Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-08-2015
Ran by GenesisQ (2015-08-19 09:59:49)
Running from C:\Users\GenesisQ\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-1506094221-713273713-2986573324-500 - Administrator - Disabled)
Convidado (S-1-5-21-1506094221-713273713-2986573324-501 - Limited - Disabled)
GenesisQ (S-1-5-21-1506094221-713273713-2986573324-1001 - Administrator - Enabled) => C:\Users\GenesisQ
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AV: Rising Antivirus (Enabled - Up to date) {DBC966C2-BD90-87CD-5A01-4DFB1D2EC867}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
AS: Rising Antivirus (Enabled - Up to date) {60A88726-9BAA-8843-60B1-768966A982DA}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Bejeweled(R) 3 (remove only) (HKLM-x32\...\Bejeweled(R) 3) (Version: - )
Canal Positivo (HKLM-x32\...\Canal Positivo_is1) (Version: 1.0 - Positivo Informática)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Driver 1.3.1 (HKLM\...\{BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}) (Version: 1.3.1 - OEM)
Farmscapes(TM) Premium Edition (remove only) (HKLM-x32\...\Farmscapes(TM) Premium Edition) (Version: - )
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Haunted Past - Realm of Ghosts Deluxe (remove only) (HKLM-x32\...\Haunted Past - Realm of Ghosts Deluxe) (Version: - )
ICM Trainer Light (HKLM-x32\...\{3C630BB8-692D-4495-A0BD-40336CD51F99}) (Version: 1.4 - PokerStrategy.com)
ICMIZER (HKU\S-1-5-21-1506094221-713273713-2986573324-1001\...\736316902.www.icmpoker.com) (Version: - www.icmpoker.com)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IPM 1.9.2 (HKLM-x32\...\{AADF4228-0772-4D43-92EB-B245E3A17B00}) (Version: 1.9.2 - OEM)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Luxor (remove only) (HKLM-x32\...\Luxor) (Version: - )
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mundo Positivo Bateria (HKLM-x32\...\{FD6F6859-2863-4ABB-87D0-A263F3E9FF45}_is1) (Version: 1.4.6.0 - Positivo Informática S.A.)
Mundo Positivo Gerenciador de Inicialização (HKLM\...\{E365D4D7-BD51-4A7F-8ECA-0B6C0C42D3CF}_is1) (Version: 1.1.4.0 - Positivo Informática S.A.)
Mundo Positivo Monitora (HKLM-x32\...\{8aaef6d0-68e7-4f99-b98d-e5ae19edbc99}_is1) (Version: 1.0.7.0 - Positivo Informática S.A.)
Mundo Positivo Webcam (HKLM-x32\...\{E11C7438-7550-4676-92CE-846CC5DA3548}_is1) (Version: 1.5.7.0 - Positivo Informática S.A.)
Mystery Legends - Beauty and the Beast (remove only) (HKLM-x32\...\Mystery Legends - Beauty and the Beast) (Version: - )
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com)
PokerStrategy.com SideKick (HKU\S-1-5-21-1506094221-713273713-2986573324-1001\...\25d18212dc9175a9) (Version: 2.1.20409.2 - PokerStrategy.com)
Positivo Aplicativos (HKLM\...\{AAB13E97-449B-4D5B-BDE2-AB47B938B722}_is1) (Version: 1.3.10.4 - Positivo Informática S.A.)
Positivo Backup (HKLM-x32\...\PSafe) (Version: 3.0.1208.24401 - PSafe)
Positivo Conecta (HKLM-x32\...\{4F23361B-2B38-46E2-BA1A-D920F270D5FB}_is1) (Version: 1.3.23.0 - Positivo Informática S.A.)
Positivo Fotos (HKLM-x32\...\{D53F9978-D5C1-4C71-9757-2F53DC8BEE6D}_is1) (Version: 1.0.0.0 - Positivo Informática S.A.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6668 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0193 - REALTEK Semiconductor Corp.)
Rising Antivirus (HKLM-x32\...\RAV) (Version: 24.00.45.66 - Beijing Rising Information Technology, Inc.)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.14.0 - Synaptics Incorporated)
VDownloader 4.1.1403.0 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: 4.1.1403.0 - Vitzo Limited)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
31-07-2015 19:31:20 Windows Update
09-08-2015 09:11:20 Ponto de Verificação Agendado
18-08-2015 11:38:21 Removed Shared C Run-time for x64
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 02:26 - 2012-07-26 02:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0CFC62EC-A40E-4903-AB30-C66CF5E94F57} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {19BC35A5-D389-4D44-AAD7-D96427AE64C2} - System32\Tasks\{D4014935-2DC6-475D-A13E-B03CF74C2A05} => pcalua.exe -a C:\Users\GenesisQ\AppData\Local\SmartWeb\__u.exe -c _?=C:\Users\GenesisQ\AppData\Local\SmartWeb
Task: {246EB184-7850-49F5-B0FE-594FFC0D6335} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {2B6E8F18-B167-474D-9E33-7F0587B9BD90} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: {32822C99-AE1E-41F4-9C54-F238BE2C2138} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {44625FC8-A475-4A76-B974-B03D2384E2A2} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-09-10] (Synaptics Incorporated)
Task: {44A636EF-E826-4447-804F-9E94760AFE20} - System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} => C:\PROGRAM FILES (X86)\RISING\RAV\rsdelaylauncher.exe [2014-05-14] (Beijing Rising Information Technology Co., Ltd.)
