Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-11-2016
Ran by hp (administrator) on HP-HP (08-11-2016 22:00:33)
Running from C:\Users\hp\Desktop
Loaded Profiles: hp (Available Profiles: hp)
Platform: Windows 7 Home Basic Service Pack 1 (X64) Language: 中文(简体,中国)
Internet Explorer Version 11 (Default browser: "C:\Users\hp\AppData\Roaming\360se6\Application\360se.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\StarSoftComm\CooCare3\BIN\CooCareService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(StarSoftComm (China) Ltd.) C:\Program Files (x86)\StarSoftComm\CooCare3\BIN\CooCare.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(北京暴风科技股份有限公司) D:\Program Files\Baofeng\BFVKanDianYing\BFVDesktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\ProgramData\AppKits\Module\messenger\msgdeliver.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Farbar) C:\Users\hp\Desktop\FRST64 (1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [apmwinapp] => C:\Program Files (x86)\Paragon Software\HFS+ for Windows 10.2\apmwinsrv.exe [66768 2013-11-18] ()
HKLM-x32\...\Run: [HFS Activator] => C:\Program Files (x86)\Paragon Software\HFS+ for Windows 10.2\activation\hfsactivator.exe [245456 2013-11-18] ()
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-05-13] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1592242826-1200034856-1619733032-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-1592242826-1200034856-1619733032-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1592242826-1200034856-1619733032-1000\...\MountPoints2: {7ed4e4e3-e5ca-11e2-9e13-08edb9ea5994} - E:\autorun.exe
HKU\S-1-5-21-1592242826-1200034856-1619733032-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Funshion.scr
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [BVDLinkIconOverlay] -> {1DE3AF1F-C296-45DA-A64C-F295F720585E} => D:\Program Files\Baofeng\BFVKanDianYing\BFVShellIcon64.dll [2016-05-11] (北京暴风科技股份有限公司)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{541C32C1-CB1D-4DAA-B3B3-6C8B6A48001A}: [NameServer] 212.27.40.241,212.27.40.240
Tcpip\..\Interfaces\{541C32C1-CB1D-4DAA-B3B3-6C8B6A48001A}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1592242826-1200034856-1619733032-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.fr
HKU\S-1-5-21-1592242826-1200034856-1619733032-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.360.cn/?src=lm&ls=n798f3c1297
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://zh.wikipedia.org/zh-cn/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://zh.wikipedia.org/zh-cn/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1592242826-1200034856-1619733032-1000 -> {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = hxxp://www.baidu.com/s?wd={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&abar=2&tn=33059180_cb&ch=33
SearchScopes: HKU\S-1-5-21-1592242826-1200034856-1619733032-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://zh.wikipedia.org/zh-cn/wiki/Special:Search?search={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: No Name -> {4D9069AE-5909-4EE2-AAC0-370C4897CBB1} -> No File
BHO: YoukuEyeOnIE64 Class -> {509DC5B8-F673-4102-B86E-5BF20BF4EE54} -> C:\Users\hp\AppData\Roaming\ytmediacenter\YoukuBHOPlugin64.dll [2015-06-23] (TODO: <公司名>)
BHO: HP SimplePass Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll [2011-12-10] (HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: No Name -> {98D5DD5D-0742-4CC1-A0AB-7251C40DB020} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-08-24] (Google Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: No Name -> {4BF2CB0E-658A-442B-AC83-A64EC2150BFC} -> No File
BHO-x32: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> No File
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL [2012-06-21] (Symantec Corporation)
BHO-x32: HP SimplePass Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass\IEBHO.DLL [2011-12-10] (HP)
BHO-x32: Windows Live ID 登录帮助程序 -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-08-24] (Google Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.)
Toolbar: HKLM - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll [2011-12-10] (HP)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-08-24] (Google Inc.)
Toolbar: HKLM-x32 - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL [2011-12-10] (HP)
Toolbar: HKLM-x32 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-08-24] (Google Inc.)
