I'm running windows 7. The OS won't find updates. And the system is quite slow.
Keyboard input is laggy. Specially in browsers
Ran Kaspersky and it found nothing.
Ran malwarebytes antimalware. No joy either
Ran avira emergency. Found something inside a zip file, didn't specify what it was. Renamed and deleted it.
Ran avira again. Came up clean.
Ran CCleaner once, rebooted and re ran.
Puter is still slow and windows update won't even find updates.
Please help.
Posting Logs
________Main________
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2017
Ran by Dra Claudia Paz (administrator) on DRACLAUDIAPAZ (08-03-2017 13:33:11)
Running from C:\Users\Dra Claudia Paz\Desktop
Loaded Profiles: Dra Claudia Paz (Available Profiles: Dra Claudia Paz)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Cadwell\Cadwell TimeStamp Local Server\CadwellTimeStampLocalServerService.exe
() C:\Program Files (x86)\Cadwell\Clear Cache Service\ClearNetworkCacheService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Cadwell\Easy III\EasyIIISynchronizationService.exe
(D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-131\wirelesscm.exe
() C:\Cadwell\Easy III\QMAssistant.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\Cadwell\Easy III\ProtectedFile.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe
(Windows ® Win 7 DDK provider) C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12681320 2011-08-25] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [961184 2011-08-02] (Atheros Communications)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [FLxHCIm64] => C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [48128 2011-12-11] (Windows ® Win 7 DDK provider)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-21] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2319536 2011-10-18] (ASUS)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-07] (Piriform Ltd)
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\RunOnce: [Uninstall C:\Users\Dra Claudia Paz\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Dra Claudia Paz\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727"
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\MountPoints2: {0dbddd08-289a-11e2-a258-0008ca8643fc} - D:\AutoRun.exe
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\MountPoints2: {0fdcf634-2818-11e2-911b-0008ca8643fc} - D:\AutoRun.exe
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\MountPoints2: {120485e4-1090-11e6-b86b-9d618a382ad6} - F:\SISetup.exe
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\MountPoints2: {30cdff7e-a4a2-11e2-abe1-95987c29d85c} - E:\AutoRun.exe
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\MountPoints2: {40f93e78-9410-11e2-9e73-0008ca8643fc} - D:\AutoRun.exe
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\MountPoints2: {40f93e8a-9410-11e2-9e73-0008ca8643fc} - D:\AutoRun.exe
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\MountPoints2: {818011fa-83a6-11e2-89ac-0008ca8643fc} - D:\AutoRun.exe
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\MountPoints2: {88fe6799-11df-11e3-a209-e1676e137729} - E:\AutoRun.exe
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\MountPoints2: {964365fb-955e-11e2-924e-0008ca8643fc} - D:\AutoRun.exe
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\MountPoints2: {b70fe333-f8ee-11e1-ad09-0008ca8643fc} - D:\AutoRun.exe
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\MountPoints2: {bec3f88c-8661-11e2-83e8-0008ca8643fc} - D:\AutoRun.exe
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\MountPoints2: {c7677924-c713-11e3-89d2-e8a68d038508} - D:\AutoRun.exe
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\MountPoints2: {cd85708f-ef97-11e1-9b97-0008ca8643fc} - D:\AutoRun.exe
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\MountPoints2: {cd8570a6-ef97-11e1-9b97-0008ca8643fc} - E:\AutoRun.exe
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\MountPoints2: {d5b9e068-80a3-11e3-91d8-0008ca8643fc} - D:\AutoRun.exe
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\MountPoints2: {dc027bb6-a31f-11e2-92a3-0008ca8643fc} - D:\AutoRun.exe
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\MountPoints2: {e2ff76ff-e04e-11e2-8219-0008ca8643fc} - D:\AutoRun.exe
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\MountPoints2: {fae42925-f054-11e1-9e22-0008ca86b329} - D:\AutoRun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Connection Manager.lnk [2015-10-09]
ShortcutTarget: Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\DWA-131\wirelesscm.exe (D-Link Corp.)
