Scribd
Upload
288 views17 pages

Addition

This document summarizes the results of a scan run by the Farbar Recovery Scan Tool. It lists accounts, security software, and installed programs on a Windows 7 Home Premium system. Notable programs found include Adobe Photoshop and Reader, Microsoft Office 2010, Google Chrome, and security software like Microsoft Security Essentials and GridinSoft Anti-Malware. The document provides a detailed listing but no significant issues were explicitly called out.

Uploaded by

Marcos Witman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
288 views17 pages

Addition

This document summarizes the results of a scan run by the Farbar Recovery Scan Tool. It lists accounts, security software, and installed programs on a Windows 7 Home Premium system. Notable programs found include Adobe Photoshop and Reader, Microsoft Office 2010, Google Chrome, and security software like Microsoft Security Essentials and GridinSoft Anti-Malware. The document provides a detailed listing but no significant issues were explicitly called out.

Uploaded by

Marcos Witman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 17

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2017

Ran by Owner (20-01-2017 21:18:22)


Running from C:\Users\Owner\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-09-06 21:26:07)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================


Administrator (S-1-5-21-279859413-562935762-3602120501-500 - Administrator - Dis
abled) => C:\Users\Administrator
Guest (S-1-5-21-279859413-562935762-3602120501-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-279859413-562935762-3602120501-1003 - Limited - Enabled
)
Owner (S-1-5-21-279859413-562935762-3602120501-1001 - Administrator - Enabled) =
> C:\Users\Owner
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF1
7-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A
7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1AC
F46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to un
hide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorpor
ated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version
: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24
.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24
.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC
}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1)
(Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Versi
on: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version:
11.0.00 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6
.6.636 - Adobe Systems, Inc.)
Air Playit 2.0.0 (HKLM\...\Air Playit_is1) (Version: - Digiarty)
AirDroid 3.3.5.3 (HKLM-x32\...\AirDroid) (Version: 3.3.5.3 - Sand Studio)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (32 bits) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9
CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C
71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (V
ersion: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Ver
sion: 2.2.0.150 - Apple Inc.)
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.42 - ArcSo
ft)
ArcSoft TotalMedia (x32 Version: 1.0.61.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6
A2}) (Version: 2.0.0.38 - ArcSoft)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Baidu WiFi Hotspot (HKLM-x32\...\Baidu WiFi Hotspot) (Version: 5.1.4.124910 - Ba
idu, Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.83.6332 - BlueStac
k Systems, Inc.)
Breakaway Audio Enhancer (HKLM-x32\...\BreakawayPersonalForWindows) (Version: -
)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon
Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon In
c.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPL
M100) (Version: 4.1.0 - Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_
Canon_MG2400_series) (Version: 1.00 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen
Manual) (Version: 7.6.1 - Canon Inc.)
Canon MP230 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_C
anon_MP230_series) (Version: 1.00 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Can
on Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Fi
les) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine)
Chrome Remote Desktop Host (HKLM-x32\...\{D669DC52-B1A4-4933-878D-CB80F660D95D})
(Version: 55.0.2883.17 - Google Inc.)
Computrace (HKLM-x32\...\{3CB9DF26-0C92-42DF-BEF0-68A00E8CCBCB}) (Version: 8.0.9
10 - Absolute Software Inc.)
Cracklock 3.9.44 (HKLM-x32\...\Cracklock_is1) (Version: 3.9.44 - William Blum)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft
Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
EaseUS Partition Master 9.2.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Versio
n: - EaseUS)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Freemake Video Converter versin 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1)
(Version: 4.1.6 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPP Remote Server (HKLM-x32\...\{2882FB5F-D4C1-4463-BABF-B0D29E2DB7B8}) (Version
: 5.0.0.5 - GPPSoft)
GridinSoft Anti-Malware (HKLM\...\GridinSoft Anti-Malware) (Version: 3.0.72 - Gr
idinSoft LLC)
HP 3D DriveGuard (HKLM\...\{5B4F3B85-83F0-4BBF-9052-7A38B6B09634}) (Version: 5.0
.8.0 - Hewlett-Packard Company)
iFunbox (v3.0.3939.1352) (HKLM-x32\...\iFunbox_is1) (Version: v3.0.3939.1352 - i
Funbox DevTeam)
IllustratorCs6 versin 16.0 (HKLM-x32\...\{B558D09D-AF45-4008-B73B-409706BC7FF8}_i
s1) (Version: 16.0 - Nws)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-
4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
iTools 3 version 3.3.9.4 (HKLM-x32\...\{9AD3B3CA-16DF-4113-9178-89263F2E3820}_is
1) (Version: 3.3.9.4 - Thinksky, Inc.)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - A
