Additional scan result of Farbar Recovery Scan Tool (x86) Version:02-08-2015 01 Ran by Alex (2015-08-04 11:19:17) Running from C:\Users\Alex\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3050552178-2778190213-2786081387-500 - Administrator - Disabled) Alex (S-1-5-21-3050552178-2778190213-2786081387-1000 - Administrator - Enabled) => C:\Users\Alex Gość (S-1-5-21-3050552178-2778190213-2786081387-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3050552178-2778190213-2786081387-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5} AV: Rising Antivirus (Enabled - Up to date) {DBC966C2-BD90-87CD-5A01-4DFB1D2EC867} AV: ESET Smart Security 8.0 (Enabled - Out of date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48} AS: ESET Smart Security 8.0 (Enabled - Out of date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} AS: Rising Antivirus (Enabled - Up to date) {60A88726-9BAA-8843-60B1-768966A982DA} FW: Zapora osobista ESET (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3050552178-2778190213-2786081387-1000\...\uTorrent) (Version: 3.4.2.39744 - BitTorrent Inc.) ACP Application (Version: 2.15.30.0019 - Advanced Micro Devices, Inc.) Hidden Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.) AdVenture Capitalist (HKLM\...\Steam App 346900) (Version: - Hyper Hippo Games) AMD Catalyst Install Manager (HKLM\...\{FC550040-B62D-FAAC-C46A-8435C9D8EE20}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AutoHotkey 1.0.48.05 (HKLM\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett) Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment) CCleaner (HKLM\...\CCleaner) (Version: 3.18 - Piriform) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) Entity Framework Designer for Visual Studio 2012 - enu (HKLM\...\{32136776-FE3F-453D-80DA-CDD993BDB2A3}) (Version: 11.1.20810.00 - Microsoft Corporation) ESET Smart Security (HKLM\...\{92454C96-C162-47E6-8806-B64224BACEF4}) (Version: 8.0.304.2 - ESET, spol s r. o.) GIGABYTE OC_GURU II (HKLM\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.52.0000 - GIGABYTE Technology Co.,Ltd.) GIGABYTE OC_GURU II (Version: 1.52.0000 - GIGABYTE Technology Co.,Ltd.) Hidden GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) globalupdate Helper (Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.) Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden GS Auto Clicker (HKLM\...\GS Auto Clicker_is1) (Version: V3.1.3 - goldensoft.org) Heroes of the Storm (HKLM\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (Version: 3.0.1 - Riot Games) Hidden Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft DirectX SDK (June 2010) (HKLM\...\Microsoft DirectX SDK (June 2010)) (Version: 9.29.1962.0 - Microsoft Corporation) Microsoft Help Viewer 2.0 (HKLM\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{45A8F8FF-ED9B-40B2-B923-94F46FCF6135}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{D9DA2981-3298-4F1A-9192-F2CF5BD91145}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{83C7F964-AC58-4104-B613-B4D0F61DA8CD}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{79B49428-E9B0-4479-A0FA-3EFF8AFA9F07}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{CD920828-2B95-49A4-8BFD-1D34BCBF5A27}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 ENU (HKLM\...\{773AC1E4-5F27-4DF6-A932-7FDDE35C069D}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation) Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation) Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) MK LOL (HKU\S-1-5-21-3050552178-2778190213-2786081387-1000\...\MK LOL) (Version: - ) Open Broadcaster Software (HKLM\...\Open Broadcaster Software) (Version: - ) OpenVPN 2.3.4-I001 (HKLM\...\OpenVPN) (Version: 2.3.4-I001 - ) PingBuster version 2 (HKLM\...\{2E297026-529F-42C7-8FCA-8EE9540585DF}_is1) (Version: 2 - PingBuster) Prerequisites for SSDT (HKLM\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation) Raptr (HKLM\...\Raptr) (Version: - ) Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek) Realtek Ethernet Diagnostic Utility (HKLM\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.006 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.) screenSHU - the fastest screen capture ever. (HKLM\...\screenSHU) (Version: - ) Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation) Skype™ 7.6 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - ) Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) The Enigma Protector v3.70 Build 20120504 (HKLM\...\The Enigma Protector_is1) (Version: - The Enigma Protector Developers Team) Time Clickers (HKLM\...