Toolbar: HKU\S-1-5-21-1592242826-1200034856-1619733032-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-1592242826-1200034856-1619733032-1000 -> No Name - {65F8A3D2-4C22-4A33-9633-73167EAEEC45} - No File
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn
FF Extension: (Norton Vulnerability Protection) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn [2012-07-25] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn
FF Extension: (Norton Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn [2016-11-08] [not signed]
FF HKU\S-1-5-21-1592242826-1200034856-1619733032-1000\...\Firefox\Extensions: [wcapturex@deskperience.com] - C:\Program Files (x86)\Microsoft Bing Dictionary\WordCapture\WCaptureMoz => not found
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @baofeng.com/npBFWebBrowserPlugin -> D:\Program Files\Baofeng\StormPlayer\npBFWebBrowserPlugin.dll [No File]
FF Plugin-x32: @baofeng.com/npWebStorm -> D:\Program Files\Baofeng\StormPlayer\webplayer\npWebStrom.dll [No File]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC)
FF Plugin-x32: @flashget.com/npfgplugin -> C:\Program Files (x86)\FlashGet Network\FlashGet 3\npfgplugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-07] (Intel Corporation)
FF Plugin-x32: @itools.hk/npiTools, version=1.0.0 -> C:\Users\hp\Documents\iTools\Plugin\npiTools.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @qq.com/npOpenPlatform -> C:\Program Files (x86)\Common Files\Tencent\OpenPlatform\3.0.0.3201\npQPMWebGamePlugin.dll [No File]
FF Plugin-x32: @sogou.com/SGDownloadPlugin -> C:\Program Files (x86)\SogouDownLoad\npdownload.dll [No File]
FF Plugin-x32: @tencent.com/npQQMailWebKit,version=1.0.0.1 -> C:\Program Files (x86)\QQMailPlugin\npQQMailWebKit.dll [No File]
FF Plugin-x32: @tencent.com/nptxftnWebKit,version=1.0.0.1 -> C:\Program Files (x86)\QQMailPlugin\nptxftnWebKit.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-24] (Google Inc.)
FF Plugin-x32: @xunlei.com/npxluser -> C:\Program Files (x86)\Common Files\Thunder Network\UserAgent\npxluser2.0.2.3.dll [No File]
FF Plugin-x32: @xunlei.com/npxunlei;version=1.0.0.2 -> C:\Program Files (x86)\Thunder Network\Thunder\Data\npxunlei1.0.0.2.dll [No File]
FF Plugin HKU\.DEFAULT: @1.qq.com/npqqwebgame -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Tencent\WebGamePlugin\1.0.4.9\npqqwebgame.dll [No File]
FF Plugin HKU\S-1-5-21-1592242826-1200034856-1619733032-1000: @flashget.com/npfgplugin -> C:\Program Files (x86)\FlashGet Network\FlashGet 3\npfgplugin.dll [No File]
FF Plugin HKU\S-1-5-21-1592242826-1200034856-1619733032-1000: @tools.google.com/Google Update;version=3 -> C:\Users\hp\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2014-02-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-1592242826-1200034856-1619733032-1000: @tools.google.com/Google Update;version=9 -> C:\Users\hp\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2014-02-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-1592242826-1200034856-1619733032-1000: @xunlei.com/npxluser -> C:\Program Files (x86)\Common Files\Thunder Network\UserAgent\npxluser2.0.2.3.dll [No File]
FF Plugin HKU\S-1-5-21-1592242826-1200034856-1619733032-1000: @xunlei.com/npxunlei;version=1.0.0.2 -> C:\Program Files (x86)\Thunder Network\Thunder\Data\npxunlei1.0.0.2.dll [No File]
Chrome:
=======
CHR DefaultProfile: Default
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default [2016-11-08]
CHR Extension: (Google 云端硬盘) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-06]
CHR Extension: (Google Search) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-18]
CHR Extension: (QQ音乐支持控件) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\eobojkjbpolpnaolkijihjkpmhieijhb [2016-11-06]
CHR Extension: (Google 文档的离线功能) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-25]
CHR Extension: (Website Logon) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfgjjhcgfbfkkoelpepohanhmbhdanh [2014-07-16]
CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [jpfgjjhcgfbfkkoelpepohanhmbhdanh] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2011-12-08]
StartMenuInternet: 360Chrome -
StartMenuInternet: 360chrome.hp -
StartMenuInternet: Google Chrome.J33ICP7NFKLA5NCLMJZ5D6WAS4 - C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 CooCareService; C:\Program Files (x86)\StarSoftComm\CooCare3\BIN\CooCareService.exe [108888 2014-09-22] ()
S3 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [260424 2011-12-10] (HP)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3036312 2016-07-28] (Intel(R) Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193536 2012-02-07] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [920616 2016-08-08] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-08-08] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-08-08] (McAfee, Inc.)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [269640 2011-12-08] (AuthenTec, Inc.)
