktop\ARI-FC.pdf
2016-01-20 08:54 - 2016-01-26 14:13 - 00000000 ____D C:\Users\Rafay Ingenieros\Documents\RAFAY
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-05 12:01 - 2012-07-26 03:43 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2016-02-05 09:20 - 2012-07-26 01:07 - 00000000 ____D C:\Windows\Inf
2016-02-05 09:13 - 2012-08-24 14:47 - 00873338 _____ C:\Windows\system32\perfh00A.dat
2016-02-05 09:13 - 2012-08-24 14:47 - 00198560 _____ C:\Windows\system32\perfc00A.dat
2016-02-05 09:13 - 2012-07-26 02:58 - 02002686 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-05 09:07 - 2012-07-26 03:29 - 00000000 ____D C:\Windows\CbsTemp
2016-02-05 09:05 - 2012-07-26 03:42 - 00000000 ____D C:\Windows\AUInstallAgent
2016-02-05 09:01 - 2012-10-10 13:48 - 00004524 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2016-02-05 09:00 - 2014-06-29 12:38 - 00000000 ____D C:\Users\Rafay Ingenieros\AppData\Local\Packages
2016-02-05 09:00 - 2012-08-24 05:47 - 00000000 ___RD C:\Program Files (x86)\Online Services
2016-02-05 09:00 - 2012-07-26 03:42 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-02-05 08:59 - 2012-10-10 14:05 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2016-02-05 08:59 - 2012-10-10 13:54 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2016-02-05 08:59 - 2012-08-24 05:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-02-05 08:59 - 2012-08-24 05:33 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2016-02-05 08:59 - 2012-08-24 05:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2016-02-05 08:59 - 2012-08-03 19:32 - 00000000 ___HD C:\SYSTEM.SAV
2016-02-05 08:49 - 2012-10-10 14:32 - 00000000 ____D C:\ProgramData\Norton
2016-02-05 08:49 - 2012-07-26 00:56 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-02-05 08:48 - 2012-08-03 18:51 - 00000000 ____D C:\Windows\Panther
2016-02-05 08:47 - 2012-07-26 03:42 - 00000000 __RHD C:\Users\Public\Libraries
2016-02-05 08:46 - 2012-07-26 03:42 - 00000000 ____D C:\Windows\rescache
2016-02-05 08:45 - 2012-08-10 11:15 - 00000821 _____ C:\Windows\SysWOW64\bscs.ini
2016-02-05 08:42 - 2012-10-10 13:48 - 00000043 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI
2016-02-05 08:41 - 2012-07-26 03:42 - 00000000 ____D C:\Program Files\Windows NT
2016-02-05 08:41 - 2012-07-26 02:52 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-05 08:33 - 2012-07-26 02:49 - 00291328 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-04 22:19 - 2012-07-26 00:56 - 01048576 ___SH C:\Windows\system32\config\BBI
2016-02-04 19:54 - 2014-07-08 07:25 - 03404288 ___SH C:\Users\Rafay Ingenieros\Desktop\Thumbs.db
2016-02-04 11:52 - 2014-07-03 12:27 - 00000000 ____D C:\Users\Rafay Ingenieros\Documents\Archivos de Outlook
2016-02-04 11:15 - 2015-11-06 07:19 - 00000000 ____D C:\Users\Rafay Ingenieros\Desktop\Oleoducto 42 - Palmichal-TAEJ
2016-02-03 10:21 - 2012-07-26 03:42 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-03 07:10 - 2014-09-30 16:10 - 00289280 ___SH C:\Users\Rafay Ingenieros\Downloads\Thumbs.db
2016-02-03 07:05 - 2015-08-20 07:38 - 00000000 ____D C:\Users\Rafay Ingenieros\Documents\PETROCEDEÑO-Monoboya Fase III
2016-01-28 09:01 - 2014-07-08 09:34 - 00000000 ____D C:\Users\Rafay Ingenieros\Desktop\FC
2016-01-22 09:27 - 2015-10-27 10:07 - 00152064 _____ C:\Users\Rafay Ingenieros\Desktop\Monoboyas-FaseIII_REPORTE-Semanal.xls
2016-01-20 08:57 - 2015-05-28 10:41 - 00000000 ____D C:\Users\Rafay Ingenieros\Desktop\Licitaciones RAFAY
==================== Files in the root of some directories =======
2012-10-10 14:12 - 2012-10-10 14:12 - 0000525 _____ () C:\ProgramData\CyberlinkOutput.txt
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2012-08-03 17:53
==================== End of FRST.txt ============================
And:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
Ran by Rafay Ingenieros (2016-02-05 09:48:00)
Running from C:\Users\Rafay Ingenieros\Desktop
Windows 8 Single Language (X64) (2016-02-05 13:18:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3512190692-2578643898-2366686823-500 - Administrator - Disabled) => C:\Users\Administrator
HomeGroupUser$ (S-1-5-21-3512190692-2578643898-2366686823-1004 - Limited - Enabled)
Invitado (S-1-5-21-3512190692-2578643898-2366686823-501 - Limited - Enabled)
Rafay Ingenieros (S-1-5-21-3512190692-2578643898-2366686823-1002 - Administrator - Enabled) => C:\Users\Rafay Ingenieros
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7 Wonders II (x32 Version: 2.2.0.98 - WildTangent) Hidden