Task: {6BA56E4A-FC58-43F8-BC19-8688FBF405DA} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-08-16] (globalUpdate) <==== ATTENTION
Task: {70A90E60-F823-45CF-B501-958B8E439562} - System32\Tasks\Inst_Rep => C:\Users\GenesisQ\AppData\Local\Installer\Install_11473\DCytaiesmt_smtyc_setup.exe [2015-08-15] ()
Task: {76AE48E0-1CF5-4CD2-8C6B-50EBE2CB7AA9} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-08-16] (globalUpdate) <==== ATTENTION
Task: {9542989A-4030-4586-BDD6-211054094AAC} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {C0D04F99-CC84-412C-A52A-B3B32F95075E} - System32\Tasks\CGV2p1WH4K4lKl => C:\Users\GenesisQ\AppData\Roaming\CGV2p1WH4K4lKl.exe <==== ATTENTION
Task: {F0F73699-B787-45DF-819A-389330C3A79D} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\GenesisQ\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION
Task: {F2CA0445-58CB-4D16-B041-2F2991F203D8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-21] (Google Inc.)
Task: {F2DC85A9-71CB-4DBB-A26A-C2B05984E8B3} - System32\Tasks\{CAB9D268-01A9-4513-9330-82E9D761ACCF} => pcalua.exe -a C:\Users\GenesisQ\AppData\Roaming\oursurfing\UninstallManager.exe -c -ptid=2sq1
Task: {FDD17EB0-572A-4466-B1CC-B07736F69D3D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-21] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CGV2p1WH4K4lKl.job => C:\Users\GenesisQ\AppData\Roaming\CGV2p1WH4K4lKl.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Loaded Modules (Whitelisted) ==============
2015-08-15 20:45 - 2015-07-08 22:26 - 00173088 _____ () C:\Users\GenesisQ\AppData\Roaming\NetService\netservice.exe
2015-08-15 21:04 - 2015-08-14 13:50 - 03311248 _____ () C:\Users\GenesisQ\AppData\Local\gmsd_br_006010061\upgmsd_br_006010061.exe
2012-04-16 13:45 - 2012-04-16 13:45 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2013-01-10 15:47 - 2012-11-01 13:43 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2015-08-15 21:05 - 2015-08-07 16:06 - 00052224 _____ () C:\Program Files\VDownloader\Core.XmlSerializers.dll
2015-08-15 21:05 - 2015-08-07 16:05 - 00023040 _____ () C:\Program Files\VDownloader\GAMeasurement.dll
2015-08-15 21:05 - 2015-08-07 16:05 - 00048640 _____ () C:\Program Files\VDownloader\WPFMessageBox.dll
2015-08-15 21:05 - 2015-08-07 16:06 - 00595456 _____ () C:\Program Files\VDownloader\VDownloaderUI.Controls.dll
2015-08-15 21:05 - 2015-06-23 23:26 - 00084992 _____ () C:\Program Files\VDownloader\NET.Tools.WPF.Effects.dll
2015-08-15 21:05 - 2015-08-07 16:05 - 00010752 _____ () C:\Program Files\VDownloader\WebBrowserWithProxy.dll
2015-07-17 14:34 - 2015-07-17 14:34 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-2070.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\zlib.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00481632 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\sqlite.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\tinyxml.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00039776 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00063840 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00018784 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\oDayProtect.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00125280 _____ () c:\program files (x86)\tencent\qqpcmgr\10.11.16588.235\qmrtpcontroller.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00170336 _____ () c:\program files (x86)\tencent\qqpcmgr\10.11.16588.235\qmhipslogpolicy.dll
2013-01-26 16:56 - 2012-08-24 10:32 - 00468232 _____ () C:\Program Files (x86)\PSafe\PSafeWCFClient.dll
2013-01-26 16:56 - 2012-08-24 10:32 - 00062216 _____ () C:\Program Files (x86)\PSafe\CrashLib.dll
2015-08-16 09:02 - 2015-08-16 09:02 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\23ae651b7c58816ab7e53f2165c92fac\PSIClient.ni.dll
2013-01-26 16:40 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2011-08-15 19:12 - 2011-08-15 19:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2011-08-17 15:48 - 2011-08-17 15:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-15 19:15 - 2011-08-15 19:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 15:48 - 2011-08-17 15:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2012-04-16 10:37 - 2012-04-16 10:37 - 00071680 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ServiceManagerStarter.dll
2011-08-15 18:23 - 2011-08-15 18:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2011-08-15 19:12 - 2011-08-15 19:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2012-04-16 10:42 - 2012-04-16 10:42 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-17 15:41 - 2011-08-17 15:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2012-04-16 10:41 - 2012-04-16 10:41 - 00484864 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-04-16 10:56 - 2012-04-16 10:56 - 00500032 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-04-16 10:38 - 2012-04-16 10:38 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2011-07-19 15:05 - 2011-07-19 15:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-08-15 19:17 - 2011-08-15 19:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2011-07-19 15:04 - 2011-07-19 15:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00194912 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\xImage.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00342040 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\arkGraphic.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00092184 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\xGraphic32.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\libpng.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\libjpegturbo.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\libexpatw.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00045920 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\jgImage.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\jgIOStub.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00076128 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\MemDefrag.dll
