Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2017

Ran by Owner (20-01-2017 21:18:22)

Running from C:\Users\Owner\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-09-06 21:26:07)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-279859413-562935762-3602120501-500 - Administrator - Dis
abled) => C:\Users\Administrator
Guest (S-1-5-21-279859413-562935762-3602120501-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-279859413-562935762-3602120501-1003 - Limited - Enabled
)
Owner (S-1-5-21-279859413-562935762-3602120501-1001 - Administrator - Enabled) =
> C:\Users\Owner
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF1
7-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A
7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1AC
F46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to un
hide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorpor
ated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version
: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24
.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24
.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC
}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1)
(Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Versi
on: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version:
11.0.00 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6
.6.636 - Adobe Systems, Inc.)
Air Playit 2.0.0 (HKLM\...\Air Playit_is1) (Version: - Digiarty)
AirDroid 3.3.5.3 (HKLM-x32\...\AirDroid) (Version: 3.3.5.3 - Sand Studio)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (32 bits) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9
CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C
71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (V
ersion: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Ver
sion: 2.2.0.150 - Apple Inc.)
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.42 - ArcSo
ft)
ArcSoft TotalMedia (x32 Version: 1.0.61.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6
A2}) (Version: 2.0.0.38 - ArcSoft)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Baidu WiFi Hotspot (HKLM-x32\...\Baidu WiFi Hotspot) (Version: 5.1.4.124910 - Ba
idu, Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.83.6332 - BlueStac
k Systems, Inc.)
Breakaway Audio Enhancer (HKLM-x32\...\BreakawayPersonalForWindows) (Version: -
)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon
Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon In
c.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPL
M100) (Version: 4.1.0 - Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_
Canon_MG2400_series) (Version: 1.00 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen
Manual) (Version: 7.6.1 - Canon Inc.)
Canon MP230 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_C
anon_MP230_series) (Version: 1.00 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Can
on Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Fi
les) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine)
Chrome Remote Desktop Host (HKLM-x32\...\{D669DC52-B1A4-4933-878D-CB80F660D95D})
(Version: 55.0.2883.17 - Google Inc.)
Computrace (HKLM-x32\...\{3CB9DF26-0C92-42DF-BEF0-68A00E8CCBCB}) (Version: 8.0.9
10 - Absolute Software Inc.)
Cracklock 3.9.44 (HKLM-x32\...\Cracklock_is1) (Version: 3.9.44 - William Blum)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft
Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
EaseUS Partition Master 9.2.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Versio
n: - EaseUS)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Freemake Video Converter versin 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1)
(Version: 4.1.6 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPP Remote Server (HKLM-x32\...\{2882FB5F-D4C1-4463-BABF-B0D29E2DB7B8}) (Version
: 5.0.0.5 - GPPSoft)
GridinSoft Anti-Malware (HKLM\...\GridinSoft Anti-Malware) (Version: 3.0.72 - Gr
idinSoft LLC)
HP 3D DriveGuard (HKLM\...\{5B4F3B85-83F0-4BBF-9052-7A38B6B09634}) (Version: 5.0
.8.0 - Hewlett-Packard Company)
iFunbox (v3.0.3939.1352) (HKLM-x32\...\iFunbox_is1) (Version: v3.0.3939.1352 - i
Funbox DevTeam)
IllustratorCs6 versin 16.0 (HKLM-x32\...\{B558D09D-AF45-4008-B73B-409706BC7FF8}_i
s1) (Version: 16.0 - Nws)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-
4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
iTools 3 version 3.3.9.4 (HKLM-x32\...\{9AD3B3CA-16DF-4113-9178-89263F2E3820}_is
1) (Version: 3.3.9.4 - Thinksky, Inc.)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - A
pple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version
: 8.0.1110.14 - Oracle Corporation)
Jump Desktop Connect (HKLM-x32\...\{3A8B9AAD-3646-41ED-8F02-78C7A48B01CE}) (Vers
ion: 5.0.73.0 - Phase Five Systems)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
KMSpico v9.2.3 (HKLM\...\KMSpico_is1) (Version: 9.2.3 - )
Malwarebytes versin 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_i
s1) (Version: 3.0.5.1299 - Malwarebytes)
MEmu (HKLM-x32\...\MEmu) (Version: 2.9.1.1 - Microvirt)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}
- 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - Spanish/Espaol (HKLM-x32\...\Office14.OMUI.
es-es) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version
: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6
.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version
: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf
-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a
-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-89
1a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-92
7d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE
-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C70
01-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporatio
n)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D
76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporatio
n)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F
6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25
302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F
1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corpor
ation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-
B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E
5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a190
9659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporatio
n)
MiniTool Partition Wizard Professional Edition 9.1 (HKLM-x32\...\{2991A446-D356-
44EC-930A-42E8B02A67C0}_is1) (Version: - MiniTool Solution Ltd.)
Mobizen (HKLM-x32\...\{BA0D3A44-BCEE-4C8B-BCD4-F7F1E64F41E3}) (Version: 2.21.4.3
 - RSUPPORT)
Mortal Kombat Komplete Edition (HKLM-x32\...\Mortal Kombat Komplete Edition_is1)
(Version: - Warner Bros. Interactive Entertainment)
Moto Racer Collection (HKLM-x32\...\Moto Racer Collection_is1) (Version: - )
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-
US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 3
3.1.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Vers
ion: 4.30.2100.0 - Microsoft Corporation)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31
}) (Version: - )
Nero 2014 (HKLM-x32\...\{F384C1E1-3A16-4073-95C3-7271FE0ED4C2}) (Version: 15.0.0
2200 - Nero AG)
Nitro Pro 10 (HKLM\...\{A64AB15A-1974-4FF4-B5B7-BDEA9FBDB0AD}) (Version: 10.5.1.