\Steam App 385770) (Version: - Proton Studio Inc) Trove (HKLM\...\Steam App 304050) (Version: - Trion Worlds) Update for (KB2504637) (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - ) Winamp (HKLM\...\Winamp) (Version: 5.56 - Nullsoft, Inc) WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) Wise Care 365 wersja 3.14 (HKLM\...\Wise Care 365_is1) (Version: 3.14 - ) 爱奇艺万能播放器 (HKLM\...\GeePlayer) (Version: 1.5.10.1295 - 爱奇艺) 爱奇艺影音 (HKLM\...\IQIYI Video) (Version: - 爱奇艺) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3050552178-2778190213-2786081387-1000_Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}\InprocServer32 -> C:\IQIYI Video\LStyle\npWebPlayer.dll (爱奇艺公司) CustomCLSID: HKU\S-1-5-21-3050552178-2778190213-2786081387-1000_Classes\CLSID\{61CED8F3-2CB2-4C3C-9484-7530E1127A58}\InprocServer32 -> C:\IQIYI Video\LStyle\npWebPlayer.dll (爱奇艺公司) CustomCLSID: HKU\S-1-5-21-3050552178-2778190213-2786081387-1000_Classes\CLSID\{D96C1D26-5CDF-4506-9244-57233C3984DF}\InprocServer32 -> C:\IQIYI Video\LStyle\npWebPlayer.dll (爱奇艺公司) CustomCLSID: HKU\S-1-5-21-3050552178-2778190213-2786081387-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Alex\AppData\Local\Temp\DBE8\temp\_mp4hentai__Xpress_Train_-_01_uncen.exe () CustomCLSID: HKU\S-1-5-21-3050552178-2778190213-2786081387-1000_Classes\CLSID\{F3D0D36F-23F8-4682-A195-74C92B03D4AF-NOT}\InprocServer32 -> C:\IQIYI Video\LStyle\npWebPlayer.dll (爱奇艺公司) ==================== Restore Points ========================= 28-07-2015 03:38:04 Zaplanowany punkt kontrolny 28-07-2015 10:29:12 Windows Update 31-07-2015 17:37:46 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:04 - 2014-12-20 18:55 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 validation.sls.microsoft.com ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0C5AD787-6310-4964-AA62-9A07ED531145} - System32\Tasks\65b1263e-e246-43e3-bf46-21dd1ae42b63-5_user => C:\Program Files\CinemaPlus-3.2cV17.07\65b1263e-e246-43e3-bf46-21dd1ae42b63-5.exe <==== ATTENTION Task: {116CFB13-97FB-42D8-90F4-B7C837941460} - System32\Tasks\temp_337fb1ed-f59b-4815-8de7-a0b476c310ca-6 => C:\Program Files\CinemaPlus-3.2cV02.06\337fb1ed-f59b-4815-8de7-a0b476c310ca-6.exe <==== ATTENTION Task: {15F72CA7-88CC-407B-B1C3-782161B803DA} - System32\Tasks\60361efe-6fea-4d98-864b-9930a4c4dfc4-3 => C:\Program Files\CinemaPlus-3.2cV26.07\60361efe-6fea-4d98-864b-9930a4c4dfc4-3.exe <==== ATTENTION Task: {18C672B1-C3DC-446D-9070-43E25E532E7D} - System32\Tasks\60361efe-6fea-4d98-864b-9930a4c4dfc4-5_user => C:\Program Files\CinemaPlus-3.2cV26.07\60361efe-6fea-4d98-864b-9930a4c4dfc4-5.exe <==== ATTENTION Task: {1D4B2C7D-DF82-4733-8719-3ACE2572928F} - System32\Tasks\vKj2JFxHqfv9WOGtUya => C:\Users\Alex\AppData\Roaming\vKj2JFxHqfv9WOGtUya.exe <==== ATTENTION Task: {212D48E4-C298-4AF0-9FE9-C5C7EAF3D911} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6 => C:\Program Files\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6.exe <==== ATTENTION Task: {3687B27E-9BD9-4C08-8601-58AC50F45B00} - System32\Tasks\d131932d-2bfb-4f57-94fc-116f683bacae-1-6 => C:\Program Files\CinemaPlus-3.2cV06.07\d131932d-2bfb-4f57-94fc-116f683bacae-1-6.exe <==== ATTENTION Task: {389D93F7-B2AA-4A23-A411-9CAD41635E80} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-6 => C:\Program Files\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-6.exe <==== ATTENTION Task: {44BB6A88-519B-416A-8A71-22D73D75007D} - System32\Tasks\{4568873B-B6AC-429C-A271-F397F6F36772} => pcalua.exe -a C:\Users\Alex\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=cmi Task: {4527E12E-B199-4323-843D-F287AF8FE350} - System32\Tasks\temp_60361efe-6fea-4d98-864b-9930a4c4dfc4-10_user => C:\Program Files\CinemaPlus-3.2cV26.07\60361efe-6fea-4d98-864b-9930a4c4dfc4-10.exe <==== ATTENTION Task: {4D536F16-1731-4E9F-AECD-E24961E33D42} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated) Task: {5332EE0B-4583-4BDF-9BE0-7ECE88513F12} - System32\Tasks\temp_51515474-c5d1-462f-906c-9d2743e452f1-10_user => C:\Program Files\CinemaPlus-4.2vV03.07\51515474-c5d1-462f-906c-9d2743e452f1-10.exe <==== ATTENTION Task: {54A799C9-0B93-4FAA-8015-E792A195C566} - System32\Tasks\temp_51515474-c5d1-462f-906c-9d2743e452f1-1-6 => C:\Program Files\CinemaPlus-4.2vV03.07\51515474-c5d1-462f-906c-9d2743e452f1-1-6.exe <==== ATTENTION Task: {55C37305-7F4F-4DA8-98E4-0CB75880A050} - System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} => C:\PROGRAM FILES\RISING\RAV\rsdelaylauncher.exe [2014-05-15] (Beijing Rising Information Technology Co., Ltd.) Task: {56D3AC46-C95A-4631-85CB-E2D0EF292650} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5_user => C:\Program Files\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.exe <==== ATTENTION Task: {57B588F8-D837-44E5-8796-8BF32FB8FE03} - System32\Tasks\65b1263e-e246-43e3-bf46-21dd1ae42b63-5 => C:\Program Files\CinemaPlus-3.2cV17.07\65b1263e-e246-43e3-bf46-21dd1ae42b63-5.exe <==== ATTENTION Task: {5DE3752D-827B-4F49-8743-D1E937547BE1} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION Task: {6116FF07-EE30-401A-B1D2-84235B0BDE17} - System32\Tasks\d131932d-2bfb-4f57-94fc-116f683bacae-6 => C:\Program Files\CinemaPlus-3.2cV06.07\d131932d-2bfb-4f57-94fc-116f683bacae-6.exe <==== ATTENTION Task: {7619C814-76BD-422D-BE0D-884FB54958B3} - System32\Tasks\Crossbrowse => C:\Program Files\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION Task: {78ED8342-617E-452E-9494-FC60B9B7373B} - System32\Tasks\d131932d-2bfb-4f57-94fc-116f683bacae-1-7 => C:\Program Files\CinemaPlus-3.2cV06.07\d131932d-2bfb-4f57-94fc-116f683bacae-1-7.exe <==== ATTENTION Task: {7966E7A1-0D33-4392-A6B7-F252B207E23D} - System32\Tasks\temp_337fb1ed-f59b-4815-8de7-a0b476c310ca-1-6 => C:\Program Files\CinemaPlus-3.2cV02.06\337fb1ed-f59b-4815-8de7-a0b476c310ca-1-6.exe <==== ATTENTION Task: {7A24EF2D-0668-40A5-B880-149E9B6114BD} - System32\Tasks\d131932d-2bfb-4f57-94fc-116f683bacae-10_user => C:\Program Files\CinemaPlus-3.2cV06.07\d131932d-2bfb-4f57-94fc-116f683bacae-10.exe <==== ATTENTION Task: {8237BCEE-23C9-4AC0-A390-A095AE805B9E} - System32\Tasks\X82FxyOAlfq82FaPhMv => C:\Users\Alex\AppData\Roaming\X82FxyOAlfq82FaPhMv.exe [2015-04-20] () <==== ATTENTION Task: {93E88428-3A04-48AC-8B7F-C98100C15300} - System32\Tasks\Bidaily Synchronize Task[973b] => c:\programdata\{c52147f3-0b53-8214-c521-147f30b51fcc}\_mp4hentai__xpress_train_-_01_uncen.exe <==== ATTENTION Task: {969CEF98-A85A-4F3B-A11A-BA8755387B84} - System32\Tasks\d131932d-2bfb-4f57-94fc-116f683bacae-5_user => C:\Program Files\CinemaPlus-3.2cV06.07\d131932d-2bfb-4f57-94fc-116f683bacae-5.exe <==== ATTENTION Task: {9A3CBD60-3012-47B7-8B69-9294641CAAD1} - System32\Tasks\60361efe-6fea-4d98-864b-9930a4c4dfc4-1-6 => C:\Program Files\CinemaPlus-3.2cV26.07\60361efe-6fea-4d98-864b-9930a4c4dfc4-1-6.exe <==== ATTENTION Task: {9CBA5ABC-E905-4DFB-8287-9D70CFE38375} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10_user => C:\Program Files\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-10.exe <==== ATTENTION Task: {9F578E4C-647E-4623-BC6C-3CA908835E17} - System32\Tasks\Bidaily Synchronize Task[74c7] => c:\programdata\{2f8a2b62-bee9-309f-2f8a-a2b62beead8a}\hqghumeaylnlf.exe <==== ATTENTION Task: {A0F2CB5D-F701-4159-98FA-70D218020436} - System32\Tasks\65b1263e-e246-43e3-bf46-21dd1ae42b63-1-6 => C:\Program Files\CinemaPlus-3.2cV17.07\65b1263e-e246-43e3-bf46-21dd1ae42b63-1-6.exe <==== ATTENTION Task: {AE770A31-69A5-46EB-9E7F-06D2A6D8AC09} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-7 => C:\Program Files\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-7.exe <==== ATTENTION Task: {CD8F0AE4-FA7A-43F5-95A5-E1D1D171F46A} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7 => C:\Program Files\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-7.exe <==== ATTENTION Task: {DE925C0A-9AF7-401A-BC7A-33679051EE95} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION Task: {EC9F0473-0F49-4557-8EE6-35E82FA60BC9} - System32\Tasks\temp_f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6 => C:\Program Files\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6.exe <==== ATTENTION Task: {EEE33474-BDAA-40D7-903E-806959CBF39E} - System32\Tasks\65b1263e-e246-43e3-bf46-21dd1ae42b63-6 => C:\Program Files\CinemaPlus-3.2cV17.07\65b1263e-e246-43e3-bf46-21dd1ae42b63-6.exe <==== ATTENTION Task: {F0662788-D5BB-44FB-B72D-4E1FE1F42AAA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-29] (Google Inc.) Task: {F0F1B4E5-631F-4371-B2CE-71155BD2CE81} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-29] (Google Inc.) Task: {F209F725-51CB-4022-B07F-D0080C8A05F3} - System32\Tasks\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5 => C:\Program Files\CinemaPlus-3.2cV29.07\f706a8f7-287f-4a40-893c-ca55c01ea0aa-5.exe <==== ATTENTION Task: {F4AF0E7E-6517-421D-AE8A-A64C10741B9E} - System32\Tasks\GoogleUpdateTaskMachineUA1d09a038b4810b3 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-29] (Google Inc.) Task: {FF4DAA8E-F16E-4E24-8F10-16E11B1B9FEE} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Alex\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Bidaily Synchronize Task[74c7].job => c:\programdata\{2f8a2b62-bee9-309f-2f8a-a2b62beead8a}\hqghumeaylnlf.exe <==== ATTENTION Task: C:\Windows\Tasks\Bidaily Synchronize Task[973b].job => c:\programdata\{c52147f3-0b53-8214-c521-147f30b51fcc}\_mp4hentai__xpress_train_-_01_uncen.exe <==== ATTENTION Task: C:\Windows\Tasks\Crossbrowse.job => C:\Program Files\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d09a038b4810b3.