2015-08-16 22:47 - 2015-07-21 12:59 - 00387424 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\DlForQd.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00235872 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QMWlanMacDll.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00092184 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\xGraphic32.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\zlib.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\libexpatw.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\tinyxml.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00342040 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\arkGraphic.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00045920 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\jgImage.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\jgIOStub.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\libpng.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\libjpegturbo.dll
2015-08-12 20:04 - 2015-08-07 21:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-12 20:04 - 2015-08-07 21:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:56E2E879
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1506094221-713273713-2986573324-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\WEB\WALLPAPER\WALLPAPER.JPG
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "VDownloader"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKU\S-1-5-21-1506094221-713273713-2986573324-1001\...\StartupApproved\Run: => "SmartProtect"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{7BDEE4D0-0121-471E-9181-A21B38180163}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{B601D01A-2499-462B-9D38-47192A6047CF}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{F9109872-5341-4CC4-9CCE-48293A49F63F}] => (Allow) C:\Program Files (x86)\PSafe\PSRsync.exe
FirewallRules: [{CE8CB238-C99B-4453-8A91-C51BB1CD00F7}] => (Allow) C:\Program Files (x86)\PSafe\PSRsync.exe
FirewallRules: [{3F5E2D6C-82F2-4F6D-BBDC-F7BE4A281B0C}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{72CD7B7E-5A9A-4BC3-B2F2-E96DA6DDEE99}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{01CF5F32-6216-40FA-A33F-F925EF5E6DFF}] => (Allow) C:\Users\GenesisQ\AppData\Local\Temp\ctmpua\ctmpua.exe
FirewallRules: [{D4A050F1-E587-4AA5-AB9B-563C10FF7A84}] => (Allow) C:\Users\GenesisQ\AppData\Local\Temp\ctmpua\ctmpua.exe
FirewallRules: [{75B9C3E4-2A4E-4282-83DD-EF54883C5289}] => (Allow) C:\Users\GenesisQ\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe
FirewallRules: [{F894E434-9FA6-4CA9-AC76-EF2D5BA6D7B3}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer.exe
FirewallRules: [{D8B2DA4C-BDE6-44A9-A64C-8FE069D6C380}] => (Allow) C:\Users\GenesisQ\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
FirewallRules: [{729A9123-5B7F-47C1-B5F7-C394C920091A}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{01827C12-691D-4902-9DA1-41C5C87F7605}] => (Allow) C:\IQIYI Video\LStyle\QyWebPlayer.exe
FirewallRules: [{46992901-9E18-4513-A2BB-4F36BBBB4918}] => (Allow) C:\IQIYI Video\Common\QyKernel.exe
FirewallRules: [{B9BA37D4-57A2-4377-B073-74C53CA19777}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe
FirewallRules: [{34D74272-B636-41DE-94DB-C6E2B8F4FF7E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCmgrInstallGuide.exe
FirewallRules: [{C1C60B39-0DA6-49A1-BBD0-B8E34824834C}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{383BD61E-C020-4AC9-B739-FD2F8E0CC74A}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{47A25035-4D8F-4098-BE74-A3681840B09A}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCTray.exe
FirewallRules: [{04DE5A90-4C92-416D-B076-54ED4F089C91}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCMgr.exe
FirewallRules: [{3CE80DA0-D881-422D-8F34-40FAE8A45434}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCRTP.exe
FirewallRules: [{3C123D4D-6EFE-4EF4-B044-FA1C7119E006}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QMDL.exe
FirewallRules: [{81ED0E00-0A12-42D7-8962-14A7D23E6979}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\bugreport.exe
FirewallRules: [{4D429981-42DA-4D80-B8F0-B1114AB99298}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCFileOpen.exe
FirewallRules: [{E44F2FA7-E5C0-493B-890E-89B2EBD4F2AD}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCLeakScan.exe
FirewallRules: [{F0E1E9E1-96A5-4AAA-A341-A3A5FDA07960}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPConfig.exe
FirewallRules: [{214561D7-7755-4208-9B6D-8FDFD8976D1C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCSoftMgr.exe
FirewallRules: [{B84494BF-312D-48C8-9CD4-0EF503377C10}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{A5E031C0-95E9-44FC-BD39-28C18862F689}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCBTU.exe
FirewallRules: [{7143EF52-4161-4964-BF44-626D52354F97}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCClinic.exe
FirewallRules: [{F961231B-5344-43CF-A31F-8CED594131E0}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCLaunch.exe
FirewallRules: [{8341AC65-EBD4-4AB9-AE6F-B8D5B4990339}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{4B5E9D7E-BBF2-417A-9216-046D1DB861A9}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCSoftGame.exe
FirewallRules: [{9E9228C6-CD70-4C29-81AA-34FF64CF5606}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCSysOptimize.exe
FirewallRules: [{4A87449A-9CB4-4102-BCD5-BA4C395A532E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCUpdateAVLib.exe
FirewallRules: [{AC88AD3F-70DB-4BE2-BB91-CDDA40AE37F1}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQRepair.exe
FirewallRules: [{A8702682-7ABC-4AD9-9D0A-24D3888B4836}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\Uninst.exe
FirewallRules: [{5F69B39F-D739-4731-A32D-450F8A829DD2}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCPatch.exe
FirewallRules: [{44CAA995-6535-4837-AFDC-A11DC4F7EB11}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\TpkUpdate.exe
FirewallRules: [{7C454FB2-E52B-43F4-AEB7-A18E806B7258}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QMRouterMgr.exe