pple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version
: 8.0.1110.14 - Oracle Corporation)
Jump Desktop Connect (HKLM-x32\...\{3A8B9AAD-3646-41ED-8F02-78C7A48B01CE}) (Vers
ion: 5.0.73.0 - Phase Five Systems)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
KMSpico v9.2.3 (HKLM\...\KMSpico_is1) (Version: 9.2.3 - )
Malwarebytes versin 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_i
s1) (Version: 3.0.5.1299 - Malwarebytes)
MEmu (HKLM-x32\...\MEmu) (Version: 2.9.1.1 - Microvirt)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}
- 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - Spanish/Espaol (HKLM-x32\...\Office14.OMUI.
es-es) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version
: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6
.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version
: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf
-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a
-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-89
1a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-92
7d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE
-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C70
01-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporatio
n)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D
76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporatio
n)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F
6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25
302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F
1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corpor
ation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-
B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E
5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a190
9659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporatio
n)
MiniTool Partition Wizard Professional Edition 9.1 (HKLM-x32\...\{2991A446-D356-
44EC-930A-42E8B02A67C0}_is1) (Version: - MiniTool Solution Ltd.)
Mobizen (HKLM-x32\...\{BA0D3A44-BCEE-4C8B-BCD4-F7F1E64F41E3}) (Version: 2.21.4.3
- RSUPPORT)
Mortal Kombat Komplete Edition (HKLM-x32\...\Mortal Kombat Komplete Edition_is1)
(Version: - Warner Bros. Interactive Entertainment)
Moto Racer Collection (HKLM-x32\...\Moto Racer Collection_is1) (Version: - )
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-
US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 3
3.1.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Vers
ion: 4.30.2100.0 - Microsoft Corporation)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31
}) (Version: - )
Nero 2014 (HKLM-x32\...\{F384C1E1-3A16-4073-95C3-7271FE0ED4C2}) (Version: 15.0.0
2200 - Nero AG)
Nitro Pro 10 (HKLM\...\{A64AB15A-1974-4FF4-B5B7-BDEA9FBDB0AD}) (Version: 10.5.1.
17 - Nitro)
Opera Stable 42.0.2393.137 (HKLM-x32\...\Opera 42.0.2393.137) (Version: 42.0.239
3.137 - Opera Software)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - No
mbre de su organizacin)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79
.80.95 - Apple Inc.)
RAR Recovery Toolbox 1.1 (HKLM-x32\...\RAR Recovery Toolbox_is1) (Version: - Re
covery ToolBox)
Roxio Creator Business (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Ve
rsion: 10.3 - Roxio)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D811
1E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 5.14 (64-bit) (HKLM\...\Sandboxie) (Version: 5.14 - Sandboxie Holdings
, LLC)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\..
.\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84
F0-A52B21A49B5B}) (Version: - Microsoft)
Social2Search (HKLM\...\2029eddb2f25e77262f72ecacd4e0487) (Version: 11.12.1.250
(i1.0) - Social2Search) <==== ATTENTION
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.71503 - TeamViewer)
TP-LINK TL-WN725N_TL-WN723N Controlador (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-D
A76037546BA}) (Version: 1.3.1 - TP-LINK)
UltraISO Premium V9.65 (HKLM-x32\...\UltraISO_is1) (Version: - )
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Vers
ion: 1.0.4 - ClockworkMod)
USB Game Controller (HKLM-x32\...\{D3DF3D05-DE2A-476A-A384-08FCD58D9FE7}) (Versi
on: 2007.01.01 - )
USB Gamepad (HKLM-x32\...\FT2491) (Version: - )
Utilidad de configuracin inalmbrica de TP-LINK (HKLM-x32\...\{319D91C6-3D44-436C-9
F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Vegas Pro 10.0 (HKLM-x32\...\{3BE3A580-D09A-11DF-9D8B-0013D3D69929}) (Version: 1
0.0.387 - Sony)
Vegas Pro 13.0 (64-bit) (HKLM\...\{3934F12E-091D-11E4-A0AD-F04DA23A5C58}) (Versi
on: 13.0.373 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB71
36F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F
06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLA
N)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34
789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar G
mbH)
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CF}) (Version: 15.0.100
39 - WinZip Computing, S.L. )
Wondershare MirrorGo(Version 1.7.0) (HKLM-x32\...\{EE843B49-D9BC-4A9E-A8A7-B9F14
C0381C7}_is1) (Version: 1.7.0 - Wondershare)
Xara 3D Maker 7 (HKLM-x32\...\MAGIX_MSI_Xara3D7) (Version: 7.0.0.415 - Xara Grou
p Ltd)
Xara 3D Maker 7 (x32 Version: 7.0.0.415 - Xara Group Ltd) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. T
he file will not be moved unless listed separately.)
HKU\S-1-5-21-279859413-562935762-3602120501-1001\...\ChromeHTML: -> c:\Program F
iles (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-279859413-562935762-3602120501-1001_Classes\CLSID\{6A2
21957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\Au
toCAD 2013\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-279859413-562935762-3602120501-1001_Classes\CLSID\{BD0
DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\Au