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{1F56414D-D7F6-2DBF-BF65-1AC1A8609C03}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Crazy Chicken Soccer (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{81AB7F16-1A8A-4671-BA1B-8CCD193E6333}) (Version: 4.2.5.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{3AD2C353-825B-47E6-9396-3C2F78D194FE}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{AA15B17F-365C-4BCE-A076-AEABF5B7C8B7}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B8019B54-F9BE-490A-9619-6D06F18F129F}) (Version: 7.0.32.44 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6417.0 - IDT)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Juegos WildTangent (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.0.0.136 - Symantec Corporation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{58BC91D0-42E7-125D-F9B6-F2F5C0CDB096}) (Version: 9.0.715.0 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VTELCA Internet (HKLM-x32\...\VTELCA Internet_is1) (Version: 1.0.1 - VTELCA Internet)
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {467361AF-4C9E-4E59-8CBF-B877399AA8B1} - System32\Tasks\Microsoft\Windows\SysResetServicingCleanup => C:\$SysReset\Framework\Stack\SystemResetOSUpdates.exe [2012-07-25] (Microsoft Corporation)
Task: {5A985157-98A8-4C96-99D7-5DD9C37292F5} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\SymErr.exe [2012-07-05] (Symantec Corporation)
Task: {6EC69237-3576-49B0-8959-0E8C13B70EB1} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {8369370E-5E15-4B5C-B014-859E059E1C06} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\WSCStub.exe [2012-07-24] (Symantec Corporation)
Task: {841AF562-5FFD-442E-8287-3517D1122825} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\Windows\SYSTEM32\OOBE\SETUPSQM.EXE [2012-07-25] (Microsoft Corporation)
Task: {96223C16-32D4-4286-A7F8-818DF7821DEC} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\SymErr.exe [2012-07-05] (Symantec Corporation)
Task: {9F1578F2-3470-4928-BC4F-310518E1E9D8} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {E01DEC1F-827E-4537-8CF4-BF302F793698} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {E6064E54-1BD9-4D0B-A966-CBDFB4F623DB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {F8E9F306-F34A-402E-A5B7-FB560F72E779} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup
Task: {FBD3F0DE-3605-4DC2-9F34-794631B97D1E} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {FC340E49-B65B-484A-9A9C-154338520B56} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2012-08-10] (Hewlett-Packard Company)
Task: {FDB651AA-5171-4506-BE43-7FC3A13C2286} - System32\Tasks\Hewlett-Packard\HP Support Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2012-08-10] (Hewlett-Packard Company)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2012-08-08 04:06 - 2012-08-08 04:06 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-07-10 11:41 - 2012-07-10 11:41 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2012-07-10 11:39 - 2012-07-10 11:39 - 00022528 _____ () C:\Windows\system32\BsTrace.dll
2012-07-10 11:41 - 2012-07-10 11:41 - 00052736 _____ () C:\Windows\system32\BlueSoleilCSps.dll
2012-08-08 04:06 - 2012-08-08 04:06 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-08-08 03:52 - 2012-08-08 03:52 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-07-10 11:39 - 2012-07-10 11:39 - 00022528 _____ () C:\Windows\SYSTEM32\BsTrace.dll
2012-08-10 04:25 - 2012-08-10 04:25 - 00323648 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2012-05-02 10:58 - 2012-05-02 10:58 - 00012800 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2012-07-10 11:41 - 2012-07-10 11:41 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll
2012-07-10 11:41 - 2012-07-10 11:41 - 00052736 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll
2012-10-10 14:34 - 2012-05-30 02:21 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.0.0.136\wincfi39.dll
2012-10-10 14:09 - 2012-06-07 23:04 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 05:04 - 2012-06-08 05:04 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-07-10 11:44 - 2012-07-10 11:44 - 00072192 _____ () C:\Windows\SYSTEM32\BsProfilefunc.dll
2012-07-27 08:21 - 2012-07-27 08:21 - 00346112 _____ () C:\Windows\SYSTEM32\BsExtendFunc.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 00:56 - 2012-07-26 00:56 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3512190692-2578643898-2366686823-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2B5A6F5A-0775-4991-94A3-63CC21851063}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1A37F926-DC7F-4030-A14E-1C28E56029D6}] => (Allow) LPort=2869
FirewallRules: [{14C542E8-0269-4EBC-B917-E40B27B877F0}] => (Allow) LPort=1900