FirewallRules: [{7D6D01F7-6D0F-4E95-BFB8-38C7AF8D289D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QMAccountProtection.exe
FirewallRules: [{FBCDE37F-A271-40F7-BA26-477123CA879A}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QMAdBlock.exe
FirewallRules: [{6A72BB2C-DD01-4018-8A4E-24F5BEDDBC3B}] => (Allow) C:\Program Files (x86)\Rising\RAV\ravmond.exe
FirewallRules: [{7717456D-F69C-4F51-BEA9-058288C149F3}] => (Allow) C:\Program Files (x86)\Rising\RAV\ravmond.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/18/2015 07:06:10 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/18/2015 04:18:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: netservice.exe, versão: 0.0.0.0, carimbo de data/hora: 0x557e7cf3
Nome do módulo com falha: netservice.exe, versão: 0.0.0.0, carimbo de data/hora: 0x557e7cf3
Código de exceção: 0xc0000409
Deslocamento da falha: 0x00013174
ID do processo com falha: 0x8d8
Hora de início do aplicativo com falha: 0xnetservice.exe0
Caminho do aplicativo com falha: netservice.exe1
Caminho do módulo com falha: netservice.exe2
ID do Relatório: netservice.exe3
Nome completo do pacote com falha: netservice.exe4
ID do aplicativo relativo ao pacote com falha: netservice.exe5
Error: (08/18/2015 11:08:35 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
Error: (08/18/2015 11:08:34 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (08/18/2015 11:08:33 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
Error: (08/18/2015 11:08:32 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
Error: (08/18/2015 11:08:32 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4
Error: (08/18/2015 11:08:32 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (08/18/2015 08:44:29 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (5692) WindowsMail0: O backup parou porque ele foi interrompido pelo cliente ou houve falha na conexão com o cliente.
Error: (08/18/2015 06:42:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe, versão: 6.2.9200.16420, carimbo de data/hora: 0x505a9a4e
Nome do módulo com falha: ntdll.dll, versão: 6.2.9200.16579, carimbo de data/hora: 0x51637f77
Código de exceção: 0xc000000d
Deslocamento da falha: 0x00000000000f5f24
ID do processo com falha: 0x139c
Hora de início do aplicativo com falha: 0xsvchost.exe0
Caminho do aplicativo com falha: svchost.exe1
Caminho do módulo com falha: svchost.exe2
ID do Relatório: svchost.exe3
Nome completo do pacote com falha: svchost.exe4
ID do aplicativo relativo ao pacote com falha: svchost.exe5
System errors:
=============
Error: (08/19/2015 05:46:14 AM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT)
Description: Um alerta fatal foi gerado e enviado ao ponto de extremidade remoto. Isso pode resultar no término da conexão. O código de erro fatal definido do protocolo TLS é 70. O estado de erro do Windows SChannel é 105.
Error: (08/19/2015 05:46:12 AM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT)
Description: Um alerta fatal foi gerado e enviado ao ponto de extremidade remoto. Isso pode resultar no término da conexão. O código de erro fatal definido do protocolo TLS é 70. O estado de erro do Windows SChannel é 105.
Error: (08/19/2015 05:46:09 AM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT)
Description: Um alerta fatal foi gerado e enviado ao ponto de extremidade remoto. Isso pode resultar no término da conexão. O código de erro fatal definido do protocolo TLS é 70. O estado de erro do Windows SChannel é 105.
Error: (08/18/2015 04:18:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Net.Tcp Service Handler foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
Error: (08/18/2015 11:45:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Key In Bold Italic devido ao seguinte erro:
%%2
Error: (08/18/2015 11:45:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Keyboard Noticeboard devido ao seguinte erro:
%%2
Error: (08/18/2015 11:45:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Wire Professional Version devido ao seguinte erro:
%%3
Error: (08/18/2015 11:05:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Key In Bold Italic devido ao seguinte erro:
%%2
Error: (08/18/2015 11:05:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Keyboard Noticeboard devido ao seguinte erro:
%%2
Error: (08/18/2015 11:05:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Wire Professional Version devido ao seguinte erro:
%%3
Microsoft Office:
=========================
Error: (08/18/2015 07:06:10 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/18/2015 04:18:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: netservice.exe0.0.0.0557e7cf3netservice.exe0.0.0.0557e7cf3c0000409000131748d801d0d9c4927ae283C:\Users\GenesisQ\AppData\Roaming\NetService\netservice.exeC:\Users\GenesisQ\AppData\Roaming\NetService\netservice.exeebae9999-45dd-11e5-be83-80ee7359901e
Error: (08/18/2015 11:08:35 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
Error: (08/18/2015 11:08:34 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (08/18/2015 11:08:33 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
Error: (08/18/2015 11:08:32 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
Error: (08/18/2015 11:08:32 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4
Error: (08/18/2015 11:08:32 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (08/18/2015 08:44:29 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail5692WindowsMail0:
Error: (08/18/2015 06:42:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe6.2.9200.16420505a9a4entdll.dll6.2.9200.1657951637f77c000000d00000000000f5f24139c01d0d999b3d06f69C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dll66277b8e-458d-11e5-be7f-80ee7359901e
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU B800 @ 1.50GHz
Percentage of memory in use: 83%
Total physical RAM: 1488.24 MB
Available physical RAM: 240.36 MB
Total Virtual: 4432.24 MB
Available Virtual: 2663.9 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:212.4 GB) (Free:170.34 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: DA62E76E)
Partition: GPT.
