Addition.log
============
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-04-2016
Ran by windows (2016-04-14 19:09:22)
Running from C:\Users\windows\Desktop
Windows 7 Professional Service Pack 1 (X64) (2012-12-05 10:05:26)
Boot Mode: Normal
================================================== ========
==================== Accounts: =============================
Administrator (S-1-5-21-73518231-4198052873-3949564652-500 - Administrator - Disabled)
ASPNET (S-1-5-21-73518231-4198052873-3949564652-1004 - Limited - Enabled)
Guest (S-1-5-21-73518231-4198052873-3949564652-501 - Limited - Disabled)
windows (S-1-5-21-73518231-4198052873-3949564652-1000 - Administrator - Enabled) => C:\Users\windows
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AV: Trend Micro OfficeScan Antivirus (Enabled - Up to date) {B7599298-8445-728A-A5C7-A26A082C8BDA}
AS: Trend Micro OfficeScan Anti-spyware (Enabled - Up to date) {0C38737C-A27F-7D04-9F77-991873ABC167}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
FW: Trend Micro Personal Firewall (Disabled) {49A8346C-6900-54B6-B1B3-5F678736DDE9}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.21 - STMicroelectronics)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.2.152 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Age of Empires III: Complete Collection (HKLM-x32\...\GFWL_{4541091F-1F3D-4BA3-A5A3-F71000000100}) (Version: 1.0.0000.1 - Microsoft Game Studios)
Age of Empires III: Complete Collection (x32 Version: 1.0.0000.1 - Microsoft Game Studios) Hidden
ATI Catalyst Install Manager (HKLM\...\{01050239-68F6-D9E8-FAC4-61042A254694}) (Version: 3.0.804.0 - ATI Technologies, Inc.)
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.7.2.28499 - BitTorrent Inc.)
Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ATTENTION
Crysis(R) (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
Dell Mobile Broadband Manager (HKLM-x32\...\{23EEC842-57ED-4055-A056-9D4185DFB1AA}) (Version: 6.1.24.2 - Dell)
Dell Resource CD (HKLM-x32\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1107.101.215 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)
Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
DigitalPersona Fingerprint Software 5.20 (HKLM\...\{C0C2D40A-1231-46FA-8F02-B45E6BF2036A}) (Version: 5.20.230 - DigitalPersona, Inc.)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
FIFA 12 (HKLM-x32\...\{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}) (Version: 1.0.0.0 - Electronic Arts)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Idea Net Setter (HKLM-x32\...\Idea Net Setter) (Version: 21.005.11.00.356 - Huawei Technologies Co.,Ltd)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2253 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{FBCA6D68-2FBE-4A52-8EAA-856CFEA714C8}) (Version: 6.01.0000 - Intel Corporation)
James Cameron's AVATAR(tm): THE GAME (HKLM-x32\...\{7E19B002-4CA3-4C9F-BA92-91D101B97219}) (Version: 1.02.00 - Ubisoft)
Java(TM) 6 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416021FF}) (Version: 6.0.210 - Oracle)
Java(TM) 6 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.210 - Oracle)
Mi PC Suite (HKU\S-1-5-21-73518231-4198052873-3949564652-1000\...\MiPhoneManager) (Version: - Xiaomi Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Age of Empires Gold (HKLM-x32\...\Age of Empires Gold 1.0) (Version: - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Netwaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.59 - BVRP Software, Inc)
NewPointer (HKLM-x32\...\NewPointer 2.0.5.282) (Version: 2.0.5.282 - Ventura Securities Ltd)
NewPointer (x32 Version: 2.0.5.282 - Ventura Securities Ltd) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Prince of Persia T2T (HKLM-x32\...\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}) (Version: - )
Prince of Persia The Forgotten Sands™ (HKLM-x32\...\{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}) (Version: 1.0 - Ubisoft)
Prince of Persia Warrior Within (HKLM-x32\...\{EE5BC0BB-9EDA-423C-8276-48857B735D68}) (Version: 1.00.999 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.15 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
SpongeBob SquarePants - The Movie (HKLM-x32\...\{B98D958E-9E59-43B7-B47F-043D45D73EE6}) (Version: 1.0 - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Mummy (HKLM-x32\...\{44EAF482-99EB-11D4-8BB4-0080C87AF2C6}) (Version: - )
Trend Micro OfficeScan Client (HKLM-x32\...\OfficeScanNT) (Version: 10.6.2108 - Trend Micro Inc.)