toCAD 2013\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-279859413-562935762-3602120501-1001_Classes\CLSID\{E2C
40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\A
utoCAD 2013\en-US\acadficn.dll => No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. T
he file will not be moved unless listed separately.)
Task: {05E02F8C-726C-47EC-9D52-253245349620} - System32\Tasks\Adobe Acrobat Upda
te Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-
12-19] (Adobe Systems Incorporated)
Task: {1024AC66-6752-45D1-AA86-64F9C5D1119D} - System32\Tasks\Driver Booster Ski
pUAC (Owner) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.
exe
Task: {11A81DD7-29FB-4DDF-8019-C1DD9B959C33} - System32\Tasks\Adobe Flash Player
PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pep
per.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {219F7400-F90F-46B5-A589-D17F8B313FF9} - \osTip -> No File <==== ATTENTION
Task: {2BE441F7-65A8-45FD-95A8-0D7C689D2474} - \KuaiZip_Update -> No File <====
ATTENTION
Task: {2D33DCCF-559C-4CE8-9197-73DE8D7C696D} - System32\Tasks\Adobe Flash Player
Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [201
7-01-10] (Adobe Systems Incorporated)
Task: {3B182D21-159C-4AB7-826E-CDFA8C62B032} - System32\Tasks\GridinSoft Anti-Ma
lware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe [2017-01-19] (GridinS
oft LLC)
Task: {56B0D180-EBAE-4879-913B-1A5AB92E9562} - System32\Tasks\Java Platform SE A
uto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
[2016-09-22] (Oracle Corporation)
Task: {5CA32DC3-7D06-42BF-80E8-A622B3C7D946} - System32\Tasks\Opera scheduled Au
toupdate 1426906561 => C:\Program Files (x86)\Opera\launcher.exe [2017-01-16] (O
pera Software)
Task: {5DB9CD73-54A5-45B2-B2F5-82CFBF58F751} - System32\Tasks\GoogleUpdateTaskMa
chineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31]
(Google Inc.)
Task: {64D6D13F-9C37-40D5-84A5-A526659F9CF4} - \Update Service YourFileDownloade
r -> No File <==== ATTENTION
Task: {651EF042-8112-4CFB-ACE8-15934C27CCDA} - System32\Tasks\Apple\AppleSoftwar
eUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016
-02-23] (Apple Inc.)
Task: {6F1EF6A0-3AEC-4598-8D20-2261ECB2930F} - System32\Tasks\{2A3FAA59-205C-4C3
D-BB8F-E50802655B8B} => pcalua.exe -a C:\Users\Owner\AppData\Roaming\omniboxes\U
ninstallManager.exe -c -ptid=obw
Task: {7002D442-B654-45DE-8D21-353D3B361D5E} - System32\Tasks\{AE172EC7-69ED-4EE
5-A5F9-41098600C111} => H:\6MO8L5P13E64\Microsoft Office Language Pack 2013 Espao
l x64\Microsoft Office Language Pack 2013 Espaol x64 X18-51581.exe
Task: {73B4EB06-6561-473B-84BB-62B278B8738D} - System32\Tasks\AutoPico Daily Res
tart => C:\Program Files\KMSpico\AutoPico.exe [2014-10-09] (@ByELDI)
Task: {9BD423E6-C764-4185-B513-346BB70B84B0} - System32\Tasks\GoogleUpdateTaskMa
chineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (G
oogle Inc.)
Task: {9C3308DE-1148-45FF-B490-86CEE36C3EDB} - \Microsoft\Windows\Multimedia\Man
ager -> No File <==== ATTENTION
Task: {A3E03A1F-5A0E-4746-BF55-5DD1FDFE0C80} - System32\Tasks\Nero\Nero Info =>
C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-08-20] (Ne
ro AG)
Task: {A6A6A6C4-F92D-4A00-9060-F679D3E273A1} - System32\Tasks\AdobeAAMUpdater-1.
0-student-PC-Owner => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\U
pdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {B054FBAE-D113-4A28-B56C-290ED0BB3BC1} - System32\Tasks\{FFAE5A55-AB8B-452
E-81C8-9AA1FA7427C9} => pcalua.exe -a C:\Users\Owner\AppData\Local\Temp\jre-8u91
-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==
== ATTENTION
Task: {CE0DAA14-27E5-4B42-BBA4-DC924F985A22} - System32\Tasks\SidebarExecute =>
C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corpo
ration)
Task: {CEA3BEE0-4BAE-4B9A-9A72-8B4A0430C359} - System32\Tasks\0915avUpdateInfo =
> C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe
Task: {D722DA34-9889-4741-A1A9-F6ED232889EE} - System32\Tasks\{D66B08D7-2AC2-4F5
F-A4D6-B00A18CF4535} => pcalua.exe -a C:\Users\Owner\AppData\Roaming\luckysearch
es\UninstallManager.exe -c -ptid=exp
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove -
> No File <==== ATTENTION
Task: {EEE91BBF-F16F-4EBD-9EA6-07F97F3D7B41} - System32\Tasks\AVG EUpdate Task =
> avgsetupx.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The
file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWO
W64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Mac
romed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Owner\Desktop\Strt luStcks.lnk -> C:\Users\Owner\AppData\Roaming\
Browsers\exe.rehcnualtrats-dh.bat (No File) <===== Cyrillic
Shortcut: C:\Users\Owner\Desktop\Angel\Strt luStaks.lnk -> C:\Users\Owner\AppData\Ro
aming\Browsers\exe.rehcnualtrats-dh.bat (No File) <===== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\I
ntrnt plrr.lnk -> C:\Users\Owner\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <
===== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\A
plicaciones de Chrome\Vysr.lnk -> C:\Users\Owner\AppData\Roaming\Browsers\exe.emo
rhc.bat (No File) <===== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\A
plicaciones de Chrome\scritori remoto d hrome.lnk -> C:\Users\Owner\AppData\Roaming\
Browsers\exe.emorhc.bat (No File) <===== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\A
ccessories\System Tools\Intrnt Exlrr (No Add-ns).lnk -> C:\Users\Owner\AppData\Roaming
\Browsers\exe.erolpxei.bat (No File) <===== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launc
h\Gogl hrm.lnk -> C:\Users\Owner\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <=
==== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launc
h\Lunh Internt Exlorr Browsr.lnk -> C:\Users\Owner\AppData\Roaming\Browsers\exe.erolpx
ei.bat (No File) <===== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launc
