Author Topic: win7 64-bit stuck in safemode at aswArDisk.sys, using FRST64 to scan  (Read 10100 times)

0 Members and 1 Guest are viewing this topic.

Offline larry evans

  • Newbie
  • *
  • Posts: 11
win7 64-bit stuck in safemode at aswArDisk.sys, using FRST64 to scan and got a FRST.txt. but i have to get the fixlist.txt to solve this problem. the content of FRST.txt is below. Pls help me if you know the right the fixlist.txt. thanks.

关于...的扫描结果 Farbar Recovery Scan Tool (FRST) (x64) 版本: 30-05-2020 01
通过...运行 SYSTEM 启动 MININT-INMOLUG (31-05-2020 04:03:25)
从运行 i:\
Platform: Windows 7 Ultimate Service Pack 1 (X64) 语言: 中文(简体,中国)
Internet Explorer 版本 11
启动模式: Recovery
放弃: ControlSet001
注意!:=====> 如果系统是可引导的FRST,必须从正常或安全模式运行,以创建一个完整的日志。

教程 Farbar Recovery Scan Tool:

==================== 档案 (将列入优先名单) ===================

(如果条目包含在固定列表中,则注册表项目将恢复为默认或删除。 文件不会被移除。)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2015-01-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-05] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => "F:\bluetooth components\bluetooth and wlan\Bluetooth Suite\BtvStack.exe"
HKU\\...\Run: [360sd] => "F:\dnf\360sd\360sdrun.exe"
HKU\dell\...\Run: [360sd] => "F:\dnf\360sd\360sdrun.exe"
HKU\\...\Run: [360sd] => "F:\dnf\360sd\360sdrun.exe"
HKU\\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\\...\Run: [360sd] => "F:\dnf\360sd\360sdrun.exe"
HKU\\...\Run: [360sd] => "F:\dnf\360sd\360sdrun.exe"
HKU\\...\Run: [360sd] => "F:\dnf\360sd\360sdrun.exe"
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] ()
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-31] ()
HKLM\...\Windows x64\Print Processors\winprint: C:\Windows\System32\spool\prtprocs\x64\winprint.dll [38912 2016-06-26] (Microsoft Corporation)
HKLM\...\Print\Monitors\HP1100LM: C:\Windows\system32\HP1100LM.DLL [288768 2012-08-31] ()
HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] ()
HKLM\...\Print\Monitors\Local Port: C:\Windows\system32\localspl.dll [970240 2016-06-26] (Microsoft Corporation)
HKLM\...\Print\Monitors\Microsoft Shared Fax Monitor: C:\Windows\system32\FXSMON.DLL [41984 2010-11-21] (Microsoft Corporation)
HKLM\...\Print\Monitors\PDF-XChange5-ABBYY-FR: C:\Windows\system32\pxc50pmaf.dll [57536 2016-10-03] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\Standard TCP/IP Port: C:\Windows\system32\tcpmon.dll [195072 2009-07-14] (Microsoft Corporation)
HKLM\...\Print\Monitors\USB Monitor: C:\Windows\system32\usbmon.dll [45056 2009-07-14] (Microsoft Corporation)
HKLM\...\Print\Monitors\WSD Port: C:\Windows\system32\WSDMon.dll [224768 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177624 2015-01-09] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164568 2015-01-09] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
GroupPolicy: 限制 ? <==== 注意

==================== 以安排的任务 (将列入优先名单) ============

(如果一个条目包含在固定列表中,它将从注册表中删除。 除非单独列出,否则文件将不会被移动。.)