Unity Web Player (HKU\S-1-5-21-73518231-4198052873-3949564652-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Validity Sensors DDK (HKLM\...\{56BAC4EE-B1DA-42A7-ACA5-7A353F2ED1DA}) (Version: 4.3.108.0 - Validity Sensors, Inc.)
Windows 7 Codec Pack 4.0.7 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.7 - Windows 7 Codec Pack)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 5.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 7.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 3.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 8.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 8.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 9.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 4.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 6.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 9.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 5.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 8.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 9.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 4.7\psuser_64.dll => No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1EB5A537-0690-4A31-BFEB-A6236384DE4F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1FDBA2CF-0618-4160-B3E6-87DDA5AE2882} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {44F63521-DC27-4FB1-95B2-F094704BA2DF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {479C4632-9157-4DC6-A3D3-49851984400B} - System32\Tasks\FYJHMJXE1 => C:\ProgramData\TomorrowGames\TomorrowGames.exe <==== ATTENTION
Task: {5F25833C-1FB6-4E41-AFA8-8D5D1AB65FDB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {7477A5CD-1AC1-4F0D-BF71-2EA3BE4BDE99} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-73518231-4198052873-3949564652-1000Core => C:\Users\windows\AppData\Local\Google\Update\Googl eUpdate.exe [2015-08-29] (Google Inc.)
Task: {ED587359-4E46-4F8D-BE23-E23649EBC97B} - System32\Tasks\{C362710F-023D-4521-B819-15BFCEAEE495} => pcalua.exe -a E:\Setup.exe -d E:\
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
Task: C:\Windows\Tasks\FYJHMJXE1.job => C:\ProgramData\TomorrowGames\TomorrowGames.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-73518231-4198052873-3949564652-1000Core.job => C:\Users\windows\AppData\Local\Google\Update\Googl eUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\windows\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://www.timesindia.xyz?dt=13042016&aid=55115&uid=798c2 f0e-3d6e-41d5-baea-bf9bdeb99ba8"
ShortcutWithArgument: C:\Users\windows\AppData\Roaming\Microsoft\Interne t Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://www.timesindia.xyz?dt=13042016&aid=55115&uid=798c2 f0e-3d6e-41d5-baea-bf9bdeb99ba8"
ShortcutWithArgument: C:\Users\Public\Desktop\Play Games.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.gumigun.com/
==================== Loaded Modules (Whitelisted) ==============
2010-12-17 13:53 - 2010-12-17 13:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-11-16 19:08 - 2010-11-16 19:08 - 00339456 _____ () C:\ProgramData\DatacardService\HWDeviceService64.e xe
2012-12-08 07:55 - 2012-12-08 07:54 - 00218624 _____ () C:\ProgramData\Idea Net Setter\OnlineUpdate\ouc.exe
2011-04-02 01:46 - 2011-04-02 01:46 - 00801792 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\sqlite3.dll
2013-09-05 14:14 - 2013-09-05 14:14 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2007-05-17 00:12 - 2007-05-17 00:12 - 00089088 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\zlibwapi.dll
2012-12-07 16:03 - 2012-05-05 07:23 - 00572432 _____ () C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe
2010-11-10 22:53 - 2010-11-10 22:53 - 00817136 _____ () C:\Program Files\Roxio\Roxio Burn\RBVirtualFolder64.dll
2012-12-06 12:43 - 2010-11-28 18:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-12-17 13:53 - 2010-12-17 13:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2012-12-06 13:13 - 2010-12-15 10:46 - 00686704 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Prote ction.exe
2010-11-17 10:35 - 2010-11-17 10:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2016-04-12 14:02 - 2016-04-12 14:02 - 00110064 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMAntiInject. dll
2016-04-12 14:02 - 2016-04-12 14:02 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\zlib.dll