Startup: C:\Users\Dra Claudia Paz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Supervisar alertas de tinta - HP Deskjet 1510 series.lnk [2015-10-09]
ShortcutTarget: Supervisar alertas de tinta - HP Deskjet 1510 series.lnk -> (No File)
Startup: C:\Users\Dra Claudia Paz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Supervisar alertas de tinta - HP Deskjet 2510 series.lnk [2015-10-09]
ShortcutTarget: Supervisar alertas de tinta - HP Deskjet 2510 series.lnk -> (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 207.248.224.71 207.248.224.72
Tcpip\..\Interfaces\{15B56455-047B-4CE3-AFFC-FDEBEDE07AE8}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{1E09B630-A77B-46A3-A674-35F48FB48776}: [DhcpNameServer] 207.248.224.71 207.248.224.72
Tcpip\..\Interfaces\{A4FF59E5-5DC9-4853-A298-681B60B1BAEF}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{C8161236-B0A1-487C-BE26-83AE1E293833}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{F619AFB1-ACAF-4C48-8C21-EE6FCDB11802}: [DhcpNameServer] 201.130.193.35 200.53.250.1 8.8.8.8
Tcpip\..\Interfaces\{F79772F4-E39E-476C-A6D3-12E7A95DD66A}: [DhcpNameServer] 10.199.0.2 8.8.8.8 208.67.222.222
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-492045416-3271723845-1171117920-1000 -> DefaultScope {E38D7D4E-FF45-41C3-AAAE-2B39C04BDB47} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-492045416-3271723845-1171117920-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-492045416-3271723845-1171117920-1000 -> {37E6031D-2BCE-4E5F-858F-2196658A9003} URL = hxxps://mx.search.yahoo.com/search?p={searchTerms}&intl=mx&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-492045416-3271723845-1171117920-1000 -> {E38D7D4E-FF45-41C3-AAAE-2B39C04BDB47} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-492045416-3271723845-1171117920-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-02] (AO Kaspersky Lab)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2016-12-02] (AO Kaspersky Lab)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-27] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-08-02] (Atheros Commnucations)
BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-27] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-02] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2016-12-02] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-492045416-3271723845-1171117920-1000 -> Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-02] (AO Kaspersky Lab)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com//activex/ractrl.cab?lmi=1882
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-12-02]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: hbgk.net/WebDvrCtrl -> C:\Program Files (x86)\WebControl\npWebCtrl.dll [2013-06-09] (TODO: <公司名>)
FF Plugin HKU\S-1-5-21-492045416-3271723845-1171117920-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Dra Claudia Paz\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-10-02] (Citrix Online)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\pdf.dll => No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Java Platform SE 7 U7) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\SysWOW64\npDeployJava1.dll => No File
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll => No File
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Profile: C:\Users\Dra Claudia Paz\AppData\Local\Google\Chrome\User Data\Default [2017-03-08]
CHR Extension: (YouTube) - C:\Users\Dra Claudia Paz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-11]
CHR Extension: (Búsqueda de Google) - C:\Users\Dra Claudia Paz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-11]
CHR Extension: (Favoritos de iCloud) - C:\Users\Dra Claudia Paz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-07-31]
CHR Extension: (Kaspersky Protection) - C:\Users\Dra Claudia Paz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi [2017-02-10]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Dra Claudia Paz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Dra Claudia Paz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Dra Claudia Paz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-10]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-08-02] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [103584 2011-08-02] (Atheros Commnucations) [File not signed]
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
R2 CadwellTimeStampLocalServerService; C:\Program Files (x86)\Cadwell\Cadwell TimeStamp Local Server\CadwellTimeStampLocalServerService.exe [9728 2012-07-19] () [File not signed]
R2 ClearCacheService; C:\Program Files (x86)\Cadwell\Clear Cache Service\ClearNetworkCacheService.exe [8704 2012-05-31] () [File not signed]
S2 DiinoService; C:\Users\Dra Claudia Paz\AppData\Roaming\Diino\DiinoService_win7_amd64.exe [57968 2012-10-05] ()
R2 EasyIIISynchronizationService; C:\Cadwell\Easy III\EasyIIISynchronizationService.exe [78848 2011-11-02] () [File not signed]