h\irDrid.lnk -> C:\Users\Owner\AppData\Roaming\Browsers\exe.rehcnual.bat (No File)
<===== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launc
h\User Pinned\TaskBar\ozill Firefox (2).lnk -> C:\Users\Owner\AppData\Roaming\Brow
sers\exe.xoferif.bat (No File) <===== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launc
h\User Pinned\TaskBar\ozill Firefox.lnk -> C:\Users\Owner\AppData\Roaming\Browsers
\exe.xoferif.bat (No File) <===== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launc
h\User Pinned\ImplicitAppShortcuts\69639df789022856\Ggl Chrme.lnk -> C:\Users\Owner\
AppData\Roaming\Browsers.quarantined\exe.emorhc.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ggle Chrome.lnk ->
C:\Users\Owner\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <===== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ozilla Firef.lnk ->
C:\Users\Owner\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <===== Cyrilli
c
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\per.lnk -> C:\Users
\Owner\AppData\Roaming\Browsers\exe.rehcnual.bat (No File) <===== Cyrillic
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Men
u\Programs\Aplicaciones de Chrome\Escritorio remoto de Chrome.lnk -> C:\Program
Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-dir
ectory="Profile 1" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Men
u\Programs\Aplicaciones de Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chr
ome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --a
pp-id=gidgenkbbabolejbgbpnhbimgjbffefm
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer
\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Applicat
ion\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer
\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.ln
k -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -
> --profile-directory="Profile 1" --disable-quic
==================== Loaded Modules (Whitelisted) ==============
2013-09-05 02:17 - 2013-09-05 02:17 - 04300456 _____ () C:\Program Files\Common
Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2016-11-17 01:28 - 2016-11-17 01:28 - 00092472 _____ () C:\Program Files\Common
Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 01353528 _____ () C:\Program Files\Common
Files\Apple\Apple Application Support\libxml2.dll
2017-01-19 12:30 - 2017-01-19 12:30 - 00956368 _____ () C:\Program Files\GridinS
oft Anti-Malware\libmem.dll
2017-01-17 20:50 - 2017-01-17 20:50 - 01620992 _____ () C:\ProgramData\service.e
xe
2015-07-24 23:37 - 2013-05-14 03:50 - 00140936 _____ () C:\Program Files (x86)\C
anon\IJPLM\IJPLMSVC.EXE
2015-05-06 06:55 - 2015-05-06 06:55 - 00418968 _____ () C:\Program Files\Nitro\P
ro 10\Nitro_UpdateService.exe
2015-05-06 06:55 - 2015-05-06 06:55 - 02543768 _____ () C:\Program Files\Nitro\P
ro 10\Nitro_KissMetrics.dll
2017-01-17 22:05 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWARE
BYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-01-17 22:05 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWARE
BYTES\ANTI-MALWARE\arwlib.dll
2017-01-17 22:05 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWARE
BYTES\ANTI-MALWARE\MwacLib.dll
2016-12-30 16:02 - 2012-02-28 15:06 - 10468672 _____ () C:\Program Files\Digiart
y\Air_Playit\airplayit.exe
2017-01-17 20:48 - 2017-01-18 03:10 - 02072064 _____ () C:\Users\Owner\AppData\L
ocal\Temp\00011778\msiql.exe
2015-10-18 14:44 - 2009-08-22 18:25 - 00102400 _____ () C:\Program Files (x86)\3
d over\D3DOverrider.exe
2015-08-31 16:09 - 2015-08-31 16:09 - 00005632 _____ () C:\Program Files (x86)\C
lockworkMod\Universal Adb Driver\AdbNativeMessaging.exe
2015-08-31 16:09 - 2015-08-31 16:09 - 00819200 _____ () C:\Program Files (x86)\C
lockworkMod\Universal Adb Driver\adb.exe
2015-10-18 14:44 - 2009-08-22 18:25 - 00032768 _____ () C:\Program Files (x86)\3
d over\D3DOverriderHooks.dll
2016-12-30 16:02 - 2011-07-18 18:11 - 00435560 _____ () C:\Program Files\Digiart
y\Air_Playit\CI.DLL
2016-12-30 16:02 - 2012-02-08 17:09 - 00780096 _____ () C:\Program Files\Digiart
y\Air_Playit\SERVERADMIN.DLL
2016-12-30 16:02 - 2011-12-31 10:51 - 01654592 _____ () C:\Program Files\Digiart
y\Air_Playit\Config.dll
2013-09-05 02:14 - 2013-09-05 02:14 - 04300456 _____ () C:\Program Files (x86)\C
ommon Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-06-29 18:17 - 2012-10-23 16:26 - 00002560 _____ () C:\Program Files (x86)\D
AEMON Tools Pro\MSIMG32.dll
2016-12-30 16:02 - 2011-07-12 02:25 - 00572336 _____ () C:\Program Files\Digiart
y\Air_Playit\sqlite3.dll
2016-12-02 19:01 - 2016-12-02 19:00 - 48920064 _____ () C:\Program Files (x86)\A
VG\UiDll\2623\libcef.dll
2015-10-18 14:44 - 2009-08-22 18:25 - 00057344 _____ () C:\Program Files (x86)\3
d over\RTFC.dll
2015-10-18 14:44 - 2009-08-22 18:25 - 00106496 _____ () C:\Program Files (x86)\3
d over\RTUI.dll
2016-12-15 19:00 - 2016-12-08 01:29 - 01829208 _____ () c:\Program Files (x86)\G
oogle\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 19:00 - 2016-12-08 01:29 - 00085848 _____ () c:\Program Files (x86)\G
oogle\Chrome\Application\55.0.2883.87\libegl.dll
2014-11-07 10:06 - 2014-11-06 19:06 - 01016104 _____ () C:\Program Files (x86)\R
SUPPORT\MobizenService\dat\adb.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS:nlsPreferences [386]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. T
he "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Servic
e"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driv
er"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Servic
e"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driv
er"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to d
efault or removed.)
HKU\S-1-5-21-279859413-562935762-3602120501-1001\Software\Classes\.scr: AutoCADS
criptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================


