|
|||||||
| Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs |
 |
|
|
Topic Tools |
|
#1
April 14th, 2016, 04:24 AM
|
||||
|
||||
|
unable to remove some chinese programs
My son downloaded mobilepcsuite from the net. Along with it some chinese programs got installed. I am using windows 7 professional service pack . my scan shows somw rojan_gen in temporary internet files folder which it is not able to remove. Now whatever I do on Laptop, this chinese messagebox keeps on popping up. Please help.
|
|
#2
April 14th, 2016, 01:46 PM
|
||||
|
||||
|
Hello nitpradnya and Welcome to the CyberTechHelp Forums.
 . I will be helping you fixing your problems. Please take note of some guidelines for this fix: 1- My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Keep your sentences short. Thanks for your understanding. 2- Perform everything in the correct order. Sometimes one step requires the previous one. 3- Please open as administrator the computer. How is open as administrator the computer? 4- Disable your AntiVirus and AntiSpyware applications, as they will interfere with our tools and the removal. If you are unsure how to do this, please refer to get help here How to disable your security applications. 5- To make sure you have an accurate view of files there, make sure you can View Hidden Files. Also uncheck "Hide Extensions for Known File Types" 6- Back up all your private data / important files on another (external) drive before using our tools (if possible). 7- Please subscribe to this thread if you have not done so already, and please don't do any other scans on your own and don't install or remove software. 8- Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Thanks ************************************************** ******************************************* Let's check. I Would like you to do the following Please download Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
|
|
#3
April 14th, 2016, 02:42 PM
|
||||
|
||||
|
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016
Ran by windows (administrator) on CO-IT-PN-L010 (14-04-2016 19:07:55) Running from C:\Users\windows\Desktop Loaded Profiles: windows (Available Profiles: windows) Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe () C:\ProgramData\DatacardService\HWDeviceService64.e xe () C:\ProgramData\Idea Net Setter\OnlineUpdate\ouc.exe (Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\Ntrtscan.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe (Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmListen.exe (Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe (Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe (Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe () C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe (Trend Micro Inc.) C:\Windows\System32\dgagent\dsagent.exe (Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe (DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Trend Micro Inc.) C:\Windows\System32\ShowMsg.exe (Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe (Trend Micro Inc.) C:\Windows\System32\dgagent\dtoop.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Prote ction.exe (Ericsson AB) C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe (Google Inc.) C:\Users\windows\AppData\Local\Google\Update\Googl eUpdate.exe (Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\Pres entationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Tencent) C:\Program Files (x86)\Common Files\Tencent\QQDownload\130\Tencentdl.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation) HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1605632 2010-11-14] (Intel® Corporation) HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3666800 2010-12-28] (Dell Inc.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [592240 2010-12-07] (Alps Electric Co., Ltd.) HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Prote ction.exe [686704 2010-12-15] () HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577024 2012-03-06] (Creative Technology Ltd) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions) HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] () HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation) HKLM-x32\...\Run: [OfficeScanNT Monitor] => C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe [1841248 2012-05-14] (Trend Micro Inc.) HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTRAY.EXE [356464 2016-04-12] (Tencent) HKLM-x32\...\Run: [apphide] => C:\Program Files (x86)\badu\uc.exe [249953 2016-04-12] ( ) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe, Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-73518231-4198052873-3949564652-1000\...\Run: [WirelessManager] => C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe [194600 2010-07-28] (Ericsson AB) HKU\S-1-5-21-73518231-4198052873-3949564652-1000\...\Run: [Google Update] => C:\Users\windows\AppData\Local\Google\Update\Googl eUpdate.exe [144200 2015-08-29] (Google Inc.) HKU\S-1-5-21-73518231-4198052873-3949564652-1000\...\MountPoints2: E - E:\AutoRun.exe HKU\S-1-5-21-73518231-4198052873-3949564652-1000\...\MountPoints2: {1643ddea-40de-11e2-ac5c-4ceb42594c40} - E:\AutoRun.exe HKU\S-1-5-21-73518231-4198052873-3949564652-1000\...\MountPoints2: {1643ddfc-40de-11e2-ac5c-4ceb42594c40} - E:\AutoRun.exe HKU\S-1-5-21-73518231-4198052873-3949564652-1000\...\MountPoints2: {33ab6755-3f79-11e2-ab09-806e6f6e6963} - D:\AutoRunCD.exe HKU\S-1-5-21-73518231-4198052873-3949564652-1000\...\MountPoints2: {4f3425e9-5238-11e2-8c47-4ceb42594c3c} - E:\AutoRun.exe HKU\S-1-5-21-73518231-4198052873-3949564652-1000\...\MountPoints2: {8563e13d-593e-11e2-adb9-4ceb42594c3c} - E:\AutoRun.exe HKU\S-1-5-21-73518231-4198052873-3949564652-1000\...\MountPoints2: {e83b39bc-f056-11e3-990c-4ceb42594c40} - E:\AutoRun.exe AppInit_DLLs: C:\ProgramData\TomorrowGames\OKFMDXP64.dll => No File Lsa: [Notification Packages] DPPassFilter scecli ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk [2013-07-21] ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2012-12-06] ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software ) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{071F5CAC-7D41-46C3-A36F-ECB4D7FECFC6}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{7A67CDB2-1812-44A9-897E-AAD565A2AAAA}: [NameServer] 10.240.71.35,10.240.9.150 Tcpip\..\Interfaces\{A92CF79C-7A27-45DD-9545-1FF261348DA3}: [DhcpNameServer] 192.168.42.129 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.2345.com/?34838 HKU\S-1-5-21-73518231-4198052873-3949564652-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.2345.com/?34838 HKU\S-1-5-21-73518231-4198052873-3949564652-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg.dll [2012-03-16] (Trend Micro Inc.) BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TSWebMon64.da t [2016-04-12] (Tencent) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-26] (Google Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-12-06] (Sun Microsystems, Inc.) BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg32.dll [2012-03-16] (Trend Micro Inc.) BHO-x32: Ó¦Óñ¦Ò»¼ü°²×°²å¼þ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhon eManagerExt.dll [2014-05-30] (腾讯公司) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-12-06] (Sun Microsystems, Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-26] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.) DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg.dll [2012-03-16] (Trend Micro Inc.) Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg32.dll [2012-03-16] (Trend Micro Inc.) FireFox: ======== FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2012-12-06] (Sun Microsystems, Inc.) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152 .dll [2014-05-30] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2012-12-06] (Sun Microsystems, Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhon eManagerExt.dll [2014-05-30] (腾讯公司) FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\npQMExtension sMozilla.dll [2016-04-12] (Tencent Technology (Shenzhen) Company Limited) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-73518231-4198052873-3949564652-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\windows\AppData\Roaming\Mozilla\plugins\n pgoogletalk.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-73518231-4198052873-3949564652-1000: @talk.google.com/O1DPlugin -> C:\Users\windows\AppData\Roaming\Mozilla\plugins\n po1d.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-73518231-4198052873-3949564652-1000: @tools.google.com/Google Update;version=3 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 9.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin HKU\S-1-5-21-73518231-4198052873-3949564652-1000: @tools.google.com/Google Update;version=9 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 9.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin HKU\S-1-5-21-73518231-4198052873-3949564652-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\windows\AppData\LocalLow\Unity\WebPlayer\ loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-73518231-4198052873-3949564652-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File] FF Plugin ProgramFiles/Appdata: C:\Users\windows\AppData\Roaming\mozilla\plugins\n pgoogletalk.dll [2015-12-08] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\windows\AppData\Roaming\mozilla\plugins\n po1d.dll [2015-12-08] (Google) FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2012-12-06] [not signed] FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files (x86)\Trend Micro\OfficeScan Client\FirefoxExtension FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files (x86)\Trend Micro\OfficeScan Client\FirefoxExtension [2015-02-22] [not signed] Chrome: ======= CHR Profile: C:\Users\windows\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Store) - C:\Users\windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2015-02-04] CHR Extension: (Google Drive) - C:\Users\windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2015-09-24] CHR Extension: (Pool) - C:\Users\windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnp nfbpjb [2015-04-27] CHR Extension: (Google Search) - C:\Users\windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf [2015-10-27] CHR Extension: (Store) - C:\Users\windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2016-03-15] CHR Extension: (Store) - C:\Users\windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgcaihcaldinjhbbkbjhfibppl mfkgik [2015-07-02] CHR Extension: (3D Solar System Web) - C:\Users\windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiad bbkphd [2015-04-27] CHR Extension: (Chrome Web Store Payments) - C:\Users\windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2016-04-02] CHR Extension: (Gmail) - C:\Users\windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2015-03-29] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [499200 2010-11-07] (Red Bend Ltd.) [File not signed] R3 DSASvc; C:\Windows\system32\dgagent\DSAGENT.exe [7365168 2014-10-17] (Trend Micro Inc.) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.e xe [339456 2010-11-16] () [File not signed] S2 Idea Net Setter. RunOuc; C:\Program Files (x86)\Idea Net Setter\UpdateDog\ouc.exe [218624 2012-12-08] () [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] () R2 ntrtscan; C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe [2906792 2012-05-15] (Trend Micro Inc.) S3 Origin Client Service; G:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-15] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2013-09-05] () R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe [301656 2016-04-12] (Tencent) U2 QQRepair221; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair221 [136512 2016-04-14] () S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepairFixSVC [136512 2016-04-14] () R3 TMBMServer; C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe [572432 2012-05-05] () [File not signed] R2 tmlisten; C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe [2786016 2012-05-12] (Trend Micro Inc.) R3 TmPfw; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe [596736 2011-04-16] (Trend Micro Inc.) R3 TmProxy; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe [918032 2012-03-16] (Trend Micro Inc.) R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [869376 2010-11-07] (Intel(R) Corporation) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 pufywemezbt; C:\Program Files (x86)\4C4C4544-1460449631-4610-8057-C7C04F4C5631\knse76A2.tmp [X] S4 rijufoze; [X] S4 rocufyky; [X] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation) R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMUdisk64.sys [184536 2016-03-02] (Tencent) R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQSysMonX64.s ys [138488 2016-04-12] (电脑管家) R2 SAKCD; C:\Windows\System32\drivers\sakcd.sys [76600 2014-10-17] (Trend Micro Inc.) R2 SAKFile; C:\Windows\System32\drivers\sakfile.sys [79648 2014-10-17] (Trend Micro Inc.) R1 SAKNet; C:\Windows\System32\Drivers\saknet.sys [138552 2014-10-17] (Trend Micro Inc.) R1 softaal; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\softaal64.sys [35064 2016-04-12] (Tencent) R1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [168568 2016-04-14] () R3 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [101472 2016-03-15] (Tencent) R1 TAOKernelDriver; C:\Windows\system32\Drivers\TAOKernel64.sys [137976 2016-04-12] (Tencent Technology(Shenzhen) Company Limited) R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87800 2016-04-12] (电脑管家) R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [82296 2012-04-20] () [File not signed] R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [165232 2012-04-13] () [File not signed] R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [64304 2012-04-20] () [File not signed] R2 TmFilter; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys [368392 2015-07-02] (Trend Micro Inc.) R1 TmLwf; C:\Windows\System32\DRIVERS\tmlwf.sys [196688 2010-11-09] (Trend Micro Inc.) R2 TmPreFilter; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys [44808 2015-07-02] (Trend Micro Inc.) R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [108624 2010-12-08] (Trend Micro Inc.) R2 tmWfp; C:\Windows\System32\DRIVERS\tmwfp.sys [338000 2010-11-09] (Trend Micro Inc.) R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TS888x64.sys [38520 2016-04-14] (Tencent) R1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TSDefenseBT64 .sys [28984 2016-04-12] (Tencent) R2 tsnethlpx64; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TsNetHlpX64.s ys [48376 2016-04-12] () S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [45304 2016-04-12] (电脑管家) R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TSSysKit64.sy s [87288 2016-04-12] (电脑管家) R2 VSApiNt; C:\Program Files (x86)\Trend Micro\OfficeScan Client\VSApiNt.sys [2384136 2015-07-02] (Trend Micro Inc.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-04-14 19:07 - 2016-04-14 19:08 - 00022545 _____ C:\Users\windows\Desktop\FRST.txt 2016-04-14 19:07 - 2016-04-14 19:07 - 00000000 ____D C:\FRST 2016-04-14 19:06 - 2016-04-14 19:07 - 02375168 _____ (Farbar) C:\Users\windows\Desktop\FRST64.exe 2016-04-14 13:25 - 2016-04-14 13:25 - 00038520 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys 2016-04-13 20:07 - 2016-04-14 13:24 - 00000358 _____ C:\Windows\Tasks\FYJHMJXE1.job 2016-04-13 20:07 - 2016-04-13 20:07 - 00002880 _____ C:\Windows\System32\Tasks\FYJHMJXE1 2016-04-13 20:07 - 2016-04-13 20:07 - 00001793 _____ C:\Users\Public\Desktop\Play Games.lnk 2016-04-13 20:06 - 2016-04-13 21:46 - 00000000 ____D C:\ProgramData\Service1104 2016-04-13 20:06 - 2016-04-13 20:18 - 00000000 ____D C:\Users\windows\AppData\Local\4C4C4544-1460578013-4610-8057-C7C04F4C5631 2016-04-13 20:06 - 2016-04-13 20:07 - 00000000 ____D C:\Program Files (x86)\badu 2016-04-13 20:06 - 2016-04-13 20:06 - 00000000 ____D C:\Users\windows\AppData\Roaming\Links2 2016-04-13 20:06 - 2016-04-13 20:06 - 00000000 ____D C:\ProgramData\19a87fa1ec024bbcbb41931263354405 2016-04-12 14:04 - 2016-04-13 21:46 - 00000000 ____D C:\Program Files (x86)\CleanBrowser 2016-04-12 14:04 - 2016-04-12 14:04 - 00005120 _____ C:\Users\windows\AppData\Roaming\GiftBag.db 2016-04-12 14:04 - 2016-04-12 14:02 - 00137976 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys 2016-04-12 14:04 - 2016-03-15 20:58 - 00101472 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys 2016-04-12 14:03 - 2016-04-14 12:53 - 00000000 ____D C:\ProgramData\TXQMPC 2016-04-12 14:03 - 2016-04-12 14:03 - 00000000 ____D C:\QMDownload 2016-04-12 14:03 - 2016-04-12 14:03 - 00000000 ____D C:\Program Files\Common Files\Tencent 2016-04-12 14:03 - 2016-04-12 14:02 - 00087800 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys 2016-04-12 14:03 - 2016-04-12 14:02 - 00045304 _____ (电脑管家) C:\Windows\system32\Drivers\TSSKX64.sys 2016-04-12 14:02 - 2016-04-12 14:02 - 00000000 ____D C:\Program Files (x86)\Tencent 2016-04-12 14:02 - 2012-12-30 22:46 - 00979352 _____ (BitTorrent, Inc.) C:\Users\windows\Desktop\BitTorrent.exe 2016-04-12 14:01 - 2016-04-13 21:46 - 00000000 ____D C:\Users\windows\AppData\Local\4C4C4544-1460469679-4610-8057-C7C04F4C5631 2016-04-12 14:01 - 2016-04-12 20:17 - 00000000 ____D C:\Users\windows\AppData\Roaming\Tencent 2016-04-12 14:01 - 2016-04-12 14:06 - 00000000 ____D C:\ProgramData\Tencent 2016-04-12 13:57 - 2016-04-13 21:28 - 00000000 ____D C:\Program Files (x86)\4C4C4544-1460449631-4610-8057-C7C04F4C5631 2016-04-12 10:22 - 2016-04-12 10:31 - 2981293249 _____ C:\Users\windows\Desktop\Grand Theft Auto V.iso 2016-03-30 14:44 - 2016-03-30 14:44 - 00000620 _____ C:\Users\windows\FIFA 12 - Shortcut.lnk ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-04-14 19:03 - 2012-12-31 13:28 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-04-14 18:55 - 2009-07-14 10:43 - 00006700 _____ C:\Windows\system32\PerfStringBackup.INI 2016-04-14 13:30 - 2009-07-14 10:15 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-04-14 13:30 - 2009-07-14 10:15 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-04-14 13:25 - 2012-12-06 12:20 - 00000000 ____D C:\ProgramData\Sonic 2016-04-14 13:24 - 2012-12-31 13:28 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-04-14 13:00 - 2012-12-08 08:00 - 00451584 _____ (Trend Micro Inc.) C:\Windows\RegBootClean64.exe 2016-04-14 13:00 - 2012-12-08 07:59 - 00330240 _____ (Trend Micro Inc.) C:\Windows\RegBootClean.exe 2016-04-14 12:52 - 2009-07-14 10:38 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-04-14 09:28 - 2013-09-06 20:27 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-73518231-4198052873-3949564652-1000Core.job 2016-04-13 21:49 - 2013-11-03 11:36 - 00000000 ____D C:\Users\windows\AppData\Local\Ubisoft Game Launcher 2016-04-13 21:49 - 2013-01-02 13:26 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2016-04-13 21:48 - 2013-11-11 15:42 - 00000000 ____D C:\Program Files (x86)\The Mighty Quest For Epic Loot 2016-04-13 21:39 - 2015-09-11 15:07 - 00002289 _____ C:\Users\windows\Desktop\Chrome App Launcher.lnk 2016-04-13 21:39 - 2012-12-31 13:28 - 00002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-13 21:39 - 2012-12-31 13:28 - 00002046 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-04-13 21:33 - 2014-05-08 17:37 - 00000000 ____D C:\Users\windows\AppData\Local\Deployment 2016-04-13 21:29 - 2012-12-05 15:35 - 00001595 _____ C:\Users\windows\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Internet Explorer.lnk 2016-04-13 19:32 - 2009-07-14 10:15 - 00323488 _____ C:\Windows\system32\FNTCACHE.DAT 2016-04-13 00:06 - 2012-12-30 22:46 - 00000000 ____D C:\Users\windows\AppData\Roaming\BitTorrent 2016-04-12 14:10 - 2012-12-06 12:08 - 00076032 _____ C:\Users\windows\AppData\Local\GDIPFONTCACHEV1.DAT 2016-04-12 14:03 - 2012-12-05 15:35 - 00000000 ____D C:\Users\windows\AppData\Local\VirtualStore 2016-04-12 13:58 - 2014-11-02 20:11 - 00000000 ____D C:\Users\Public\Thunder Network 2016-04-07 15:08 - 2014-05-28 15:39 - 00000000 ____D C:\ProgramData\OnlineUpdate 2016-04-03 11:24 - 2015-12-29 21:40 - 00001362 _____ C:\Users\windows\Desktop\MiPCSuite.lnk 2016-04-03 11:24 - 2015-12-29 21:40 - 00000000 ____D C:\Users\windows\AppData\Local\MiPhoneManager 2016-03-30 14:44 - 2012-12-05 15:35 - 00000000 ____D C:\Users\windows 2016-03-25 09:31 - 2015-04-04 23:47 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2016-03-25 09:31 - 2015-04-04 23:47 - 00000000 ___SD C:\Windows\system32\GWX 2016-03-21 19:20 - 2009-07-14 10:38 - 00032600 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-03-18 22:36 - 2014-01-11 08:31 - 00002017 _____ C:\Users\windows\Desktop\net.txt 2016-03-16 15:04 - 2012-12-06 15:38 - 00028672 _____ C:\Users\windows\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== Files in the root of some directories ======= 2016-04-12 14:04 - 2016-04-12 14:04 - 0005120 _____ () C:\Users\windows\AppData\Roaming\GiftBag.db 2012-12-06 15:38 - 2016-03-16 15:04 - 0028672 _____ () C:\Users\windows\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-12-06 13:14 - 2012-12-06 13:15 - 0001497 _____ () C:\Users\windows\AppData\Local\PDLSetup.20121206.1 31459.txt 2012-12-06 13:16 - 2012-12-06 13:16 - 0001497 _____ () C:\Users\windows\AppData\Local\PDLSetup.20121206.1 31634.txt 2012-12-06 13:16 - 2012-12-06 13:16 - 0001263 _____ () C:\Users\windows\AppData\Local\PDLSetup.20121206.1 31638.txt 2012-12-06 13:16 - 2012-12-06 13:16 - 0001263 _____ () C:\Users\windows\AppData\Local\PDLSetup.20121206.1 31647.txt 2013-12-23 21:24 - 2013-12-23 21:24 - 0001544 _____ () C:\Users\windows\AppData\Local\PDLSetup.20131223.2 12437.txt 2014-01-16 15:56 - 2014-01-16 15:56 - 0001567 _____ () C:\Users\windows\AppData\Local\PDLSetup.20140116.1 55615.txt 2015-08-12 08:37 - 2015-08-12 08:37 - 0000016 _____ () C:\ProgramData\mntemp Some files in TEMP: ==================== C:\Users\windows\AppData\Local\Temp\23333.exe C:\Users\windows\AppData\Local\Temp\Browser_V5.6.1 1466.7_r_4714_(Build1603281525).exe C:\Users\windows\AppData\Local\Temp\drm_dyndata_73 40014.dll C:\Users\windows\AppData\Local\Temp\qqpcmgr_v10.11 .16588.235_72623_Silence.exe C:\Users\windows\AppData\Local\Temp\qqpcmgr_v11.4. 17339.217_45368_Silence.exe C:\Users\windows\AppData\Local\Temp\rootsupd.exe C:\Users\windows\AppData\Local\Temp\_is3497.exe C:\Users\windows\AppData\Local\Temp\_isB309.exe C:\Users\windows\AppData\Local\Temp\_isD00B.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-04-08 17:27 ==================== End of FRST.txt ============================
|
|
#4
April 14th, 2016, 02:43 PM
|
||||
|
||||
|
Sir,
The file Addition.txt is generated. How to attach the same?