Task: {0449C489-5613-46D5-BFD9-4962053230FD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0AB48375-7A91-4822-8367-CC903ECC28DE} - \kuaizip_update -> 无文件 <==== 注意
Task: {0D2D7A48-4396-4014-94F7-557C4B6FE853} - System32\Tasks\微软设备健康助手设备检查 => C:\Program Files (x86)\Microsoft Device Health\PluginManager\DhPluginMgrScheduler.exe [105112 2015-01-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {1150DE02-94FF-4F6F-8E14-EDECA1D33028} - System32\Tasks\MeLogo_{67679FCB-7ECA-4db5-B5AE-E6B4E178D0BA} => D:\yygamestore\emulator\\me.exe
Task: {160861BB-38E9-4B4F-8A6B-7DA40B4445B9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-05-04] (Avast Software s.r.o. -> Avast Software)
Task: {23F40803-9DA4-4F22-B82F-0583473143E7} - System32\Tasks\PowerWord-Notify-dell-PC_dell => F:\Kingsoft\Power Word 2016\2016.3.3.0316\ktpcntr.exe
Task: {240FEA1B-EB28-4BB4-BDBA-DDB95933883B} - System32\Tasks\LuckyTab => C:\Program Files (x86)\LuckyTab\LuckyTab.exe [1394112 2015-02-19] (T Module Gmbh -> hxxp:// <==== 注意
Task: {382976F7-97FD-43F0-BB53-E626F648548B} - System32\Tasks\sogouimemgr => C:\Program Files (x86)\SogouInput\SogouExe\SogouExe.exe [412568 2019-12-31] (Beijing Sogou Technology Development Co., Ltd. -> Inc.)
Task: {38C40019-1D37-4AED-8C53-D72F2CE744B0} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2015-01-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {51F10271-70F5-43E9-A550-BF438ABC3063} - System32\Tasks\微软设备健康助手自动更新 => C:\Program Files (x86)\Microsoft Device Health\DhUpdate.exe [186520 2015-01-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {559AC119-F1CD-4EFC-892E-5E819F9E1738} - \360SuperKiller\360SuperKiller -> 无文件 <==== 注意
Task: {561FC19A-2332-481A-B89B-60097DB3B889} - System32\Tasks\{DBEFB31E-AC5F-428D-ABF9-19777C881D79} => C:\Windows\system32\pcalua.exe -a F:\闪电战\[闪电战官方纪念合集及资料片全面挑战全集].Blitzkrieg_Anthology_CD3.iso\Setup.exe -d F:\闪电战\[闪电战官方纪念合集及资料片全面挑战全集].Blitzkrieg_Anthology_CD3.iso
Task: {7074B659-A4BC-4B53-BA6B-3C4960FAF226} - System32\Tasks\haozip_2345upgrade task => F:\Haozip\Haozip_2345Upgrade.exe
Task: {729BC3AE-B473-4091-A07C-E59C90BE148F} - System32\Tasks\微软设备健康助手开机检测 => C:\Program Files (x86)\Microsoft Device Health\DhUpdate.exe [186520 2015-01-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => by user disabled
Task: {9106BB7C-76A1-4D2A-9AAB-7BB9B9B06B5A} - System32\Tasks\{1E51D547-2A78-4BBB-8F63-2D18DFBD0F31} => C:\Windows\system32\pcalua.exe -a "C:\Users\dell\Desktop\essay1,更改9.6\Blitzkrieg 3-Installer.exe" -d C:\Users\dell\Desktop\essay1,更改9.6
Task: {92722E94-300B-4B7F-B309-799596008431} - System32\Tasks\glaryinitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [135120 2018-04-16] (Glarysoft LTD -> Glarysoft Ltd)
Task: {A7445998-A2E6-45CB-9448-F46FAA4F7D5C} - System32\Tasks\Avast Emergency Update => F:\avast\AvEmUpdate.exe
Task: {B1977D04-5857-4BA0-8C6E-1BB79EBE7AB9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1187864 2018-03-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {B525EB5C-04A5-4B10-AC7A-97CFE9625D8F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2562222455-3494385764-2129142305-1000 => C:\Users\dell\AppData\Local\MEGAsync\MEGAupdater.exe
Task: {B9630E5D-F624-4913-9CD8-B971CECEB8ED} - System32\Tasks\adobeaamupdater-1.0-dell-pc-dell => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {BDEB49FA-17DD-434F-BA4C-192757C2F602} - \360safe\360APMainProg -> 无文件 <==== 注意
Task: {D12DEA96-7803-4DFA-BB67-E3CD5528EC4E} - System32\Tasks\{0BF75A0D-0539-4FD1-A122-F31E8AEE4101} => C:\Windows\system32\pcalua.exe -a F:\闪电战\1\Setup.exe -d F:\闪电战\1
Task: {D3257DFE-52EC-4D01-95CF-8DFED5675EB0} - System32\Tasks\powerword-update-dell-pc_dell => F:\Kingsoft\Power Word 2016\2016.3.3.0333\update.exe
Task: {E4E1A065-EC7C-410D-9F26-09C0ACF2B8B6} - System32\Tasks\powerword-search-dell-pc_dell => F:\Kingsoft\Power Word 2016\2016.3.3.0333\pwsearch.exe
Task: {EB3670AC-C127-48E4-B5CC-3890E81DADD0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)


Task: C:\Windows\Tasks\PowerWord-Notify-dell-PC_dell.job => F:\Kingsoft\Power Word 2016\2016.3.3.0316\ktpcntr.exeLpowerword 2016.3.3.0316 hxxp:/
Task: C:\Windows\Tasks\powerword-search-dell-pc_dell.job => F:\Kingsoft\Power Word 2016\2016.3.3.0333\pwsearch.exe
Task: C:\Windows\Tasks\powerword-update-dell-pc_dell.job => F:\Kingsoft\Power Word 2016\2016.3.3.0333\update.exe
Task: C:\Windows\Tasks\微软设备健康助手开机检测.job => C:\Program Files (x86)\Microsoft Device Health\DhUpdate.exe/EnableDHSYSTEMH此任务用于微软设备健康助手的状态检测和自我修复。了解更多请查阅hxxp:/
Task: C:\Windows\Tasks\微软设备健康助手自动更新.job => C:\Program Files (x86)\Microsoft Device Health\DhUpdate.exeSYSTEMZ此服务属于微软设备健康助手用于获取最新的版本有助于提高设备健康度及保障支付安全。了解更多请查阅hxxp:/
Task: C:\Windows\Tasks\微软设备健康助手设备检查.job => C:\Program Files (x86)\Microsoft Device Health\PluginManager\DhPluginMgrScheduler.exeSYSTEMC此任务用于微软设备健康助手的设备检查。了解更多请查阅hxxp:/

==================== 服务 (将列入优先名单) ===================

(如果一个条目包含在固定列表中,它将从注册表中删除。 除非单独列出,否则文件将不会被移动。.)