2016-04-12 14:02 - 2016-04-12 14:02 - 00482800 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\sqlite.dll
2016-04-12 14:02 - 2016-04-12 14:02 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\tinyxml.dll
2016-04-12 14:02 - 2016-04-12 14:02 - 00040944 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\syssp eeduprtpplugin\SysSpeedupRtpPlugin.dll
2016-04-12 14:09 - 2016-03-29 00:41 - 00070848 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\qmiem alrtpplugin\qmiemalrtpplugin.dll
2016-04-12 14:02 - 2016-02-28 04:25 - 00036128 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\oDayProtect.d ll
2016-04-12 14:02 - 2016-04-12 14:02 - 00122352 _____ () c:\program files (x86)\tencent\qqpcmgr\11.4.17339.217\qmrtpcontroll er.dll
2012-12-08 07:55 - 2012-12-08 07:54 - 00011362 _____ () C:\ProgramData\Idea Net Setter\OnlineUpdate\mingwm10.dll
2012-12-08 07:55 - 2012-12-08 07:54 - 00043008 _____ () C:\ProgramData\Idea Net Setter\OnlineUpdate\libgcc_s_dw2-1.dll
2012-12-08 07:55 - 2012-12-08 07:54 - 02415104 _____ () C:\ProgramData\Idea Net Setter\OnlineUpdate\QtCore4.dll
2012-12-08 07:55 - 2012-12-08 07:54 - 01148416 _____ () C:\ProgramData\Idea Net Setter\OnlineUpdate\QtNetwork4.dll
2016-02-10 19:43 - 2016-02-10 19:43 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\Isd iInterop\5eb8f854950c428c64f668e63c5a0498\IsdiInte rop.ni.dll
2012-12-06 13:09 - 2010-11-05 23:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-04-12 14:02 - 2016-04-12 14:02 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\libexpatw.dll
2016-04-12 14:02 - 2016-04-12 14:02 - 02156896 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\GF.dll
2016-04-12 14:02 - 2016-04-12 14:02 - 00092512 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\xGraphic32.dl l
2016-04-12 14:02 - 2016-04-12 14:02 - 00342368 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\arkGraphic.dl l
2016-04-12 14:02 - 2016-04-12 14:02 - 00045408 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\jgImage.dll
2016-04-12 14:02 - 2016-04-12 14:02 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\libpng.dll
2016-04-12 14:02 - 2016-04-12 14:02 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\libjpegturbo. dll
2016-04-12 14:02 - 2016-04-12 14:02 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\jgIOStub.dll
2016-04-12 14:02 - 2016-04-12 14:02 - 00194912 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\xImage.dll
2016-04-12 14:02 - 2016-04-12 14:02 - 00077296 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\MemDefrag.dll
2016-04-12 14:02 - 2016-04-12 14:02 - 00163312 _____ () c:\program files (x86)\tencent\qqpcmgr\11.4.17339.217\qmhipslogpoli cy.dll
2016-04-12 14:02 - 2016-04-12 14:02 - 00261616 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMTrayPlugin\ QMAutoTaskPlugin\SubPlugins\OperationFileCloudMgr. dll
2016-04-12 14:02 - 2016-04-12 14:02 - 00379232 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\DlForQd.dll
2016-04-12 14:02 - 2016-04-12 14:02 - 00245232 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMWlanMacDll. dll
2010-02-12 14:53 - 2010-02-12 14:53 - 00058880 ____R () C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\MBMDebug.dll
2010-11-24 22:44 - 2010-11-24 22:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
2016-04-12 10:05 - 2016-04-06 15:34 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libg lesv2.dll
2016-04-12 10:05 - 2016-04-06 15:34 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libe gl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\DpHost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Wdf01000.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 08:04 - 2016-04-12 13:54 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1
www.czzsyzgm.com
127.0.0.1
www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-73518231-4198052873-3949564652-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{C81548FF-5D8A-40F8-A21C-ADFD6084B04B}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
FirewallRules: [{DCBF493B-499B-44E0-A827-43CA05B78D1D}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
FirewallRules: [{C96ED218-F3A3-4355-B5AB-EBB2FA1C704C}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
FirewallRules: [{14E661BF-A59B-4C56-8302-249C8E4811F5}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
FirewallRules: [{02E85C20-BE72-445B-94F0-AB0D046CC394}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