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\vKj2JFxHqfv9WOGtUya.job => C:\Users\Alex\AppData\Roaming\vKj2JFxHqfv9WOGtUya.exe <==== ATTENTION Task: C:\Windows\Tasks\X82FxyOAlfq82FaPhMv.job => C:\Users\Alex\AppData\Roaming\X82FxyOAlfq82FaPhMv.exe <==== ATTENTION ==================== Loaded Modules (Whitelisted) ============== 2015-08-04 10:06 - 2015-08-04 10:06 - 00481632 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\sqlite.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00100704 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\tinyxml.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00088416 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\zlib.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00203104 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QQFileFlt.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00063840 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00051552 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00018784 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\oDayProtect.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00117088 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\TavPedc.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00137568 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\libexpatw.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00092184 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\xGraphic32.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00342040 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\arkGraphic.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00045920 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\jgImage.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00158048 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\libpng.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00285024 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\libjpegturbo.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00014176 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\jgIOStub.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00194912 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\xImage.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00076128 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\MemDefrag.dll 2015-08-04 10:06 - 2015-05-07 13:04 - 00571800 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QMLoader\QQPCDetector.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00268640 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\plugins\StartupMgr\SoftMon.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00235872 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QMWlanMacDll.dll 2015-03-03 05:35 - 2015-03-03 05:35 - 00295264 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QMAndroidServer\1.0.0.1\Log4cplus.dll 2009-07-01 18:37 - 2009-07-01 18:37 - 00037888 _____ () C:\Program Files\Winamp\winampa.exe 2015-08-04 10:09 - 2013-12-11 07:01 - 00104728 ____N () C:\PROGRAM FILES\RISING\RAV\CMPB.DLL 2015-08-04 10:09 - 2013-12-11 07:01 - 00069400 ____N () C:\PROGRAM FILES\RISING\RAV\CMPCUsb.dll 2015-08-04 09:32 - 2015-07-22 18:20 - 00069632 ____H () C:\Program Files\baidu\baidu.exe 2015-07-28 23:47 - 2015-07-25 10:46 - 01405768 _____ () C:\Program Files\Google\Chrome\Application\44.0.2403.125\libglesv2.dll 2015-07-28 23:47 - 2015-07-25 10:46 - 00081224 _____ () C:\Program Files\Google\Chrome\Application\44.0.2403.125\libegl.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files\Raptr\_ctypes.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files\Raptr\_socket.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files\Raptr\_ssl.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files\Raptr\PyQt4.QtGui.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files\Raptr\sip.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files\Raptr\PyQt4.QtCore.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files\Raptr\PyQt4.QtNetwork.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files\Raptr\win32api.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files\Raptr\pywintypes26.