S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] (Autodesk, Inc. -> )
S3 CAJ Service Host; C:\Program Files (x86)\TTKN\CAJVD\CAJSHost.exe [69040 2012-05-29] (Tongfang Knowledge Network Technology (Beijing) Co.,Ltd. -> Tongfang Knowledge Network Technology(Beijing) Co., Ltd.)
S2 DeviceHealth; C:\Program Files (x86)\Microsoft Device Health\DhMachineSvc.exe [196760 2015-01-30] (Microsoft Corporation -> Microsoft Corporation)
S2 DeviceHealthPluginMgr; C:\Program Files (x86)\Microsoft Device Health\PluginManager\DhPluginMgr.exe [244376 2015-01-30] (Microsoft Corporation -> Microsoft Corporation)
S3 dg597; C:\Windows\SysWOW64\dg597\dg597.dll [134720 2019-10-04] (Beijing Kingsoft Security software Co.,Ltd -> )
S2 Flash Helper Service; C:\Windows\SysWOW64\Macromed\Flash\FlashHelperService.exe [2757488 2020-05-16] (重庆重橙网络科技有限公司 -> 重庆重橙网络科技有限公司)
S2 ICBC Daemon Service; C:\Program Files (x86)\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN64\IcbcDaemon_64.exe [486536 2014-06-20] (Industrial and Commercial Bank of China Limited -> )
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-01-05] (Intel Corporation - pGFX -> Intel Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation -> Microsoft Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2015-01-09] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OnKey Service _ICBC; C:\Windows\SysWOW64\D4Ser_ICBC.exe [84280 2014-08-19] (Tendyron Corporation -> Tendyron Corporation)
S3 pcas; C:\Program Files (x86)\alipay\aliedit\\pcas.exe [592856 2015-03-23] ( Co.,Ltd -> Inc.)
S3 Protect_2345chrome; C:\Program Files (x86)\Protect_2345chrome\Protect_2345chrome.exe [58344 2014-05-20] ( ->
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [293080 2015-01-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 secbizsrv; C:\Program Files (x86)\alipay\aliedit\\secbizsrv.exe [594904 2015-03-23] ( Co.,Ltd -> Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 XMPService; C:\Users\Public\Thunder Network\Pusher\XmpSvc\XMPService.dll [166544 2017-05-03] (深圳市迅雷网络技术有限公司 -> 深圳市迅雷网络技术有限公司)
S3 AdClean; C:\Program Files (x86)\AdClean\AcSvr.exe [X]
S3 aswbIDSAgent; "F:\avast\aswidsagent.exe" [X]
S2 AtherosSvc; "F:\bluetooth components\bluetooth and wlan\Bluetooth Suite\adminservice.exe" [X]
S2 avast! Antivirus; "F:\avast\AvastSvc.exe" /runassvc [X]
S2 BBDemon; "F:\Program Files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe" -service [X]
S3 BDMiniDlUpdate; C:\Users\dell\AppData\Roaming\baidu\BaiduRJDownloader\\BDMiniDlUpdate_591.exe [X]
S3 DGPNPSEV; D:\DriverGenius\DgService.exe [X]
S2 DS License Server; "F:\Program Files\Dassault Systemes\DS License Server\win_b64\code\bin\DSLicSrv.exe" -startServer [X]
S2 FCService; "F:\FlashRepair\FCService.exe" [X]
S2 HaoZipSvc; F:\Haozip\protect\HaozipSvc.exe [X]
S3 lpser; D:\Program Files (x86)\Xianshuabao\Personal\SpeedEngines.dll [X]
S2 MSSQL$ENOVIA_DB; "F:\Program Files\Microsoft SQL Server\MSSQL10_50.ENOVIA_DB\MSSQL\Binn\sqlservr.exe" -sENOVIA_DB [X]
S3 MSSQLFDLauncher$ENOVIA_DB; "F:\Program Files\Microsoft SQL Server\MSSQL10_50.ENOVIA_DB\MSSQL\Binn\fdlauncher.exe" -s MSSQL10_50.ENOVIA_DB [X]
S2 QPCore; "C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe" [X]
S3 SQLAgent$ENOVIA_DB; "F:\Program Files\Microsoft SQL Server\MSSQL10_50.ENOVIA_DB\MSSQL\Binn\SQLAGENT.EXE" -i ENOVIA_DB [X]
S4 TBSecSvc; C:\Users\dell\AppData\Roaming\TaobaoProtect\TBSecSvc.exe [X]
S3 ThunderSecurityDoctor; D:\Program Files (x86)\Thunder Network\Thunder\Thunder BHO Platform\tdservicedelegate.dll [X]
S3 Tomcat9; F:\apache-tomcat-9.0.35\bin\Tomcat9.exe //RS//Tomcat9 [X]
S2 ZAtheros Wlan Agent; F:\bluetooth components\bluetooth and wlan\Ath_WlanAgent.exe [X]

Offline larry evans

  • Newbie
  • *
  • Posts: 11
content below is the second part of FRST.txt

===================== 驱动器 (将列入优先名单) ===================

(如果一个条目包含在固定列表中,它将从注册表中删除。 除非单独列出,否则文件将不会被移动。.)