R2 WinAppGuard; C:\ProgramData\AppKits\Module\waguard\hostservice.dll [532896 2014-09-15] (udpate)
S2 WinAppMgmt; C:\ProgramData\WinAppMgmt\WinAppMgmt.exe [692128 2014-09-15] ()
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 wlcommsvc; C:\Program Files (x86)\MSN\Service\wlcommsvc.exe [202048 2013-01-10] (Just Orange)
S3 bddlsvc; "C:\Users\hp\AppData\Roaming\baidu\BaiduRJDownloader\1.6.0.77\bddlsvc.exe" -r [X]
S3 LeService; "C:\Program Files (x86)\Letv\LeService.exe" [X]
S3 QQLiveService; C:\Program Files (x86)\Tencent\QQLive\9.8.876.0\LiveService.dll [X]
S2 QQRepair1525; "C:\Program Files (x86)\Tencent\QQPCMGR\QQRepair1525" [X]
S3 XLServicePlatform; C:\Program Files (x86)\Common Files\Thunder Network\ServicePlatform\XLSP.dll [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 apmwin; C:\Windows\System32\DRIVERS\apmwin.sys [50896 2013-11-18] (Paragon Software Group)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20120919.001\BHDrvx64.sys [1385120 2012-08-31] (Symantec Corporation)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
S3 ChargeFaster; C:\Windows\SysWow64\drivers\ChargeFaster.sys [107800 2015-05-12] (ChargeFaster)
R3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [36432 2012-03-24] (DemoForge, LLC)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-12] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-11] (Symantec Corporation)
R0 gpt_loader; C:\Windows\System32\DRIVERS\gpt_loader.sys [61136 2013-11-18] (Paragon Software Group)
S3 Hfsplus; C:\Windows\System32\DRIVERS\hfsplus.sys [205008 2013-11-18] (Paragon Software Group)
R2 HfsplusRec; C:\Windows\System32\DRIVERS\hfsplusrec.sys [15568 2013-11-18] (Paragon Software Group)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20120921.001\IDSvia64.sys [513184 2012-09-05] (Symantec Corporation)
R3 irstrtdv; C:\Windows\system32\drivers\irstrtdv.sys [26504 2012-02-07] (Intel Corporation)
R0 mounthlp; C:\Windows\System32\DRIVERS\mounthlp.sys [42704 2013-11-18] (Paragon Software Group)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20120922.008\ENG64.SYS [126112 2012-09-24] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20120922.008\EX64.SYS [2084000 2012-09-24] (Symantec Corporation)
R1 ppfsflt; C:\Windows\System32\DRIVERS\ppfsflt.sys [30952 2014-09-22] (StarSoftComm)
R3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-03-02] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-08-15] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-07-08] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
R2 XLWFP; C:\Windows\System32\drivers\xlwfp.sys [56080 2016-01-19] (深圳市迅雷网络技术有限公司)
S3 AntiRkX64; System32\Drivers\AntiRKX64.sys [X]
S3 catchme; \??\C:\Users\hp\AppData\Local\Temp\catchme.sys [X]
S1 QMUdisk; \??\C:\Program Files (x86)\QQPCMgr\12.0.18066.222\QMUdisk64.sys [X]
S1 softaal; \??\C:\Program Files (x86)\QQPCMgr\12.0.18066.222\softaal64.sys [X]
S2 tsnethlpx64; \??\C:\Program Files (x86)\QQPCMgr\12.0.18066.222\TsNetHlpX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVCx32: WinAppGuard -> C:\ProgramData\AppKits\Module\waguard\hostservice.dll (udpate)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-08 22:00 - 2016-11-08 22:01 - 00025330 _____ C:\Users\hp\Desktop\FRST.txt