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WlanWpsSvc; C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe [167936 2008-06-26] () [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2011-12-05] (ASUSTek Computer Inc.)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2011-12-21] (Windows ® Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2011-11-07] (Windows ® Win 7 DDK provider)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [71424 2011-12-12] (Fresco Logic)
S3 hwdatacard; no ImagePath
S3 hwusbdev; no ImagePath
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-01] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [182152 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [236432 2016-12-02] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2017-03-08] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1001304 2016-08-16] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-04-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [110424 2016-08-16] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-02] (AO Kaspersky Lab)
S2 LMIInfo; no ImagePath
S4 LMIRfsClientNP; no ImagePath
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-03-08] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-03-08] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-03-08] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-08] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [82208 2017-03-08] (Malwarebytes)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-25] (Marvell Semiconductor, Inc.)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [986728 2012-02-10] (Realtek Semiconductor Corporation )
S3 RTLU3E8023-W7-64; C:\Windows\System32\DRIVERS\rtu30x64w7.sys [90328 2013-11-28] (Realtek )
S3 ZTEusbmdm6k; no ImagePath
S3 ZTEusbnmea; no ImagePath
S3 ZTEusbser6k; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-08 13:33 - 2017-03-08 13:33 - 00028626 _____ C:\Users\Dra Claudia Paz\Desktop\FRST.txt
2017-03-08 13:32 - 2017-03-08 13:32 - 00000000 ____D C:\Users\Dra Claudia Paz\Desktop\FRST-OlderVersion
2017-03-08 12:57 - 2017-03-08 12:57 - 00033162 _____ C:\Users\Dra Claudia Paz\Documents\cc_20170308_125718.reg
2017-03-07 23:03 - 2017-03-07 23:05 - 00000000 ____D C:\f3b3e7b3f288d17a3ddc44b4
2017-03-07 23:01 - 2017-03-07 23:02 - 11313360 _____ (Microsoft Corporation) C:\Users\Dra Claudia Paz\Downloads\windowsupdateagent-7.6-x64.exe
2017-03-07 21:27 - 2017-03-07 21:37 - 00000000 ____D C:\AdwCleaner
2017-03-07 21:24 - 2017-03-07 21:24 - 01663736 _____ (Malwarebytes) C:\Users\Dra Claudia Paz\Desktop\JRT.exe
2017-03-07 21:21 - 2017-03-07 21:22 - 04031440 _____ C:\Users\Dra Claudia Paz\Desktop\AdwCleaner.exe
2017-03-07 19:12 - 2017-03-08 13:33 - 00000000 ____D C:\FRST
2017-03-07 19:11 - 2017-03-08 13:32 - 02423808 _____ (Farbar) C:\Users\Dra Claudia Paz\Desktop\FRST64.exe
2017-03-07 18:36 - 2017-03-07 18:38 - 00025666 _____ C:\Users\Dra Claudia Paz\Documents\cc_20170307_183646.reg
2017-03-07 18:25 - 2017-03-07 18:25 - 00002820 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-03-07 18:25 - 2017-03-07 18:25 - 00000837 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-03-07 18:25 - 2017-03-07 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-03-07 18:24 - 2017-03-07 18:25 - 00000000 ____D C:\Program Files\CCleaner
2017-03-07 18:14 - 2017-03-07 18:16 - 09261616 _____ (Piriform Ltd) C:\Users\Dra Claudia Paz\Downloads\ccsetup527.exe
2017-03-06 16:59 - 2017-03-08 12:50 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-03-06 16:58 - 2017-03-08 12:49 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-06 16:58 - 2017-03-08 12:49 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-03-06 16:58 - 2017-03-08 12:49 - 00082208 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-03-06 16:58 - 2017-03-08 12:49 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-03-06 16:56 - 2017-03-06 16:56 - 00001882 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-06 16:56 - 2017-03-06 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-06 16:56 - 2017-03-06 16:56 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-06 16:56 - 2017-02-24 06:23 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-04 11:06 - 2017-03-04 11:06 - 00262144 _____ C:\Windows\system32\config\elam
2017-02-28 14:35 - 2017-02-28 14:36 - 10117120 _____ C:\Users\Dra Claudia Paz\Desktop\Garcia Hernandez , Ma Carmen 28-02-2017 14-06-14.EAS
2017-02-26 12:31 - 2017-02-26 12:31 - 04648819 _____ C:\Users\Dra Claudia Paz\Desktop\Proyecto consultorios 23_02_2017.pdf
2017-02-11 10:02 - 2017-02-11 10:03 - 00743667 _____ C:\Users\Dra Claudia Paz\Desktop\saenz-17-Ig-in-zoster.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-08 13:26 - 2009-07-13 22:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-08 13:26 - 2009-07-13 22:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-08 13:21 - 2012-08-26 10:17 - 00000838 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-08 13:21 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf
2017-03-08 12:46 - 2015-09-15 14:00 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-03-08 12:46 - 2012-08-26 10:05 - 00045056 _____ C:\Windows\SysWOW64\acovcnt.exe
2017-03-08 12:45 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-07 23:10 - 2016-07-11 09:55 - 00000000 ____D C:\Users\Dra Claudia Paz\Documents\Bluetooth Folder
2017-03-07 21:07 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF
2017-03-07 18:26 - 2016-08-17 17:34 - 00000000 ____D C:\Users\Dra Claudia Paz\AppData\Roaming\TeamViewer
2017-03-07 18:26 - 2014-05-20 18:08 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-03-07 18:26 - 2012-09-10 06:03 - 00000000 ____D C:\Users\Dra Claudia Paz\AppData\Local\CrashDumps
2017-03-07 11:25 - 2011-02-19 01:10 - 00776818 _____ C:\Windows\system32\perfh00A.dat
2017-03-07 11:25 - 2011-02-19 01:10 - 00169904 _____ C:\Windows\system32\perfc00A.dat
2017-03-07 11:25 - 2009-07-13 23:13 - 01746334 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-06 19:55 - 2009-07-13 20:34 - 00000429 _____ C:\Windows\win.ini
2017-03-06 16:56 - 2015-10-09 15:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-03 12:52 - 2015-06-25 20:43 - 00003450 _____ C:\Windows\System32\Tasks\Apple Diagnostics
2017-03-02 15:04 - 2015-12-20 10:13 - 00002165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.5.lnk
2017-03-02 15:04 - 2015-12-20 10:13 - 00002153 _____ C:\Users\Public\Desktop\Adobe Digital Editions 4.5.lnk
2017-02-28 14:35 - 2013-06-20 16:37 - 00000000 ____D C:\QuickMed
2017-02-25 14:24 - 2016-07-14 16:54 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-16 17:31 - 2009-07-13 23:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-02-16 11:49 - 2009-07-13 23:08 - 00032648 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-02-14 11:22 - 2012-08-26 10:17 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-14 11:22 - 2012-08-26 10:17 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-14 11:22 - 2012-08-26 10:17 - 00003776 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-14 11:21 - 2012-08-26 10:17 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-14 11:21 - 2011-10-18 16:30 - 00000000 ____D C:\Windows\SysWOW64\Macromed
==================== Files in the root of some directories =======
2012-10-31 23:07 - 2016-11-21 10:29 - 0021504 _____ () C:\Users\Dra Claudia Paz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-15 14:31 - 2013-02-15 14:31 - 0024576 _____ () C:\Users\Dra Claudia Paz\AppData\Local\uninst.tmp
2016-02-02 09:25 - 2016-02-02 09:25 - 0000000 _____ () C:\Users\Dra Claudia Paz\AppData\Local\{15C1E684-BBA0-41D2-A43C-DFA3D4C775C6}
2013-10-28 07:23 - 2013-10-28 07:23 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-10-18 16:31 - 2010-10-06 10:45 - 0131984 _____ () C:\ProgramData\FullRemove.exe
Files to move or delete:
====================
C:\Users\Dra Claudia Paz\SkypeSetup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-17 09:55
==================== End of FRST.txt ============================
Addition log
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2017
Ran by Dra Claudia Paz (08-03-2017 13:35:08)
Running from C:\Users\Dra Claudia Paz\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-08-26 16:05:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-492045416-3271723845-1171117920-500 - Administrator - Disabled)
Dra Claudia Paz (S-1-5-21-492045416-3271723845-1171117920-1000 - Administrator - Enabled) => C:\Users\Dra Claudia Paz
Invitado (S-1-5-21-492045416-3271723845-1171117920-501 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.1 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS)
ASUS PowerWiz (HKLM-x32\...\{B2DB883F-1AF3-4BE6-BE04-710D9C556C44}) (Version: 1.0.6 - ASUS)
ASUS PWR Option (HKLM-x32\...\{B7B60C4F-0DB8-42EF-8EDC-5F21D4C2D73F}) (Version: 1.0.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0037 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.6 - ASUS)
ASUS Virtual Touch (HKLM-x32\...\{938CFBD4-0652-49E5-BB8B-153948865941}) (Version: 1.0.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0014 - ASUS)
AX88772B Windows 7 Drivers (HKLM-x32\...\InstallShield_{54A168C9-2250-4058-80EB-1F4A4192548A}) (Version: 1.0.1.1 - ASIX Electronics Corporation)
AX88772B Windows 7 Drivers (x32 Version: 1.0.1.1 - ASIX Electronics Corporation) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.90 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cadwell TimeStamp Local Server (HKLM-x32\...\{5D250BAB-3AFC-486D-9796-980FF46E08CC}) (Version: 1.0.1 - Cadwell)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Clear Cache Service (HKLM-x32\...\{8F3738F0-032E-482D-AB81-6C37B950A089}) (Version: 1.0.1 - Cadwell)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
D-Link DWA-131 Wireless N Nano USB Adapter (HKLM-x32\...\{98B82958-1DCA-4504-BE88-C91F1C7A7225}) (Version: 1 - D-Link)
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland)
Easy 2.1 (HKLM-x32\...\{D9A6FF1E-A2B3-45A1-AAAA-DEE71F6D66C4}) (Version: 2.1.0 - Cadwell)
Easy III 3.12.7 (HKLM-x32\...\{E8A51736-B6CE-4D28-8FC2-01209639EF98}) (Version: 3.12.7 - Cadwell)
Easy3QuickMedWSWin7Compatibility (HKLM\...\{8fbc5499-5526-47ef-b5e5-cfe312f3d174}.sdb) (Version: - )
Easy3Win7Compatibility (HKLM\...\{d3572190-cece-434f-aa8d-6a23948acbeb}.sdb) (Version: - )
Estudio para la mejora del producto HP Deskjet 1510 series (HKLM\...\{71000761-BD38-48D3-8041-A445E260797F}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Fresco Logic USB3.0 Host Controller (HKLM\...\{6B006967-779B-49DB-BFCF-3DB3BDD2C7F7}) (Version: 3.5.24.0 - Fresco Logic Inc.)