==================== End of log ============================
Ran by GenesisQ (2015-08-19 09:59:49)
Running from C:\Users\GenesisQ\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-1506094221-713273713-2986573324-500 - Administrator - Disabled)
Convidado (S-1-5-21-1506094221-713273713-2986573324-501 - Limited - Disabled)
GenesisQ (S-1-5-21-1506094221-713273713-2986573324-1001 - Administrator - Enabled) => C:\Users\GenesisQ
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AV: Rising Antivirus (Enabled - Up to date) {DBC966C2-BD90-87CD-5A01-4DFB1D2EC867}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
AS: Rising Antivirus (Enabled - Up to date) {60A88726-9BAA-8843-60B1-768966A982DA}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Bejeweled(R) 3 (remove only) (HKLM-x32\...\Bejeweled(R) 3) (Version: - )
Canal Positivo (HKLM-x32\...\Canal Positivo_is1) (Version: 1.0 - Positivo Informática)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Driver 1.3.1 (HKLM\...\{BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}) (Version: 1.3.1 - OEM)
Farmscapes(TM) Premium Edition (remove only) (HKLM-x32\...\Farmscapes(TM) Premium Edition) (Version: - )
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Haunted Past - Realm of Ghosts Deluxe (remove only) (HKLM-x32\...\Haunted Past - Realm of Ghosts Deluxe) (Version: - )
ICM Trainer Light (HKLM-x32\...\{3C630BB8-692D-4495-A0BD-40336CD51F99}) (Version: 1.4 - PokerStrategy.com)
ICMIZER (HKU\S-1-5-21-1506094221-713273713-2986573324-1001\...\736316902.www.icmpoker.com) (Version: - www.icmpoker.com)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IPM 1.9.2 (HKLM-x32\...\{AADF4228-0772-4D43-92EB-B245E3A17B00}) (Version: 1.9.2 - OEM)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Luxor (remove only) (HKLM-x32\...\Luxor) (Version: - )
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mundo Positivo Bateria (HKLM-x32\...\{FD6F6859-2863-4ABB-87D0-A263F3E9FF45}_is1) (Version: 1.4.6.0 - Positivo Informática S.A.)
Mundo Positivo Gerenciador de Inicialização (HKLM\...\{E365D4D7-BD51-4A7F-8ECA-0B6C0C42D3CF}_is1) (Version: 1.1.4.0 - Positivo Informática S.A.)
Mundo Positivo Monitora (HKLM-x32\...\{8aaef6d0-68e7-4f99-b98d-e5ae19edbc99}_is1) (Version: 1.0.7.0 - Positivo Informática S.A.)
Mundo Positivo Webcam (HKLM-x32\...\{E11C7438-7550-4676-92CE-846CC5DA3548}_is1) (Version: 1.5.7.0 - Positivo Informática S.A.)
Mystery Legends - Beauty and the Beast (remove only) (HKLM-x32\...\Mystery Legends - Beauty and the Beast) (Version: - )
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com)
PokerStrategy.com SideKick (HKU\S-1-5-21-1506094221-713273713-2986573324-1001\...\25d18212dc9175a9) (Version: 2.1.20409.2 - PokerStrategy.com)
Positivo Aplicativos (HKLM\...\{AAB13E97-449B-4D5B-BDE2-AB47B938B722}_is1) (Version: 1.3.10.4 - Positivo Informática S.A.)
Positivo Backup (HKLM-x32\...\PSafe) (Version: 3.0.1208.24401 - PSafe)
Positivo Conecta (HKLM-x32\...\{4F23361B-2B38-46E2-BA1A-D920F270D5FB}_is1) (Version: 1.3.23.0 - Positivo Informática S.A.)
Positivo Fotos (HKLM-x32\...\{D53F9978-D5C1-4C71-9757-2F53DC8BEE6D}_is1) (Version: 1.0.0.0 - Positivo Informática S.A.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6668 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0193 - REALTEK Semiconductor Corp.)
Rising Antivirus (HKLM-x32\...\RAV) (Version: 24.00.45.66 - Beijing Rising Information Technology, Inc.)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.14.0 - Synaptics Incorporated)
VDownloader 4.1.1403.0 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: 4.1.1403.0 - Vitzo Limited)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
31-07-2015 19:31:20 Windows Update
09-08-2015 09:11:20 Ponto de Verificação Agendado
18-08-2015 11:38:21 Removed Shared C Run-time for x64
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 02:26 - 2012-07-26 02:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0CFC62EC-A40E-4903-AB30-C66CF5E94F57} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {19BC35A5-D389-4D44-AAD7-D96427AE64C2} - System32\Tasks\{D4014935-2DC6-475D-A13E-B03CF74C2A05} => pcalua.exe -a C:\Users\GenesisQ\AppData\Local\SmartWeb\__u.exe -c _?=C:\Users\GenesisQ\AppData\Local\SmartWeb
Task: {246EB184-7850-49F5-B0FE-594FFC0D6335} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {2B6E8F18-B167-474D-9E33-7F0587B9BD90} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: {32822C99-AE1E-41F4-9C54-F238BE2C2138} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {44625FC8-A475-4A76-B974-B03D2384E2A2} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-09-10] (Synaptics Incorporated)
Task: {44A636EF-E826-4447-804F-9E94760AFE20} - System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} => C:\PROGRAM FILES (X86)\RISING\RAV\rsdelaylauncher.exe [2014-05-14] (Beijing Rising Information Technology Co., Ltd.)
