Start::
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3377807318-2724434003-2614323792-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
BHO: ????????? -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSWebMon64.dat => No File
CHR HomePage: Default -> mail.ru/cnt/20595300?rciguc__PARAM__
S2 MPCProtectService; "C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe" [X] <==== ATTENTION
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-04-29] (DotC United Inc) <==== ATTENTION
S3 cpuz134; \??\C:\Users\deckx\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATTENTION
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2018-06-15 23:31 - 2016-04-29 15:19 - 000003080 _____ C:\Windows\System32\Tasks\MailRuUpdater
CustomCLSID: HKU\S-1-5-21-3377807318-2724434003-2614323792-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\deckx\AppData\Roaming\inminet\sencolny.dll => No File <==== ATTENTION
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMGCShellExt64.dll -> No File
ContextMenuHandlers3: [QMSoftExt] -> {754DF2CE-51E8-4895-B53C-6381418B84AE} => C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\plugins\FileSmash\QMSoftExt64.dll -> No File
Task: {4720B4A9-55A3-423B-AC31-C29DD0B4CA53} - System32\Tasks\MailRuUpdater => C:\Users\deckx\AppData\Local\Mail.Ru\MailRuUpdater.exe <==== ATTENTION
Task: {529C265C-12A1-443C-8C54-031C67E6E53B} - \ProPCCleaner_Start -> No File <==== ATTENTION
Task: {75B0DAC0-EAF3-470C-8E7B-7FDBE52157D2} - \osTip -> No File <==== ATTENTION
Task: {98923B31-D77D-4603-B0F1-B6FCED0E3601} - \ProPCCleaner_Popup -> No File <==== ATTENTION
Task: {CA5760CC-10AE-4536-BB49-D2C5E23AD438} - \Pwtyfemuk Cache -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\Public\AppData:CSM [476]
127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com
Hosts:
FirewallRules: [{5F6136AB-B6C3-4EB2-91FB-5B0A39285B35}] => (Allow) C:\Users\deckx\AppData\Local\Temp\java.exe
FirewallRules: [{99DFD5FF-5D9E-4736-953C-A050EF064125}] => (Allow) C:\Users\deckx\AppData\Local\Temp\java.exe
EmptyTemp:
End::