FirewallRules: [{AE03F138-3B0F-4915-A987-BEB190A2322A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{57342EFC-C62B-4296-B139-94AD9CECD7F7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5B39E78F-019E-479B-B82E-743A73057A3F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4FBB643E-183A-4C90-B88A-0928FEC5C2AD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{31DC91A6-4516-47AB-B319-448829EEFA56}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{B0E9BF5C-5BEE-45D3-8484-8481923E9254}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{E4E650FE-4D48-412D-8DBF-A9E5CB53FEB1}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{243EEE34-E14A-48DC-BBE6-C9A56E1AFA8E}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe
FirewallRules: [{C4276F97-38FC-4801-A230-401902E6DB4E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{21986B32-A7A0-45D1-8D8E-57540F81E0FC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/05/2016 09:41:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa wwahost.exe, versión 6.2.9200.16384, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.
Identificador de proceso: 25c
Hora de inicio: 01d1601ee240aeff
Hora de finalización: 4294967295
Ruta de acceso de la aplicación: C:\Windows\system32\wwahost.exe
Identificador de informe: 4ade1d68-cc12-11e5-be73-9c2a7041d5d6
Nombre completo de paquete con errores: microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe
Identificador de aplicación relativa del paquete con errores: Microsoft.WindowsLive.Mail
Error: (02/05/2016 09:40:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: RAF-DDP-CONSTRU)
Description: Se detuvo el paquete microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe porque se tardó demasiado en suspender.
Error: (02/05/2016 09:38:33 AM) (Source: HP Registration Service) (EventID: 0) (User: )
Description: El sistema no puede encontrar el archivo especificado. (Excepción de HRESULT: 0x80070002) en TaskScheduler.ITaskFolder.DeleteTask(String Name, Int32 flags)
en HPMetrics.ScheduleTask.DeleteTask(String TaskName)
Error: (02/05/2016 09:12:42 AM) (Source: HP Registration Service) (EventID: 0) (User: )
Description: El sistema no puede encontrar el archivo especificado. (Excepción de HRESULT: 0x80070002) en TaskScheduler.ITaskFolder.DeleteTask(String Name, Int32 flags)
en HPMetrics.ScheduleTask.DeleteTask(String TaskName)
System errors:
=============
Error: (02/05/2016 09:40:59 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió una alerta irrecuperable desde el extremo remoto. El código de alerta irrecuperable definido del protocolo TLS es: 40.
Error: (02/05/2016 08:49:58 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Windows Search no respondió después de iniciar.
Error: (02/05/2016 08:39:03 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {A47979D2-C419-11D9-A5B4-001185AD2B89}
Error: (02/05/2016 08:37:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Servicio de lista de redes se cerró con el siguiente error:
%%21
Error: (02/05/2016 08:36:57 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {A47979D2-C419-11D9-A5B4-001185AD2B89}
Error: (02/05/2016 08:34:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Servicio de lista de redes se cerró con el siguiente error:
%%21
Error: (02/05/2016 08:34:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Aplicación auxiliar IP se cerró con el siguiente error:
%%1058
Error: (10/10/2012 03:00:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (10/10/2012 02:58:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (10/10/2012 02:56:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9E175B6D-F52A-11D8-B9A5-505054503030}
CodeIntegrity:
===================================
Date: 2016-02-05 09:45:44.323
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-05 09:45:33.083
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-05 09:41:36.668
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-05 09:36:40.169
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-05 09:36:40.086
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-05 09:36:40.001
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-05 09:35:48.952
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-05 09:35:48.850
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-05 09:35:48.771
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-05 09:35:43.808
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD E2-1800 APU with Radeon HD Graphics
Percentage of memory in use: 55%
Total physical RAM: 3682.26 MB
Available physical RAM: 1647.91 MB
Total Virtual: 7138.26 MB
Available Virtual: 5040.18 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:570.87 GB) (Free:438.38 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:24.53 GB) (Free:2.92 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 662809A2)
Partition: GPT.
==================== End of Addition.txt ============================