(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:34 - 2017-01-17 20:44 - 00000918 ____A C:\Windows\system32\Drivers
\etc\hosts
127.0.0.1 clients2.google.com
127.0.0.1 v1.ff.avast.com
127.0.0.1 vlcproxy.ff.avast.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-279859413-562935762-3602120501-1001\Control Panel\Desktop\\Wallpape
r -> C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
.jpg
HKU\S-1-5-21-279859413-562935762-3602120501-500-{637FE20B-9A5B-4F51-B1BE-D100456
25B40}-01202017205842245\Control Panel\Desktop\\Wallpaper -> C:\Users\Administra
tor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.7.255.101 - 10.8.255.101
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPrompt
BehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Sta
rtup^Utilidad de configuracin inalmbrica de TP-LINK.lnk => C:\Windows\pss\Utilidad
de configuracin inalmbrica de TP-LINK.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM
\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files
\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Fi
les\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\App
le Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\Ad
Sync.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office1
4\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Ag
ent.exe
MSCONFIG\startupreg: Breakaway => "C:\Program Files (x86)\Breakaway\breakaway.ex
e" force
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\C
NQMMAIN.EXE /logon
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON To
ols Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Conv
erter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: DTRun => C:\Program Files (x86)\ArcSoft\TotalMedia Suite\To
talMedia Theatre 3\uDTRun.exe
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Par
tition Master 9.2.2\bin\EpmNews.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: iFunBox => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_
x64.exe /tray
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: MirrorGo => C:\Program Files (x86)\Wondershare\MirrorGo\Mir
rorGo.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.
exe" -hide -runkey
MSCONFIG\startupreg: msiql => C:\Users\Owner\AppData\Local\Temp\00011778\msiql.e
xe /RUNNING
MSCONFIG\startupreg: osmsg => C:\ProgramData\WindowsMsg\Chrome.exe /AUTORUN
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.
exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\
Java\Java Update\jusched.exe"
MSCONFIG\startupreg: tvncontrol => "C:\Program Files\TightVNC\tvnserver.exe" -co
ntrolservice -slave
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 e
Xtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Co
mmon Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. T
he file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{38871F57-D555-45F4-8E35-9EDD4DCE21F6}C:\windows\c
ci\ctmweb.exe] => C:\windows\cci\ctmweb.exe
FirewallRules: [UDP Query User{33BFD76D-9071-4A61-A958-8409D9FD492F}C:\windows\c
ci\ctmweb.exe] => C:\windows\cci\ctmweb.exe
FirewallRules: [TCP Query User{AF42C477-689D-4F3D-BB17-A1A239AFF06A}F:\absolute-
new\cci\absolute using for hp4440\ctmweb.exe] => F:\absolute-new\cci\absolute us
ing for hp4440\ctmweb.exe
FirewallRules: [UDP Query User{282B67EC-3654-4E88-9EDB-6D60CC523AC1}F:\absolute-
new\cci\absolute using for hp4440\ctmweb.exe] => F:\absolute-new\cci\absolute us
ing for hp4440\ctmweb.exe
FirewallRules: [TCP Query User{4526441D-4326-44A6-87E0-B6747E53AEB5}E:\for cci\a
bsolute using for hp4440\ctmweb.exe] => E:\for cci\absolute using for hp4440\ctm
web.exe
FirewallRules: [UDP Query User{234E748C-3F97-4A37-9928-BE32DEA78649}E:\for cci\a
bsolute using for hp4440\ctmweb.exe] => E:\for cci\absolute using for hp4440\ctm
web.exe
FirewallRules: [TCP Query User{89D7A843-F792-4162-A852-22268A58BB40}E:\absolute-