2016-11-08 22:00 - 2016-11-08 22:00 - 00000000 ____D C:\FRST
2016-11-08 21:59 - 2016-11-08 22:00 - 02410496 _____ (Farbar) C:\Users\hp\Desktop\FRST64 (1).exe
2016-11-08 21:59 - 2016-11-08 21:59 - 02410496 _____ (Farbar) C:\Users\hp\Downloads\FRST64.exe
2016-11-07 18:02 - 2016-11-07 18:02 - 00000000 ____D C:\ProgramData\CooCare
2016-11-07 17:52 - 2016-11-07 18:00 - 00113292 _____ C:\Windows\ntbtlog.txt
2016-11-07 09:07 - 2016-11-07 09:07 - 00031317 _____ C:\Users\hp\Downloads\releveMensuel (9).pdf
2016-11-07 09:02 - 2016-11-07 09:02 - 00031317 _____ C:\Users\hp\Downloads\releveMensuel (8).pdf
2016-11-07 09:01 - 2016-11-07 09:01 - 00031317 _____ C:\Users\hp\Downloads\releveMensuel (7).pdf
2016-11-07 09:01 - 2016-11-07 09:01 - 00031317 _____ C:\Users\hp\Downloads\releveMensuel (6).pdf
2016-11-06 17:43 - 2016-11-06 17:43 - 00000000 ____D C:\Users\hp\AppData\Roaming\360SuperKiller
2016-11-06 16:28 - 2016-11-06 16:28 - 02484224 _____ C:\Users\hp\Downloads\ZHPCleaner.exe
2016-11-06 16:28 - 2016-11-06 16:28 - 00000791 _____ C:\Users\hp\Desktop\ZHPCleaner.lnk
2016-11-06 16:21 - 2016-11-07 18:02 - 00000781 _____ C:\Users\hp\Desktop\ZHPDiag.lnk
2016-11-06 16:21 - 2016-11-06 16:21 - 02437120 _____ C:\Users\hp\Downloads\ZHPDiag3 (1).exe
2016-11-06 16:15 - 2016-11-06 16:15 - 00000000 ____D C:\Users\hp\AppData\Roaming\ludashi
2016-11-06 12:38 - 2016-11-06 12:38 - 00001855 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-11-06 12:38 - 2016-11-06 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-11-06 12:38 - 2016-11-06 12:38 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-11-06 12:37 - 2016-11-06 12:37 - 03521617 _____ (Nicolas Coolman ) C:\Users\hp\Downloads\ZHPFix.exe
2016-11-06 09:58 - 2016-11-06 09:58 - 01231872 _____ C:\Users\hp\Downloads\RepairDNS (1).exe
2016-11-05 20:54 - 2016-11-05 20:54 - 00000000 ____D C:\Users\hp\Documents\QQPCMgr
2016-11-05 20:44 - 2016-11-07 17:47 - 00036344 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2016-11-05 20:33 - 2016-11-05 21:58 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-05 20:33 - 2016-11-05 20:33 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-11-05 20:33 - 2016-11-05 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-05 20:33 - 2016-11-05 20:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-05 20:33 - 2016-11-05 20:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-05 20:33 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-11-05 20:33 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-11-05 20:33 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-11-05 20:32 - 2016-11-05 20:32 - 22851472 _____ (Malwarebytes ) C:\Users\hp\Downloads\mbam-setup-2.2.1.1043.exe
2016-11-05 20:29 - 2016-11-05 20:45 - 00000000 ____D C:\AdwCleaner
2016-11-05 20:29 - 2016-11-05 20:29 - 03910208 _____ C:\Users\hp\Downloads\adwcleaner_6.030.exe
2016-11-05 20:13 - 2016-11-05 20:13 - 00000000 ____D C:\Users\hp\AppData\LocalLow\SogouPY.users
2016-11-05 14:04 - 2016-11-05 14:04 - 01231872 _____ C:\Users\hp\Downloads\RepairDNS.exe
2016-11-05 11:42 - 2016-11-07 18:03 - 00000000 ____D C:\Users\hp\AppData\Roaming\ZHP
2016-11-05 11:41 - 2016-11-05 11:41 - 02435072 _____ C:\Users\hp\Downloads\ZHPDiag3.exe