S2 ABC_FTKBD; C:\Windows\system32\drivers\ABC_FTKBD.sys [87232 2014-04-26] (Feitian Technologies Co., Ltd. -> ABChina)
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-21] (Microsoft Corporation)
S1 AFD; C:\Windows\system32\drivers\afd.sys [497664 2015-10-14] (Microsoft Corporation)
S3 AppID; C:\Windows\system32\drivers\appid.sys [62464 2017-05-28] (Microsoft Corporation)
S0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37856 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206120 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [234776 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178968 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60696 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42984 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175920 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [500960 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-05-04] (AVAST Software s.r.o. -> AVAST Software)
S1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109480 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85056 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851808 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [459408 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235696 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [317280 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [4108288 2014-10-27] (Qualcomm Atheros Communications, Inc.)
S1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation)
S0 bootsafe; C:\Windows\System32\drivers\bootsafe64.sys [125104 2019-10-15] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation)
S3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90112 2016-10-05] (Microsoft Corporation)
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-11] (Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-11] (Brother Industries, Ltd.)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-11] (Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-11] (Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-11] (Brother Industries Ltd.)
S3 BthEnum; C:\Windows\System32\DRIVERS\BthEnum.sys [41984 2009-07-14] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\DRIVERS\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation)
S3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [118784 2009-07-14] (Microsoft Corporation)
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [552960 2012-07-07] (Microsoft Corporation)
S3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [80384 2011-04-28] (Microsoft Corporation)
S3 circlass; C:\Windows\system32\drivers\circlass.sys [45568 2009-07-14] (Microsoft Corporation)
S3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2010-11-21] (Microsoft Corporation)
S3 coolpadusbser; C:\Windows\System32\DRIVERS\CP_USBSER.SYS [238080 2012-05-30] (QUALCOMM Incorporated)
S1 CSC; C:\Windows\System32\drivers\csc.sys [514560 2010-11-21] (Microsoft Corporation)
S1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [106496 2016-09-08] (Microsoft Corporation)
S3 DgSafe; C:\Windows\system32\drivers\DgSafe.sys [276712 2019-10-04] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation)
S1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation)
S3 dmvsc; C:\Windows\system32\drivers\dmvsc.sys [71168 2010-11-21] (Microsoft Corporation)
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2015-12-09] (Microsoft Corporation)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-04] (Disc Soft Ltd -> Disc Soft Ltd)
S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28424 2018-05-03] (Glarysoft LTD -> Glarysoft Ltd)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-11] (Hauppauge Computer Works, Inc.)
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-21] (Microsoft Corporation)
S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [100864 2009-07-14] (Microsoft Corporation)
S3 HidIr; C:\Windows\system32\drivers\hidir.sys [46592 2009-07-14] (Microsoft Corporation)
S3 HTTP; C:\Windows\System32\drivers\HTTP.sys [754688 2015-02-25] (Microsoft Corporation)
S0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-09-20] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-21] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation)
S0 kavbootc; C:\Windows\System32\drivers\kavbootc64.sys [55384 2019-10-04] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation)
S2 ksapi64; C:\Windows\System32\drivers\ksapi64.sys [81920 2019-10-04] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation)
S2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation)
S2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation)
S1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM Polska Sp. z o.o. -> IBM)
S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation)
S3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [142336 2016-09-08] (Microsoft Corporation)
S3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [159744 2017-05-28] (Microsoft Corporation)
S3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [291328 2017-05-28] (Microsoft Corporation)
S3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [129536 2017-05-28] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.)
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation)
S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-21] (Microsoft Corporation)
S1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [262144 2016-05-11] (Microsoft Corporation)
S3 npf; C:\Windows\System32\drivers\npf.sys [35344 2013-07-29] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [663552 2016-06-15] (Microsoft Corporation)
S1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-21] (Microsoft Corporation)
S2 QQProtectX64; C:\Windows\system32\drivers\QQProtectX64.sys [120752 2020-01-24] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation)
S1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [310272 2015-01-07] (Microsoft Corporation)
S3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation)
S1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation)
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165888 2010-11-21] (Microsoft Corporation)
S1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation)
S1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [19456 2012-08-23] (Microsoft Corporation)
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [212480 2014-07-17] (Microsoft Corporation)
S3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [158720 2009-07-14] (Microsoft Corporation)
S2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation)
S3 RTLE8023x64; C:\Windows\System32\DRIVERS\Rtenic64.sys [509144 2013-08-27] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [6656 2010-11-21] (Microsoft Corporation)
S1 SafeBoxProtect; C:\Windows\system32\Drivers\SafeBoxProtect64.sys [30952 2016-03-07] (Qihoo 360 Software (Beijing) Company Limited ->
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-21] (Microsoft Corporation)
S4 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-11] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation)
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation)
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-21] (Microsoft Corporation)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-05] (Synaptics Incorporated -> Synaptics Incorporated)
S3 srv; C:\Windows\System32\DRIVERS\srv.sys [462848 2017-05-28] (Microsoft Corporation)
S3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [405504 2017-05-28] (Microsoft Corporation)
S3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168960 2017-05-28] (Microsoft Corporation)
S2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [46080 2016-07-07] (Microsoft Corporation)
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation)
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] (Microsoft Corporation)
S1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [118272 2015-10-14] (Microsoft Corporation)
S3 terminpt; C:\Windows\system32\drivers\terminpt.sys [29696 2012-08-23] (Microsoft Corporation)
S3 TesMon; C:\Windows\system32\drivers\TesMon.sys [2376456 2019-08-17] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [1020968 2016-11-18] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2014-07-17] (Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56832 2013-10-02] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [30208 2012-08-23] (Microsoft Corporation)
S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [117248 2010-11-21] (Microsoft Corporation)
S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-21] (Microsoft Corporation)
S2 TVicHW64; C:\Windows\system32\drivers\tvichw64.sys [13824 2004-12-17] (EnTech Taiwan)
S3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [109824 2013-07-12] (Microsoft Corporation)
S3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2016-08-17] (Microsoft Corporation)
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation)
S3 usbehci; C:\Windows\system32\drivers\usbehci.sys [56320 2016-08-17] (Microsoft Corporation)
S3 usbhub; C:\Windows\system32\drivers\usbhub.sys [343552 2016-08-17] (Microsoft Corporation)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2016-08-17] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] (Microsoft Corporation)
S3 usbser; C:\Windows\System32\DRIVERS\usbser.sys [33280 2013-08-29] (Microsoft Corporation)
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2016-02-04] (Microsoft Corporation)
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2016-08-17] (Microsoft Corporation)
S3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation)
S3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation)
S1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-14] (Microsoft Corporation)
S1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation)
S3 WinUSB; C:\Windows\System32\DRIVERS\WinUSB.sys [41984 2010-11-21] (Microsoft Corporation)
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] (Microsoft Corporation)
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S1 XLGuard; C:\Windows\System32\drivers\XLGuard.sys [58640 2019-08-08] (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
S2 XLWFP; C:\Windows\System32\drivers\xlwfp.sys [78064 2019-08-08] (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
S3 ARDRIVER; \??\C:\Windows\system32\DRIVERS\ARDRIVER.SYS [X]
S3 BmaTsCw; \??\C:\Users\dell\AppData\Local\Temp\40239973\Fix\BmaTsCw.sys [X] <==== 注意
S3 durinspang; \??\C:\Windows\system32\durinspang.sys [X]
S1 KDHacker; \??\security\kxescan\KDHacker64.sys [X]
S1 QMUdisk; \??\d:\Program Files (x86)\Tencent\QQPCMgr\8.10.11233.220\QMUdisk64.sys [X]
S3 rinnvwtang; \??\C:\Windows\system32\rinnvwtang.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 yengzhvejyui; \??\C:\Windows\system32\yengzhvejyui.sys [X]
S3 zMVOdBt; \??\C:\Users\dell\AppData\Local\Temp\40239973\Fix\zMVOdBt.sys [X] <==== 注意
S3 zozuhFl; \??\C:\Users\dell\AppData\Local\Temp\40239973\Fix\zozuhFl.sys [X] <==== 注意
UpperFilters: [{4D36E967-E325-11CE-BFC1-08002BE10318}] -> [PartMgr aswArDisk]
UpperFilters: [{4D36E96B-E325-11CE-BFC1-08002BE10318}] -> [aswKbd kbdclass]