17 - Nitro)
Opera Stable 42.0.2393.137 (HKLM-x32\...\Opera 42.0.2393.137) (Version: 42.0.239
3.137 - Opera Software)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - No
mbre de su organizacin)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79
.80.95 - Apple Inc.)
RAR Recovery Toolbox 1.1 (HKLM-x32\...\RAR Recovery Toolbox_is1) (Version: - Re
covery ToolBox)
Roxio Creator Business (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Ve
rsion: 10.3 - Roxio)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D811
1E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 5.14 (64-bit) (HKLM\...\Sandboxie) (Version: 5.14 - Sandboxie Holdings
, LLC)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\..
.\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84
F0-A52B21A49B5B}) (Version: - Microsoft)
Social2Search (HKLM\...\2029eddb2f25e77262f72ecacd4e0487) (Version: 11.12.1.250
(i1.0) - Social2Search) <==== ATTENTION
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.71503 - TeamViewer)
TP-LINK TL-WN725N_TL-WN723N Controlador (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-D
A76037546BA}) (Version: 1.3.1 - TP-LINK)
UltraISO Premium V9.65 (HKLM-x32\...\UltraISO_is1) (Version: - )
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Vers
ion: 1.0.4 - ClockworkMod)
USB Game Controller (HKLM-x32\...\{D3DF3D05-DE2A-476A-A384-08FCD58D9FE7}) (Versi
on: 2007.01.01 - )
USB Gamepad (HKLM-x32\...\FT2491) (Version: - )
Utilidad de configuracin inalmbrica de TP-LINK (HKLM-x32\...\{319D91C6-3D44-436C-9
F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Vegas Pro 10.0 (HKLM-x32\...\{3BE3A580-D09A-11DF-9D8B-0013D3D69929}) (Version: 1
0.0.387 - Sony)
Vegas Pro 13.0 (64-bit) (HKLM\...\{3934F12E-091D-11E4-A0AD-F04DA23A5C58}) (Versi
on: 13.0.373 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB71
36F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F
06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLA
N)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34
789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar G
mbH)
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CF}) (Version: 15.0.100
39 - WinZip Computing, S.L. )
Wondershare MirrorGo(Version 1.7.0) (HKLM-x32\...\{EE843B49-D9BC-4A9E-A8A7-B9F14
C0381C7}_is1) (Version: 1.7.0 - Wondershare)
Xara 3D Maker 7 (HKLM-x32\...\MAGIX_MSI_Xara3D7) (Version: 7.0.0.415 - Xara Grou
p Ltd)
Xara 3D Maker 7 (x32 Version: 7.0.0.415 - Xara Group Ltd) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. T
he file will not be moved unless listed separately.)
HKU\S-1-5-21-279859413-562935762-3602120501-1001\...\ChromeHTML: -> c:\Program F
iles (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-279859413-562935762-3602120501-1001_Classes\CLSID\{6A2
21957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\Au
toCAD 2013\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-279859413-562935762-3602120501-1001_Classes\CLSID\{BD0
DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\Au
toCAD 2013\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-279859413-562935762-3602120501-1001_Classes\CLSID\{E2C
40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\A
utoCAD 2013\en-US\acadficn.dll => No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. T
he file will not be moved unless listed separately.)
Task: {05E02F8C-726C-47EC-9D52-253245349620} - System32\Tasks\Adobe Acrobat Upda
te Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-
12-19] (Adobe Systems Incorporated)
Task: {1024AC66-6752-45D1-AA86-64F9C5D1119D} - System32\Tasks\Driver Booster Ski
pUAC (Owner) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.
exe
Task: {11A81DD7-29FB-4DDF-8019-C1DD9B959C33} - System32\Tasks\Adobe Flash Player
PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pep
per.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {219F7400-F90F-46B5-A589-D17F8B313FF9} - \osTip -> No File <==== ATTENTION
Task: {2BE441F7-65A8-45FD-95A8-0D7C689D2474} - \KuaiZip_Update -> No File <====
ATTENTION
Task: {2D33DCCF-559C-4CE8-9197-73DE8D7C696D} - System32\Tasks\Adobe Flash Player
Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [201
7-01-10] (Adobe Systems Incorporated)
Task: {3B182D21-159C-4AB7-826E-CDFA8C62B032} - System32\Tasks\GridinSoft Anti-Ma
lware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe [2017-01-19] (GridinS
oft LLC)
Task: {56B0D180-EBAE-4879-913B-1A5AB92E9562} - System32\Tasks\Java Platform SE A
uto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
[2016-09-22] (Oracle Corporation)
Task: {5CA32DC3-7D06-42BF-80E8-A622B3C7D946} - System32\Tasks\Opera scheduled Au
toupdate 1426906561 => C:\Program Files (x86)\Opera\launcher.exe [2017-01-16] (O
pera Software)
Task: {5DB9CD73-54A5-45B2-B2F5-82CFBF58F751} - System32\Tasks\GoogleUpdateTaskMa
chineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31]
(Google Inc.)