|
|
#5
April 14th, 2016, 04:23 PM
|
||||
|
||||
|
Quote:
Attached Images 
|
|
#6
April 15th, 2016, 04:00 AM
|
||||
|
||||
|
Addition.log
============ Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-04-2016 Ran by windows (2016-04-14 19:09:22) Running from C:\Users\windows\Desktop Windows 7 Professional Service Pack 1 (X64) (2012-12-05 10:05:26) Boot Mode: Normal ================================================== ======== ==================== Accounts: ============================= Administrator (S-1-5-21-73518231-4198052873-3949564652-500 - Administrator - Disabled) ASPNET (S-1-5-21-73518231-4198052873-3949564652-1004 - Limited - Enabled) Guest (S-1-5-21-73518231-4198052873-3949564652-501 - Limited - Disabled) windows (S-1-5-21-73518231-4198052873-3949564652-1000 - Administrator - Enabled) => C:\Users\windows ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5} AV: Trend Micro OfficeScan Antivirus (Enabled - Up to date) {B7599298-8445-728A-A5C7-A26A082C8BDA} AS: Trend Micro OfficeScan Anti-spyware (Enabled - Up to date) {0C38737C-A27F-7D04-9F77-991873ABC167} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48} FW: Trend Micro Personal Firewall (Disabled) {49A8346C-6900-54B6-B1B3-5F678736DDE9} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.21 - STMicroelectronics) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated) Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.2.152 - Adobe Systems, Inc.) Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd) Age of Empires III: Complete Collection (HKLM-x32\...\GFWL_{4541091F-1F3D-4BA3-A5A3-F71000000100}) (Version: 1.0.0000.1 - Microsoft Game Studios) Age of Empires III: Complete Collection (x32 Version: 1.0.0000.1 - Microsoft Game Studios) Hidden ATI Catalyst Install Manager (HKLM\...\{01050239-68F6-D9E8-FAC4-61042A254694}) (Version: 3.0.804.0 - ATI Technologies, Inc.) BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.7.2.28499 - BitTorrent Inc.) Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ATTENTION Crysis(R) (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts) Dell Mobile Broadband Manager (HKLM-x32\...\{23EEC842-57ED-4055-A056-9D4185DFB1AA}) (Version: 6.1.24.2 - Dell) Dell Resource CD (HKLM-x32\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Dell Inc.) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1107.101.215 - ALPS ELECTRIC CO., LTD.) Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd) Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc) DigitalPersona Fingerprint Software 5.20 (HKLM\...\{C0C2D40A-1231-46FA-8F02-B45E6BF2036A}) (Version: 5.20.230 - DigitalPersona, Inc.) DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden FIFA 12 (HKLM-x32\...\{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}) (Version: 1.0.0.0 - Electronic Arts) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.) Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games) Idea Net Setter (HKLM-x32\...\Idea Net Setter) (Version: 21.005.11.00.356 - Huawei Technologies Co.,Ltd) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2253 - Intel Corporation) Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation) Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation) Intel® PROSet/Wireless WiMAX Software (HKLM\...\{FBCA6D68-2FBE-4A52-8EAA-856CFEA714C8}) (Version: 6.01.0000 - Intel Corporation) James Cameron's AVATAR(tm): THE GAME (HKLM-x32\...\{7E19B002-4CA3-4C9F-BA92-91D101B97219}) (Version: 1.02.00 - Ubisoft) Java(TM) 6 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416021FF}) (Version: 6.0.210 - Oracle) Java(TM) 6 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.210 - Oracle) Mi PC Suite (HKU\S-1-5-21-73518231-4198052873-3949564652-1000\...\MiPhoneManager) (Version: - Xiaomi Inc.) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Age of Empires Gold (HKLM-x32\...\Age of Empires Gold 1.0) (Version: - ) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Netwaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.59 - BVRP Software, Inc) NewPointer (HKLM-x32\...\NewPointer 2.0.5.282) (Version: 2.0.5.282 - Ventura Securities Ltd) NewPointer (x32 Version: 2.0.5.282 - Ventura Securities Ltd) Hidden Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.) PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden Prince of Persia T2T (HKLM-x32\...\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}) (Version: - ) Prince of Persia The Forgotten Sands™ (HKLM-x32\...\{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}) (Version: 1.0 - Ubisoft) Prince of Persia Warrior Within (HKLM-x32\...\{EE5BC0BB-9EDA-423C-8276-48857B735D68}) (Version: 1.00.999 - ) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.15 - Dell Inc.) RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio) Roxio File Backup (Version: 1.3.2 - Roxio) Hidden Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden SpongeBob SquarePants - The Movie (HKLM-x32\...\{B98D958E-9E59-43B7-B47F-043D45D73EE6}) (Version: 1.0 - ) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden The Mummy (HKLM-x32\...\{44EAF482-99EB-11D4-8BB4-0080C87AF2C6}) (Version: - ) Trend Micro OfficeScan Client (HKLM-x32\...\OfficeScanNT) (Version: 10.6.2108 - Trend Micro Inc.) Unity Web Player (HKU\S-1-5-21-73518231-4198052873-3949564652-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS) Validity Sensors DDK (HKLM\...\{56BAC4EE-B1DA-42A7-ACA5-7A353F2ED1DA}) (Version: 4.3.108.0 - Validity Sensors, Inc.) Windows 7 Codec Pack 4.0.7 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.7 - Windows 7 Codec Pack) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 5.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 7.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 3.9\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 8.1\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 8.13\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 9.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 4.15\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 6.9\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 9.1\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 5.11\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 8.15\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 9.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-73518231-4198052873-3949564652-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.2 4.7\psuser_64.dll => No File ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1EB5A537-0690-4A31-BFEB-A6236384DE4F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {1FDBA2CF-0618-4160-B3E6-87DDA5AE2882} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {44F63521-DC27-4FB1-95B2-F094704BA2DF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2015-11-11] (Adobe Systems Incorporated) Task: {479C4632-9157-4DC6-A3D3-49851984400B} - System32\Tasks\FYJHMJXE1 => C:\ProgramData\TomorrowGames\TomorrowGames.exe <==== ATTENTION Task: {5F25833C-1FB6-4E41-AFA8-8D5D1AB65FDB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {7477A5CD-1AC1-4F0D-BF71-2EA3BE4BDE99} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-73518231-4198052873-3949564652-1000Core => C:\Users\windows\AppData\Local\Google\Update\Googl eUpdate.exe [2015-08-29] (Google Inc.) Task: {ED587359-4E46-4F8D-BE23-E23649EBC97B} - System32\Tasks\{C362710F-023D-4521-B819-15BFCEAEE495} => pcalua.exe -a E:\Setup.exe -d E:\ (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe Task: C:\Windows\Tasks\FYJHMJXE1.job => C:\ProgramData\TomorrowGames\TomorrowGames.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-73518231-4198052873-3949564652-1000Core.job => C:\Users\windows\AppData\Local\Google\Update\Googl eUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\windows\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://www.timesindia.xyz?dt=13042016&aid=55115&uid=798c2 f0e-3d6e-41d5-baea-bf9bdeb99ba8" ShortcutWithArgument: C:\Users\windows\AppData\Roaming\Microsoft\Interne t Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://www.timesindia.xyz?dt=13042016&aid=55115&uid=798c2 f0e-3d6e-41d5-baea-bf9bdeb99ba8" ShortcutWithArgument: C:\Users\Public\Desktop\Play Games.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.gumigun.com/ ==================== Loaded Modules (Whitelisted) ============== 2010-12-17 13:53 - 2010-12-17 13:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2010-11-16 19:08 - 2010-11-16 19:08 - 00339456 _____ () C:\ProgramData\DatacardService\HWDeviceService64.e xe 2012-12-08 07:55 - 2012-12-08 07:54 - 00218624 _____ () C:\ProgramData\Idea Net Setter\OnlineUpdate\ouc.exe 2011-04-02 01:46 - 2011-04-02 01:46 - 00801792 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\sqlite3.dll 2013-09-05 14:14 - 2013-09-05 14:14 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2007-05-17 00:12 - 2007-05-17 00:12 - 00089088 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\zlibwapi.dll 2012-12-07 16:03 - 2012-05-05 07:23 - 00572432 _____ () C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe 2010-11-10 22:53 - 2010-11-10 22:53 - 00817136 _____ () C:\Program Files\Roxio\Roxio Burn\RBVirtualFolder64.dll 2012-12-06 12:43 - 2010-11-28 18:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2010-12-17 13:53 - 2010-12-17 13:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll 2012-12-06 13:13 - 2010-12-15 10:46 - 00686704 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Prote ction.exe 2010-11-17 10:35 - 2010-11-17 10:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe 2016-04-12 14:02 - 2016-04-12 14:02 - 00110064 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMAntiInject. dll 2016-04-12 14:02 - 2016-04-12 14:02 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\zlib.dll 2016-04-12 14:02 - 2016-04-12 14:02 - 00482800 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\sqlite.dll 2016-04-12 14:02 - 2016-04-12 14:02 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\tinyxml.dll 2016-04-12 14:02 - 2016-04-12 14:02 - 00040944 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\syssp eeduprtpplugin\SysSpeedupRtpPlugin.dll 2016-04-12 14:09 - 2016-03-29 00:41 - 00070848 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\qmiem alrtpplugin\qmiemalrtpplugin.dll 2016-04-12 14:02 - 2016-02-28 04:25 - 00036128 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\oDayProtect.d ll 2016-04-12 14:02 - 2016-04-12 14:02 - 00122352 _____ () c:\program files (x86)\tencent\qqpcmgr\11.4.17339.217\qmrtpcontroll er.dll 2012-12-08 07:55 - 2012-12-08 07:54 - 00011362 _____ () C:\ProgramData\Idea Net Setter\OnlineUpdate\mingwm10.dll 2012-12-08 07:55 - 2012-12-08 07:54 - 00043008 _____ () C:\ProgramData\Idea Net Setter\OnlineUpdate\libgcc_s_dw2-1.dll 2012-12-08 07:55 - 2012-12-08 07:54 - 02415104 _____ () C:\ProgramData\Idea Net Setter\OnlineUpdate\QtCore4.dll 2012-12-08 07:55 - 2012-12-08 07:54 - 01148416 _____ () C:\ProgramData\Idea Net Setter\OnlineUpdate\QtNetwork4.dll 2016-02-10 19:43 - 2016-02-10 19:43 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\Isd iInterop\5eb8f854950c428c64f668e63c5a0498\IsdiInte rop.ni.dll 2012-12-06 13:09 - 2010-11-05 23:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2016-04-12 14:02 - 2016-04-12 14:02 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\libexpatw.dll 2016-04-12 14:02 - 2016-04-12 14:02 - 02156896 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\GF.dll 2016-04-12 14:02 - 2016-04-12 14:02 - 00092512 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\xGraphic32.dl l 2016-04-12 14:02 - 2016-04-12 14:02 - 00342368 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\arkGraphic.dl l 2016-04-12 14:02 - 2016-04-12 14:02 - 00045408 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\jgImage.dll 2016-04-12 14:02 - 2016-04-12 14:02 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\libpng.dll 2016-04-12 14:02 - 2016-04-12 14:02 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\libjpegturbo. dll 2016-04-12 14:02 - 2016-04-12 14:02 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\jgIOStub.dll 2016-04-12 14:02 - 2016-04-12 14:02 - 00194912 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\xImage.dll 2016-04-12 14:02 - 2016-04-12 14:02 - 00077296 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\MemDefrag.dll 2016-04-12 14:02 - 2016-04-12 14:02 - 00163312 _____ () c:\program files (x86)\tencent\qqpcmgr\11.4.17339.217\qmhipslogpoli cy.dll 2016-04-12 14:02 - 2016-04-12 14:02 - 00261616 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMTrayPlugin\ QMAutoTaskPlugin\SubPlugins\OperationFileCloudMgr. dll 2016-04-12 14:02 - 2016-04-12 14:02 - 00379232 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\DlForQd.dll 2016-04-12 14:02 - 2016-04-12 14:02 - 00245232 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMWlanMacDll. dll 2010-02-12 14:53 - 2010-02-12 14:53 - 00058880 ____R () C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\MBMDebug.dll 2010-11-24 22:44 - 2010-11-24 22:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll 2016-04-12 10:05 - 2016-04-06 15:34 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libg lesv2.dll 2016-04-12 10:05 - 2016-04-06 15:34 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libe gl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\DpHost => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Wdf01000.sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 08:04 - 2016-04-12 13:54 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-73518231-4198052873-3949564652-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{C81548FF-5D8A-40F8-A21C-ADFD6084B04B}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe FirewallRules: [{DCBF493B-499B-44E0-A827-43CA05B78D1D}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe FirewallRules: [{C96ED218-F3A3-4355-B5AB-EBB2FA1C704C}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe FirewallRules: [{14E661BF-A59B-4C56-8302-249C8E4811F5}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe FirewallRules: [{02E85C20-BE72-445B-94F0-AB0D046CC394}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe FirewallRules: [{9F70DE96-B099-4E43-8870-478F734B7BD9}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe FirewallRules: [{A1162A0A-794B-460C-97BA-40D0E6778424}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe FirewallRules: [{3262C0BA-4B52-4E49-B5DE-9FA2EBA491F6}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe FirewallRules: [{708AA680-6AE2-4C25-8E18-8DC0D4A41EAA}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe FirewallRules: [{969A7883-05EC-4914-A044-BCCAFFE4365C}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe FirewallRules: [{7D034642-AA5F-4049-A5C9-76179C90A6B7}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe FirewallRules: [{E502A462-6DB7-46D8-9AD0-C78C2248BD87}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe FirewallRules: [{C88C12B2-3B20-4E50-BEDC-58E8E871D62D}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe FirewallRules: [{EFA306E9-32DA-41B4-B062-873CBBCEAB4C}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe FirewallRules: [{00404D9C-92E6-48F5-BF62-A55D41F5BC8D}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe FirewallRules: [{AA0D3874-0DDE-4AD8-A491-2A50ABAAB45F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{5A24F287-A8E4-4E0D-9F59-989F3DF46D8A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{51706C07-46C7-4789-8732-26467A9D040D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{E8BBA0FC-0EC1-45D0-B8AB-C71945182C47}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{045515E2-8C25-4466-B708-DFF0A8EBA7D0}] => (Allow) G:\Program Files (x86)\Ubisoft\Prince of Persia The Forgotten Sands\Prince of Persia.exe FirewallRules: [{D7C51389-9A57-4091-B033-17AF92F235FD}] => (Allow) G:\Program Files (x86)\Ubisoft\Prince of Persia The Forgotten Sands\Prince of Persia.exe FirewallRules: [{B3BEF9FD-E1F1-4B50-B6B5-8CE66DBED90E}] => (Allow) G:\Program Files (x86)\Ubisoft\Prince of Persia The Forgotten Sands\GameSettings.exe FirewallRules: [{9F8C1392-2320-434F-9527-1CE327476A83}] => (Allow) G:\Program Files (x86)\Ubisoft\Prince of Persia The Forgotten Sands\GameSettings.exe FirewallRules: [{FF9D59BD-0CF9-4507-BDFE-3665E4CF5565}] => (Allow) G:\Program Files (x86)\Ubisoft\Prince of Persia The Forgotten Sands\gu.exe FirewallRules: [{AE9B8857-CFCA-4FA6-BB44-713EB48D83D5}] => (Allow) G:\Program Files (x86)\Ubisoft\Prince of Persia The Forgotten Sands\gu.exe FirewallRules: [{4BA238AF-1DB1-4637-87C3-531ED92B303D}] => (Allow) G:\Program Files (x86)\Ubisoft\Prince of Persia The Forgotten Sands\UPlayBrowser.exe FirewallRules: [{F65673CB-3BE2-4446-933B-D0D6F4E3B246}] => (Allow) G:\Program Files (x86)\Ubisoft\Prince of Persia The Forgotten Sands\UPlayBrowser.exe FirewallRules: [TCP Query User{588B05E8-EFA6-4D1E-9462-9248EC415245}G:\program files (x86)\ubisoft\prince of persia the forgotten sands\prince of persia.exe] => (Block) G:\program files (x86)\ubisoft\prince of persia the forgotten sands\prince of persia.exe FirewallRules: [UDP Query User{1C458B82-EB2C-415E-B9A7-FC6D92435257}G:\program files (x86)\ubisoft\prince of persia the forgotten sands\prince of persia.exe] => (Block) G:\program files (x86)\ubisoft\prince of persia the forgotten sands\prince of persia.exe FirewallRules: [{E2BD0B20-CACE-478B-8F07-F89D4244D941}] => (Allow) C:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - THE GAME\bin\Avatar.exe FirewallRules: [{1E9DA7C9-5908-4D9A-AA29-285C09E180A8}] => (Allow) C:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - THE GAME\bin\Avatar.exe FirewallRules: [{B8339096-0D5E-4791-8884-05F388898000}] => (Allow) C:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - THE GAME\bin\AvatarLauncher.exe FirewallRules: [{DF12AE12-4E8A-4415-AD04-8E7D48B3A840}] => (Allow) C:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - THE GAME\bin\AvatarLauncher.exe FirewallRules: [{AD1D6CB9-EF7D-4F58-A70C-643E885780B1}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe FirewallRules: [{3DEC8D43-D033-4E8A-9B03-053209495620}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe FirewallRules: [{17D1DD0A-4FA7-4D33-AA55-83471BDD14E4}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe FirewallRules: [{2AD7056D-CEB0-40BF-8D30-C09A9F7E5A90}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe FirewallRules: [{36FB7962-256B-4C8E-9666-C8338D26D5AB}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe FirewallRules: [{6F488C35-C3F8-4BB5-9AA8-C9D39469F4B9}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe FirewallRules: [{AF9E5A20-B801-4550-B551-3C4312C8835A}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcher.exe FirewallRules: [{4BF3108B-CCDC-4E16-BB02-25AAF7066586}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcher.exe FirewallRules: [{4599D4DE-9296-4966-939B-CBA37507A125}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe FirewallRules: [{005B7E6A-8F71-4739-B7FA-4BDFC18293CB}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe FirewallRules: [{CB1AB48E-FE95-45EC-B908-7F28D3542363}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcherx.exe FirewallRules: [{3EB69549-91EB-4FB5-A875-920BF2318E96}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcherx.exe FirewallRules: [{15EC39C9-09F8-461D-828B-330240DB2B53}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatchery.exe FirewallRules: [{F6DA4CA7-9F6E-4462-A148-C55656BEDEAA}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatchery.exe FirewallRules: [TCP Query User{BAD5421E-50F1-415B-8908-05226F284C9B}C:\users\windows\appdata\local\apps\2 .0\1399m3to.gkx\pdnt8w5w.azv\laun...app_59711684aa 47878d_0001.0023_389eea987ebce690\launcher.exe] => (Allow) C:\users\windows\appdata\local\apps\2.0\1399m3to.g kx\pdnt8w5w.azv\laun...app_59711684aa47878d_0001.0 023_389eea987ebce690\launcher.exe FirewallRules: [UDP Query User{B3CA981F-47EE-4079-88F2-454E1153D1EF}C:\users\windows\appdata\local\apps\2 .0\1399m3to.gkx\pdnt8w5w.azv\laun...app_59711684aa 47878d_0001.0023_389eea987ebce690\launcher.exe] => (Allow) C:\users\windows\appdata\local\apps\2.0\1399m3to.g kx\pdnt8w5w.azv\laun...app_59711684aa47878d_0001.0 023_389eea987ebce690\launcher.exe FirewallRules: [{CDC34DA4-BBAB-4A5D-9E57-2B782EB93EB2}] => (Allow) G:\Program Files (x86)\Origin\FIFA 12\Game\fifa.exe FirewallRules: [{0039CE44-9B09-47CC-9FCD-F0A447435B37}] => (Allow) G:\Program Files (x86)\Origin\FIFA 12\Game\fifa.exe FirewallRules: [TCP Query User{F79C46EE-71B8-4B4D-BE6E-706D4B2F8EBA}C:\program files (x86)\java\jre6\bin\java.exe] => (Block) C:\program files (x86)\java\jre6\bin\java.exe FirewallRules: [UDP Query User{7272E045-B52E-47D9-BABD-832CF7229919}C:\program files (x86)\java\jre6\bin\java.exe] => (Block) C:\program files (x86)\java\jre6\bin\java.exe FirewallRules: [{DA473FF3-DE9E-4037-8A05-5D0D2E2C9127}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{57B61198-311C-43E3-983D-A4B177B01520}] => (Allow) C:\Users\windows\AppData\Local\MiPhoneManager\main \MiPhoneManager.exe FirewallRules: [{152CD5DD-A1A5-4FCE-A17B-790BF01B4F80}] => (Allow) C:\Users\windows\AppData\Local\MiPhoneManager\main \MiPCSuite.exe FirewallRules: [{3966F6E3-B318-4A11-918E-720A53C6F2C7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{B72D52CA-27A2-47D2-B97F-408DB6CE1BDA}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCmgrInstal lGuide.exe FirewallRules: [{27B1F46C-5BE2-4EC5-9DD6-8ED992FA6BE0}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe FirewallRules: [{1AE318F8-42E8-427B-9E8F-CCFF571ACFC6}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCMgr.exe FirewallRules: [{904505C3-D2F2-4BB3-A64D-4796E9B13292}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe FirewallRules: [{F7C70732-3042-4812-82C3-57C6F44423D7}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMDL.exe FirewallRules: [{94B662F6-A4D7-4353-AD80-AD9FDE4D3F40}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\bugreport.exe FirewallRules: [{AEEAD71C-08D4-4C24-B432-1F9801F62D36}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCFileOpen. exe FirewallRules: [{1CB5B4BE-24F5-4AE9-8163-FFC3C366C917}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCLeakScan. exe FirewallRules: [{8AFC02A9-C417-484C-8042-7D81EAC7954F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPConfig.exe FirewallRules: [{8B8A5507-F97E-4935-AD99-4F0F0A05B541}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCSoftMgr.e xe FirewallRules: [{9ED766B6-B605-45B6-995B-687EB520868B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\plugins\QMNet Mon\QQPCNetFlow.exe FirewallRules: [{975B8470-8BAB-4138-A1CD-19867C5CE044}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCBTU.exe FirewallRules: [{EC9B8C3C-302C-4F87-B7E9-17E2686261D9}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCClinic.ex e FirewallRules: [{819B5787-16D8-4EA3-92C0-42303CCDD333}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCLaunch.ex e FirewallRules: [{56F97567-ED8C-48F1-9556-59748D3F7599}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMUpdate\QQPC MgrUpdate.exe FirewallRules: [{D2A1BEF9-7192-479C-B9BB-07EC1D4C0253}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCSoftGame. exe FirewallRules: [{D14CD108-B901-49D1-98B2-F57C564306C4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCSysOptimi ze.exe FirewallRules: [{5C55EB78-B5B8-48D7-AA40-1DF759245DD4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCUpdateAVL ib.exe FirewallRules: [{71F3A60B-D45D-4252-A107-432B4F3606D3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQRepair.exe FirewallRules: [{E74248FB-0476-4361-AA05-717AB281AF34}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\Uninst.exe FirewallRules: [{FD43E7C6-C74F-4A90-81B3-D1EBA941875F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCPatch.exe FirewallRules: [{C70C660E-C227-4D68-ACDC-BC88197F8E8E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TpkUpdate.exe FirewallRules: [{1947214F-8333-40D2-89B6-DD8B1C506306}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMRouterMgr.e xe FirewallRules: [{0045C587-1CD5-4E3A-BFF6-72986477E26C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMAccountProt ection.exe FirewallRules: [{AC891046-C52A-4C5E-8C66-1CF5BEAE80DF}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMAdBlock.exe FirewallRules: [{9711E469-46D8-431A-BAEF-6D9B50D42D39}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{E03BA27A-E7EE-48D2-B0C1-1D78FC57C6F1}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [{922A4891-DC17-46A3-942C-835B3DDD927B}] => (Allow) LPort=26415 ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============= Name: Bluetooth Peripheral Device Description: Bluetooth Peripheral Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: SM Bus Controller Description: SM Bus Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Bluetooth Peripheral Device Description: Bluetooth Peripheral Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Bluetooth Peripheral Device Description: Bluetooth Peripheral Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Bluetooth Peripheral Device Description: Bluetooth Peripheral Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Bluetooth Peripheral Device Description: Bluetooth Peripheral Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Bluetooth Peripheral Device Description: Bluetooth Peripheral Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (04/14/2016 06:55:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY) Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (04/14/2016 06:55:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY) Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error: (04/14/2016 12:55:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY) Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (04/14/2016 12:55:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY) Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error: (04/14/2016 12:53:13 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/14/2016 12:46:57 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/14/2016 08:00:07 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY) Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (04/14/2016 08:00:07 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY) Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error: (04/14/2016 07:26:20 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY) Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (04/14/2016 07:26:20 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY) Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. System errors: ============= Error: (04/14/2016 06:51:49 PM) (Source: NETLOGON) (EventID: 5719) (User: ) Description: This computer was not able to set up a secure session with a domain controller in domain LICINDIA due to the following: %%1311 This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain. Error: (04/14/2016 01:15:06 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY) Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator. Error: (04/14/2016 12:58:11 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED} Error: (04/14/2016 12:52:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Subject Laptop service failed to start due to the following error: %%2 Error: (04/14/2016 12:52:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Idea Net Setter. OUC service failed to start due to the following error: %%1053 Error: (04/14/2016 12:52:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Idea Net Setter. OUC service to connect. Error: (04/14/2016 12:52:57 PM) (Source: NETLOGON) (EventID: 5719) (User: ) Description: This computer was not able to set up a secure session with a domain controller in domain LICINDIA due to the following: %%1311 This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain. Error: (04/14/2016 12:46:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Subject Laptop service failed to start due to the following error: %%2 Error: (04/14/2016 12:46:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Idea Net Setter. OUC service failed to start due to the following error: %%1053 Error: (04/14/2016 12:46:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Idea Net Setter. OUC service to connect. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz Percentage of memory in use: 39% Total physical RAM: 8099.18 MB Available physical RAM: 4932.66 MB Total Virtual: 16196.57 MB Available Virtual: 12694.64 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:68.26 GB) (Free:5.57 GB) NTFS Drive d: (Crysis) (CDROM) (Total:5.47 GB) (Free:0 GB) CDFS Drive f: (NEW VOLUME) (Fixed) (Total:19.52 GB) (Free:10.97 GB) FAT32 Drive g: (New Volume) (Fixed) (Total:49.55 GB) (Free:15.72 GB) NTFS ==================== MBR & Partition Table ================== ================================================== ====== Disk: 0 (Size: 465.8 GB) (Disk ID: FEDFF529) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=68.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=196 MB) - (Type=83) Partition 4: (Not Active) - (Size=397.2 GB) - (Type=05) ==================== End of Addition.txt ============================
|
|
#7
April 15th, 2016, 04:09 AM
|
||||
|
||||
|
Hi again,
Scan with Zemana AntiMalware Free:
Have a nice day.
|
|
#8
April 17th, 2016, 03:52 PM
|
||||
|
||||
|
Sorry to reply late. Was out of station returned today.