new\cci\absolute using for hp4440\ctmweb.exe] => E:\absolute-new\cci\absolute us
ing for hp4440\ctmweb.exe
FirewallRules: [UDP Query User{72F8734F-5876-45D3-89C0-0354CB4C2320}E:\absolute-
new\cci\absolute using for hp4440\ctmweb.exe] => E:\absolute-new\cci\absolute us
ing for hp4440\ctmweb.exe
FirewallRules: [TCP Query User{C7E2B433-60B3-4872-BDC6-9B9F76A50E34}C:\program f
iles (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe] => C:\program
files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe
FirewallRules: [UDP Query User{5EB47980-22B0-47BF-B506-8ED50CAD4E62}C:\program f
iles (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe] => C:\program
files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe
FirewallRules: [TCP Query User{37839554-7374-4069-AA0D-040E89008C4F}C:\program f
iles (x86)\motorcycle club\motorcycleclub.exe] => C:\program files (x86)\motorcy
cle club\motorcycleclub.exe
FirewallRules: [UDP Query User{F154524B-0301-4778-9328-CA1C4FEB4346}C:\program f
iles (x86)\motorcycle club\motorcycleclub.exe] => C:\program files (x86)\motorcy
cle club\motorcycleclub.exe
FirewallRules: [TCP Query User{265B3759-AA66-4C69-A6ED-6484C710A33C}C:\users\own
er\appdata\local\hola\firefox\app\hola_plugin.exe] => C:\users\owner\appdata\loc
al\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{F3A06DC7-19FE-4507-A27B-34C355A61DF3}C:\users\own
er\appdata\local\hola\firefox\app\hola_plugin.exe] => C:\users\owner\appdata\loc
al\hola\firefox\app\hola_plugin.exe
FirewallRules: [TCP Query User{68CFE558-1329-4814-AD10-2C174730E0F9}C:\program f
iles (x86)\wondershare\video converter ultimate\dscheck.exe] => C:\program files
(x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [UDP Query User{CEF8CB70-4DDF-44CA-9C4C-70CD6053EF87}C:\program f
iles (x86)\wondershare\video converter ultimate\dscheck.exe] => C:\program files
(x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [TCP Query User{8E7C6CE0-AEB6-4BE1-8570-472D0462E0D3}C:\program f
iles (x86)\wondershare\video converter ultimate\videoconverterultimate.exe] => C
:\program files (x86)\wondershare\video converter ultimate\videoconverterultimat
e.exe
FirewallRules: [UDP Query User{2A465858-DBC3-4CC7-869A-5F45553E021B}C:\program f
iles (x86)\wondershare\video converter ultimate\videoconverterultimate.exe] => C
:\program files (x86)\wondershare\video converter ultimate\videoconverterultimat
e.exe
FirewallRules: [TCP Query User{24C00F07-EB13-4D22-AD91-9CAB01D3AB8F}C:\program f
iles (x86)\wondershare\video converter ultimate\dscheck.exe] => C:\program files
(x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [UDP Query User{96CF778E-030E-4AED-BDE9-C394F1EF4A2D}C:\program f
iles (x86)\wondershare\video converter ultimate\dscheck.exe] => C:\program files
(x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [TCP Query User{815F8CAB-AED7-4CCE-9C57-DCE3965F9F62}C:\users\own
er\appdata\local\hola\firefox\app\hola_plugin.exe] => C:\users\owner\appdata\loc
al\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{D4A4168F-84E1-4FD5-A72F-BA8605B3C246}C:\users\own
er\appdata\local\hola\firefox\app\hola_plugin.exe] => C:\users\owner\appdata\loc
al\hola\firefox\app\hola_plugin.exe
FirewallRules: [{7FBC70D2-0693-4D2F-A413-A7DB83CA00C1}] => C:\Program Files (x86
)\Mozilla Firefox\firefox.exe
FirewallRules: [{0E1501CE-1415-4C46-8B69-F10C9D9CEBA9}] => C:\Program Files (x86
)\Mozilla Firefox\firefox.exe
FirewallRules: [{02433522-B2A8-4502-B38D-8E72D3654BD4}] => C:\Program Files (x86
)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{7A286F4B-8964-4D2E-ACEF-1782351D2A30}] => C:\Program Files (x86
)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{61ED8B98-1442-417B-BCC8-2D1940301D39}] => C:\Program Files (x86
)\Nero\KM\NMDllHost.exe
FirewallRules: [{8BE361E4-2B8C-433B-A267-749C352CA7BD}] => C:\Program Files (x86
)\Nero\KM\NMDllHost.exe