FirewallRules: [{9F70DE96-B099-4E43-8870-478F734B7BD9}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
FirewallRules: [{A1162A0A-794B-460C-97BA-40D0E6778424}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
FirewallRules: [{3262C0BA-4B52-4E49-B5DE-9FA2EBA491F6}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [{708AA680-6AE2-4C25-8E18-8DC0D4A41EAA}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [{969A7883-05EC-4914-A044-BCCAFFE4365C}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{7D034642-AA5F-4049-A5C9-76179C90A6B7}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{E502A462-6DB7-46D8-9AD0-C78C2248BD87}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{C88C12B2-3B20-4E50-BEDC-58E8E871D62D}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{EFA306E9-32DA-41B4-B062-873CBBCEAB4C}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{00404D9C-92E6-48F5-BF62-A55D41F5BC8D}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{AA0D3874-0DDE-4AD8-A491-2A50ABAAB45F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5A24F287-A8E4-4E0D-9F59-989F3DF46D8A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{51706C07-46C7-4789-8732-26467A9D040D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E8BBA0FC-0EC1-45D0-B8AB-C71945182C47}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{045515E2-8C25-4466-B708-DFF0A8EBA7D0}] => (Allow) G:\Program Files (x86)\Ubisoft\Prince of Persia The Forgotten Sands\Prince of Persia.exe
FirewallRules: [{D7C51389-9A57-4091-B033-17AF92F235FD}] => (Allow) G:\Program Files (x86)\Ubisoft\Prince of Persia The Forgotten Sands\Prince of Persia.exe
FirewallRules: [{B3BEF9FD-E1F1-4B50-B6B5-8CE66DBED90E}] => (Allow) G:\Program Files (x86)\Ubisoft\Prince of Persia The Forgotten Sands\GameSettings.exe
FirewallRules: [{9F8C1392-2320-434F-9527-1CE327476A83}] => (Allow) G:\Program Files (x86)\Ubisoft\Prince of Persia The Forgotten Sands\GameSettings.exe
FirewallRules: [{FF9D59BD-0CF9-4507-BDFE-3665E4CF5565}] => (Allow) G:\Program Files (x86)\Ubisoft\Prince of Persia The Forgotten Sands\gu.exe
FirewallRules: [{AE9B8857-CFCA-4FA6-BB44-713EB48D83D5}] => (Allow) G:\Program Files (x86)\Ubisoft\Prince of Persia The Forgotten Sands\gu.exe
FirewallRules: [{4BA238AF-1DB1-4637-87C3-531ED92B303D}] => (Allow) G:\Program Files (x86)\Ubisoft\Prince of Persia The Forgotten Sands\UPlayBrowser.exe
FirewallRules: [{F65673CB-3BE2-4446-933B-D0D6F4E3B246}] => (Allow) G:\Program Files (x86)\Ubisoft\Prince of Persia The Forgotten Sands\UPlayBrowser.exe
FirewallRules: [TCP Query User{588B05E8-EFA6-4D1E-9462-9248EC415245}G:\program files (x86)\ubisoft\prince of persia the forgotten sands\prince of persia.exe] => (Block) G:\program files (x86)\ubisoft\prince of persia the forgotten sands\prince of persia.exe
FirewallRules: [UDP Query User{1C458B82-EB2C-415E-B9A7-FC6D92435257}G:\program files (x86)\ubisoft\prince of persia the forgotten sands\prince of persia.exe] => (Block) G:\program files (x86)\ubisoft\prince of persia the forgotten sands\prince of persia.exe
FirewallRules: [{E2BD0B20-CACE-478B-8F07-F89D4244D941}] => (Allow) C:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - THE GAME\bin\Avatar.exe
FirewallRules: [{1E9DA7C9-5908-4D9A-AA29-285C09E180A8}] => (Allow) C:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - THE GAME\bin\Avatar.exe
FirewallRules: [{B8339096-0D5E-4791-8884-05F388898000}] => (Allow) C:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - THE GAME\bin\AvatarLauncher.exe
FirewallRules: [{DF12AE12-4E8A-4415-AD04-8E7D48B3A840}] => (Allow) C:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - THE GAME\bin\AvatarLauncher.exe
FirewallRules: [{AD1D6CB9-EF7D-4F58-A70C-643E885780B1}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{3DEC8D43-D033-4E8A-9B03-053209495620}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{17D1DD0A-4FA7-4D33-AA55-83471BDD14E4}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{2AD7056D-CEB0-40BF-8D30-C09A9F7E5A90}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{36FB7962-256B-4C8E-9666-C8338D26D5AB}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{6F488C35-C3F8-4BB5-9AA8-C9D39469F4B9}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{AF9E5A20-B801-4550-B551-3C4312C8835A}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcher.exe
FirewallRules: [{4BF3108B-CCDC-4E16-BB02-25AAF7066586}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcher.exe