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Deskjet 1510 series Ayuda (HKLM-x32\...\{6E20FBAA-BCB2-4429-A9A9-C8EED1254BE4}) (Version: 30.0.0 - Hewlett Packard)
HP Deskjet 1510 series Software básico del dispositivo (HKLM\...\{B610C583-FDD7-41B6-8CED-C668E51114AC}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 2510 series Ayuda (HKLM-x32\...\{72B5E26E-FE32-4E0E-BAD2-1546A2D9EAF6}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 2510 series Estudio para la mejora del producto (HKLM\...\{D9C3A88D-5B0F-4FC3-8A7C-96B4E9AB1ADC}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Setup Guide (HKLM-x32\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 2510 series Software básico del dispositivo (HKLM\...\{A8F738FC-F8E7-4581-8929-F22136401377}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 14.0.14176.1823 - Hewlett-Packard)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.50.9 - HP)
HP Support Solutions Framework (HKLM-x32\...\{8EF98706-3C4B-4C5B-B035-01187E17D0E6}) (Version: 12.5.32.203 - HP)
hppLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (x32 Version: 1.0.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
Linksys USB3GIGV1 (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 7.7.1128.2013 - Linksys)
Malwarebytes versión 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-492045416-3271723845-1171117920-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{E34002C7-8CE7-3F76-B36C-09FA973BC4F6}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{57660847-B1F7-35BD-9118-F62EB863A598}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Persyst EEGSuite 2010.01.19 (HKLM-x32\...\{881DD0CD-1C91-47BD-AD1B-BEF8B74D0E42}) (Version: 10.01.19 - Persyst Development Corporation)
Persyst System 2009.08.12 (HKLM-x32\...\{30831558-2DC8-4C16-B8E0-B245F6A9489B}) (Version: 09.08.12 - Persyst Development Corporation)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
QuickMed (HKLM-x32\...\{0BCBD81D-7070-4DAF-9B4E-59B68851D0F9}) (Version: 2.1 - Cadwell)
QuickMed (HKLM-x32\...\{5221683D-E1C0-401C-A7A2-8B7AA5F41285}) (Version: 5.2.0.59 - QuickMedEMO)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6446 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Sharepod 4.0.11.0 (HKLM-x32\...\{085BCFB8-F6FB-4600-AFAB-1F6DBC7F5F99}_is1) (Version: - Macroplant LLC)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
TechSmith Screen Codec 2 (x32 Version: 2.0.1.0 - TechSmith Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.25 - ASUS)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-492045416-3271723845-1171117920-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Dra Claudia Paz\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-492045416-3271723845-1171117920-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Dra Claudia Paz\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-492045416-3271723845-1171117920-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Dra Claudia Paz\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-492045416-3271723845-1171117920-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Dra Claudia Paz\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02C9A6D5-54DA-4F80-8741-5F3537AF105C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-07] (Piriform Ltd)
Task: {0B9FC3CB-0C35-45A4-8B09-24D4B536E8AE} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {0E7255CD-EF6B-4E7D-8D93-6EE2D6CC7DAF} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2011-11-15] (ASUS)
Task: {1AB23888-0CAD-4373-B741-4C77017C2B00} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-21] (ASUS)
Task: {23C73C89-E558-4C4F-8819-EE1591D4F63B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {2DFB06D1-7DCB-41CE-8FC9-783E8BC3D156} - System32\Tasks\ASUS Quick Gesture => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [2011-12-21] (ASUSTeK Computer Inc.)
Task: {3701F342-012A-4F2C-85A7-171333328B0F} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-12-01] (Apple Inc.)
Task: {39EF9DA5-030F-4659-BFDB-F67A1CBB1958} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-11-29] (HP Inc.)
Task: {3C99ACBB-CC1A-49E0-B380-FEDBFBB218A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {4874DC90-E3D6-4A2A-B443-25F44B985A17} - System32\Tasks\ASUS Quick Gesture (x64) => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe [2011-12-21] (ASUSTeK Computer Inc.)
Task: {545F6E0C-760D-4208-B868-1E2D28BFFEFD} - System32\Tasks\HPCustParticipation HP Deskjet 2510 series => C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {5ACBAC53-6F6D-4FFF-BFA8-444430703285} - System32\Tasks\{D6117C00-B52D-47F7-9A16-28AD0F0F4820} => pcalua.exe -a "C:\Users\Dra Claudia Paz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0GMXTJFJ\JavaSetup8u31.com" -d "C:\Users\Dra Claudia Paz\Desktop"
Task: {62864D67-14C2-4BEA-8550-16DEAFC8EC61} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-10-31] (HP Inc.)
Task: {6341B047-F668-4A40-B3ED-E04348BAA3B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {78DFEA0F-022A-49FC-B717-E1D250E3FF3A} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-12-06] (ASUS)
Task: {822A6FE0-DCA9-4A83-B1D7-90B9615F9227} - System32\Tasks\USBChargerPlus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2011-12-05] (ASUSTek Computer Inc.)