FirewallRules: [{5ACC041B-FFE4-4FC4-A7A2-211D25D47C51}] => C:\Program Files (x86
)\Phase Five Systems\Jump Desktop Connect\5.0.73.0\JumpConnect.exe
FirewallRules: [{C5AF362B-8EEC-4490-AC16-6760C39CCE0A}] => C:\Program Files\Tigh
tVNC\tvnserver.exe
FirewallRules: [{8D8F7854-10E7-45F0-BDB4-18FC8EFAE96B}] => C:\Program Files\KMSp
ico\KMSELDI.exe
FirewallRules: [{58E6A712-49A6-444C-BC46-E5F38368F063}] => C:\Program Files\KMSp
ico\KMSELDI.exe
FirewallRules: [{4D9751C3-1977-45A3-8D86-D76BB4FAAD46}] => C:\Program Files\KMSp
ico\Service_KMS.exe
FirewallRules: [{96B92141-8FF7-42F5-A001-D4FF02C33939}] => C:\Program Files\KMSp
ico\Service_KMS.exe
FirewallRules: [{4F485C0B-A20E-4FFA-BEB3-1878B54E1FAB}] => C:\Program Files (x86
)\AVG\Av\avgmfapx.exe
FirewallRules: [{6CE09973-54A2-453A-ABD8-FF485EA215A7}] => C:\Program Files (x86
)\AVG\Av\avgmfapx.exe
FirewallRules: [{C70AFE12-A624-46DC-BE7C-9021802B0237}] => C:\Program Files (x86
)\Phase Five Systems\Jump Desktop Connect\5.0.73.0\JumpConnect.exe
FirewallRules: [{706BC5EA-E595-467E-9257-9F060B4BCF43}] => C:\Program Files\KMSp
ico\AutoPico.exe
FirewallRules: [{44DADFCE-4B5C-42C8-9EE7-71792AFA4BD0}] => C:\Program Files\KMSp
ico\AutoPico.exe
FirewallRules: [{C080704E-5A02-4011-860B-5F7035227051}] => C:\Program Files\KMSp
ico\AutoPico.exe
FirewallRules: [TCP Query User{A6C893CA-85DC-4D33-976F-B54FA7090B95}C:\program f
iles (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefo
x\firefox.exe
FirewallRules: [UDP Query User{BC762CA3-AA99-4401-84C5-D5A2D5FD95D2}C:\program f
iles (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefo
x\firefox.exe
FirewallRules: [{8D4471C9-6F2B-4FC0-A1B0-67986C74B758}] => C:\Program Files (x86
)\AVG\Av\avgnsa.exe
FirewallRules: [{7C092DEF-8136-4553-A4BD-362B2E0D64D0}] => C:\Program Files (x86
)\AVG\Av\avgnsa.exe
FirewallRules: [{AE640786-A740-447B-B762-89AB50E5B78C}] => C:\Program Files (x86
)\AVG\Av\avgemca.exe
FirewallRules: [{EC4EF41D-F58A-4DD1-94C4-64A6B8A53CEF}] => C:\Program Files (x86
)\AVG\Av\avgemca.exe
FirewallRules: [{946EE75D-AC17-4793-A4F3-33C83D5F714D}] => C:\Program Files (x86
)\GPPSoft\GPP Remote Server\GPPRS.exe
FirewallRules: [{DC7D5917-3124-4608-9C50-2FE73E216FBE}] => C:\Program Files (x86
)\GPPSoft\GPP Remote Server\GPPRS.exe
FirewallRules: [{EA436595-1193-41E2-8B1D-D8527560E43E}] => C:\Program Files (x86
)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe
FirewallRules: [{B93E80E1-6337-43A2-88C1-D763DEA4B7F9}] => C:\Program Files (x86
)\Baidu WiFiHotspot\WifiHotspot.exe
FirewallRules: [{90DDBE93-534A-438B-8A11-B46F6833B711}] => C:\Program Files (x86
)\Baidu WiFiHotspot\WifiHotspot.exe
FirewallRules: [{DC6CD73D-EE2D-44A9-A060-24BB103B48F5}] => C:\Program Files (x86
)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A5E06773-64F5-4745-916E-FC71451CD278}] => C:\Program Files\iTun
es\iTunes.exe
FirewallRules: [{11BD802B-C651-494C-BE02-2032EF258E73}] => C:\Program Files (x86
)\TeamViewer\TeamViewer.exe
FirewallRules: [{102C6B56-560F-48E3-9F58-DF2E959F5624}] => C:\Program Files (x86
)\TeamViewer\TeamViewer.exe
FirewallRules: [{A52ABA0D-873C-4843-92A7-592D3C37B359}] => C:\Program Files (x86
)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9BB67319-5260-4FA2-A306-3DA4A0CE71D3}] => C:\Program Files (x86
)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DFF24F82-5910-40C2-89EE-0C37013CF1D7}] => C:\Users\Owner\AppDat
a\Local\Temp\is-I2M7N.tmp\download\MiniThunderPlatform.exe
FirewallRules: [{C6FF2F43-8C24-46F6-B0CC-753CCECB0551}] => C:\Program Files (x86
)\Opera\42.0.2393.137\opera.exe
FirewallRules: [{16EFE84E-E554-42DA-8F6D-C7AB342BAF71}] => C:\Program Files (x86
)\GPPSoft\GPP Remote Server\GPPRS.exe
FirewallRules: [{85B300FF-55B6-4635-8B8B-A6A9501305BE}] => C:\Program Files (x86
)\GPPSoft\GPP Remote Server\GPPRS.exe
==================== Restore Points =========================