Offline larry evans

  • Newbie
  • *
  • Posts: 11
third part of FRST.txt

==================== NetSvcs (将列入优先名单) ===================

(如果一个条目包含在固定列表中,它将从注册表中删除。 除非单独列出,否则文件将不会被移动。.)

NETSVCx32: XLServicePlatform -> 不 文件路径.
NETSVCx32: HpSvc -> 不 文件路径.
NETSVCx32: dg597 -> C:\Windows\SysWOW64\dg597\dg597.dll ()

==================== 一个月 (创建成功) ===================


2020-05-31 03:47 - 2020-05-31 04:03 - 000000000 ____D C:\FRST
2020-05-30 02:04 - 2020-05-04 00:48 - 000037856 _____ (AVAST Software) C:\Windows\System32\Drivers\aswArDisk.sys
2020-05-27 11:53 - 2020-05-27 12:09 - 000494162 _____ C:\Windows\ntbtlog.txt
2020-05-20 21:06 - 2020-05-20 21:06 - 000000000 ____D C:\Users\\AppData\Local\3dmouse
2020-05-20 14:00 - 2020-05-20 14:00 - 009560864 _____ C:\Users\\AppData\Local\BlackList
2020-05-20 14:00 - 2020-05-20 14:00 - 000007268 _____ C:\Users\\AppData\Local\WhiteList
2020-05-20 13:49 - 2020-05-20 18:57 - 000000000 ____D C:\Users\\Desktop\新建文件夹 (2)
2020-05-19 03:09 - 2020-05-19 03:09 - 000115250 _____ C:\Users\\Documents\CATIA.SSQ_IYM-41E6145A042A7ADB_dell-pc.licz
2020-05-19 01:12 - 2020-05-19 01:13 - 000000000 ____D C:\Program Files\WMV9_VCM
2020-05-19 01:11 - 2020-05-19 01:11 - 000000000 ____D C:\Users\\Documents\CATIA
2020-05-18 22:51 - 2020-05-20 19:06 - 000000000 ____D C:\Users\\Desktop\catia v6r2013安装视频
2020-05-18 17:41 - 2020-05-18 19:03 - 000000000 ____D C:\Users\\AppData\Roaming\DAEMON Tools Lite
2020-05-18 17:41 - 2020-05-18 17:41 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2020-05-18 16:41 - 2020-05-21 09:48 - 000000000 ____D C:\Users\\AppData\Roaming\DassaultSystemes
2020-05-18 16:41 - 2020-05-20 21:07 - 000000000 ____D C:\Users\\AppData\Local\DassaultSystemes
2020-05-18 16:41 - 2020-05-19 03:01 - 000000000 ____D C:\ProgramData\DassaultSystemes
2020-05-18 14:47 - 2010-04-04 02:51 - 000073568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$ENOVIA_DB-sqlctr10.50.1600.1.dll
2020-05-18 14:47 - 2010-04-04 02:51 - 000047456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL10_50.ENOVIA_DB-sqlagtctr.dll
2020-05-18 14:47 - 2010-04-04 01:57 - 000079200 _____ (Microsoft Corporation) C:\Windows\System32\perf-MSSQL$ENOVIA_DB-sqlctr10.50.1600.1.dll
2020-05-18 14:47 - 2010-04-04 01:57 - 000077152 _____ (Microsoft Corporation) C:\Windows\System32\perf-MSSQL10_50.ENOVIA_DB-sqlagtctr.dll
2020-05-18 14:46 - 2020-05-18 14:46 - 000000000 ____D C:\Users\\Documents\Integration Services Script Component
2020-05-18 14:45 - 2020-05-18 15:24 - 000000000 ____D C:\Users\\Documents\SQL Server Management Studio
2020-05-18 14:45 - 2020-05-18 14:45 - 000000000 ____D C:\Users\\Documents\Integration Services Script Task
2020-05-18 14:44 - 2020-05-18 14:44 - 000000000 ____D C:\Windows\System32\RsFx
2020-05-18 14:42 - 2020-05-18 14:42 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2020-05-18 14:42 - 2020-05-18 14:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2020-05-18 14:41 - 2020-05-18 15:24 - 000000000 ____D C:\Users\\Documents\Visual Studio 2005
2020-05-18 14:40 - 2020-05-19 00:58 - 000000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2020-05-18 14:36 - 2020-05-18 14:36 - 000000000 ____D C:\Users\\Documents\Visual Studio 2008
2020-05-18 14:36 - 2020-05-18 14:36 - 000000000 ____D C:\Users\\AppData\Local\Microsoft Help
2020-05-18 14:35 - 2020-05-18 14:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2020-05-18 14:35 - 2020-05-18 14:35 - 000000000 ____D C:\Windows\SysWOW64\2052
2020-05-18 14:35 - 2020-05-18 14:35 - 000000000 ____D C:\Windows\SysWOW64\1033
2020-05-18 14:35 - 2020-05-18 14:35 - 000000000 ____D C:\Windows\System32\2052
2020-05-18 14:35 - 2020-05-18 14:35 - 000000000 ____D C:\Windows\System32\1033
2020-05-18 14:35 - 2020-05-18 14:35 - 000000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2020-05-18 14:35 - 2020-05-18 14:35 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2020-05-18 14:35 - 2020-05-18 14:35 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2020-05-18 14:26 - 2020-05-18 14:35 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2020-05-18 13:39 - 2020-05-18 13:39 - 000000000 ____D C:\Users\\AppData\Local\Microsoft_Corporation
2020-05-18 13:38 - 2020-05-18 14:35 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2020-05-18 00:54 - 2020-05-18 00:54 - 000000000 ____D C:\Users\\AppData\Roaming\Sun