2016-11-05 11:29 - 2016-11-05 16:20 - 00267456 _____ (Tencent) C:\Windows\GoodSleep.dll
2016-11-05 11:20 - 2016-11-05 11:20 - 08270712 _____ (Piriform Ltd) C:\Users\hp\Downloads\ccsetup523 (1).exe
2016-11-05 11:15 - 2016-11-05 11:15 - 08270712 _____ (Piriform Ltd) C:\Users\hp\Downloads\ccsetup523.exe
2016-10-28 21:13 - 2016-10-28 21:14 - 00003476 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-28 21:13 - 2016-10-28 21:13 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-28 21:13 - 2016-10-28 21:13 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-28 20:23 - 2016-11-05 21:09 - 00000000 ____D C:\ProgramData\mofawangzuo
2016-10-26 09:09 - 2016-11-05 11:16 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-26 09:09 - 2016-10-26 09:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-10-26 09:08 - 2016-10-26 09:09 - 00000000 ____D C:\Program Files\WinRAR
2016-10-18 17:12 - 2016-11-06 10:21 - 00065568 _____ C:\Users\hp\AppData\Local\GDIPFONTCACHEV1.DAT
2016-10-18 17:11 - 2016-11-06 10:21 - 00313816 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-15 08:42 - 2016-10-15 08:42 - 00000000 ____D C:\QMDownload
2016-10-15 07:38 - 2016-10-15 07:38 - 00001890 _____ C:\Users\hp\Desktop\Internet Explorer.lnk
2016-10-14 08:14 - 2016-10-14 08:14 - 00000000 ____D C:\86228a86bca7da20f19d9c9497c452
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-08 18:22 - 2012-03-24 23:34 - 00377716 _____ C:\Windows\system32\prfh0804.dat
2016-11-08 18:22 - 2012-03-24 23:34 - 00120686 _____ C:\Windows\system32\prfc0804.dat
2016-11-08 18:22 - 2009-07-14 06:13 - 01283460 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-08 18:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-08 10:01 - 2009-07-14 05:45 - 00022624 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-08 10:01 - 2009-07-14 05:45 - 00022624 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-08 09:56 - 2015-08-11 11:09 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-11-08 09:52 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-07 18:15 - 2012-07-25 12:33 - 00000000 ____D C:\Users\hp\AppData\Local\CrashDumps
2016-11-07 17:59 - 2013-12-17 21:06 - 00000000 ____D C:\ProgramData\Baofeng
2016-11-07 17:59 - 2012-07-25 12:30 - 00000000 ____D C:\ProgramData\Tencent
2016-11-06 17:38 - 2012-07-26 09:37 - 00000000 ____D C:\Program Files (x86)\360
2016-11-06 16:19 - 2013-10-01 16:17 - 00000000 __SHD C:\Users\hp\AppData\Roaming\360Quarant
2016-11-06 16:19 - 2013-10-01 16:17 - 00000000 __SHD C:\$360Section
2016-11-06 16:19 - 2012-07-25 03:40 - 00000000 ____D C:\Users\hp
2016-11-06 16:15 - 2012-07-26 09:53 - 00000000 ____D C:\Users\hp\AppData\Roaming\360Desktop
2016-11-06 16:02 - 2014-03-29 10:40 - 00000000 ____D C:\Users\hp\AppData\Roaming\Expert
2016-11-06 12:41 - 2015-07-04 17:04 - 00000000 ____D C:\Users\hp\AppData\Roaming\ytmediacenter
2016-11-06 12:41 - 2012-12-23 10:21 - 00000000 ____D C:\Users\hp\AppData\Roaming\SaturnPlayer
2016-11-06 10:24 - 2012-08-02 17:18 - 00000000 ____D C:\Users\hp\AppData\Local\Windows Live
2016-11-05 21:54 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\Media
2016-11-05 21:53 - 2014-05-24 16:33 - 00000000 ____D C:\Users\hp\AppData\Roaming\DSTEMPD