==================== Faulty Device Manager Devices =============


Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelizacin Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers
for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the
troubleshooting wizard.

==================== Event log errors: =========================


Application errors:
==================
Error: (01/20/2017 08:07:08 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot star
t service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/20/2017 06:52:11 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot star
t service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/20/2017 05:04:26 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot star
t service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/20/2017 12:26:38 AM) (Source: System Restore) (EventID: 8193) (User:
)
Description: No se pudo crear el punto de restauracin (proceso = C:\Windows\syste
m32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; descripcin = Punto de
control programado; error = 0x80070422).
Error: (01/19/2017 12:53:06 AM) (Source: System Restore) (EventID: 8193) (User:
)
Description: No se pudo crear el punto de restauracin (proceso = C:\Windows\syste
m32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; descripcin = Punto de
control programado; error = 0x80070422).
Error: (01/18/2017 02:26:51 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activacin para "c:\Users\Owner\AppDa
ta\Roaming\Browsers\chrome.bat.exe".
No se encontr el ensamblado dependiente 55.0.2883.87,language="&#x2a;",type="win3
2",version="55.0.2883.87".
Use sxstrace.exe para obtener un diagnstico detallado.
Error: (01/18/2017 02:24:54 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activacin para "c:\Users\Owner\AppDa
ta\Roaming\Browsers\chrome.bat.exe".
No se encontr el ensamblado dependiente 55.0.2883.87,language="&#x2a;",type="win3
2",version="55.0.2883.87".
Use sxstrace.exe para obtener un diagnstico detallado.
Error: (01/18/2017 02:24:33 AM) (Source: System Restore) (EventID: 8193) (User:
)
Description: No se pudo crear el punto de restauracin (proceso = C:\Windows\syste
m32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; descripcin = Punto de
control programado; error = 0x80070422).
Error: (01/17/2017 10:38:54 PM) (Source: Application Error) (EventID: 1000) (Use
r: )
Description: Nombre de la aplicacin con errores: service.exe, versin: 1.0.0.12, ma
rca de tiempo: 0x57e25e72
Nombre del mdulo con errores: netprofm.dll_unloaded, versin: 0.0.0.0, marca de tie
mpo: 0x4a5bda75
Cdigo de excepcin: 0xc0000005
Desplazamiento de errores: 0x749f3417
Id. del proceso con errores: 0xad4
Hora de inicio de la aplicacin con errores: 0x01d27143373e25b3
Ruta de acceso de la aplicacin con errores: C:\ProgramData\service.exe
Ruta de acceso del mdulo con errores: netprofm.dll
Id. del informe: 03de91f8-dd38-11e6-a84e-b4b52f866ddb
Error: (01/17/2017 10:38:08 PM) (Source: Application Error) (EventID: 1000) (Use
r: )
Description: Nombre de la aplicacin con errores: mbamservice.exe, versin: 3.1.0.38
8, marca de tiempo: 0x58320f73
Nombre del mdulo con errores: ntdll.dll, versin: 6.1.7601.18247, marca de tiempo:
0x521eaf24
Cdigo de excepcin: 0xc00000fd
Desplazamiento de errores: 0x0000000000058c30
Id. del proceso con errores: 0x90c
Hora de inicio de la aplicacin con errores: 0x01d2714392e1556a
Ruta de acceso de la aplicacin con errores: C:\Program Files\Malwarebytes\Anti-Ma
lware\mbamservice.exe
Ruta de acceso del mdulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id. del informe: e8486610-dd37-11e6-a84e-b4b52f866ddb
System errors:
=============
Error: (01/20/2017 08:49:01 PM) (Source: Service Control Manager) (EventID: 7034
) (User: )
Description: El servicio ArcCapture se termin de manera inesperada. Esto ha suced
ido 1 veces.
Error: (01/20/2017 08:48:38 PM) (Source: Service Control Manager) (EventID: 7034
) (User: )
Description: El servicio UC se termin de manera inesperada. Esto ha sucedido 1
Error: (01/20/2017 08:07:08 PM) (Source: Service Control Manager) (EventID: 7023
) (User: )
Description: El servicio BlueStacks Android Service se cerr con el siguiente erro
r:
Se present una excepcin en el servicio al administrar la solicitud de control.
Error: (01/20/2017 08:06:08 PM) (Source: Service Control Manager) (EventID: 7000
) (User: )
Description: El servicio BlueStacks Updater Service no pudo iniciarse debido al
siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (01/20/2017 08:05:29 PM) (Source: Service Control Manager) (EventID: 7000
) (User: )
Description: El servicio YAC Service no pudo iniciarse debido al siguiente error
:
El servicio no respondi a tiempo a la solicitud de inicio o de control.
Error: (01/20/2017 08:05:29 PM) (Source: Service Control Manager) (EventID: 7009
) (User: )
Description: Se agot el tiempo de espera (30000 ms) para la conexin con el servici
o YAC Service.
Error: (01/20/2017 06:52:44 PM) (Source: Microsoft Antimalware) (EventID: 2001)
(User: )
Description: Microsoft Antimalware has encountered an error trying to update sig
natures.
New Signature Version:
Previous Signature Version: 1.235.302.0
Update Source: Microsoft Update Server
Update Stage: Search
Source Path: http://www.microsoft.com
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\SYSTEM
Current Engine Version:
Previous Engine Version: 1.1.13407.0
Error code: 0x80248014
Error description: An unexpected problem occurred while checking for upd
ates. For information on installing or troubleshooting updates, see Help and Sup
port.
Error: (01/20/2017 06:52:11 PM) (Source: Service Control Manager) (EventID: 7023
) (User: )
Description: El servicio BlueStacks Android Service se cerr con el siguiente erro
r:
Se present una excepcin en el servicio al administrar la solicitud de control.
Error: (01/20/2017 06:51:11 PM) (Source: Service Control Manager) (EventID: 7023
) (User: )
Description: El servicio KuaizipUpdateChecker se cerr con el siguiente error:
No se puede encontrar el mdulo especificado.
Error: (01/20/2017 06:50:40 PM) (Source: Service Control Manager) (EventID: 7000
) (User: )
Description: El servicio BlueStacks Updater Service no pudo iniciarse debido al
siguiente error:
El sistema no puede encontrar el archivo especificado.

CodeIntegrity:
===================================
Date: 2017-01-20 18:52:47.166
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.
Date: 2017-01-20 18:52:46.932
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.
Date: 2017-01-20 17:05:01.074
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.
Date: 2017-01-20 17:05:00.824
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.
Date: 2017-01-20 00:17:06.767
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.
Date: 2017-01-20 00:17:06.487
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.
Date: 2017-01-17 22:25:56.090
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.
Date: 2017-01-17 22:25:55.809
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.
Date: 2017-01-17 22:13:58.278
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.
Date: 2017-01-17 22:13:57.530
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.

==================== Memory info ===========================


Processor: Intel(R) Celeron(R) CPU B840 @ 1.90GHz
Percentage of memory in use: 74%
Total physical RAM: 2956.56 MB
Available physical RAM: 745.02 MB
Total Virtual: 5911.3 MB
Available Virtual: 2837.68 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:270.73 GB) (Free:20.74 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 67E0130D)
Partition 1: (Active) - (Size=94 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=27.3 GB) - (Type=27)
Partition 3: (Not Active) - (Size=270.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================

You might also like