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files\Raptr\select.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files\Raptr\_hashlib.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files\Raptr\win32process.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files\Raptr\win32file.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files\Raptr\_sqlite3.pyd 2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files\Raptr\sqlite3.dll 2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files\Raptr\win32gui.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files\Raptr\PyQt4.QtWebKit.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files\Raptr\pyexpat.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files\Raptr\winsound.pyd 2014-08-14 02:37 - 2014-08-14 02:37 - 00113171 _____ () C:\Program Files\Raptr\libvlc.dll 2014-08-14 02:37 - 2014-08-14 02:37 - 02396691 _____ () C:\Program Files\Raptr\libvlccore.dll 2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files\Raptr\amd_ags.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files\Raptr\unicodedata.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files\Raptr\pythoncom26.dll 2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files\Raptr\win32com.shell.shell.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files\Raptr\PIL._imaging.pyd 2015-08-04 10:06 - 2015-08-04 10:06 - 00088416 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\zlib.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00137568 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\libexpatw.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00100704 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\tinyxml.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00092184 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\xGraphic32.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00342040 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\arkGraphic.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00045920 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\jgImage.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00158048 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\libpng.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00285024 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\libjpegturbo.dll 2015-08-04 10:06 - 2015-08-04 10:06 - 00014176 _____ () C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\jgIOStub.dll 2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files\Raptr\gobject._gobject.pyd 2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 _____ () C:\Program Files\Raptr\heliotrope._purple.pyd 2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files\Raptr\libxml2-2.dll 2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files\Raptr\zlib1.dll 2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files\Raptr\plugins\libaim.dll 2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files\Raptr\liboscar.dll 2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files\Raptr\plugins\libicq.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files\Raptr\plugins\libirc.dll 2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files\Raptr\plugins\libmsn.dll 2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files\Raptr\plugins\libxmpp.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files\Raptr\libjabber.dll 2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files\Raptr\plugins\libyahoo.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files\Raptr\libymsg.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files\Raptr\plugins\libyahoojp.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files\Raptr\plugins\ssl-nss.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files\Raptr\plugins\ssl.dll 2015-08-04 09:34 - 2015-05-12 11:02 - 00245864 _____ () C:\IQIYI Video\Common\MobileProxy.dll 2015-08-04 09:34 - 2015-05-12 11:02 - 01616488 _____ () C:\IQIYI Video\Common\Mobile\QServProvider.dll 2015-08-04 09:34 - 2015-05-12 11:02 - 00728168 _____ () C:\IQIYI Video\Common\Mobile\AndroidService.exe 2015-07-28 23:47 - 2015-07-25 10:46 - 16308040 _____ () C:\Program Files\Google\Chrome\Application\44.0.2403.125\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:6BE50C2B ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3050552178-2778190213-2786081387-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{003AE472-CE17-45B7-841E-9F8CBA7069F9}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{BF653582-3EDA-4BD9-B30C-065709B95DC1}] => (Allow) C:\Program