Task: {64D6D13F-9C37-40D5-84A5-A526659F9CF4} - \Update Service YourFileDownloade
r -> No File <==== ATTENTION
Task: {651EF042-8112-4CFB-ACE8-15934C27CCDA} - System32\Tasks\Apple\AppleSoftwar
eUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016
-02-23] (Apple Inc.)
Task: {6F1EF6A0-3AEC-4598-8D20-2261ECB2930F} - System32\Tasks\{2A3FAA59-205C-4C3
D-BB8F-E50802655B8B} => pcalua.exe -a C:\Users\Owner\AppData\Roaming\omniboxes\U
ninstallManager.exe -c -ptid=obw
Task: {7002D442-B654-45DE-8D21-353D3B361D5E} - System32\Tasks\{AE172EC7-69ED-4EE
5-A5F9-41098600C111} => H:\6MO8L5P13E64\Microsoft Office Language Pack 2013 Espao
l x64\Microsoft Office Language Pack 2013 Espaol x64 X18-51581.exe
Task: {73B4EB06-6561-473B-84BB-62B278B8738D} - System32\Tasks\AutoPico Daily Res
tart => C:\Program Files\KMSpico\AutoPico.exe [2014-10-09] (@ByELDI)
Task: {9BD423E6-C764-4185-B513-346BB70B84B0} - System32\Tasks\GoogleUpdateTaskMa
chineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (G
oogle Inc.)
Task: {9C3308DE-1148-45FF-B490-86CEE36C3EDB} - \Microsoft\Windows\Multimedia\Man
ager -> No File <==== ATTENTION
Task: {A3E03A1F-5A0E-4746-BF55-5DD1FDFE0C80} - System32\Tasks\Nero\Nero Info =>
C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-08-20] (Ne
ro AG)
Task: {A6A6A6C4-F92D-4A00-9060-F679D3E273A1} - System32\Tasks\AdobeAAMUpdater-1.
0-student-PC-Owner => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\U
pdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {B054FBAE-D113-4A28-B56C-290ED0BB3BC1} - System32\Tasks\{FFAE5A55-AB8B-452
E-81C8-9AA1FA7427C9} => pcalua.exe -a C:\Users\Owner\AppData\Local\Temp\jre-8u91
-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==
== ATTENTION
Task: {CE0DAA14-27E5-4B42-BBA4-DC924F985A22} - System32\Tasks\SidebarExecute =>
C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corpo
ration)
Task: {CEA3BEE0-4BAE-4B9A-9A72-8B4A0430C359} - System32\Tasks\0915avUpdateInfo =
> C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe
Task: {D722DA34-9889-4741-A1A9-F6ED232889EE} - System32\Tasks\{D66B08D7-2AC2-4F5
F-A4D6-B00A18CF4535} => pcalua.exe -a C:\Users\Owner\AppData\Roaming\luckysearch
es\UninstallManager.exe -c -ptid=exp
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove -
> No File <==== ATTENTION
Task: {EEE91BBF-F16F-4EBD-9EA6-07F97F3D7B41} - System32\Tasks\AVG EUpdate Task =
> avgsetupx.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The
file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWO
W64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Mac
romed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Owner\Desktop\Strt luStcks.lnk -> C:\Users\Owner\AppData\Roaming\
Browsers\exe.rehcnualtrats-dh.bat (No File) <===== Cyrillic
Shortcut: C:\Users\Owner\Desktop\Angel\Strt luStaks.lnk -> C:\Users\Owner\AppData\Ro
aming\Browsers\exe.rehcnualtrats-dh.bat (No File) <===== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\I
ntrnt plrr.lnk -> C:\Users\Owner\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <
===== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\A
plicaciones de Chrome\Vysr.lnk -> C:\Users\Owner\AppData\Roaming\Browsers\exe.emo
rhc.bat (No File) <===== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\A
plicaciones de Chrome\scritori remoto d hrome.lnk -> C:\Users\Owner\AppData\Roaming\
Browsers\exe.emorhc.bat (No File) <===== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\A
ccessories\System Tools\Intrnt Exlrr (No Add-ns).lnk -> C:\Users\Owner\AppData\Roaming
\Browsers\exe.erolpxei.bat (No File) <===== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launc
h\Gogl hrm.lnk -> C:\Users\Owner\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <=
==== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launc
h\Lunh Internt Exlorr Browsr.lnk -> C:\Users\Owner\AppData\Roaming\Browsers\exe.erolpx
ei.bat (No File) <===== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launc
h\irDrid.lnk -> C:\Users\Owner\AppData\Roaming\Browsers\exe.rehcnual.bat (No File)
<===== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launc
h\User Pinned\TaskBar\ozill Firefox (2).lnk -> C:\Users\Owner\AppData\Roaming\Brow
sers\exe.xoferif.bat (No File) <===== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launc
h\User Pinned\TaskBar\ozill Firefox.lnk -> C:\Users\Owner\AppData\Roaming\Browsers
\exe.xoferif.bat (No File) <===== Cyrillic
Shortcut: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launc
h\User Pinned\ImplicitAppShortcuts\69639df789022856\Ggl Chrme.lnk -> C:\Users\Owner\
AppData\Roaming\Browsers.quarantined\exe.emorhc.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ggle Chrome.lnk ->
C:\Users\Owner\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <===== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ozilla Firef.lnk ->