2016-11-05 21:53 - 2014-04-21 13:55 - 00000000 ____D C:\Users\hp\AppData\Roaming\CloudMedia
2016-11-05 21:44 - 2014-12-20 20:41 - 00000000 ____D C:\Users\hp\AppData\Roaming\vlc
2016-11-05 20:25 - 2012-07-25 03:53 - 00000000 ____D C:\Users\hp\AppData\LocalLow\SogouPY
2016-11-05 20:13 - 2014-02-17 08:08 - 00000000 ____D C:\Users\hp\AppData\Roaming\Common
2016-11-05 11:37 - 2015-02-11 20:01 - 00000000 __SHD C:\360Rec
2016-11-05 11:30 - 2012-07-25 03:40 - 00000000 ____D C:\Users\hp\AppData\LocalLow\AuthenTec
2016-11-05 11:22 - 2012-08-02 17:32 - 00000000 ____D C:\Users\hp\Tracing
2016-11-05 11:17 - 2014-12-20 20:50 - 00002768 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-11-05 11:08 - 2015-08-11 15:06 - 00000000 ____D C:\Users\hp\Documents\WeChat Files
2016-11-05 11:01 - 2015-06-23 18:34 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-11-03 01:53 - 2016-08-14 16:14 - 00000000 ____D C:\Program Files\TrueKey
2016-10-30 09:45 - 2012-07-26 09:58 - 00000000 ____D C:\Users\hp\AppData\Local\Google
2016-10-28 21:14 - 2014-07-01 16:32 - 00000000 ____D C:\Users\hp\AppData\Local\Adobe
2016-10-28 21:13 - 2012-03-24 08:11 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-28 21:13 - 2012-03-24 08:11 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-28 20:23 - 2015-01-11 20:57 - 00000000 _____ C:\Users\hp\Desktop\暴风看电影..bvd
2016-10-27 16:52 - 2015-07-05 18:05 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-10-26 09:09 - 2014-08-23 16:31 - 00000000 ____D C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-26 09:09 - 2014-08-23 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-24 18:09 - 2014-11-01 10:24 - 00096248 ____N (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2016-10-23 19:19 - 2012-07-08 09:28 - 00000000 ____D C:\ProgramData\Norton
2016-10-17 21:35 - 2014-09-05 19:42 - 00000000 ____D C:\SHDownload
2016-10-15 19:50 - 2013-03-15 07:20 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-15 19:50 - 2013-03-15 07:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-15 07:31 - 2013-03-15 07:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-14 08:08 - 2009-07-14 03:34 - 00000646 _____ C:\Windows\win.ini
==================== Files in the root of some directories =======
2013-11-06 13:46 - 2013-11-06 14:36 - 38645760 _____ () C:\Program Files (x86)\GUTA4D7.tmp
2014-02-17 08:09 - 2014-02-17 08:51 - 40550400 _____ () C:\Program Files (x86)\GUTD7E8.tmp
2014-05-24 16:14 - 2014-05-24 16:26 - 4369496 _____ () C:\Users\hp\AppData\Roaming\11tu15c.png_0
2014-05-24 16:14 - 2014-05-24 16:44 - 3649536 _____ () C:\Users\hp\AppData\Roaming\11tu15c.png_1
2014-05-24 16:14 - 2014-05-24 16:32 - 4368869 _____ () C:\Users\hp\AppData\Roaming\11tu15c.png_2
2014-05-24 16:14 - 2014-05-24 16:14 - 0498993 _____ () C:\Users\hp\AppData\Roaming\93a029ffc.dat
2012-07-27 03:34 - 2016-09-23 11:11 - 0000915 _____ () C:\Users\hp\AppData\Roaming\coreavc.ini
2015-08-11 14:22 - 2015-08-11 14:22 - 0010028 _____ () C:\Users\hp\AppData\Roaming\lds_uninst.log
2015-07-04 17:05 - 2015-07-04 17:05 - 0000032 _____ () C:\Users\hp\AppData\Local\temp.tmp
2012-07-28 03:26 - 2012-08-17 15:46 - 0000236 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-26 06:04
==================== End of FRST.txt ============================