Files\Steam\Steam.exe FirewallRules: [{BCD465FD-4BCA-4D80-A821-D4049F7E1CA0}] => (Allow) C:\Program Files\Steam\Steam.exe FirewallRules: [{D635F363-1DF5-4E63-9F92-C2596A9D997C}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{EB2A7917-4AFE-44BD-BF99-14B0E51DD0DC}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe FirewallRules: [{A7653E8F-3DF8-4A78-8B62-6CDC5E037F22}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe FirewallRules: [{A783D897-BD78-4824-A30E-A3826165EA27}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2B34F67E-C966-4784-9FC2-22A46260E67A}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9F292850-0F59-4721-B5B5-F0A850C3F9C5}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9997CF41-74E1-463E-A19E-D5734E2DCEF2}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9613A1E4-B030-4FE2-8E4D-43427B7A0E85}] => (Allow) C:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe FirewallRules: [{4035F1D2-438F-4D07-BCA1-F122F0616EB6}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe FirewallRules: [{D994266E-1207-4032-8987-40BFDB7A96B2}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe FirewallRules: [{739B9277-F14D-4366-8919-F5CDD9F5CE6B}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{667BB490-F615-42C4-BBDF-6B0864C03152}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{6F9E8C82-1BBB-49F9-90AC-28B9A5BB80FF}] => (Allow) C:\Program Files\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe FirewallRules: [{19D2240A-81B7-48CC-ABE5-8EE29FF8415F}] => (Allow) C:\Program Files\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe FirewallRules: [{40F79116-EC96-404A-95B8-991DB90A24B5}] => (Allow) C:\Program Files\Steam\steamapps\common\Trove\GlyphClient.exe FirewallRules: [{509A1730-5975-4350-AB1B-8E6357E4C315}] => (Allow) C:\Program Files\Steam\steamapps\common\Trove\GlyphClient.exe FirewallRules: [{80A8A50B-9595-4D94-A8A5-A8B62A8D4E15}] => (Allow) C:\Program Files\Steam\steamapps\common\TimeClickers\TimeClickers.exe FirewallRules: [{58FC6303-46E7-4102-B7EC-1727DFE144EF}] => (Allow) C:\Program Files\Steam\steamapps\common\TimeClickers\TimeClickers.exe FirewallRules: [{800653E1-976C-4142-A78A-82F3B58FBA3A}] => (Allow) C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe FirewallRules: [{FEFA9A41-B9A8-4ECD-A677-6F061BFC18B4}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [{40F4F7D0-2CC3-42F8-BD80-8F71C1A813AD}] => (Allow) C:\Program Files\Raptr\raptr.exe FirewallRules: [{108984AC-F609-4847-9248-4E8CD85A199E}] => (Allow) C:\Program Files\Raptr\raptr.exe FirewallRules: [{946E5551-577F-4192-B8CF-7420D977AC19}] => (Allow) C:\Program Files\Raptr\raptr_im.exe FirewallRules: [{BAFA5E46-F7F3-406F-80A6-585A5DC75831}] => (Allow) C:\Program Files\Raptr\raptr_im.exe FirewallRules: [{4577B067-4086-43D8-88CA-3FB2760113D3}] => (Allow) C:\Users\Alex\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe FirewallRules: [{1A0A720B-C4AB-452F-98B0-329F9288E9CA}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer.exe FirewallRules: [{631FCF0C-F113-4CFD-986B-9D8891A2911B}] => (Allow) C:\Users\Alex\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe FirewallRules: [{055042BE-2CF8-4A95-8A87-5EA3D9937747}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe FirewallRules: [{03AE2896-5C6C-474B-8B99-C83C4CFE63A2}] => (Allow) C:\IQIYI Video\LStyle\QyWebPlayer.exe FirewallRules: [{8FB0E168-641C-4617-9C0A-673DBD57661F}] => (Allow) C:\IQIYI Video\Common\QyKernel.exe FirewallRules: [{F6AAA8D2-41A9-4117-A5F4-8EF5349ECA21}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe FirewallRules: [{664E7E89-0EF6-40A0-86AA-51C053754862}] => (Allow) C:\program files\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{D4A10035-B301-4BED-9042-AEC4965256D0}] => (Allow) C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [{F139E77A-F32E-41A3-BEC6-47BB3C3F344B}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QQPCmgrInstallGuide.exe FirewallRules: [{62691E92-8086-40FA-AD76-03AEBC35C5EF}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QQPCTray.exe FirewallRules: [{70BCCEF4-71FC-4F90-9E82-CBD977A48451}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QQPCMgr.exe FirewallRules: [{F499B39D-2546-429B-B357-B88E26AD015D}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QQPCRTP.exe FirewallRules: [{FC002D19-7990-4AAE-A916-E97102B01599}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QMDL.exe FirewallRules: [{51C3123B-E961-4AFC-AC7E-F17C33DF14EC}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\bugreport.exe