Task: {8B2BDCB5-6B12-439E-BE6B-CAB1D1B37297} - System32\Tasks\{641ABF04-1E7A-4B6A-B8B8-F9F7E98F859F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116.259/es/abandoninstall?source=lightinstaller&page=tsProgressBar
Task: {8F0E07CA-EAEE-4185-83BA-2F57579AFD64} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14] (Adobe Systems Incorporated)
Task: {8F60FD25-FDCB-41D7-B73C-7730850824A0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {9FA5B70A-2D01-46C4-96D4-890D4B990BE7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {A0D5EAC1-D8BA-4CD0-BC74-AFBDC68BBCA7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {B52031A6-EF04-471B-9BCC-0FF25E07875F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {BBBA8C84-AAAB-455D-8C9E-185FC09D4B15} - System32\Tasks\{AE4A5C14-ACAA-4FD5-8298-9805B48C30D1} => pcalua.exe -a "C:\Users\Dra Claudia Paz\Desktop\install_suite_20081022\install_suite.exe" -d "C:\Users\Dra Claudia Paz\Desktop\install_suite_20081022"
Task: {C735348B-9131-49F6-AB70-3DBBB6E44075} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {D2217941-28F1-498B-8029-420737BC9960} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {D40621FF-318C-4DD1-94FD-1E8200AE9B0C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {D7A9F97B-C334-4F76-8045-864AD653F190} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {F32FA6E7-B377-4F7F-9B50-DFBCA92439A5} - System32\Tasks\{C29C22C6-765D-42BB-AE70-C3149F7EFA96} => pcalua.exe -a "C:\Users\Dra Claudia Paz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U9NB0MB8\jre-8u25-windows-i586.com" -d "C:\Users\Dra Claudia Paz\Desktop"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-05-02 16:50 - 2012-08-31 14:03 - 00288768 _____ () C:\Windows\System32\HP1100LM.DLL
2015-04-20 20:21 - 2012-09-18 14:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2015-04-20 20:21 - 2012-09-18 14:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2016-05-02 16:56 - 2012-08-31 14:02 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2016-03-18 21:56 - 2016-03-18 21:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 21:56 - 2016-03-18 21:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-07-19 14:53 - 2012-07-19 14:53 - 00009728 _____ () C:\Program Files (x86)\Cadwell\Cadwell TimeStamp Local Server\CadwellTimeStampLocalServerService.exe
2012-05-31 16:33 - 2012-05-31 16:33 - 00008704 _____ () C:\Program Files (x86)\Cadwell\Clear Cache Service\ClearNetworkCacheService.exe
2010-07-14 18:11 - 2010-07-14 18:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2011-11-02 14:32 - 2011-11-02 14:32 - 00078848 ____R () C:\Cadwell\Easy III\EasyIIISynchronizationService.exe
2012-01-12 13:44 - 2012-01-12 13:44 - 00155648 _____ () c:\cadwell\easy iii\QMAssistant.exe
2012-01-12 13:43 - 2012-01-12 13:43 - 00049152 _____ () C:\Cadwell\Easy III\ProtectedFile.exe
2015-10-09 12:42 - 2008-06-26 18:09 - 00167936 _____ () C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe
2017-03-06 16:56 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-06 16:56 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-12-22 01:47 - 2015-12-22 01:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\kpcengine.2.3.dll
2011-12-06 18:21 - 2011-12-06 18:21 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2016-03-18 21:56 - 2016-03-18 21:56 - 01040656 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-18 21:56 - 2016-03-18 21:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 21:56 - 2016-03-18 21:56 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-10-09 12:42 - 2011-01-07 13:29 - 00413696 _____ () C:\Program Files (x86)\D-Link\DWA-131\WlanDll.dll
2012-07-19 15:22 - 2012-07-19 15:22 - 00069632 _____ () C:\Program Files (x86)\Cadwell\Cadwell TimeStamp Local Server\QMGlobalData.dll
2012-01-12 13:43 - 2012-01-12 13:43 - 00077824 _____ () C:\Cadwell\Easy III\RemotePipe.dll
2012-01-12 13:44 - 2012-01-12 13:44 - 00151552 _____ () C:\Cadwell\Easy III\QMNetworkDataComm.dll
2012-01-12 13:45 - 2012-01-12 13:45 - 00163840 _____ () C:\Cadwell\Easy III\JPEGWindow.ocx
2012-01-12 13:45 - 2012-01-12 13:45 - 00065536 _____ () C:\Cadwell\Easy III\JPEGFunctions.dll
2012-01-12 13:45 - 2012-01-12 13:45 - 00061440 _____ () C:\Cadwell\Easy III\QMUserSettings.dll
2009-07-13 15:03 - 2009-07-13 19:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2007-07-12 13:11 - 2007-07-12 13:11 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2017-02-02 19:00 - 2017-02-01 03:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-02 19:00 - 2017-02-01 03:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-03-02 09:47 - 2017-02-02 12:30 - 17840216 _____ () C:\Users\Dra Claudia Paz\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.221\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-492045416-3271723845-1171117920-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dra Claudia Paz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 207.248.224.71 - 207.248.224.72
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AppleIEDAV => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{53EFF49C-B92F-410D-9B7A-CB2FCD164130}] => (Allow) C:\Users\Dra Claudia Paz\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{5A3A99D3-6C22-4175-9B6B-F986549A41B4}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{6BA3C4F4-C4BE-4D26-A601-8BD72547FDF2}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{C49F1AC1-2556-43FC-8635-AA7F666043F1}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{48CA0BB4-9020-4184-87D6-0B04107D98D0}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{3C136625-5646-4045-B7DB-AA56BCAA7803}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8F2F2AA0-A2A5-443B-8C3A-BEF78B65BF1B}] => (Allow) LPort=2869