FirewallRules: [{4599D4DE-9296-4966-939B-CBA37507A125}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe
FirewallRules: [{005B7E6A-8F71-4739-B7FA-4BDFC18293CB}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe
FirewallRules: [{CB1AB48E-FE95-45EC-B908-7F28D3542363}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcherx.exe
FirewallRules: [{3EB69549-91EB-4FB5-A875-920BF2318E96}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcherx.exe
FirewallRules: [{15EC39C9-09F8-461D-828B-330240DB2B53}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatchery.exe
FirewallRules: [{F6DA4CA7-9F6E-4462-A148-C55656BEDEAA}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatchery.exe
FirewallRules: [TCP Query User{BAD5421E-50F1-415B-8908-05226F284C9B}C:\users\windows\appdata\local\apps\2 .0\1399m3to.gkx\pdnt8w5w.azv\laun...app_59711684aa 47878d_0001.0023_389eea987ebce690\launcher.exe] => (Allow) C:\users\windows\appdata\local\apps\2.0\1399m3to.g kx\pdnt8w5w.azv\laun...app_59711684aa47878d_0001.0 023_389eea987ebce690\launcher.exe
FirewallRules: [UDP Query User{B3CA981F-47EE-4079-88F2-454E1153D1EF}C:\users\windows\appdata\local\apps\2 .0\1399m3to.gkx\pdnt8w5w.azv\laun...app_59711684aa 47878d_0001.0023_389eea987ebce690\launcher.exe] => (Allow) C:\users\windows\appdata\local\apps\2.0\1399m3to.g kx\pdnt8w5w.azv\laun...app_59711684aa47878d_0001.0 023_389eea987ebce690\launcher.exe
FirewallRules: [{CDC34DA4-BBAB-4A5D-9E57-2B782EB93EB2}] => (Allow) G:\Program Files (x86)\Origin\FIFA 12\Game\fifa.exe
FirewallRules: [{0039CE44-9B09-47CC-9FCD-F0A447435B37}] => (Allow) G:\Program Files (x86)\Origin\FIFA 12\Game\fifa.exe
FirewallRules: [TCP Query User{F79C46EE-71B8-4B4D-BE6E-706D4B2F8EBA}C:\program files (x86)\java\jre6\bin\java.exe] => (Block) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{7272E045-B52E-47D9-BABD-832CF7229919}C:\program files (x86)\java\jre6\bin\java.exe] => (Block) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [{DA473FF3-DE9E-4037-8A05-5D0D2E2C9127}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{57B61198-311C-43E3-983D-A4B177B01520}] => (Allow) C:\Users\windows\AppData\Local\MiPhoneManager\main \MiPhoneManager.exe
FirewallRules: [{152CD5DD-A1A5-4FCE-A17B-790BF01B4F80}] => (Allow) C:\Users\windows\AppData\Local\MiPhoneManager\main \MiPCSuite.exe
FirewallRules: [{3966F6E3-B318-4A11-918E-720A53C6F2C7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B72D52CA-27A2-47D2-B97F-408DB6CE1BDA}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCmgrInstal lGuide.exe
FirewallRules: [{27B1F46C-5BE2-4EC5-9DD6-8ED992FA6BE0}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe
FirewallRules: [{1AE318F8-42E8-427B-9E8F-CCFF571ACFC6}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCMgr.exe
FirewallRules: [{904505C3-D2F2-4BB3-A64D-4796E9B13292}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe
FirewallRules: [{F7C70732-3042-4812-82C3-57C6F44423D7}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMDL.exe
FirewallRules: [{94B662F6-A4D7-4353-AD80-AD9FDE4D3F40}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\bugreport.exe
FirewallRules: [{AEEAD71C-08D4-4C24-B432-1F9801F62D36}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCFileOpen. exe
FirewallRules: [{1CB5B4BE-24F5-4AE9-8163-FFC3C366C917}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCLeakScan. exe
FirewallRules: [{8AFC02A9-C417-484C-8042-7D81EAC7954F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPConfig.exe
FirewallRules: [{8B8A5507-F97E-4935-AD99-4F0F0A05B541}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCSoftMgr.e xe
FirewallRules: [{9ED766B6-B605-45B6-995B-687EB520868B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNet Mon\QQPCNetFlow.exe
FirewallRules: [{975B8470-8BAB-4138-A1CD-19867C5CE044}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCBTU.exe
FirewallRules: [{EC9B8C3C-302C-4F87-B7E9-17E2686261D9}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCClinic.ex e
FirewallRules: [{819B5787-16D8-4EA3-92C0-42303CCDD333}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCLaunch.ex e
FirewallRules: [{56F97567-ED8C-48F1-9556-59748D3F7599}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMUpdate\QQPC MgrUpdate.exe
FirewallRules: [{D2A1BEF9-7192-479C-B9BB-07EC1D4C0253}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCSoftGame. exe