FirewallRules: [{0B51FE3A-C397-4017-9129-1A2B1A67DC3B}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QQPCFileOpen.exe FirewallRules: [{58B52E3C-AA31-49E0-B7D9-72D0F9DE4DF6}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QQPCLeakScan.exe FirewallRules: [{375331D8-4BD0-4560-901D-221BC53987B7}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QQPConfig.exe FirewallRules: [{CC4A8E5A-975C-415B-AD5E-A3FB408A172A}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QQPCSoftMgr.exe FirewallRules: [{9425F280-F406-40A8-B4B7-940B19905DA9}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\QQPCNetFlow.exe FirewallRules: [{8A78900E-2826-4E25-A70C-6C19FBC59FF2}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QQPCBTU.exe FirewallRules: [{2492D291-2EEE-4BC8-B1E7-29AC01AE3780}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QQPCClinic.exe FirewallRules: [{82FFA897-6A48-436B-BE1B-C74A32E0A7FD}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QQPCLaunch.exe FirewallRules: [{AF2CFEEE-443B-4163-BDB0-20E811102790}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QMUpdate\QQPCMgrUpdate.exe FirewallRules: [{5EE688A8-7C1F-44AE-BA55-8A49512D91FB}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QQPCSoftGame.exe FirewallRules: [{257BA39A-E784-40EE-A826-3DD3420A5DF3}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QQPCSysOptimize.exe FirewallRules: [{BCA73291-080D-4512-AB86-06EFF7741693}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QQPCUpdateAVLib.exe FirewallRules: [{F683808F-6743-42D5-9B83-0EFBD26C5931}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QQRepair.exe FirewallRules: [{5B3E9BAE-31D7-49E0-A1B0-713F5456264C}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\Uninst.exe FirewallRules: [{D2938B5D-5689-4DA1-9C45-D05623BDBFBC}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QQPCPatch.exe FirewallRules: [{3CDC6CC4-153E-4F2C-85BF-ABDDB1CB5BEE}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\TpkUpdate.exe FirewallRules: [{601B4058-54B4-4546-8D76-AA986BED2B7F}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QMRouterMgr.exe FirewallRules: [{CED259AB-63EF-4DD2-9E45-B576BB02E894}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.7.16066.216\QMAccountProtection.exe FirewallRules: [{DEE28A60-53A4-45A9-96BF-D2950F853194}] => (Allow) C:\Program Files\Rising\RAV\ravmond.exe FirewallRules: [{6B459F86-D596-41FA-B454-D27A56F5D01B}] => (Allow) C:\Program Files\Rising\RAV\ravmond.exe FirewallRules: [{0518D1DC-DB58-4ADD-BFFB-2713967D7CC2}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe FirewallRules: [{4F3BF249-3CC9-490B-9D5F-C7A5B0568C42}] => (Allow) C:\Users\Alex\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe FirewallRules: [{D4F2BE7A-A9E3-49E2-B420-36660E6A7EF4}] => (Allow) C:\IQIYI Video\LStyle\QyWebPlayer.exe FirewallRules: [{26F6731A-7BDB-4709-9669-33B9C413B718}] => (Allow) C:\IQIYI Video\Common\QyKernel.exe FirewallRules: [{037E09EE-1361-4C17-9B5D-7419FAC25D63}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe FirewallRules: [{DF4E3DC2-4F2C-4E91-8E5C-4A6C2F2AF80C}] => (Allow) C:\Users\Alex\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe FirewallRules: [{19D9FFD1-C32C-4A1E-9782-A0B2B01489CE}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer\GeePlayer.exe ==================== Faulty Device Manager Devices ============= Name: wsafd_1_10_0_19 Description: wsafd_1_10_0_19 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: wsafd_1_10_0_19 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Karta Microsoft 6to4 Description: Karta Microsoft 6to4 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Karta Microsoft ISATAP Description: Karta Microsoft ISATAP Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Karta Microsoft ISATAP #2 Description: Karta Microsoft ISATAP Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: innfd_1_10_0_14 Description: innfd_1_10_0_14 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: innfd_1_10_0_14 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (08/04/2015 10:38:26 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/04/2015 09:03:17 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/03/2015 01:44:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: steamwebhelper.exe, wersja: 2.89.12.34, sygnatura czasowa: 0x55b136a6 Nazwa modułu powodującego błąd: libcef.dll, wersja: 3.2357.1273.0, sygnatura czasowa: 0x5581d4e8 Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x000894f9 Identyfikator procesu powodującego błąd: 0xc34 Godzina uruchomienia aplikacji powodującej