Task: {6BA56E4A-FC58-43F8-BC19-8688FBF405DA} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-08-16] (globalUpdate) <==== ATTENTION
Task: {70A90E60-F823-45CF-B501-958B8E439562} - System32\Tasks\Inst_Rep => C:\Users\GenesisQ\AppData\Local\Installer\Install_11473\DCytaiesmt_smtyc_setup.exe [2015-08-15] ()
Task: {76AE48E0-1CF5-4CD2-8C6B-50EBE2CB7AA9} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-08-16] (globalUpdate) <==== ATTENTION
Task: {9542989A-4030-4586-BDD6-211054094AAC} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {C0D04F99-CC84-412C-A52A-B3B32F95075E} - System32\Tasks\CGV2p1WH4K4lKl => C:\Users\GenesisQ\AppData\Roaming\CGV2p1WH4K4lKl.exe <==== ATTENTION
Task: {F0F73699-B787-45DF-819A-389330C3A79D} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\GenesisQ\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION
Task: {F2CA0445-58CB-4D16-B041-2F2991F203D8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-21] (Google Inc.)
Task: {F2DC85A9-71CB-4DBB-A26A-C2B05984E8B3} - System32\Tasks\{CAB9D268-01A9-4513-9330-82E9D761ACCF} => pcalua.exe -a C:\Users\GenesisQ\AppData\Roaming\oursurfing\UninstallManager.exe -c -ptid=2sq1
Task: {FDD17EB0-572A-4466-B1CC-B07736F69D3D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-21] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CGV2p1WH4K4lKl.job => C:\Users\GenesisQ\AppData\Roaming\CGV2p1WH4K4lKl.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Loaded Modules (Whitelisted) ==============
2015-08-15 20:45 - 2015-07-08 22:26 - 00173088 _____ () C:\Users\GenesisQ\AppData\Roaming\NetService\netservice.exe
2015-08-15 21:04 - 2015-08-14 13:50 - 03311248 _____ () C:\Users\GenesisQ\AppData\Local\gmsd_br_006010061\upgmsd_br_006010061.exe
2012-04-16 13:45 - 2012-04-16 13:45 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2013-01-10 15:47 - 2012-11-01 13:43 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2015-08-15 21:05 - 2015-08-07 16:06 - 00052224 _____ () C:\Program Files\VDownloader\Core.XmlSerializers.dll
2015-08-15 21:05 - 2015-08-07 16:05 - 00023040 _____ () C:\Program Files\VDownloader\GAMeasurement.dll
2015-08-15 21:05 - 2015-08-07 16:05 - 00048640 _____ () C:\Program Files\VDownloader\WPFMessageBox.dll
2015-08-15 21:05 - 2015-08-07 16:06 - 00595456 _____ () C:\Program Files\VDownloader\VDownloaderUI.Controls.dll
2015-08-15 21:05 - 2015-06-23 23:26 - 00084992 _____ () C:\Program Files\VDownloader\NET.Tools.WPF.Effects.dll
2015-08-15 21:05 - 2015-08-07 16:05 - 00010752 _____ () C:\Program Files\VDownloader\WebBrowserWithProxy.dll
2015-07-17 14:34 - 2015-07-17 14:34 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-2070.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\zlib.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00481632 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\sqlite.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\tinyxml.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00039776 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00063840 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00018784 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\oDayProtect.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00125280 _____ () c:\program files (x86)\tencent\qqpcmgr\10.11.16588.235\qmrtpcontroller.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00170336 _____ () c:\program files (x86)\tencent\qqpcmgr\10.11.16588.235\qmhipslogpolicy.dll
2013-01-26 16:56 - 2012-08-24 10:32 - 00468232 _____ () C:\Program Files (x86)\PSafe\PSafeWCFClient.dll
2013-01-26 16:56 - 2012-08-24 10:32 - 00062216 _____ () C:\Program Files (x86)\PSafe\CrashLib.dll
2015-08-16 09:02 - 2015-08-16 09:02 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\23ae651b7c58816ab7e53f2165c92fac\PSIClient.ni.dll
2013-01-26 16:40 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2011-08-15 19:12 - 2011-08-15 19:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2011-08-17 15:48 - 2011-08-17 15:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-15 19:15 - 2011-08-15 19:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 15:48 - 2011-08-17 15:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2012-04-16 10:37 - 2012-04-16 10:37 - 00071680 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ServiceManagerStarter.dll
2011-08-15 18:23 - 2011-08-15 18:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2011-08-15 19:12 - 2011-08-15 19:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2012-04-16 10:42 - 2012-04-16 10:42 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-17 15:41 - 2011-08-17 15:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2012-04-16 10:41 - 2012-04-16 10:41 - 00484864 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-04-16 10:56 - 2012-04-16 10:56 - 00500032 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-04-16 10:38 - 2012-04-16 10:38 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2011-07-19 15:05 - 2011-07-19 15:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-08-15 19:17 - 2011-08-15 19:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2011-07-19 15:04 - 2011-07-19 15:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00194912 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\xImage.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00342040 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\arkGraphic.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00092184 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\xGraphic32.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\libpng.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\libjpegturbo.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\libexpatw.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00045920 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\jgImage.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\jgIOStub.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00076128 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\MemDefrag.dll