FirewallRules: [{D14CD108-B901-49D1-98B2-F57C564306C4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCSysOptimi ze.exe
FirewallRules: [{5C55EB78-B5B8-48D7-AA40-1DF759245DD4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCUpdateAVL ib.exe
FirewallRules: [{71F3A60B-D45D-4252-A107-432B4F3606D3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQRepair.exe
FirewallRules: [{E74248FB-0476-4361-AA05-717AB281AF34}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\Uninst.exe
FirewallRules: [{FD43E7C6-C74F-4A90-81B3-D1EBA941875F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCPatch.exe
FirewallRules: [{C70C660E-C227-4D68-ACDC-BC88197F8E8E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TpkUpdate.exe
FirewallRules: [{1947214F-8333-40D2-89B6-DD8B1C506306}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMRouterMgr.e xe
FirewallRules: [{0045C587-1CD5-4E3A-BFF6-72986477E26C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMAccountProt ection.exe
FirewallRules: [{AC891046-C52A-4C5E-8C66-1CF5BEAE80DF}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMAdBlock.exe
FirewallRules: [{9711E469-46D8-431A-BAEF-6D9B50D42D39}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{E03BA27A-E7EE-48D2-B0C1-1D78FC57C6F1}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{922A4891-DC17-46A3-942C-835B3DDD927B}] => (Allow) LPort=26415
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/14/2016 06:55:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (04/14/2016 06:55:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (04/14/2016 12:55:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (04/14/2016 12:55:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (04/14/2016 12:53:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/14/2016 12:46:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/14/2016 08:00:07 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (04/14/2016 08:00:07 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (04/14/2016 07:26:20 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (04/14/2016 07:26:20 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
System errors:
=============
Error: (04/14/2016 06:51:49 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain LICINDIA due to the following:
%%1311
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
Error: (04/14/2016 01:15:06 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
Error: (04/14/2016 12:58:11 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (04/14/2016 12:52:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Subject Laptop service failed to start due to the following error:
%%2
Error: (04/14/2016 12:52:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Idea Net Setter. OUC service failed to start due to the following error:
%%1053
Error: (04/14/2016 12:52:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Idea Net Setter. OUC service to connect.
Error: (04/14/2016 12:52:57 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain LICINDIA due to the following:
%%1311
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
Error: (04/14/2016 12:46:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Subject Laptop service failed to start due to the following error:
%%2
Error: (04/14/2016 12:46:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Idea Net Setter. OUC service failed to start due to the following error:
%%1053
Error: (04/14/2016 12:46:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Idea Net Setter. OUC service to connect.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 39%
Total physical RAM: 8099.18 MB
Available physical RAM: 4932.66 MB
Total Virtual: 16196.57 MB
Available Virtual: 12694.64 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:68.26 GB) (Free:5.57 GB) NTFS
Drive d: (Crysis) (CDROM) (Total:5.47 GB) (Free:0 GB) CDFS
Drive f: (NEW VOLUME) (Fixed) (Total:19.52 GB) (Free:10.97 GB) FAT32
Drive g: (New Volume) (Fixed) (Total:49.55 GB) (Free:15.72 GB) NTFS
==================== MBR & Partition Table ==================
================================================== ======
Disk: 0 (Size: 465.8 GB) (Disk ID: FEDFF529)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=68.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=196 MB) - (Type=83)
Partition 4: (Not Active) - (Size=397.2 GB) - (Type=05)
==================== End of Addition.txt ============================