FirewallRules: [{3A6913C2-4742-431B-9556-C4EED8E6512C}] => (Allow) LPort=1900
FirewallRules: [{2E8B4FCB-5403-410B-9631-A62316E28DA8}] => (Allow) C:\Cadwell\Easy III\EasyAnalyzerApp.exe
FirewallRules: [{56DCC10C-92C7-4B27-89AF-726E0D446F46}] => (Allow) C:\Cadwell\Easy III\EasyAnalyzerApp.exe
FirewallRules: [{9FE8EC86-2E14-4FB6-B95E-764527F590F9}] => (Allow) C:\Cadwell\Easy III\Amb2HardwareServer.exe
FirewallRules: [{7707CDF0-6CBD-4D81-B23F-46035D1CF526}] => (Allow) C:\Cadwell\Easy III\Amb2HardwareServer.exe
FirewallRules: [{477FEE92-7156-46FA-9115-20BAAA899490}] => (Allow) C:\Cadwell\Easy III\Amb2HardwareServer.exe
FirewallRules: [{868B92C8-3EEE-4975-973A-2D91A7C9302E}] => (Allow) C:\Cadwell\Easy III\Amb2HardwareServer.exe
FirewallRules: [{C453DCA9-1CD8-4EB8-A2F5-BB3AC26E4388}] => (Allow) C:\Cadwell\Easy III\AmbulatoryDownloaderApp.exe
FirewallRules: [{583C567E-5DD5-470A-80EA-F60EA1950BBB}] => (Allow) C:\Cadwell\Easy III\AmbulatoryDownloaderApp.exe
FirewallRules: [{156D72B3-84F0-4A99-B185-4ECA3CD78DF5}] => (Allow) C:\Cadwell\Easy III\AmbulatoryDownloaderApp.exe
FirewallRules: [{9650FB69-058C-4655-91C1-71FA4B0DC28B}] => (Allow) C:\Cadwell\Easy III\AmbulatoryDownloaderApp.exe
FirewallRules: [{7FA6F450-60BC-4AB3-95E1-EACFDDC0FD79}] => (Allow) C:\Cadwell\Easy III\Easy3DataServer.exe
FirewallRules: [{F4BA75E4-D2B0-411C-9E36-A68A3C6FD5C1}] => (Allow) C:\Cadwell\Easy III\Easy3DataServer.exe
FirewallRules: [{AE2D59E3-A470-4916-A833-899B2D52FAB7}] => (Allow) C:\Cadwell\Easy III\Easy3DataServer.exe
FirewallRules: [{5F5BC058-2925-4B3E-B318-3FE0F2A8C1E0}] => (Allow) C:\Cadwell\Easy III\Easy3DataServer.exe
FirewallRules: [{43D5A1C8-D91F-48D5-ADAE-11B9D9CDB3B7}] => (Allow) C:\Cadwell\Easy III\Easy3HardwareServer.exe
FirewallRules: [{B500B995-B557-4A71-8CE9-454100826238}] => (Allow) C:\Cadwell\Easy III\Easy3HardwareServer.exe
FirewallRules: [{58D6FFB5-54EA-4BD4-A0B7-07F65DCD7BBC}] => (Allow) C:\Cadwell\Easy III\Easy3HardwareServer.exe
FirewallRules: [{7C977646-0F70-44E8-9BE3-772430E485B8}] => (Allow) C:\Cadwell\Easy III\Easy3HardwareServer.exe
FirewallRules: [{CE2DF80F-FB3A-421F-92BD-6E208C8721B0}] => (Allow) C:\Cadwell\Easy III\Easy2HardwareServer.exe
FirewallRules: [{19AE6832-A7B9-4060-9B99-74D52921B4A3}] => (Allow) C:\Cadwell\Easy III\Easy2HardwareServer.exe
FirewallRules: [{EAA0B27A-8A5F-4A3F-8730-FFBA6C2EDDCE}] => (Allow) C:\Cadwell\Easy III\Easy2HardwareServer.exe
FirewallRules: [{42FEBA5C-703E-43BC-B1D6-B8FB11073360}] => (Allow) C:\Cadwell\Easy III\Easy2HardwareServer.exe
FirewallRules: [{359ECE86-CFB7-4BF3-B153-DE4E098FDC63}] => (Allow) C:\Program Files\HP\HP Deskjet 2510 series\Bin\USBSetup.exe
FirewallRules: [TCP Query User{22AD186E-33F9-44BC-8D9E-FAF3E350D479}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{2538FD4D-CC8B-4B9C-90D1-032D23AFF662}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{C2477499-7290-4109-9CAB-ED8B1C1D07EE}C:\program files (x86)\microsoft office\office14\winword.exe] => (Allow) C:\program files (x86)\microsoft office\office14\winword.exe
FirewallRules: [UDP Query User{4C955142-3DD1-48F5-81A4-80E52EFD37E5}C:\program files (x86)\microsoft office\office14\winword.exe] => (Allow) C:\program files (x86)\microsoft office\office14\winword.exe
FirewallRules: [{C71686C9-7D85-40DF-8A07-E2E2C1AA34AF}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe
FirewallRules: [{84E9B90C-5DF2-4328-AB45-58D753AE005A}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3E4C138E-A970-4526-9BA7-E55DCCF61B56}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{53AD78B6-8ECC-4324-8BA0-83E480C4916F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BE94C0E1-6CD9-4610-9F98-088636C8E8C1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{234F564E-933B-4A3E-B578-DFFDAAF068E2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{380E393E-3DD3-4531-8947-28434510A27C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8AB21A84-BA06-4F7A-8174-3B8159151D73}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B60F3B7A-9F44-4334-8B58-616FC320FC39}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7A129524-1898-4A82-9C47-5274ADE95AF1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3F91A085-2223-4210-B512-E932D9DF798C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{78C39ABD-6610-46FA-9FFD-67761BBD76D3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
17-05-2016 11:40:39 Eliminado Internet Telcel Banda Ancha Móvil
26-05-2016 09:14:19 Punto de control programado
09-06-2016 12:04:44 Punto de control programado
17-06-2016 10:02:36 Punto de control programado
31-10-2016 11:13:27 Installed TechSmith Screen Codec 2
28-11-2016 14:10:27 Windows Update
29-11-2016 12:10:27 Windows Update
04-12-2016 14:07:48 Windows Update
05-12-2016 14:28:02 Windows Update
16-12-2016 15:15:45 Windows Update
07-03-2017 21:40:34 JRT Pre-Junkware Removal
07-03-2017 23:03:43 Windows Update
==================== Faulty Device Manager Devices =============
Name: LogMeIn Kernel Information Provider
Description: LogMeIn Kernel Information Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: LMIInfo
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/07/2017 11:03:42 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.