C:\Users\Owner\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <===== Cyrilli
c
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\per.lnk -> C:\Users
\Owner\AppData\Roaming\Browsers\exe.rehcnual.bat (No File) <===== Cyrillic
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Men
u\Programs\Aplicaciones de Chrome\Escritorio remoto de Chrome.lnk -> C:\Program
Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-dir
ectory="Profile 1" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Men
u\Programs\Aplicaciones de Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chr
ome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --a
pp-id=gidgenkbbabolejbgbpnhbimgjbffefm
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer
\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Applicat
ion\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer
\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.ln
k -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -
> --profile-directory="Profile 1" --disable-quic
==================== Loaded Modules (Whitelisted) ==============
2013-09-05 02:17 - 2013-09-05 02:17 - 04300456 _____ () C:\Program Files\Common
Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2016-11-17 01:28 - 2016-11-17 01:28 - 00092472 _____ () C:\Program Files\Common
Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 01353528 _____ () C:\Program Files\Common
Files\Apple\Apple Application Support\libxml2.dll
2017-01-19 12:30 - 2017-01-19 12:30 - 00956368 _____ () C:\Program Files\GridinS
oft Anti-Malware\libmem.dll
2017-01-17 20:50 - 2017-01-17 20:50 - 01620992 _____ () C:\ProgramData\service.e
xe
2015-07-24 23:37 - 2013-05-14 03:50 - 00140936 _____ () C:\Program Files (x86)\C
anon\IJPLM\IJPLMSVC.EXE
2015-05-06 06:55 - 2015-05-06 06:55 - 00418968 _____ () C:\Program Files\Nitro\P
ro 10\Nitro_UpdateService.exe
2015-05-06 06:55 - 2015-05-06 06:55 - 02543768 _____ () C:\Program Files\Nitro\P
ro 10\Nitro_KissMetrics.dll
2017-01-17 22:05 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWARE
BYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-01-17 22:05 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWARE
BYTES\ANTI-MALWARE\arwlib.dll
2017-01-17 22:05 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWARE
BYTES\ANTI-MALWARE\MwacLib.dll
2016-12-30 16:02 - 2012-02-28 15:06 - 10468672 _____ () C:\Program Files\Digiart
y\Air_Playit\airplayit.exe
2017-01-17 20:48 - 2017-01-18 03:10 - 02072064 _____ () C:\Users\Owner\AppData\L
ocal\Temp\00011778\msiql.exe
2015-10-18 14:44 - 2009-08-22 18:25 - 00102400 _____ () C:\Program Files (x86)\3
d over\D3DOverrider.exe
2015-08-31 16:09 - 2015-08-31 16:09 - 00005632 _____ () C:\Program Files (x86)\C
lockworkMod\Universal Adb Driver\AdbNativeMessaging.exe
2015-08-31 16:09 - 2015-08-31 16:09 - 00819200 _____ () C:\Program Files (x86)\C
lockworkMod\Universal Adb Driver\adb.exe
2015-10-18 14:44 - 2009-08-22 18:25 - 00032768 _____ () C:\Program Files (x86)\3
d over\D3DOverriderHooks.dll
2016-12-30 16:02 - 2011-07-18 18:11 - 00435560 _____ () C:\Program Files\Digiart
y\Air_Playit\CI.DLL
2016-12-30 16:02 - 2012-02-08 17:09 - 00780096 _____ () C:\Program Files\Digiart
y\Air_Playit\SERVERADMIN.DLL
2016-12-30 16:02 - 2011-12-31 10:51 - 01654592 _____ () C:\Program Files\Digiart
y\Air_Playit\Config.dll
2013-09-05 02:14 - 2013-09-05 02:14 - 04300456 _____ () C:\Program Files (x86)\C
ommon Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-06-29 18:17 - 2012-10-23 16:26 - 00002560 _____ () C:\Program Files (x86)\D
AEMON Tools Pro\MSIMG32.dll
2016-12-30 16:02 - 2011-07-12 02:25 - 00572336 _____ () C:\Program Files\Digiart
y\Air_Playit\sqlite3.dll
2016-12-02 19:01 - 2016-12-02 19:00 - 48920064 _____ () C:\Program Files (x86)\A
VG\UiDll\2623\libcef.dll
2015-10-18 14:44 - 2009-08-22 18:25 - 00057344 _____ () C:\Program Files (x86)\3
d over\RTFC.dll
2015-10-18 14:44 - 2009-08-22 18:25 - 00106496 _____ () C:\Program Files (x86)\3
d over\RTUI.dll
2016-12-15 19:00 - 2016-12-08 01:29 - 01829208 _____ () c:\Program Files (x86)\G
oogle\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 19:00 - 2016-12-08 01:29 - 00085848 _____ () c:\Program Files (x86)\G
oogle\Chrome\Application\55.0.2883.87\libegl.dll
2014-11-07 10:06 - 2014-11-06 19:06 - 01016104 _____ () C:\Program Files (x86)\R
SUPPORT\MobizenService\dat\adb.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS:nlsPreferences [386]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. T
he "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Servic
e"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driv
er"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Servic
e"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driv
er"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to d
efault or removed.)