2020-05-18 00:53 - 2020-05-18 00:53 - 000110968 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2020-05-18 00:42 - 2020-05-18 00:42 - 000000000 ____D C:\Users\\AppData\LocalLow\Oracle
2020-05-17 18:19 - 2020-05-17 18:19 - 000000000 ____D C:\Users\\AppData\LocalLow\Sun
2020-05-16 11:01 - 2020-05-16 11:01 - 000000038 _____ C:\Users\dell\Documents\
2020-05-16 09:00 - 2020-05-16 09:01 - 000000000 ____D C:\Users\\AppData\Flash Player
2020-05-16 08:54 - 2020-05-16 08:54 - 000000000 ____D C:\Users\\AppData\Roaming\miniconfig
2020-05-16 08:51 - 2020-05-16 08:51 - 000000000 ____D C:\Users\\Flash Center
2020-05-16 08:40 - 2020-05-16 17:43 - 004020277 _____ C:\Users\dell\Documents\trail.txt.8
2020-05-04 03:27 - 2020-05-04 03:28 - 000037026 _____ C:\Windows\System32\trail.txt.4
2020-05-04 03:23 - 2020-05-04 03:24 - 000000000 ____D C:\Users\\Desktop\straingt gear cad3
2020-05-04 03:22 - 2020-05-04 03:25 - 000000000 ____D C:\Users\\Desktop\straingt gear cad2
2020-05-04 03:16 - 2020-05-04 03:27 - 000093403 _____ C:\Windows\System32\trail.txt.3
2020-05-04 03:15 - 2020-05-04 03:25 - 000000000 ____D C:\Users\\Desktop\straingt gear p3
2020-05-04 03:03 - 2020-02-13 20:00 - 004481984 _____ (Microsoft Corporation) C:\Windows\System32\d3dcompiler_47.dll
2020-05-04 01:50 - 2020-05-04 01:50 - 000000000 ____D C:\7aaae733d4f31ad2c3b73c
2020-05-04 01:23 - 2020-05-04 03:28 - 000002231 _____ C:\Windows\System32\std.err
2020-05-04 01:23 - 2020-05-04 01:30 - 000080339 _____ C:\Windows\System32\trail.txt.2
2020-05-04 01:14 - 2020-05-04 01:14 - 000000000 ____D C:\Users\\Desktop\casting wheel p3
2020-05-04 01:12 - 2020-05-04 03:06 - 000000000 ____D C:\Users\\Desktop\casting wheel cad2
2020-05-04 00:51 - 2020-05-04 00:51 - 000000000 ____D C:\Users\\AppData\Roaming\Avast Software
2020-05-04 00:50 - 2020-05-20 18:22 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2020-05-04 00:49 - 2020-05-21 09:40 - 000004110 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2020-05-04 00:49 - 2020-05-04 00:50 - 000500960 _____ (AVAST Software) C:\Windows\System32\Drivers\aswNetHub.sys
2020-05-04 00:49 - 2020-05-04 00:50 - 000459408 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2020-05-04 00:49 - 2020-05-04 00:49 - 000317280 _____ (AVAST Software) C:\Windows\System32\Drivers\aswVmm.sys
2020-05-04 00:49 - 2020-05-04 00:49 - 000235696 _____ (AVAST Software) C:\Windows\System32\Drivers\aswStm.sys
2020-05-04 00:49 - 2020-05-04 00:49 - 000175920 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2020-05-04 00:49 - 2020-05-04 00:49 - 000109480 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2020-05-04 00:49 - 2020-05-04 00:49 - 000085056 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRvrt.sys
2020-05-04 00:49 - 2020-05-04 00:49 - 000042984 _____ (AVAST Software) C:\Windows\System32\Drivers\aswKbd.sys
2020-05-04 00:49 - 2020-05-04 00:49 - 000038152 _____ (AVAST Software) C:\Windows\System32\Drivers\aswNetNd6.sys
2020-05-04 00:49 - 2020-05-04 00:49 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-05-04 00:49 - 2020-05-04 00:48 - 000851808 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2020-05-04 00:49 - 2020-05-04 00:48 - 000337048 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2020-05-04 00:49 - 2020-05-04 00:48 - 000234776 _____ (AVAST Software) C:\Windows\System32\Drivers\aswbidsdriver.sys
2020-05-04 00:49 - 2020-05-04 00:48 - 000206120 _____ (AVAST Software) C:\Windows\System32\Drivers\aswArPot.sys
2020-05-04 00:49 - 2020-05-04 00:48 - 000178968 _____ (AVAST Software) C:\Windows\System32\Drivers\aswbidsh.sys
2020-05-04 00:49 - 2020-05-04 00:48 - 000060696 _____ (AVAST Software) C:\Windows\System32\Drivers\aswbuniv.sys
2020-05-03 22:39 - 2020-05-18 19:06 - 000000000 ____D C:\Users\\AppData\Local\CrashDumps
2020-05-03 21:17 - 2020-05-03 21:17 - 000057497 _____ C:\Users\\Desktop\Drawing503.dwg
2020-05-03 20:10 - 2020-05-03 20:12 - 000013152 _____ C:\Users\dell\Documents\trail.txt.7
2020-05-03 20:08 - 2020-05-03 20:09 - 000003187 _____ C:\Users\dell\Documents\trail.txt.6
2020-05-03 20:07 - 2020-05-03 20:07 - 000168544 _____ C:\Users\\Desktop\Drawing1.dxf
2020-05-03 04:28 - 2020-05-19 03:23 - 000000000 ____D C:\Users\\AppData\Local\BitTorrentHelper