Did what you said. But could not find "Scan Now" "Run as Administrator" buttons. After un-ticking "Auto Launch" it started a scan on its own. But at end there was no button as "Report". The program quarantined many programs. And asked to reboot, which I did. The PC seems okay but browser seems slow.
|
|
#10
April 19th, 2016, 08:08 AM
|
||||
|
||||
|
Zemana AntiMalware 2.20.179.140 (Installed)
------------------------------------------------------- Scan Result : Completed Scan Date : 2016/4/17 Operating System : Windows 7 64-bit Processor : 4X Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz BIOS Mode : Legacy CUID : 000D8CB1A7BC004777176C Scan Type : Scheduled Scan Duration : 2m 42s Scanned Objects : 13026 Detected Objects : 154 Excluded Objects : 0 Read Level : SCSI Auto Upload : No Include All Extensions : No Scan Documents : No Domain Info : LICINDIA,1,3 Detected Objects ------------------------------------------------------- Internet Explorer Shortcut Status : Scanned Object : "http://www.timesindia.xyz?dt=13042016&aid=55115&uid=798c2 f0e-3d6e-41d5-baea-bf9bdeb99ba8" MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Traces : Browser Setting - Internet Explorer Shortcut Internet Explorer Shortcut Status : Scanned Object : "http://www.timesindia.xyz?dt=13042016&aid=55115&uid=798c2 f0e-3d6e-41d5-baea-bf9bdeb99ba8" MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Traces : Browser Setting - Internet Explorer Shortcut Internet Explorer Shortcut Status : Scanned Object : http://www.gumigun.com/ MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Traces : Browser Setting - Internet Explorer Shortcut Internet Explorer Homepage Status : Scanned Object : http://www.2345.com/?34838 MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Traces : Browser Setting - Internet Explorer Homepage QQPCRtp.exe Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qqpc rtp.exe MD5 : 0B925DE09A557B0B213108D642BA9416 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 301656 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qqpc rtp.exe Process - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe Registry Entry - HKLM\System\CurrentControlSet\Services\QQPCRTP\Ima gePath = "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe" -r QQPCHardware.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qqpc hardware.dll MD5 : 343E1F14DEFC81D8603D657F918434B3 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 354656 Version : 11.1.49147.301 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qqpc hardware.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe QMRepairPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\plug ins\qmrepairplugin.dll MD5 : 09221F8BF0D65421D77B41872121C531 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 97904 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\plug ins\qmrepairplugin.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe QMUl.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmul .dll MD5 : 1E7F6927FD3642D3CC5E98572DF7AA86 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 318960 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmul .dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe QMFileMon.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmfi lemon.dll MD5 : F28C37C9F54FEA66B345CB7A27439B1F Publisher : Tencent Technology(Shenzhen) Company Limited Size : 720368 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmfi lemon.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe communic.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\comm unic.dll MD5 : FCFCF0587331588D4F8DD583D93B437D Publisher : Tencent Technology(Shenzhen) Company Limited Size : 49648 Version : 1.0.10.51 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\comm unic.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe QMRtpCheck.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmrt pcheck.dll MD5 : 4ACAA03CB90519D3497F3C060BC274B8 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 533696 Version : 11.6.17598.209 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmrt pcheck.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe processlogdll.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\soft mgr\processlogdll.dll MD5 : B11A04E4B3F1AD52DA4C128BE349B6D5 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 73200 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\soft mgr\processlogdll.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe QMInfoEng.DLL Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmin foeng.dll MD5 : 6EE31F6658D5D68D4CE6B860E43E75ED Publisher : Tencent Technology(Shenzhen) Company Limited Size : 259264 Version : 302.2016.302.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmin foeng.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QQPCFIXATDLL.DLL Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qqpc fixatdll.dll MD5 : 0746AB082F2F7BB79B3E1F451A1D6FE8 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 816320 Version : 301.2016.301.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qqpc fixatdll.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe tpkreport.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tpk\ 2.0.11144.2072\tpkreport.dll MD5 : BB65BEEA6F5D50F104D739AD21E287DD Publisher : Tencent Technology(Shenzhen) Company Limited Size : 241208 Version : 2.0.11144.1961 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tpk\ 2.0.11144.2072\tpkreport.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe QMSafeBoxHelperDll.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmsa feboxhelperdll.dll MD5 : 307255340AF9640C57E7ECC809B41A6B Publisher : Tencent Technology(Shenzhen) Company Limited Size : 85488 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmsa feboxhelperdll.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe QMAVProxy.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmav proxy.dll MD5 : B767ED72BCCAE43CE4C8D7EDF593F4D5 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 85488 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmav proxy.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe
|
|
#11
April 19th, 2016, 08:09 AM
|
||||
|
||||
|
qmrtpcontroller.dll
Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmrt pcontroller.dll MD5 : 77CB06CB4A1CB7F478F5C4B4AD1DA3F7 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 122352 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmrt pcontroller.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMRtpDLL.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmrt pdll.dll MD5 : 2D2FF32120E8F3CB30FA63243BC3E8F8 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 81392 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmrt pdll.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe tpktt.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tpk\ 2.0.11144.2072\tpktt.dll MD5 : 1DB431D533DED7E39BC2B69C9333CEBB Publisher : Tencent Technology(Shenzhen) Company Limited Size : 3182136 Version : 2.0.11144.1961 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tpk\ 2.0.11144.2072\tpktt.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe tpkcom.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tpk\ 2.0.11144.2072\tpkcom.dll MD5 : 2BDF21F5739F844185F12609CB3E506A Publisher : Tencent Technology(Shenzhen) Company Limited Size : 106040 Version : 2.0.11144.1961 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tpk\ 2.0.11144.2072\tpkcom.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe tpkproxy.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tpk\ 2.0.11144.2072\tpkproxy.dll MD5 : 9C06A6E5931D725DA374228BB5500CDD Publisher : Tencent Technology(Shenzhen) Company Limited Size : 216632 Version : 2.0.11144.1961 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tpk\ 2.0.11144.2072\tpkproxy.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe tave.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tave .dll MD5 : A555AF213ABC59F182D22433B5A75D2A Publisher : Tencent Technology(Shenzhen) Company Limited Size : 175600 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tave .dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe QMDns.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmdn s.dll MD5 : 26314121830E52B0DCA92F4759EFEF89 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 56816 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmdn s.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe TAVUpload.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tavu pload.dll MD5 : 6F2CB74033C7FA7CE95500092523E7B0 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 515568 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tavu pload.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe QMEmMat.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmem mat.dll MD5 : 088E48DAF900DDE8EA9424885024CFBC Publisher : Tencent Technology(Shenzhen) Company Limited Size : 159216 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmem mat.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe QMHIPSService.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmhi psservice.dll MD5 : 1C856D92A586760E79E603ADCC274490 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 386240 Version : 11.6.56229.501 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmhi psservice.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe QMHIPSHeart.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmhi psheart.dll MD5 : 736F3B6C636D8D4F81D32C8D2F301863 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 214208 Version : 11.6.56406.501 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmhi psheart.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe QMHipsEngine.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\plug ins\qmhipsengine.dll MD5 : 61D3E0E7667902E89EF2AFDB78F7F738 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 48624 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\plug ins\qmhipsengine.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe oDayProtect.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\oday protect.dll MD5 : 71ADA0F844521825E585F6DB43B598DB Publisher : Tencent Technology(Shenzhen) Company Limited Size : 36128 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\oday protect.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe qmiemalrtpplugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\plug ins\qmiemalrtpplugin\qmiemalrtpplugin.dll MD5 : FB328C29C103B6610D6A03DC09F4C858 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 70848 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\plug ins\qmiemalrtpplugin\qmiemalrtpplugin.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe TAVCache.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tavc ache.dll MD5 : FDA673A3223EF0677F7C83A0BDCF6CC7 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 482800 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tavc ache.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe SysSpeedupRtpPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\plug ins\sysspeeduprtpplugin\sysspeeduprtpplugin.dll MD5 : F98CDBB329549260B9E7ADD510C4CFB0 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 40944 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\plug ins\sysspeeduprtpplugin\sysspeeduprtpplugin.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe QMCloudInter.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\plug ins\qmcloudinter\qmcloudinter.dll MD5 : 408CEC9C680C94F983E2806549F565A2 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 591040 Version : 11.6.17578.201 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\plug ins\qmcloudinter\qmcloudinter.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe QMAssocScan.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmas socscan.dll MD5 : F4C501482ACA11C69A5521A08D4CFDEC Publisher : Tencent Technology(Shenzhen) Company Limited Size : 343536 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmas socscan.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMBDScanner.dat Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\plug ins\qmbdscanner.dat MD5 : 6D00E2B7B01C231199D2C74F5F3DC810 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 29680 Version : 10.6.15942.218 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\plug ins\qmbdscanner.dat DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe QMHIPSPolicyEng.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmhi pspolicyeng.dll MD5 : DF866F1F0ABE6524F86671ED19E97FFB Publisher : Tencent Technology(Shenzhen) Company Limited Size : 763072 Version : 11.6.56471.501 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmhi pspolicyeng.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe TAVEng.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tave ng.dll MD5 : 2C40642D2E53CCC329FEBA546F95DD37 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 667120 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tave ng.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe qmscripthost.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmsc ripthost.dll MD5 : 774C0F13748E097B9BEC9E4E4AF934AC Publisher : Tencent Technology(Shenzhen) Company Limited Size : 200176 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmsc ripthost.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMExt.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmex t.dll MD5 : B6F98A3E07BBF3041BA1AE1395935C77 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 118256 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmex t.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe tinyxml.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tiny xml.dll MD5 : 989F284C2C9C9E0EECC2486FD35CAC69 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 100704 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tiny xml.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe qmsysrepprov.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmsy srepprov.dll MD5 : 8AD9F5FD1447484E13D84EEA393B761A Publisher : Tencent Technology(Shenzhen) Company Limited Size : 1979584 Version : 11.5.55632.501 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmsy srepprov.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe TSSysKitProxy.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tssy skitproxy.dll MD5 : 03B28CE4CAFDD9D52E33CE9E0FC88F79 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 101872 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tssy skitproxy.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMNetworkMgr.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmne tworkmgr.dll MD5 : 3439CE73B5E9082E69B4118AF44AA894 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 265712 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmne tworkmgr.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe scc.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\scc. dll MD5 : C543F2D2B612527A685DA13B6C594A42 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 636096 Version : 11.6.56585.501 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\scc. dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMPerf.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmperfctrl\qmperf.dll MD5 : 8BB398B17BD9787EBD0E7F22E38C2A49 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 204272 Version : 1.2.0.5 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmperfctrl\qmperf.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMIpc.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmip c.dll MD5 : 75DE173F7C13CA7628BC2740D51A9EE5 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 175600 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmip c.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe sqlite.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\sqli te.dll MD5 : B783B7C4334B72251668097FBB373DB8 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 482800 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\sqli te.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe zlib.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\zlib .dll MD5 : BD6C48BA68DAEB86833AA6B850541F2C Publisher : Tencent Technology(Shenzhen) Company Limited Size : 88416 Version : 1.2.5.0 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\zlib .dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe ptrate.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\ptra te.dll MD5 : B632A5E94D1A72CE0AB38CBA8B3CE679 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 85488 Version : 2012.12.18.2 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\ptra te.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMAntiInject.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qman tiinject.dll MD5 : 8CF47EF8925ECFA0217223332AED840C Publisher : Tencent Technology(Shenzhen) Company Limited Size : 110064 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qman tiinject.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe dr.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\dr.d ll MD5 : 4CB9FDA1C2834DB461049FB6DDFC30E8 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 425456 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\dr.d ll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe RefuseInject.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\refu seinject.dll MD5 : 64EF7ECB690D6219B15DDF411C7E1F58 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 175600 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\refu seinject.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMCommon.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmco mmon.dll MD5 : 18A2DDAC72222541B28688A731A0619D Publisher : Tencent Technology(Shenzhen) Company Limited Size : 730304 Version : 11.6.56417.501 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmco mmon.dll DLL - 1020 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe VideoPerformerSetup.exe Status : Scanned Object : %userprofile%\downloads\videoperformersetup.exe MD5 : 45CCF900CA5D35DE4A8CDDFFDBF49B18 Publisher : Performersoft LLC Size : 675168 Version : 15.9.28.27 Detection : Adware:Win32/Perfsoft!Ep Cleaning Action : Quarantine Traces : File - %userprofile%\downloads\videoperformersetup.exe DownloadSetup__2299_i160506547_il40.exe Status : Scanned Object : %userprofile%\downloads\downloadsetup__2299_i16050 6547_il40.exe MD5 : F0B991FC49D6235BD6D47832CB583615 Publisher : Amonetize ltd. Size : 338984 Version : 1.1.5.26 Detection : Adware:Win32/Amonetize!Ep Cleaning Action : Quarantine Traces : File - %userprofile%\downloads\downloadsetup__2299_i16050 6547_il40.exe QMMain.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmma in.dll MD5 : 6BD242A2100DB6C16B7A15DDAD403B8D Publisher : Tencent Technology(Shenzhen) Company Limited Size : 2141808 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmma in.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QQPCTray.exe Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qqpc tray.exe MD5 : 6CF4FB113457E6D73D041093FBF3F722 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 356464 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qqpc tray.exe Process - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe Registry Entry - HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Run\ QQPCTray = "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe" /regrun DownloadMgr.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidserver\1.0.0.510\downloadmgr.dll MD5 : DFCE71F965B65E584670495C15B4BF45 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 174648 Version : 1.0.0.510 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidserver\1.0.0.510\downloadmgr.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe NetworkMgr.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidserver\1.0.0.510\networkmgr.dll MD5 : 041B0F9EE6625B9DE47BA99D35757689 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 204344 Version : 1.0.0.510 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidserver\1.0.0.510\networkmgr.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe
|
|
#12
April 19th, 2016, 08:10 AM
|
||||
|
||||
|
AndroidDevice.dll
Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidserver\1.0.0.510\androiddevice.dll MD5 : 5D13F4F045EEBD79C10CC7D8C5BF02B1 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 267832 Version : 1.0.0.510 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidserver\1.0.0.510\androiddevice.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QQPMIpc.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidserver\1.0.0.510\qqpmipc.dll MD5 : 3807FF1AD5EFF084080030D40A9C18E8 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 81464 Version : 1.0.0.510 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidserver\1.0.0.510\qqpmipc.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe Sdkclient.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidserver\1.0.0.510\sdkclient.dll MD5 : 62FF0A4F9FD0DBF6166AF4891D52D6B8 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 683576 Version : 1.0.0.510 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidserver\1.0.0.510\sdkclient.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe DlForQd.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\dlfo rqd.dll MD5 : 318E7496611A7A809F23385A8572285F Publisher : Tencent Technology(Shenzhen) Company Limited Size : 379232 Version : 2.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\dlfo rqd.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMHwFloatWnd.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmhwfloatwnd\qmhwfloatwnd.dll MD5 : A40994E2CFF02749A549CC0E69218096 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 249328 Version : 1.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmhwfloatwnd\qmhwfloatwnd.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMWlanMacDll.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmwl anmacdll.dll MD5 : 038C2E3313E4AC00ABE1C050964D6697 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 245232 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmwl anmacdll.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMNewsTips.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmnewstips\qmnewstips.dll MD5 : 8A08522BC44E55536BC37D1BB5AA4F8B Publisher : Tencent Technology(Shenzhen) Company Limited Size : 585200 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmnewstips\qmnewstips.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMBJTrayPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmbjtrayplugin\qmbjtrayplugin.dll MD5 : 6035EDCC389EB0E17CBF0B0C1FDA197D Publisher : Tencent Technology(Shenzhen) Company Limited Size : 278000 Version : 1.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmbjtrayplugin\qmbjtrayplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe AndroidAssistHelper.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidassisthelper.dll MD5 : 0C30969E7222C4A9AFF2087A1DE88B90 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 528440 Version : 1.0.0.510 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidassisthelper.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMMobileTrayPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmmobiletrayplugin\qmmobiletrayplugin.dll MD5 : 5B73DA50936FDE65D4D460D5B119B5F8 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 539632 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmmobiletrayplugin\qmmobiletrayplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMForbiddenWinKey.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmfo rbiddenwinkey.dll MD5 : C9136F70A3B0AFFB5AA34E0BFE77831D Publisher : Tencent Technology(Shenzhen) Company Limited Size : 15856 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmfo rbiddenwinkey.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMTrayDetector.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmtraydetector\qmtraydetector.dll MD5 : 3D52737DC75DE8C786B5137612B3DAE1 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 125280 Version : 1.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmtraydetector\qmtraydetector.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMNetMonPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\plug ins\qmnetmonplugin.dll MD5 : E1EBA47259D4D40FB28A4BD2C8DC19C1 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 142832 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\plug ins\qmnetmonplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMCmcTrayPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmcmctrayplugin\qmcmctrayplugin.dll MD5 : 2BCDCC906EEF34A90AB00AA7C611C858 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 349376 Version : 11.6.56585.501 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmcmctrayplugin\qmcmctrayplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMSccTrayPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmscctrayplugin\qmscctrayplugin.dll MD5 : 8F39808F4F16A44613C41F5AD9C86771 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 681152 Version : 11.6.56662.501 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmscctrayplugin\qmscctrayplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMTpkTrayPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmtpktrayplugin\qmtpktrayplugin.dll MD5 : 0D28689BE975C7AF863306E70F5A084E Publisher : Tencent Technology(Shenzhen) Company Limited Size : 269808 Version : 1.0.0.3 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmtpktrayplugin\qmtpktrayplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe ProcessManager.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\proc essmanager.dll MD5 : 88490263029448D306B3BC3413296316 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 406720 Version : 11.5.17458.209 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\proc essmanager.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMSpecTips.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmspectips\qmspectips.dll MD5 : 9D8335BB4850FFC1F50AC629E3A5707F Publisher : Tencent Technology(Shenzhen) Company Limited Size : 431296 Version : 11.6.17593.209 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmspectips\qmspectips.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe TAOClient.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\taoc lient.dll MD5 : F5696182383EA934BF35CDBCE9ADF0CC Publisher : Tencent Technology(Shenzhen) Company Limited Size : 364016 Version : 1.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\taoc lient.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe TAOWorkFlowMgr.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\taow orkflowmgr.dll MD5 : 6D1B0F21DF0168B54914CF6051800CFB Publisher : Tencent Technology(Shenzhen) Company Limited Size : 400880 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\taow orkflowmgr.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe CheckSysHung.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\chec ksyshung.dll MD5 : 393772F2E92FC604FA261BCF3290CCEF Publisher : Tencent Technology(Shenzhen) Company Limited Size : 134640 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\chec ksyshung.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe SpeedupMsg.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\subplugins\speedupmsg.dl l MD5 : 154C416E28B3DF71BC9CDAC72737B12F Publisher : Tencent Technology(Shenzhen) Company Limited Size : 400880 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\subplugins\speedupmsg.dl l DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe OperationFileCloudMgr.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\subplugins\operationfile cloudmgr.dll MD5 : 1E9761F2EA024251462F3B62E1CD088B Publisher : Tencent Technology(Shenzhen) Company Limited Size : 261616 Version : 1.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\subplugins\operationfile cloudmgr.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe GameSpeedupGiftBagMgr.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\subplugins\gamespeedupgi ftbagmgr.dll MD5 : 6FEC5618F8330A6F4CF4E4C48075E5D3 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 519664 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\subplugins\gamespeedupgi ftbagmgr.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe GameSpeedupExposure.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\subplugins\gamespeedupex posure.dll MD5 : 6B290A93BEECFAC7115A7616ECEA2312 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 278000 Version : 1.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\subplugins\gamespeedupex posure.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMDnsMonitor.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmdnsmonitor\qmdnsmonitor.dll MD5 : D945F4CAEF0D891F6A5A7A6F47FA1ABA Publisher : Tencent Technology(Shenzhen) Company Limited Size : 208368 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmdnsmonitor\qmdnsmonitor.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMClinicTrayPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmclinictrayplugin\qmclinictrayplugin.dll MD5 : 2F0037FCFF8A1BDDC565C35F74C0CE81 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 454128 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmclinictrayplugin\qmclinictrayplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe SXCombase.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\sxco mbase.dll MD5 : 4325E9CBF1877A4F8063940EA130A408 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 118256 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\sxco mbase.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMSXTrayPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmsxtrayplugin\qmsxtrayplugin.dll MD5 : BD30DAA9A2623439660CC1048254A336 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 364016 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmsxtrayplugin\qmsxtrayplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMUDiskMgr.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmudiskmgr\qmudiskmgr.dll MD5 : 7AB9DDEA16F3EFA9DEB31BDECFFAE34E Publisher : Tencent Technology(Shenzhen) Company Limited Size : 912880 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmudiskmgr\qmudiskmgr.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe MemDefrag.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\memd efrag.dll MD5 : 66BB58FE2E5641DC8EAF45C215985741 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 77296 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\memd efrag.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe StartupMgrDll.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\star tupmgrdll.dll MD5 : B0FB1965907D70DC03A52A8B15B3EC9B Publisher : Tencent Technology(Shenzhen) Company Limited Size : 560624 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\star tupmgrdll.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMStartupMonitorNotify.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmstartupmonitornotify\qmstartupmonitorno tify.dll MD5 : A9FD6D3B4137AA9A8F63F941301D3061 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 454128 Version : 10.6.15920.208 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmstartupmonitornotify\qmstartupmonitorno tify.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe NetflowMgr.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\netf lowmgr.dll MD5 : 2F22D837D9EB7A01A092D7190035C2A3 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 151024 Version : 1.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\netf lowmgr.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe TAOKernelControl.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\taok ernelcontrol.dll MD5 : 30EC9D111C71B465E24B2BF1420FF3BD Publisher : Tencent Technology(Shenzhen) Company Limited Size : 146928 Version : 1.2.0.3 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\taok ernelcontrol.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe TAOBase.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\taob ase.dll MD5 : 0D76D31CBC12AD03EC3AF88EBE25DFB1 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 253424 Version : 1.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\taob ase.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe GarbageCleaner.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\garb agecleaner.dll MD5 : C9F3F9C2B947B0290C294EF02579E51E Publisher : Tencent Technology(Shenzhen) Company Limited Size : 1203696 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\garb agecleaner.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe 7z.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\7z.d ll MD5 : 878C2A596FD95DA5E5A3011C7DDC524D Publisher : Tencent Technology(Shenzhen) Company Limited Size : 894960 Version : 9.20.0.0 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\7z.d ll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe TSZip.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tszi p.dll MD5 : 5457E82F7843F051F9F98B9ED38DE5A7 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 77296 Version : 7.2.3658.205 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tszi p.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMAutoTaskPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\qmautotaskplugin.dll MD5 : 108AA3923D53B45BF8D9EB7F462296FF Publisher : Tencent Technology(Shenzhen) Company Limited Size : 1060336 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\qmautotaskplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe GameUpgrade.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\game upgrade.dll MD5 : 680AB46A747FECEA91ED0EC450751F7A Publisher : Tencent Technology(Shenzhen) Company Limited Size : 519664 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\game upgrade.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe GameUpgradeTrayPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\gameupgradetrayplugin\gameupgradetrayplug in.dll MD5 : 54159A3AEB34886CB13AC4EC0642D367 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 269808 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\gameupgradetrayplugin\gameupgradetrayplug in.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMDlder.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmdl der.dll MD5 : 58516BCC307F054558365E38DAF256A5 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 134640 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmdl der.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMWebFWCtrl.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmwebfwctrl\qmwebfwctrl.dll MD5 : CD2FDCABF853565508F8BF8F21428305 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 2372800 Version : 11.6.56662.501 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmwebfwctrl\qmwebfwctrl.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe TAVInterface.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tavi nterface.dll MD5 : 8946126FD9C3B5E4E99BE4060834FCD5 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 204272 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tavi nterface.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMTPIEStartPage.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmtpiestartpage\qmtpiestartpage.dll MD5 : C8F79AD18671A0C0B3B7A03CC19C281B Publisher : Tencent Technology(Shenzhen) Company Limited Size : 734400 Version : 11.6.17586.205 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmtpiestartpage\qmtpiestartpage.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QmTtInterface.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtt interface.dll MD5 : 75A0C4B199C5518B256B62C583636F2A Publisher : Tencent Technology(Shenzhen) Company Limited Size : 414912 Version : 11.6.17586.205 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtt interface.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMInjectUtils.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmin jectutils.dll MD5 : 9B731DFDF9F9BB7D47A714E88854B7AD Publisher : Tencent Technology(Shenzhen) Company Limited Size : 120000 Version : 11.6.17591.207 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmin jectutils.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe
|
|
#13
April 19th, 2016, 08:12 AM
|
||||
|
||||
|
AndroidDevice.dll
Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidserver\1.0.0.510\androiddevice.dll MD5 : 5D13F4F045EEBD79C10CC7D8C5BF02B1 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 267832 Version : 1.0.0.510 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidserver\1.0.0.510\androiddevice.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QQPMIpc.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidserver\1.0.0.510\qqpmipc.dll MD5 : 3807FF1AD5EFF084080030D40A9C18E8 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 81464 Version : 1.0.0.510 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidserver\1.0.0.510\qqpmipc.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe Sdkclient.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidserver\1.0.0.510\sdkclient.dll MD5 : 62FF0A4F9FD0DBF6166AF4891D52D6B8 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 683576 Version : 1.0.0.510 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidserver\1.0.0.510\sdkclient.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe DlForQd.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\dlfo rqd.dll MD5 : 318E7496611A7A809F23385A8572285F Publisher : Tencent Technology(Shenzhen) Company Limited Size : 379232 Version : 2.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\dlfo rqd.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMHwFloatWnd.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmhwfloatwnd\qmhwfloatwnd.dll MD5 : A40994E2CFF02749A549CC0E69218096 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 249328 Version : 1.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmhwfloatwnd\qmhwfloatwnd.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMWlanMacDll.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmwl anmacdll.dll MD5 : 038C2E3313E4AC00ABE1C050964D6697 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 245232 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmwl anmacdll.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMNewsTips.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmnewstips\qmnewstips.dll MD5 : 8A08522BC44E55536BC37D1BB5AA4F8B Publisher : Tencent Technology(Shenzhen) Company Limited Size : 585200 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmnewstips\qmnewstips.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMBJTrayPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmbjtrayplugin\qmbjtrayplugin.dll MD5 : 6035EDCC389EB0E17CBF0B0C1FDA197D Publisher : Tencent Technology(Shenzhen) Company Limited Size : 278000 Version : 1.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmbjtrayplugin\qmbjtrayplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe AndroidAssistHelper.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidassisthelper.dll MD5 : 0C30969E7222C4A9AFF2087A1DE88B90 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 528440 Version : 1.0.0.510 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\andr oidassisthelper.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMMobileTrayPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmmobiletrayplugin\qmmobiletrayplugin.dll MD5 : 5B73DA50936FDE65D4D460D5B119B5F8 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 539632 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmmobiletrayplugin\qmmobiletrayplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMForbiddenWinKey.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmfo rbiddenwinkey.dll MD5 : C9136F70A3B0AFFB5AA34E0BFE77831D Publisher : Tencent Technology(Shenzhen) Company Limited Size : 15856 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmfo rbiddenwinkey.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMTrayDetector.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmtraydetector\qmtraydetector.dll MD5 : 3D52737DC75DE8C786B5137612B3DAE1 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 125280 Version : 1.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmtraydetector\qmtraydetector.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMNetMonPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\plug ins\qmnetmonplugin.dll MD5 : E1EBA47259D4D40FB28A4BD2C8DC19C1 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 142832 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\plug ins\qmnetmonplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMCmcTrayPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmcmctrayplugin\qmcmctrayplugin.dll MD5 : 2BCDCC906EEF34A90AB00AA7C611C858 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 349376 Version : 11.6.56585.501 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmcmctrayplugin\qmcmctrayplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMSccTrayPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmscctrayplugin\qmscctrayplugin.dll MD5 : 8F39808F4F16A44613C41F5AD9C86771 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 681152 Version : 11.6.56662.501 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmscctrayplugin\qmscctrayplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMTpkTrayPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmtpktrayplugin\qmtpktrayplugin.dll MD5 : 0D28689BE975C7AF863306E70F5A084E Publisher : Tencent Technology(Shenzhen) Company Limited Size : 269808 Version : 1.0.0.3 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmtpktrayplugin\qmtpktrayplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe ProcessManager.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\proc essmanager.dll MD5 : 88490263029448D306B3BC3413296316 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 406720 Version : 11.5.17458.209 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\proc essmanager.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMSpecTips.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmspectips\qmspectips.dll MD5 : 9D8335BB4850FFC1F50AC629E3A5707F Publisher : Tencent Technology(Shenzhen) Company Limited Size : 431296 Version : 11.6.17593.209 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmspectips\qmspectips.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe TAOClient.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\taoc lient.dll MD5 : F5696182383EA934BF35CDBCE9ADF0CC Publisher : Tencent Technology(Shenzhen) Company Limited Size : 364016 Version : 1.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\taoc lient.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe TAOWorkFlowMgr.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\taow orkflowmgr.dll MD5 : 6D1B0F21DF0168B54914CF6051800CFB Publisher : Tencent Technology(Shenzhen) Company Limited Size : 400880 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\taow orkflowmgr.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe CheckSysHung.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\chec ksyshung.dll MD5 : 393772F2E92FC604FA261BCF3290CCEF Publisher : Tencent Technology(Shenzhen) Company Limited Size : 134640 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\chec ksyshung.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe SpeedupMsg.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\subplugins\speedupmsg.dl l MD5 : 154C416E28B3DF71BC9CDAC72737B12F Publisher : Tencent Technology(Shenzhen) Company Limited Size : 400880 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\subplugins\speedupmsg.dl l DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe OperationFileCloudMgr.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\subplugins\operationfile cloudmgr.dll MD5 : 1E9761F2EA024251462F3B62E1CD088B Publisher : Tencent Technology(Shenzhen) Company Limited Size : 261616 Version : 1.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\subplugins\operationfile cloudmgr.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe GameSpeedupGiftBagMgr.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\subplugins\gamespeedupgi ftbagmgr.dll MD5 : 6FEC5618F8330A6F4CF4E4C48075E5D3 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 519664 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\subplugins\gamespeedupgi ftbagmgr.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe GameSpeedupExposure.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\subplugins\gamespeedupex posure.dll MD5 : 6B290A93BEECFAC7115A7616ECEA2312 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 278000 Version : 1.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\subplugins\gamespeedupex posure.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMDnsMonitor.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmdnsmonitor\qmdnsmonitor.dll MD5 : D945F4CAEF0D891F6A5A7A6F47FA1ABA Publisher : Tencent Technology(Shenzhen) Company Limited Size : 208368 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmdnsmonitor\qmdnsmonitor.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMClinicTrayPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmclinictrayplugin\qmclinictrayplugin.dll MD5 : 2F0037FCFF8A1BDDC565C35F74C0CE81 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 454128 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmclinictrayplugin\qmclinictrayplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe SXCombase.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\sxco mbase.dll MD5 : 4325E9CBF1877A4F8063940EA130A408 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 118256 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\sxco mbase.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMSXTrayPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmsxtrayplugin\qmsxtrayplugin.dll MD5 : BD30DAA9A2623439660CC1048254A336 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 364016 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmsxtrayplugin\qmsxtrayplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMUDiskMgr.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmudiskmgr\qmudiskmgr.dll MD5 : 7AB9DDEA16F3EFA9DEB31BDECFFAE34E Publisher : Tencent Technology(Shenzhen) Company Limited Size : 912880 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmudiskmgr\qmudiskmgr.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe MemDefrag.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\memd efrag.dll MD5 : 66BB58FE2E5641DC8EAF45C215985741 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 77296 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\memd efrag.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe StartupMgrDll.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\star tupmgrdll.dll MD5 : B0FB1965907D70DC03A52A8B15B3EC9B Publisher : Tencent Technology(Shenzhen) Company Limited Size : 560624 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\star tupmgrdll.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMStartupMonitorNotify.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmstartupmonitornotify\qmstartupmonitorno tify.dll MD5 : A9FD6D3B4137AA9A8F63F941301D3061 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 454128 Version : 10.6.15920.208 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmstartupmonitornotify\qmstartupmonitorno tify.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe NetflowMgr.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\netf lowmgr.dll MD5 : 2F22D837D9EB7A01A092D7190035C2A3 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 151024 Version : 1.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\netf lowmgr.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe TAOKernelControl.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\taok ernelcontrol.dll MD5 : 30EC9D111C71B465E24B2BF1420FF3BD Publisher : Tencent Technology(Shenzhen) Company Limited Size : 146928 Version : 1.2.0.3 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\taok ernelcontrol.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe TAOBase.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\taob ase.dll MD5 : 0D76D31CBC12AD03EC3AF88EBE25DFB1 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 253424 Version : 1.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\taob ase.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe GarbageCleaner.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\garb agecleaner.dll MD5 : C9F3F9C2B947B0290C294EF02579E51E Publisher : Tencent Technology(Shenzhen) Company Limited Size : 1203696 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\garb agecleaner.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe 7z.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\7z.d ll MD5 : 878C2A596FD95DA5E5A3011C7DDC524D Publisher : Tencent Technology(Shenzhen) Company Limited Size : 894960 Version : 9.20.0.0 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\7z.d ll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe TSZip.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tszi p.dll MD5 : 5457E82F7843F051F9F98B9ED38DE5A7 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 77296 Version : 7.2.3658.205 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tszi p.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMAutoTaskPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\qmautotaskplugin.dll MD5 : 108AA3923D53B45BF8D9EB7F462296FF Publisher : Tencent Technology(Shenzhen) Company Limited Size : 1060336 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmautotaskplugin\qmautotaskplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe GameUpgrade.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\game upgrade.dll MD5 : 680AB46A747FECEA91ED0EC450751F7A Publisher : Tencent Technology(Shenzhen) Company Limited Size : 519664 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\game upgrade.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe GameUpgradeTrayPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\gameupgradetrayplugin\gameupgradetrayplug in.dll MD5 : 54159A3AEB34886CB13AC4EC0642D367 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 269808 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\gameupgradetrayplugin\gameupgradetrayplug in.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMDlder.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmdl der.dll MD5 : 58516BCC307F054558365E38DAF256A5 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 134640 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmdl der.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMWebFWCtrl.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmwebfwctrl\qmwebfwctrl.dll MD5 : CD2FDCABF853565508F8BF8F21428305 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 2372800 Version : 11.6.56662.501 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmwebfwctrl\qmwebfwctrl.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe TAVInterface.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tavi nterface.dll MD5 : 8946126FD9C3B5E4E99BE4060834FCD5 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 204272 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tavi nterface.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMTPIEStartPage.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmtpiestartpage\qmtpiestartpage.dll MD5 : C8F79AD18671A0C0B3B7A03CC19C281B Publisher : Tencent Technology(Shenzhen) Company Limited Size : 734400 Version : 11.6.17586.205 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmtpiestartpage\qmtpiestartpage.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QmTtInterface.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtt interface.dll MD5 : 75A0C4B199C5518B256B62C583636F2A Publisher : Tencent Technology(Shenzhen) Company Limited Size : 414912 Version : 11.6.17586.205 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtt interface.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMInjectUtils.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmin jectutils.dll MD5 : 9B731DFDF9F9BB7D47A714E88854B7AD Publisher : Tencent Technology(Shenzhen) Company Limited Size : 120000 Version : 11.6.17591.207 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmin jectutils.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe
|
|
#14
April 19th, 2016, 08:18 AM
|
||||
|
||||
|
TSPDLdr.dll
Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tspd ldr.dll MD5 : F54E6843275E4B3DD7F4D4639C4AA50B Publisher : Tencent Technology(Shenzhen) Company Limited Size : 242880 Version : 10.6.15935.216 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tspd ldr.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMAVTrayPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmavtrayplugin\qmavtrayplugin.dll MD5 : CC449B13F7818CFCC9859E03B714BD5C Publisher : Tencent Technology(Shenzhen) Company Limited Size : 805216 Version : 11.2.50593.501 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmavtrayplugin\qmavtrayplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe SSOPlatform.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmss o\bin\ssoplatform.dll MD5 : C13380EC92CC964DFCC7C91DA5D72B4B Publisher : Tencent Technology(Shenzhen) Company Limited Size : 1756216 Version : 1.2.4.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmss o\bin\ssoplatform.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe SSOCommon.DLL Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmss o\bin\ssocommon.dll MD5 : 1B7A138585237A62A7B36EE34814DA49 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 1509944 Version : 1.2.4.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmss o\bin\ssocommon.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe SSOLUIControl.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmss o\bin\ssoluicontrol.dll MD5 : 158E2F9E55EA572B0E42C225F33D638C Publisher : Tencent Technology(Shenzhen) Company Limited Size : 466488 Version : 1.0.1.16 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmss o\bin\ssoluicontrol.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe qmhipslogpolicy.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmhi pslogpolicy.dll MD5 : 4DE3713ED7BFBB4A4BBBEE002503A27E Publisher : Tencent Technology(Shenzhen) Company Limited Size : 163312 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmhi pslogpolicy.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMTrojanPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmtrojanplugin\qmtrojanplugin.dll MD5 : 85F5A81FB47DE58189A714040385F118 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 1318384 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmtrojanplugin\qmtrojanplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMPreDownload.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmpredownload\qmpredownload.dll MD5 : E302ADE1D77927C44E8444DBCA59808D Publisher : Tencent Technology(Shenzhen) Company Limited Size : 278000 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmpredownload\qmpredownload.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMQQLoginPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmqqloginplugin\qmqqloginplugin.dll MD5 : 1A97A1E2552E6E51F59CA75D72C9FE2E Publisher : Tencent Technology(Shenzhen) Company Limited Size : 679408 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmqqloginplugin\qmqqloginplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMRtpPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmrtpplugin\qmrtpplugin.dll MD5 : 6A5298DE5A77DF081E3992D4FD9C34B3 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 273904 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmrtpplugin\qmrtpplugin.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMPerfCtrl.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmperfctrl\qmperfctrl.dll MD5 : 18334E12110D3F0DC7C9070FB6E7E14D Publisher : Tencent Technology(Shenzhen) Company Limited Size : 191984 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmperfctrl\qmperfctrl.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMLogCtrl.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmlogctrl\qmlogctrl.dll MD5 : 43102EC328EC90752DE06E08010A5891 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 454128 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmlogctrl\qmlogctrl.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMSwitchesMgrPlugin.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmswitchesmgrplugin\qmswitchesmgrplugin.d ll MD5 : 2ADA8FC2BBAAC60112BA4853265B641C Publisher : Tencent Technology(Shenzhen) Company Limited Size : 175600 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmtr ayplugin\qmswitchesmgrplugin\qmswitchesmgrplugin.d ll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe xImage.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\xima ge.dll MD5 : 80F265806D0E0E89D6E4D32F8D612EA5 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 194912 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\xima ge.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe jgIOStub.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\jgio stub.dll MD5 : 81078CE3A928D63F9611A132E9DEB6BD Publisher : Tencent Technology(Shenzhen) Company Limited Size : 14176 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\jgio stub.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe libjpegturbo.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\libj pegturbo.dll MD5 : D4A6B70E64E19884A80B8F0B205C1045 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 285024 Version : 1.2.0.0 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\libj pegturbo.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe libpng.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\libp ng.dll MD5 : 772BC1ECC5F7E5655145DD61E6ECE349 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 158048 Version : 1.4.9.0 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\libp ng.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe jgImage.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\jgim age.dll MD5 : 46E22EA434F8181894233D29201C51F8 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 45408 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\jgim age.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe arkGraphic.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\arkg raphic.dll MD5 : 6E67CC17373DF5C4F0D4C911B8ABD190 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 342368 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\arkg raphic.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe QMSkinMgr.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmsk inmgr.dll MD5 : FF32B3EEFE444D9CF9A3CE99EBF26B17 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 298480 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmsk inmgr.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe xGraphic32.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\xgra phic32.dll MD5 : 8CCB026C3939C1E003DF4DAB099B7169 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 92512 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\xgra phic32.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe GF.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\gf.d ll MD5 : 98537ED2B637EE9FE613D356D6A2315B Publisher : Tencent Technology(Shenzhen) Company Limited Size : 2156896 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\gf.d ll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe libexpatw.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\libe xpatw.dll MD5 : 015C6F01B16A55CB24BEBCC3C8D94F1A Publisher : Tencent Technology(Shenzhen) Company Limited Size : 137568 Version : 2.0.1.0 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\libe xpatw.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe Common.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\comm on.dll MD5 : 9F97986DB2DC0B1984C5B86D6E6CB277 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 1931616 Version : 1.86.6.0 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\comm on.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe GFCustom.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\gfcu stom.dll MD5 : 66A678972D4A46A8F036264303CD034D Publisher : Tencent Technology(Shenzhen) Company Limited Size : 564720 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\gfcu stom.dll DLL - 1152 - C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe TS888x64.sys Status : Scanned Object : %systemroot%\system32\drivers\ts888x64.sys MD5 : FACDA017ECEC8F53FE6DDBEE81E04F5B Publisher : Tencent Technology(Shenzhen) Company Limited Size : 38520 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %systemroot%\system32\drivers\ts888x64.sys Registry Entry - HKLM\System\CurrentControlSet\Services\TS888x64\@ = C:\Windows\System32\drivers\TS888x64.sys TSSKX64.sys Status : Scanned Object : %systemroot%\system32\drivers\tsskx64.sys MD5 : 5AE0F917971F8109EDBD5B503B9CBD7B Publisher : Tencent Technology(Shenzhen) Company Limited Size : 45304 Version : 2014.4.15.17 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %systemroot%\system32\drivers\tsskx64.sys Registry Entry - HKLM\System\CurrentControlSet\Services\TSSKX64\@ = C:\Windows\System32\drivers\TSSKX64.sys Registry Entry - HKLM\System\CurrentControlSet\Services\TSSKX64\Ima gePath = System32\drivers\tsskx64.sys TSDefenseBT64.sys Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tsde fensebt64.sys MD5 : 9D7C94C16A83F8F4574EECD590969266 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 28984 Version : 2015.7.7.1299 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tsde fensebt64.sys Registry Entry - HKLM\System\CurrentControlSet\Services\TSDefenseBt \ImagePath = \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TSDefenseBT64 .sys TS888x64.sys Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\ts88 8x64.sys MD5 : FACDA017ECEC8F53FE6DDBEE81E04F5B Publisher : Tencent Technology(Shenzhen) Company Limited Size : 38520 Version : 2014.12.10.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\ts88 8x64.sys Registry Entry - HKLM\System\CurrentControlSet\Services\TS888x64\Im agePath = \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TS888x64.sys TSSysKit64.sys Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tssy skit64.sys MD5 : CB1FBEA13953A81D4E00A82E29F761DA Publisher : Tencent Technology(Shenzhen) Company Limited Size : 87288 Version : 2011.12.7.2 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tssy skit64.sys Registry Entry - HKLM\System\CurrentControlSet\Services\TSSysKit\Im agePath = \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TSSysKit64.sy s TsNetHlpX64.sys Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tsne thlpx64.sys MD5 : 959B9FD143BD138AC79F6336EA7654C4 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 48376 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tsne thlpx64.sys Registry Entry - HKLM\System\CurrentControlSet\Services\tsnethlpx64 \ImagePath = \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TsNetHlpX64.s ys TFsFltX64.sys Status : Scanned Object : %systemroot%\system32\drivers\tfsfltx64.sys MD5 : 57F6468AD9BF10AE76E60904529B75FD Publisher : Tencent Technology(Shenzhen) Company Limited Size : 87800 Version : 1.0.10.52 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %systemroot%\system32\drivers\tfsfltx64.sys Registry Entry - HKLM\System\CurrentControlSet\Services\TFsFlt\Imag ePath = system32\Drivers\TFsFltX64.sys TAOKernel64.sys Status : Scanned Object : %systemroot%\system32\drivers\taokernel64.sys MD5 : 560901A4BE922915A1A1498A7FAEABC0 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 137976 Version : 1.2.0.3 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %systemroot%\system32\drivers\taokernel64.sys Registry Entry - HKLM\System\CurrentControlSet\Services\TAOKernelDr iver\ImagePath = \??\C:\Windows\system32\Drivers\TAOKernel64.sys TAOAccelerator64.sys Status : Scanned Object : %systemroot%\system32\drivers\taoaccelerator64.sys MD5 : 165894C340DC4C812CD130DD8D2BCFC0 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 101472 Version : 11.5.17458.209 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %systemroot%\system32\drivers\taoaccelerator64.sys Registry Entry - HKLM\System\CurrentControlSet\Services\TAOAccelera tor\ImagePath = \??\C:\Windows\system32\Drivers\TAOAccelerator64.s ys softaal64.sys Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\soft aal64.sys MD5 : C9982350CE085B95DF28D3C984DACEEE Publisher : Tencent Technology(Shenzhen) Company Limited Size : 35064 Version : 1.0.0.1 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\soft aal64.sys Registry Entry - HKLM\System\CurrentControlSet\Services\softaal\Ima gePath = \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\softaal64.sys SRepairDrv Status : Scanned Object : %programfiles%\tencent\qqpcmgr\plugins\srepairdrv MD5 : D83448E4FED342C3E40156F63947CBDB Publisher : Tencent Technology(Shenzhen) Company Limited Size : 168568 Version : 2015.12.11.257 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\plugins\srepairdrv Registry Entry - HKLM\System\CurrentControlSet\Services\SRepairDrv\ ImagePath = \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv QQSysMonX64.sys Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qqsy smonx64.sys MD5 : 3B43F16EAEFEFEF6C824EEBAC0E5F32E Publisher : Tencent Technology(Shenzhen) Company Limited Size : 138488 Version : 2012.11.26.74 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qqsy smonx64.sys Registry Entry - HKLM\System\CurrentControlSet\Services\QQSysMonX64 \ImagePath = \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQSysMonX64.s ys QQRepairFixSVC Status : Scanned Object : %programfiles%\tencent\qqpcmgr\plugins\qqrepairfix svc MD5 : 50FB1DA94CACBA5E3F4E9961FB4A3694 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 136512 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\plugins\qqrepairfix svc Registry Entry - HKLM\System\CurrentControlSet\Services\QQRepairFix SVC\ImagePath = C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepairFixSVC QQRepair173e Status : Scanned Object : %programfiles%\tencent\qqpcmgr\plugins\qqrepair173 e MD5 : 50FB1DA94CACBA5E3F4E9961FB4A3694 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 136512 Version : - Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\plugins\qqrepair173 e Registry Entry - HKLM\System\CurrentControlSet\Services\QQRepair173 e\ImagePath = "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair173e" QMUdisk64.sys Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmud isk64.sys MD5 : 4730BC23CB7A412BDDEB4A54B8D8AE36 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 184536 Version : 2015.11.16.18 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qmud isk64.sys Registry Entry - HKLM\System\CurrentControlSet\Services\QMUdisk\Ima gePath = \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMUdisk64.sys npQQPhoneManagerExt.dll Status : Scanned Object : %commonprogramfiles%\tencent\qqphonemanager\2.0.20 1.3192\npqqphonemanagerext.dll MD5 : 3B91BD8CDDA20F8C7F57FF3D0680A8C2 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 140344 Version : 2.0.201.3198 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %commonprogramfiles%\tencent\qqphonemanager\2.0.20 1.3192\npqqphonemanagerext.dll Registry Entry - HKLM\Software\Wow6432Node\MozillaPlugins\@qq.com/npAndroidAssistant\Path = C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhon eManagerExt.dll Registry Entry - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{50F4150A-48B2-417A-BE4C-C83F580FB904}\@ = C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhon eManagerExt.dll Registry Entry - HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Explorer\Browser Helper Objects\{50F4150A-48B2-417A-BE4C-C83F580FB904}\@ = C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhon eManagerExt.dll Registry Entry - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{50F4150A-48B2-417A-BE4C-C83F580FB904}\@ = C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhon eManagerExt.dll npQMExtensionsMozilla.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\npqm extensionsmozilla.dll MD5 : F805D6C20A3D448501C8045F59F19BC3 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 84320 Version : 3.0.0.2 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\npqm extensionsmozilla.dll Registry Entry - HKLM\Software\Wow6432Node\MozillaPlugins\@qq.com/QQPCMgr\Path = C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\npQMExtension sMozilla.dll QQPCFileOpen.exe Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\qqpc fileopen.exe MD5 : CF7D97CE2D0AB56F167AECF8BB50A4B8 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 753136 Version : 10.0.41491.201 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\qqpc fileopen.exe Registry Entry - HKLM\SOFTWARE\Classes\Unknown\shell\opendlg\comman d\@ = "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCFileOpen. exe" "%1" Registry Entry - HKLM\SOFTWARE\Classes\Unknown\shell\openas\command \@ = "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCFileOpen. exe" "%1" TSWebMon64.dat Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\tswe bmon64.dat MD5 : DF68DD04CEC58C712E467F75F82917F2 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 416752 Version : 11.4.17339.217 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\tswe bmon64.dat Registry Entry - HKLM\SOFTWARE\Classes\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}\InprocServer32\@ = C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TSWebMon64.da t Registry Entry - HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}\@ = C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TSWebMon64.da t uc.exe Status : Scanned Object : %programfiles%\badu\uc.exe MD5 : 8F30993BFB6D8BBF69986BAB42375B84 Publisher : - Size : 249953 Version : 1.0.0.1 Detection : Adware:Win32/Tanh.A!Ctic Cleaning Action : Quarantine Traces : File - %programfiles%\badu\uc.exe Registry Entry - HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Run\apphide = C:\Program Files (x86)\badu\uc.exe npQMExtensionsIE.dll Status : Scanned Object : %programfiles%\tencent\qqpcmgr\11.4.17339.217\npqm extensionsie.dll MD5 : 6F6F5B854AF0A6728E51120D5853AA80 Publisher : Tencent Technology(Shenzhen) Company Limited Size : 88416 Version : 3.0.0.2 Detection : PUA:Win32/BrowserHijacker!Ep Cleaning Action : Quarantine Traces : File - %programfiles%\tencent\qqpcmgr\11.4.17339.217\npqm extensionsie.dll Registry Entry - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}\@ = C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\npQMExtension sIE.dll Cleaning Result ------------------------------------------------------- Cleaned : 154 Reported as safe : 0 Failed : 0
|
|
#15
April 19th, 2016, 09:43 AM
|
||||
|
||||
|
After running the above malware removing programs the chinese programs are no longer visible. Are they gone from my PC? How can I be sure?
|
|
| Bookmarks |
«
Previous Topic
|
Next Topic
»
| Topic Tools | |
|
|
Similar Topics
|
||||
| Topic | Topic Starter | Forum | Replies | Last Post |
| Difficulty removing some Chinese programs | Amitabha | Malware Removal | 15 | May 2nd, 2013 06:03 PM |
| Unable to open add/remove programs, and other problems inside | Bundy343 | Malware Removal | 10 | October 20th, 2009 06:36 AM |
| Programs Installed in Chinese? | xxx321 | Windows XP | 1 | January 11th, 2008 03:00 PM |
| Installing chinese programs/softwares on a PC w/ English XP | Spamate | Windows XP | 4 | March 21st, 2006 05:18 AM |
| urgent: can't remove Yahoo Messenger Explorer Bar from Add/Remove Programs List | flying_angel | Applications | 2 | January 11th, 2005 05:30 PM |
All times are GMT +1. The time now is 01:51 AM.