HKU\S-1-5-21-279859413-562935762-3602120501-1001\Software\Classes\.scr: AutoCADS
criptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:34 - 2017-01-17 20:44 - 00000918 ____A C:\Windows\system32\Drivers
\etc\hosts
127.0.0.1 clients2.google.com
127.0.0.1 v1.ff.avast.com
127.0.0.1 vlcproxy.ff.avast.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-279859413-562935762-3602120501-1001\Control Panel\Desktop\\Wallpape
r -> C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
.jpg
HKU\S-1-5-21-279859413-562935762-3602120501-500-{637FE20B-9A5B-4F51-B1BE-D100456
25B40}-01202017205842245\Control Panel\Desktop\\Wallpaper -> C:\Users\Administra
tor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.7.255.101 - 10.8.255.101
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPrompt
BehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Sta
rtup^Utilidad de configuracin inalmbrica de TP-LINK.lnk => C:\Windows\pss\Utilidad
de configuracin inalmbrica de TP-LINK.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM
\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files
\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Fi
les\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\App
le Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\Ad
Sync.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office1
4\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Ag
ent.exe
MSCONFIG\startupreg: Breakaway => "C:\Program Files (x86)\Breakaway\breakaway.ex
e" force
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\C
NQMMAIN.EXE /logon
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON To
ols Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Conv
erter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: DTRun => C:\Program Files (x86)\ArcSoft\TotalMedia Suite\To
talMedia Theatre 3\uDTRun.exe
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Par
tition Master 9.2.2\bin\EpmNews.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: iFunBox => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_
x64.exe /tray
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: MirrorGo => C:\Program Files (x86)\Wondershare\MirrorGo\Mir
rorGo.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.
exe" -hide -runkey
MSCONFIG\startupreg: msiql => C:\Users\Owner\AppData\Local\Temp\00011778\msiql.e
xe /RUNNING
MSCONFIG\startupreg: osmsg => C:\ProgramData\WindowsMsg\Chrome.exe /AUTORUN
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.
exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\
Java\Java Update\jusched.exe"
MSCONFIG\startupreg: tvncontrol => "C:\Program Files\TightVNC\tvnserver.exe" -co
ntrolservice -slave
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 e
Xtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Co
mmon Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. T
he file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{38871F57-D555-45F4-8E35-9EDD4DCE21F6}C:\windows\c
ci\ctmweb.exe] => C:\windows\cci\ctmweb.exe
FirewallRules: [UDP Query User{33BFD76D-9071-4A61-A958-8409D9FD492F}C:\windows\c
ci\ctmweb.exe] => C:\windows\cci\ctmweb.exe
FirewallRules: [TCP Query User{AF42C477-689D-4F3D-BB17-A1A239AFF06A}F:\absolute-
new\cci\absolute using for hp4440\ctmweb.exe] => F:\absolute-new\cci\absolute us
ing for hp4440\ctmweb.exe
FirewallRules: [UDP Query User{282B67EC-3654-4E88-9EDB-6D60CC523AC1}F:\absolute-
new\cci\absolute using for hp4440\ctmweb.exe] => F:\absolute-new\cci\absolute us
ing for hp4440\ctmweb.exe
FirewallRules: [TCP Query User{4526441D-4326-44A6-87E0-B6747E53AEB5}E:\for cci\a
bsolute using for hp4440\ctmweb.exe] => E:\for cci\absolute using for hp4440\ctm
web.exe
FirewallRules: [UDP Query User{234E748C-3F97-4A37-9928-BE32DEA78649}E:\for cci\a
bsolute using for hp4440\ctmweb.exe] => E:\for cci\absolute using for hp4440\ctm
web.exe
FirewallRules: [TCP Query User{89D7A843-F792-4162-A852-22268A58BB40}E:\absolute-
new\cci\absolute using for hp4440\ctmweb.exe] => E:\absolute-new\cci\absolute us
ing for hp4440\ctmweb.exe
FirewallRules: [UDP Query User{72F8734F-5876-45D3-89C0-0354CB4C2320}E:\absolute-
new\cci\absolute using for hp4440\ctmweb.exe] => E:\absolute-new\cci\absolute us
ing for hp4440\ctmweb.exe
FirewallRules: [TCP Query User{C7E2B433-60B3-4872-BDC6-9B9F76A50E34}C:\program f
iles (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe] => C:\program
files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe
FirewallRules: [UDP Query User{5EB47980-22B0-47BF-B506-8ED50CAD4E62}C:\program f
iles (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe] => C:\program