2020-05-03 04:27 - 2020-05-19 23:36 - 000000000 ____D C:\Users\\AppData\Roaming\uTorrent
2020-05-03 03:56 - 2020-05-03 03:56 - 000000000 ____D C:\Users\\AppData\Roaming\VipSocksData
2020-05-03 03:56 - 2020-05-03 03:56 - 000000000 ____D C:\Users\\AppData\Roaming\SSTap Beta
2020-05-03 03:12 - 2020-05-03 03:12 - 000001779 _____ C:\Users\dell\Documents\
2020-05-03 03:12 - 2020-05-03 03:12 - 000000000 ____D C:\Users\\Documents\proe
2020-05-03 02:48 - 2020-05-03 03:12 - 000109638 _____ C:\Users\dell\Documents\trail.txt.5
2020-05-03 02:47 - 2020-05-03 02:48 - 000000878 _____ C:\Users\dell\Documents\trail.txt.4
2020-05-03 02:47 - 2020-05-03 02:47 - 000000878 _____ C:\Users\dell\Documents\trail.txt.3
2020-05-03 02:24 - 2020-05-03 02:24 - 000000000 ____D C:\Users\\Documents\Adobe
2020-05-03 01:51 - 2020-05-03 01:56 - 000003327 _____ C:\Users\dell\Documents\trail.txt.2
2020-05-03 01:25 - 2020-05-03 01:42 - 000000000 ____D C:\Users\\Documents\OriginLab
2020-05-02 23:43 - 2020-05-02 23:43 - 000000878 _____ C:\Users\dell\Documents\trail.txt.1
2020-05-02 23:37 - 2019-09-13 17:16 - 000016601 _____ C:\Users\\新建文档 1.2019_09_13_17_16_22.0.svg
2020-05-02 23:37 - 2019-01-28 13:26 - 000019040 _____ C:\Users\\新建文档 1.2019_01_28_13_26_42.0.svg
2020-05-02 23:37 - 2018-12-01 20:42 - 000043766 _____ C:\Users\\新建文档 1.2018_12_01_20_42_26.0.svg
2020-05-02 23:37 - 2017-05-29 19:10 - 000000036 _____ C:\Users\\mm.cfg
2020-05-02 23:37 - 2016-01-21 01:26 - 000000029 _____ C:\Users\\Foxit Reader SDK ActiveX.ini
2020-05-02 23:37 - 2010-08-28 20:43 - 000096256 _____ (Google, inc) C:\Users\\AdbWinApi.dll
2020-05-02 23:37 - 2010-08-28 20:43 - 000060928 _____ (Google, inc) C:\Users\\AdbWinUsbApi.dll
2020-05-02 23:30 - 2020-05-26 23:10 - 000000000 ____D C:\Users\\AppData\Roaming\MiniPage_2345
2020-05-02 23:29 - 2020-05-02 23:29 - 000000000 ____D C:\Users\\AppData\Local\CrashRpt
2020-05-02 23:28 - 2020-05-27 00:41 - 000000000 ____D C:\Users\\AppData\Roaming\2345DomainMon
2020-05-02 23:28 - 2020-05-02 23:28 - 000000000 ____D C:\Users\\AppData\Roaming\InsLogicCfg
2020-05-02 23:28 - 2020-05-02 23:28 - 000000000 ____D C:\Users\\AppData\Local\2345Explorer
2020-05-02 23:23 - 2020-05-02 23:23 - 000000000 ____D C:\Users\\AppData\Local\mubu-updater
2020-05-02 23:23 - 2020-05-02 23:23 - 000000000 ____D C:\Users\\AppData\Local\MozillaOnline
2020-05-02 23:23 - 2020-05-02 23:23 - 000000000 ____D C:\Users\\AppData\Local\Mozilla
2020-05-02 23:21 - 2020-05-21 09:46 - 000000000 ____D C:\Users\\AppData\LocalLow\Mozilla
2020-05-02 23:20 - 2020-05-02 23:20 - 000000000 ____D C:\Users\\AppData\Roaming\Zhumu Cloud Meetings
2020-05-02 23:19 - 2020-05-02 23:19 - 000000000 ____D C:\Users\\AppData\Roaming\Mubu
2020-05-02 23:19 - 2020-05-02 23:19 - 000000000 ____D C:\Users\\AppData\Roaming\Mozilla
2020-05-02 21:46 - 2020-05-02 21:46 - 000000000 ____D C:\Users\\AppData\Roaming\fityk
2020-05-02 21:44 - 2020-05-02 21:44 - 000000000 ____D C:\Users\\AppData\Local\OriginLab
2020-05-02 21:44 - 2020-05-02 21:44 - 000000000 ____D C:\Users\\AppData\Local\Gatan
2020-05-02 21:43 - 2020-05-02 21:43 - 000000000 ____D C:\Users\\AppData\Roaming\ABBYY
2020-05-02 21:43 - 2020-05-02 21:43 - 000000000 ____D C:\Users\\AppData\Local\ABBYY
2020-05-02 21:40 - 2020-05-02 21:40 - 000000000 ____D C:\Users\\AppData\Roaming\PTC
2020-05-02 21:36 - 2020-05-16 03:34 - 000000000 ____D C:\Users\\AppData\Local\cache
2020-05-02 21:34 - 2020-05-02 21:34 - 000000000 ____D C:\Users\\AppData\Roaming\Autodesk
2020-05-02 21:33 - 2020-05-02 21:33 - 000000000 ____D C:\Users\\AppData\Local\Autodesk
2020-05-02 21:29 - 2020-05-20 21:13 - 000000000 ____D C:\Users\\Desktop\鑫
2020-05-01 05:23 - 2020-05-20 18:22 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2020-05-01 05:23 - 2020-05-20 18:22 - 000002804 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2020-05-01 05:23 - 2020-05-04 01:58 - 000000000 ____D C:\Program Files\CCleaner
2020-05-01 03:11 - 2020-05-01 03:11 - 000000000 ____D C:\ProgramData\LHService
2020-05-01 03:10 - 2020-05-01 03:10 - 000000000 ____D C:\ProgramData\LockHunter
2020-05-01 03:06 - 2020-05-01 03:06 - 000000000 ____D C:\Users\\AppData\Roaming\LockHunter
2020-05-01 00:34 - 2020-05-26 23:10 - 000000000 ____D C:\Users\\AppData\Roaming\Helper_2345
2020-05-01 00:34 - 2020-05-21 09:44 - 000000000 ____D C:\Users\\AppData\Roaming\HaoZip