błąd: 0xsteamwebhelper.exe0 Ścieżka aplikacji powodującej błąd: steamwebhelper.exe1 Ścieżka modułu powodującego błąd: steamwebhelper.exe2 Identyfikator raportu: steamwebhelper.exe3 Error: (08/02/2015 01:08:49 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/02/2015 08:53:44 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/02/2015 12:01:01 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program League of Legends.exe w wersji 5.14.0.340 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 1c9c Godzina rozpoczęcia: 01d0cca1c38732ae Godzina zakończenia: 357 Ścieżka aplikacji: C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.98\deploy\League of Legends.exe Identyfikator raportu: c7bb1943-3898-11e5-841e-00304f170966 Error: (08/01/2015 02:22:59 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/01/2015 08:40:20 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/31/2015 01:56:50 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/31/2015 01:52:24 PM) (Source: Chrome) (EventID: 1) (User: ZARZĄDZANIE NT) Description: Chrome has encountered a fatal error. ver=44.0.2403.125;lang=;guid=FAAA55153CB843A2BEBF5836778951B4;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\c1c1761d-d907-4b7d-ba77-298879d4faf3.dmp System errors: ============= Error: (08/04/2015 10:49:54 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1070 Error: (08/04/2015 10:49:35 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Publikacja zasobów odnajdowania funkcji zawiesiła się podczas uruchamiania. Error: (08/04/2015 10:47:01 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Host dostawcy odnajdowania funkcji zawiesiła się podczas uruchamiania. Error: (08/04/2015 10:45:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa udostępniania w sieci programu Windows Media Player z powodu następującego błędu: %%1053 Error: (08/04/2015 10:45:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa udostępniania w sieci programu Windows Media Player. Error: (08/04/2015 10:44:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Windows Defender z powodu następującego błędu: %%1053 Error: (08/04/2015 10:44:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Windows Defender. Error: (08/04/2015 10:42:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu: %%1053 Error: (08/04/2015 10:42:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Google Update (gupdate). Error: (08/04/2015 10:41:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi globalUpdate Update Service (globalUpdate) z powodu następującego błędu: %%2 Microsoft Office: ========================= Error: (08/04/2015 10:38:26 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/04/2015 09:03:17 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/03/2015 01:44:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: steamwebhelper.exe2.89.12.3455b136a6libcef.dll3.2357.1273.05581d4e880000003000894f9c3401d0cd14273da4daC:\Program Files\Steam\bin\steamwebhelper.exeC:\Program Files\Steam\bin\libcef.dll05511672-39d5-11e5-9750-00304f170966 Error: (08/02/2015 01:08:49 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/02/2015 08:53:44 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/02/2015 12:01:01 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: League of Legends.exe5.14.0.3401c9c01d0cca1c38732ae357C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.98\deploy\League of Legends.exec7bb1943-3898-11e5-841e-00304f170966 Error: (08/01/2015 02:22:59 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/01/2015 08:40:20 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/31/2015 01:56:50 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/31/2015 01:52:24 PM) (Source: Chrome) (EventID: 1) (User: ZARZĄDZANIE NT) Description: Chrome has encountered a fatal error. ver=44.0.2403.125;lang=;guid=FAAA55153CB843A2BEBF5836778951B4;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\c1c1761d-d907-4b7d-ba77-298879d4faf3.dmp ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz Percentage of memory in use: 58% Total physical RAM: 3319.49 MB Available physical RAM: 1392.22 MB Total Virtual: 6637.3 MB Available Virtual: 4350.07 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:104.33 GB) (Free:18.86 GB) NTFS Drive d: () (Fixed) (Total:361.33 GB) (Free:360.65 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F9D4F9D4) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=104.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=361.3 GB) - (Type=07 NTFS) ==================== End of log ============================