files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe
FirewallRules: [TCP Query User{37839554-7374-4069-AA0D-040E89008C4F}C:\program f
iles (x86)\motorcycle club\motorcycleclub.exe] => C:\program files (x86)\motorcy
cle club\motorcycleclub.exe
FirewallRules: [UDP Query User{F154524B-0301-4778-9328-CA1C4FEB4346}C:\program f
iles (x86)\motorcycle club\motorcycleclub.exe] => C:\program files (x86)\motorcy
cle club\motorcycleclub.exe
FirewallRules: [TCP Query User{265B3759-AA66-4C69-A6ED-6484C710A33C}C:\users\own
er\appdata\local\hola\firefox\app\hola_plugin.exe] => C:\users\owner\appdata\loc
al\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{F3A06DC7-19FE-4507-A27B-34C355A61DF3}C:\users\own
er\appdata\local\hola\firefox\app\hola_plugin.exe] => C:\users\owner\appdata\loc
al\hola\firefox\app\hola_plugin.exe
FirewallRules: [TCP Query User{68CFE558-1329-4814-AD10-2C174730E0F9}C:\program f
iles (x86)\wondershare\video converter ultimate\dscheck.exe] => C:\program files
(x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [UDP Query User{CEF8CB70-4DDF-44CA-9C4C-70CD6053EF87}C:\program f
iles (x86)\wondershare\video converter ultimate\dscheck.exe] => C:\program files
(x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [TCP Query User{8E7C6CE0-AEB6-4BE1-8570-472D0462E0D3}C:\program f
iles (x86)\wondershare\video converter ultimate\videoconverterultimate.exe] => C
:\program files (x86)\wondershare\video converter ultimate\videoconverterultimat
e.exe
FirewallRules: [UDP Query User{2A465858-DBC3-4CC7-869A-5F45553E021B}C:\program f
iles (x86)\wondershare\video converter ultimate\videoconverterultimate.exe] => C
:\program files (x86)\wondershare\video converter ultimate\videoconverterultimat
e.exe
FirewallRules: [TCP Query User{24C00F07-EB13-4D22-AD91-9CAB01D3AB8F}C:\program f
iles (x86)\wondershare\video converter ultimate\dscheck.exe] => C:\program files
(x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [UDP Query User{96CF778E-030E-4AED-BDE9-C394F1EF4A2D}C:\program f
iles (x86)\wondershare\video converter ultimate\dscheck.exe] => C:\program files
(x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [TCP Query User{815F8CAB-AED7-4CCE-9C57-DCE3965F9F62}C:\users\own
er\appdata\local\hola\firefox\app\hola_plugin.exe] => C:\users\owner\appdata\loc
al\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{D4A4168F-84E1-4FD5-A72F-BA8605B3C246}C:\users\own
er\appdata\local\hola\firefox\app\hola_plugin.exe] => C:\users\owner\appdata\loc
al\hola\firefox\app\hola_plugin.exe
FirewallRules: [{7FBC70D2-0693-4D2F-A413-A7DB83CA00C1}] => C:\Program Files (x86
)\Mozilla Firefox\firefox.exe
FirewallRules: [{0E1501CE-1415-4C46-8B69-F10C9D9CEBA9}] => C:\Program Files (x86
)\Mozilla Firefox\firefox.exe
FirewallRules: [{02433522-B2A8-4502-B38D-8E72D3654BD4}] => C:\Program Files (x86
)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{7A286F4B-8964-4D2E-ACEF-1782351D2A30}] => C:\Program Files (x86
)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{61ED8B98-1442-417B-BCC8-2D1940301D39}] => C:\Program Files (x86
)\Nero\KM\NMDllHost.exe
FirewallRules: [{8BE361E4-2B8C-433B-A267-749C352CA7BD}] => C:\Program Files (x86
)\Nero\KM\NMDllHost.exe
FirewallRules: [{5ACC041B-FFE4-4FC4-A7A2-211D25D47C51}] => C:\Program Files (x86
)\Phase Five Systems\Jump Desktop Connect\5.0.73.0\JumpConnect.exe
FirewallRules: [{C5AF362B-8EEC-4490-AC16-6760C39CCE0A}] => C:\Program Files\Tigh
tVNC\tvnserver.exe
FirewallRules: [{8D8F7854-10E7-45F0-BDB4-18FC8EFAE96B}] => C:\Program Files\KMSp
ico\KMSELDI.exe
FirewallRules: [{58E6A712-49A6-444C-BC46-E5F38368F063}] => C:\Program Files\KMSp
ico\KMSELDI.exe
FirewallRules: [{4D9751C3-1977-45A3-8D86-D76BB4FAAD46}] => C:\Program Files\KMSp
ico\Service_KMS.exe
FirewallRules: [{96B92141-8FF7-42F5-A001-D4FF02C33939}] => C:\Program Files\KMSp
ico\Service_KMS.exe
FirewallRules: [{4F485C0B-A20E-4FFA-BEB3-1878B54E1FAB}] => C:\Program Files (x86
)\AVG\Av\avgmfapx.exe
FirewallRules: [{6CE09973-54A2-453A-ABD8-FF485EA215A7}] => C:\Program Files (x86
)\AVG\Av\avgmfapx.exe
FirewallRules: [{C70AFE12-A624-46DC-BE7C-9021802B0237}] => C:\Program Files (x86
)\Phase Five Systems\Jump Desktop Connect\5.0.73.0\JumpConnect.exe
FirewallRules: [{706BC5EA-E595-467E-9257-9F060B4BCF43}] => C:\Program Files\KMSp
ico\AutoPico.exe
FirewallRules: [{44DADFCE-4B5C-42C8-9EE7-71792AFA4BD0}] => C:\Program Files\KMSp
ico\AutoPico.exe
FirewallRules: [{C080704E-5A02-4011-860B-5F7035227051}] => C:\Program Files\KMSp
ico\AutoPico.exe
FirewallRules: [TCP Query User{A6C893CA-85DC-4D33-976F-B54FA7090B95}C:\program f