Operación:
Recopilando datos del escritor
Contexto:
Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
Nombre del escritor: System Writer
Id. de instancia del escritor: {722739d6-78f2-4006-a43f-3caec8728fd2}
Error: (03/07/2017 06:41:21 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: No se puede inicializar el índice.
Detalles:
El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/07/2017 06:41:21 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: No se puede inicializar la aplicación.
Contexto: aplicación Windows
Detalles:
El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/07/2017 06:41:21 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: No se puede inicializar el objeto Recopilador.
Contexto: aplicación Windows, catálogo SystemIndex
Detalles:
El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/07/2017 06:41:21 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: No se puede inicializar el complemento <Search.TripoliIndexer>.
Contexto: aplicación Windows, catálogo SystemIndex
Detalles:
No se ha encontrado el elemento. (HRESULT : 0x80070490) (0x80070490)
Error: (03/07/2017 06:41:21 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: No se puede inicializar el complemento <Search.JetPropStore>.
Contexto: aplicación Windows, catálogo SystemIndex
Detalles:
El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/07/2017 06:41:21 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: El servicio Windows Search no puede cargar la información del almacén de propiedades.
Contexto: aplicación Windows, catálogo SystemIndex
Detalles:
La base de datos del índice de contenido está dañada. (HRESULT : 0xc0041800) (0xc0041800)
Error: (03/07/2017 06:41:21 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: El servicio Windows Search se está deteniendo porque hay un problema con el indizador: The catalog is corrupt.
Detalles:
El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/07/2017 06:41:21 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: El servicio de búsqueda detectó archivos de datos dañados en el índice {id=4700}. Este servicio intentará corregir este problema automáticamente mediante la nueva generación del índice.
Detalles:
El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/07/2017 06:41:21 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: El servicio Windows Search no puede abrir el almacén de propiedades de Jet.
Detalles:
0x%08x (0xc0041800 - La base de datos del índice de contenido está dañada. (HRESULT : 0xc0041800))
System errors:
=============
Error: (03/08/2017 12:46:36 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
cdrom
Error: (03/08/2017 12:46:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio LogMeIn Kernel Information Provider no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (03/08/2017 12:46:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio DiinoService no pudo iniciarse debido al siguiente error:
El servicio no respondió a tiempo a la solicitud de inicio o de control.
Error: (03/08/2017 12:46:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio DiinoService.
Error: (03/08/2017 12:45:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 11:27:10 del 08/03/2017 resultó inesperado.
Error: (03/08/2017 11:13:22 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
cdrom
Error: (03/08/2017 11:13:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio LogMeIn Kernel Information Provider no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (03/08/2017 11:13:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio DiinoService no pudo iniciarse debido al siguiente error:
El servicio no respondió a tiempo a la solicitud de inicio o de control.
Error: (03/08/2017 11:13:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio DiinoService.
Error: (03/07/2017 11:08:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
cdrom
CodeIntegrity:
===================================
Date: 2016-02-20 08:21:43.579
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2016-02-20 08:21:43.501
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2016-02-20 08:21:27.647
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2016-02-20 08:21:27.585
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2016-02-20 08:20:51.984
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2016-02-20 08:20:51.875
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
==================== Memory info ===========================
Processor: Intel® Core i5-2557M CPU @ 1.70GHz
Percentage of memory in use: 77%
Total physical RAM: 3998.64 MB
Available physical RAM: 880.88 MB
Total Virtual: 9993.85 MB
Available Virtual: 5779.1 MB
==================== Drives ================================
Drive c: (Neurovie System) (Fixed) (Total:111.24 GB) (Free:27.65 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 13BA8FCF)
Partition 1: (Active) - (Size=111.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=8 GB) - (Type=1C)
==================== End of Addition.txt ============================
Thanks