2015-08-16 22:47 - 2015-07-21 12:59 - 00387424 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\DlForQd.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00235872 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QMWlanMacDll.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00092184 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\xGraphic32.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\zlib.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\libexpatw.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\tinyxml.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00342040 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\arkGraphic.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00045920 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\jgImage.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\jgIOStub.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\libpng.dll
2015-08-16 22:47 - 2015-08-16 22:47 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\libjpegturbo.dll
2015-08-12 20:04 - 2015-08-07 21:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-12 20:04 - 2015-08-07 21:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:56E2E879
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1506094221-713273713-2986573324-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\WEB\WALLPAPER\WALLPAPER.JPG
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "VDownloader"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKU\S-1-5-21-1506094221-713273713-2986573324-1001\...\StartupApproved\Run: => "SmartProtect"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{7BDEE4D0-0121-471E-9181-A21B38180163}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{B601D01A-2499-462B-9D38-47192A6047CF}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{F9109872-5341-4CC4-9CCE-48293A49F63F}] => (Allow) C:\Program Files (x86)\PSafe\PSRsync.exe
FirewallRules: [{CE8CB238-C99B-4453-8A91-C51BB1CD00F7}] => (Allow) C:\Program Files (x86)\PSafe\PSRsync.exe
FirewallRules: [{3F5E2D6C-82F2-4F6D-BBDC-F7BE4A281B0C}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{72CD7B7E-5A9A-4BC3-B2F2-E96DA6DDEE99}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{01CF5F32-6216-40FA-A33F-F925EF5E6DFF}] => (Allow) C:\Users\GenesisQ\AppData\Local\Temp\ctmpua\ctmpua.exe
FirewallRules: [{D4A050F1-E587-4AA5-AB9B-563C10FF7A84}] => (Allow) C:\Users\GenesisQ\AppData\Local\Temp\ctmpua\ctmpua.exe
FirewallRules: [{75B9C3E4-2A4E-4282-83DD-EF54883C5289}] => (Allow) C:\Users\GenesisQ\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe
FirewallRules: [{F894E434-9FA6-4CA9-AC76-EF2D5BA6D7B3}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer.exe
FirewallRules: [{D8B2DA4C-BDE6-44A9-A64C-8FE069D6C380}] => (Allow) C:\Users\GenesisQ\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
FirewallRules: [{729A9123-5B7F-47C1-B5F7-C394C920091A}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{01827C12-691D-4902-9DA1-41C5C87F7605}] => (Allow) C:\IQIYI Video\LStyle\QyWebPlayer.exe
FirewallRules: [{46992901-9E18-4513-A2BB-4F36BBBB4918}] => (Allow) C:\IQIYI Video\Common\QyKernel.exe
FirewallRules: [{B9BA37D4-57A2-4377-B073-74C53CA19777}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe
FirewallRules: [{34D74272-B636-41DE-94DB-C6E2B8F4FF7E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCmgrInstallGuide.exe
FirewallRules: [{C1C60B39-0DA6-49A1-BBD0-B8E34824834C}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{383BD61E-C020-4AC9-B739-FD2F8E0CC74A}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{47A25035-4D8F-4098-BE74-A3681840B09A}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCTray.exe
FirewallRules: [{04DE5A90-4C92-416D-B076-54ED4F089C91}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCMgr.exe
FirewallRules: [{3CE80DA0-D881-422D-8F34-40FAE8A45434}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCRTP.exe
FirewallRules: [{3C123D4D-6EFE-4EF4-B044-FA1C7119E006}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QMDL.exe
FirewallRules: [{81ED0E00-0A12-42D7-8962-14A7D23E6979}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\bugreport.exe
FirewallRules: [{4D429981-42DA-4D80-B8F0-B1114AB99298}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCFileOpen.exe
FirewallRules: [{E44F2FA7-E5C0-493B-890E-89B2EBD4F2AD}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCLeakScan.exe
FirewallRules: [{F0E1E9E1-96A5-4AAA-A341-A3A5FDA07960}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPConfig.exe
FirewallRules: [{214561D7-7755-4208-9B6D-8FDFD8976D1C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCSoftMgr.exe
FirewallRules: [{B84494BF-312D-48C8-9CD4-0EF503377C10}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{A5E031C0-95E9-44FC-BD39-28C18862F689}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCBTU.exe
FirewallRules: [{7143EF52-4161-4964-BF44-626D52354F97}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCClinic.exe
FirewallRules: [{F961231B-5344-43CF-A31F-8CED594131E0}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCLaunch.exe
FirewallRules: [{8341AC65-EBD4-4AB9-AE6F-B8D5B4990339}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{4B5E9D7E-BBF2-417A-9216-046D1DB861A9}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCSoftGame.exe
FirewallRules: [{9E9228C6-CD70-4C29-81AA-34FF64CF5606}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCSysOptimize.exe
FirewallRules: [{4A87449A-9CB4-4102-BCD5-BA4C395A532E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCUpdateAVLib.exe
FirewallRules: [{AC88AD3F-70DB-4BE2-BB91-CDDA40AE37F1}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQRepair.exe
FirewallRules: [{A8702682-7ABC-4AD9-9D0A-24D3888B4836}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\Uninst.exe
FirewallRules: [{5F69B39F-D739-4731-A32D-450F8A829DD2}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCPatch.exe
FirewallRules: [{44CAA995-6535-4837-AFDC-A11DC4F7EB11}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\TpkUpdate.exe
FirewallRules: [{7C454FB2-E52B-43F4-AEB7-A18E806B7258}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QMRouterMgr.exe