iles (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefo
x\firefox.exe
FirewallRules: [UDP Query User{BC762CA3-AA99-4401-84C5-D5A2D5FD95D2}C:\program f
iles (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefo
x\firefox.exe
FirewallRules: [{8D4471C9-6F2B-4FC0-A1B0-67986C74B758}] => C:\Program Files (x86
)\AVG\Av\avgnsa.exe
FirewallRules: [{7C092DEF-8136-4553-A4BD-362B2E0D64D0}] => C:\Program Files (x86
)\AVG\Av\avgnsa.exe
FirewallRules: [{AE640786-A740-447B-B762-89AB50E5B78C}] => C:\Program Files (x86
)\AVG\Av\avgemca.exe
FirewallRules: [{EC4EF41D-F58A-4DD1-94C4-64A6B8A53CEF}] => C:\Program Files (x86
)\AVG\Av\avgemca.exe
FirewallRules: [{946EE75D-AC17-4793-A4F3-33C83D5F714D}] => C:\Program Files (x86
)\GPPSoft\GPP Remote Server\GPPRS.exe
FirewallRules: [{DC7D5917-3124-4608-9C50-2FE73E216FBE}] => C:\Program Files (x86
)\GPPSoft\GPP Remote Server\GPPRS.exe
FirewallRules: [{EA436595-1193-41E2-8B1D-D8527560E43E}] => C:\Program Files (x86
)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe
FirewallRules: [{B93E80E1-6337-43A2-88C1-D763DEA4B7F9}] => C:\Program Files (x86
)\Baidu WiFiHotspot\WifiHotspot.exe
FirewallRules: [{90DDBE93-534A-438B-8A11-B46F6833B711}] => C:\Program Files (x86
)\Baidu WiFiHotspot\WifiHotspot.exe
FirewallRules: [{DC6CD73D-EE2D-44A9-A060-24BB103B48F5}] => C:\Program Files (x86
)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A5E06773-64F5-4745-916E-FC71451CD278}] => C:\Program Files\iTun
es\iTunes.exe
FirewallRules: [{11BD802B-C651-494C-BE02-2032EF258E73}] => C:\Program Files (x86
)\TeamViewer\TeamViewer.exe
FirewallRules: [{102C6B56-560F-48E3-9F58-DF2E959F5624}] => C:\Program Files (x86
)\TeamViewer\TeamViewer.exe
FirewallRules: [{A52ABA0D-873C-4843-92A7-592D3C37B359}] => C:\Program Files (x86
)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9BB67319-5260-4FA2-A306-3DA4A0CE71D3}] => C:\Program Files (x86
)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DFF24F82-5910-40C2-89EE-0C37013CF1D7}] => C:\Users\Owner\AppDat
a\Local\Temp\is-I2M7N.tmp\download\MiniThunderPlatform.exe
FirewallRules: [{C6FF2F43-8C24-46F6-B0CC-753CCECB0551}] => C:\Program Files (x86
)\Opera\42.0.2393.137\opera.exe
FirewallRules: [{16EFE84E-E554-42DA-8F6D-C7AB342BAF71}] => C:\Program Files (x86
)\GPPSoft\GPP Remote Server\GPPRS.exe
FirewallRules: [{85B300FF-55B6-4635-8B8B-A6A9501305BE}] => C:\Program Files (x86
)\GPPSoft\GPP Remote Server\GPPRS.exe
==================== Restore Points =========================

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelizacin Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers
for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the
troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/20/2017 08:07:08 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot star
t service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/20/2017 06:52:11 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot star
t service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/20/2017 05:04:26 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot star
t service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/20/2017 12:26:38 AM) (Source: System Restore) (EventID: 8193) (User:
)
Description: No se pudo crear el punto de restauracin (proceso = C:\Windows\syste
m32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; descripcin = Punto de
control programado; error = 0x80070422).
Error: (01/19/2017 12:53:06 AM) (Source: System Restore) (EventID: 8193) (User:
)
Description: No se pudo crear el punto de restauracin (proceso = C:\Windows\syste
m32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; descripcin = Punto de
control programado; error = 0x80070422).
Error: (01/18/2017 02:26:51 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activacin para "c:\Users\Owner\AppDa
ta\Roaming\Browsers\chrome.bat.exe".
No se encontr el ensamblado dependiente 55.0.2883.87,language="&#x2a;",type="win3
2",version="55.0.2883.87".
Use sxstrace.exe para obtener un diagnstico detallado.
Error: (01/18/2017 02:24:54 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activacin para "c:\Users\Owner\AppDa
ta\Roaming\Browsers\chrome.bat.exe".
No se encontr el ensamblado dependiente 55.0.2883.87,language="&#x2a;",type="win3
2",version="55.0.2883.87".
Use sxstrace.exe para obtener un diagnstico detallado.
Error: (01/18/2017 02:24:33 AM) (Source: System Restore) (EventID: 8193) (User:
)
Description: No se pudo crear el punto de restauracin (proceso = C:\Windows\syste
m32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; descripcin = Punto de
control programado; error = 0x80070422).