FirewallRules: [{7D6D01F7-6D0F-4E95-BFB8-38C7AF8D289D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QMAccountProtection.exe
FirewallRules: [{FBCDE37F-A271-40F7-BA26-477123CA879A}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QMAdBlock.exe
FirewallRules: [{6A72BB2C-DD01-4018-8A4E-24F5BEDDBC3B}] => (Allow) C:\Program Files (x86)\Rising\RAV\ravmond.exe
FirewallRules: [{7717456D-F69C-4F51-BEA9-058288C149F3}] => (Allow) C:\Program Files (x86)\Rising\RAV\ravmond.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/18/2015 07:06:10 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/18/2015 04:18:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: netservice.exe, versão: 0.0.0.0, carimbo de data/hora: 0x557e7cf3
Nome do módulo com falha: netservice.exe, versão: 0.0.0.0, carimbo de data/hora: 0x557e7cf3
Código de exceção: 0xc0000409
Deslocamento da falha: 0x00013174
ID do processo com falha: 0x8d8
Hora de início do aplicativo com falha: 0xnetservice.exe0
Caminho do aplicativo com falha: netservice.exe1
Caminho do módulo com falha: netservice.exe2
ID do Relatório: netservice.exe3
Nome completo do pacote com falha: netservice.exe4
ID do aplicativo relativo ao pacote com falha: netservice.exe5
Error: (08/18/2015 11:08:35 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
Error: (08/18/2015 11:08:34 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (08/18/2015 11:08:33 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
Error: (08/18/2015 11:08:32 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
Error: (08/18/2015 11:08:32 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4
Error: (08/18/2015 11:08:32 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (08/18/2015 08:44:29 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (5692) WindowsMail0: O backup parou porque ele foi interrompido pelo cliente ou houve falha na conexão com o cliente.
Error: (08/18/2015 06:42:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe, versão: 6.2.9200.16420, carimbo de data/hora: 0x505a9a4e
Nome do módulo com falha: ntdll.dll, versão: 6.2.9200.16579, carimbo de data/hora: 0x51637f77
Código de exceção: 0xc000000d
Deslocamento da falha: 0x00000000000f5f24
ID do processo com falha: 0x139c
Hora de início do aplicativo com falha: 0xsvchost.exe0
Caminho do aplicativo com falha: svchost.exe1
Caminho do módulo com falha: svchost.exe2
ID do Relatório: svchost.exe3
Nome completo do pacote com falha: svchost.exe4
ID do aplicativo relativo ao pacote com falha: svchost.exe5
System errors:
=============
Error: (08/19/2015 05:46:14 AM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT)
Description: Um alerta fatal foi gerado e enviado ao ponto de extremidade remoto. Isso pode resultar no término da conexão. O código de erro fatal definido do protocolo TLS é 70. O estado de erro do Windows SChannel é 105.
Error: (08/19/2015 05:46:12 AM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT)
Description: Um alerta fatal foi gerado e enviado ao ponto de extremidade remoto. Isso pode resultar no término da conexão. O código de erro fatal definido do protocolo TLS é 70. O estado de erro do Windows SChannel é 105.
Error: (08/19/2015 05:46:09 AM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT)
Description: Um alerta fatal foi gerado e enviado ao ponto de extremidade remoto. Isso pode resultar no término da conexão. O código de erro fatal definido do protocolo TLS é 70. O estado de erro do Windows SChannel é 105.
Error: (08/18/2015 04:18:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Net.Tcp Service Handler foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
Error: (08/18/2015 11:45:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Key In Bold Italic devido ao seguinte erro:
%%2
Error: (08/18/2015 11:45:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Keyboard Noticeboard devido ao seguinte erro:
%%2
Error: (08/18/2015 11:45:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Wire Professional Version devido ao seguinte erro:
%%3
Error: (08/18/2015 11:05:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Key In Bold Italic devido ao seguinte erro:
%%2
Error: (08/18/2015 11:05:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Keyboard Noticeboard devido ao seguinte erro:
%%2
Error: (08/18/2015 11:05:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Wire Professional Version devido ao seguinte erro:
%%3
Microsoft Office:
=========================
Error: (08/18/2015 07:06:10 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/18/2015 04:18:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: netservice.exe0.0.0.0557e7cf3netservice.exe0.0.0.0557e7cf3c0000409000131748d801d0d9c4927ae283C:\Users\GenesisQ\AppData\Roaming\NetService\netservice.exeC:\Users\GenesisQ\AppData\Roaming\NetService\netservice.exeebae9999-45dd-11e5-be83-80ee7359901e
Error: (08/18/2015 11:08:35 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
Error: (08/18/2015 11:08:34 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (08/18/2015 11:08:33 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
Error: (08/18/2015 11:08:32 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
Error: (08/18/2015 11:08:32 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4
Error: (08/18/2015 11:08:32 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (08/18/2015 08:44:29 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail5692WindowsMail0:
Error: (08/18/2015 06:42:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe6.2.9200.16420505a9a4entdll.dll6.2.9200.1657951637f77c000000d00000000000f5f24139c01d0d999b3d06f69C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dll66277b8e-458d-11e5-be7f-80ee7359901e
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU B800 @ 1.50GHz
Percentage of memory in use: 83%
Total physical RAM: 1488.24 MB
Available physical RAM: 240.36 MB
Total Virtual: 4432.24 MB
Available Virtual: 2663.9 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:212.4 GB) (Free:170.34 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: DA62E76E)
Partition: GPT.
==================== End of log ============================