Error: (01/17/2017 10:38:54 PM) (Source: Application Error) (EventID: 1000) (Use
r: )
Description: Nombre de la aplicacin con errores: service.exe, versin: 1.0.0.12, ma
rca de tiempo: 0x57e25e72
Nombre del mdulo con errores: netprofm.dll_unloaded, versin: 0.0.0.0, marca de tie
mpo: 0x4a5bda75
Cdigo de excepcin: 0xc0000005
Desplazamiento de errores: 0x749f3417
Id. del proceso con errores: 0xad4
Hora de inicio de la aplicacin con errores: 0x01d27143373e25b3
Ruta de acceso de la aplicacin con errores: C:\ProgramData\service.exe
Ruta de acceso del mdulo con errores: netprofm.dll
Id. del informe: 03de91f8-dd38-11e6-a84e-b4b52f866ddb
Error: (01/17/2017 10:38:08 PM) (Source: Application Error) (EventID: 1000) (Use
r: )
Description: Nombre de la aplicacin con errores: mbamservice.exe, versin: 3.1.0.38
8, marca de tiempo: 0x58320f73
Nombre del mdulo con errores: ntdll.dll, versin: 6.1.7601.18247, marca de tiempo:
0x521eaf24
Cdigo de excepcin: 0xc00000fd
Desplazamiento de errores: 0x0000000000058c30
Id. del proceso con errores: 0x90c
Hora de inicio de la aplicacin con errores: 0x01d2714392e1556a
Ruta de acceso de la aplicacin con errores: C:\Program Files\Malwarebytes\Anti-Ma
lware\mbamservice.exe
Ruta de acceso del mdulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id. del informe: e8486610-dd37-11e6-a84e-b4b52f866ddb
System errors:
=============
Error: (01/20/2017 08:49:01 PM) (Source: Service Control Manager) (EventID: 7034
) (User: )
Description: El servicio ArcCapture se termin de manera inesperada. Esto ha suced
ido 1 veces.
Error: (01/20/2017 08:48:38 PM) (Source: Service Control Manager) (EventID: 7034
) (User: )
Description: El servicio UC



se termin de manera inesperada. Esto ha sucedido 1
Error: (01/20/2017 08:07:08 PM) (Source: Service Control Manager) (EventID: 7023
) (User: )
Description: El servicio BlueStacks Android Service se cerr con el siguiente erro
r:
Se present una excepcin en el servicio al administrar la solicitud de control.
Error: (01/20/2017 08:06:08 PM) (Source: Service Control Manager) (EventID: 7000
) (User: )
Description: El servicio BlueStacks Updater Service no pudo iniciarse debido al
siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (01/20/2017 08:05:29 PM) (Source: Service Control Manager) (EventID: 7000
) (User: )
Description: El servicio YAC Service no pudo iniciarse debido al siguiente error
:
El servicio no respondi a tiempo a la solicitud de inicio o de control.
Error: (01/20/2017 08:05:29 PM) (Source: Service Control Manager) (EventID: 7009
) (User: )
Description: Se agot el tiempo de espera (30000 ms) para la conexin con el servici
o YAC Service.
Error: (01/20/2017 06:52:44 PM) (Source: Microsoft Antimalware) (EventID: 2001)
(User: )
Description: Microsoft Antimalware has encountered an error trying to update sig
natures.
New Signature Version:
Previous Signature Version: 1.235.302.0
Update Source: Microsoft Update Server
Update Stage: Search
Source Path: http://www.microsoft.com
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\SYSTEM
Current Engine Version:
Previous Engine Version: 1.1.13407.0
Error code: 0x80248014
 Error description: An unexpected problem occurred while checking for upd
ates. For information on installing or troubleshooting updates, see Help and Sup
port.
Error: (01/20/2017 06:52:11 PM) (Source: Service Control Manager) (EventID: 7023
) (User: )
Description: El servicio BlueStacks Android Service se cerr con el siguiente erro
r:
Se present una excepcin en el servicio al administrar la solicitud de control.
Error: (01/20/2017 06:51:11 PM) (Source: Service Control Manager) (EventID: 7023
) (User: )
Description: El servicio KuaizipUpdateChecker se cerr con el siguiente error:
No se puede encontrar el mdulo especificado.
Error: (01/20/2017 06:50:40 PM) (Source: Service Control Manager) (EventID: 7000
) (User: )
Description: El servicio BlueStacks Updater Service no pudo iniciarse debido al
siguiente error:
El sistema no puede encontrar el archivo especificado.

CodeIntegrity:
===================================
Date: 2017-01-20 18:52:47.166
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.
Date: 2017-01-20 18:52:46.932
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.
Date: 2017-01-20 17:05:01.074
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.
Date: 2017-01-20 17:05:00.824
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.
Date: 2017-01-20 00:17:06.767
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.
Date: 2017-01-20 00:17:06.487
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.
Date: 2017-01-17 22:25:56.090
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.
 Date: 2017-01-17 22:25:55.809
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.
Date: 2017-01-17 22:13:58.278
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.
Date: 2017-01-17 22:13:57.530
Description: Integridad de cdigo no puede comprobar la integridad de imagen del
archivo \Device\HarddiskVolume3\WINDOWS\System32\winhttp.dll porque el conjunto
de hashes de imagen por pgina no se encuentra en el sistema.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU B840 @ 1.90GHz
Percentage of memory in use: 74%
Total physical RAM: 2956.56 MB
Available physical RAM: 745.02 MB
Total Virtual: 5911.3 MB
Available Virtual: 2837.68 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:270.73 GB) (Free:20.74 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 67E0130D)
Partition 1: (Active) - (Size=94 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=27.3 GB) - (Type=27)
Partition 3: (Not Active) - (Size=270.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================