Offline larry evans

  • Newbie
  • *
  • Posts: 11
fourth part of FRST.txt

==================== 一个月 (已修改) ==================


2020-05-27 00:56 - 2014-07-02 19:20 - 000000000 ____D C:\ProgramData\AVAST Software
2020-05-27 00:23 - 2020-04-11 11:32 - 000000000 ____D C:\Users\\AppData\LocalLow\SogouPy
2020-05-27 00:07 - 2015-04-27 00:04 - 000000456 _____ C:\Windows\Tasks\微软设备健康助手自动更新.job
2020-05-27 00:00 - 2015-04-27 00:04 - 000000462 _____ C:\Windows\Tasks\微软设备健康助手设备检查.job
2020-05-21 09:41 - 2020-04-16 11:38 - 000000000 ____D C:\Users\\AppData\Local\xwalk
2020-05-20 21:52 - 2009-07-14 12:45 - 000026352 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-05-20 21:52 - 2009-07-14 12:45 - 000026352 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-05-20 21:44 - 2020-04-10 22:44 - 000000000 __SHD C:\Users\dell\IntelGraphicsProfiles
2020-05-20 21:41 - 2015-04-27 00:04 - 000000440 _____ C:\Windows\Tasks\微软设备健康助手开机检测.job
2020-05-20 21:40 - 2014-12-29 18:32 - 000533392 _____ C:\Windows\System32\FNTCACHE.DAT
2020-05-20 21:40 - 2009-07-14 13:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-05-20 21:13 - 2020-04-10 22:56 - 000150008 _____ C:\Users\\AppData\Local\GDIPFONTCACHEV1.DAT
2020-05-20 20:54 - 2009-07-14 10:34 - 000017708 _____ C:\Windows\System32\Drivers\etc\services
2020-05-20 18:22 - 2019-04-02 11:07 - 000003192 _____ C:\Windows\System32\Tasks\{1E51D547-2A78-4BBB-8F63-2D18DFBD0F31}
2020-05-20 18:22 - 2015-09-30 23:32 - 000003050 _____ C:\Windows\System32\Tasks\{0BF75A0D-0539-4FD1-A122-F31E8AEE4101}
2020-05-20 18:22 - 2015-09-29 22:56 - 000003246 _____ C:\Windows\System32\Tasks\{DBEFB31E-AC5F-428D-ABF9-19777C881D79}
2020-05-20 18:22 - 2015-04-27 00:04 - 000003408 _____ C:\Windows\System32\Tasks\微软设备健康助手设备检查
2020-05-20 18:22 - 2015-04-27 00:04 - 000003402 _____ C:\Windows\System32\Tasks\微软设备健康助手自动更新
2020-05-20 18:22 - 2015-04-27 00:04 - 000002796 _____ C:\Windows\System32\Tasks\微软设备健康助手开机检测
2020-05-20 04:24 - 2020-04-10 22:54 - 000000000 ____D C:\Users\\AppData\Roaming\PLogs
2020-05-19 04:16 - 2020-04-10 22:54 - 000000000 ____D C:\Users\\AppData\Roaming\BaiduYunGuanjia
2020-05-19 03:45 - 2019-10-04 21:07 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-05-19 01:13 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\inf
2020-05-19 00:58 - 2009-07-14 11:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2020-05-18 21:54 - 2020-04-10 22:54 - 000000000 ____D C:\Users\\AppData\Roaming\Baidu
2020-05-18 19:03 - 2020-01-08 18:54 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2020-05-18 16:37 - 2015-03-30 02:07 - 000000483 _____ C:\Windows\ODBC.INI
2020-05-18 14:47 - 2011-04-12 22:46 - 000446370 _____ C:\Windows\System32\prfh0804.dat
2020-05-18 14:47 - 2011-04-12 22:46 - 000149614 _____ C:\Windows\System32\prfc0804.dat
2020-05-18 14:47 - 2009-07-14 13:13 - 001498522 _____ C:\Windows\System32\PerfStringBackup.INI
2020-05-18 14:41 - 2014-12-17 08:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-05-18 13:55 - 2016-05-16 23:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-05-16 09:01 - 2014-09-03 22:34 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-05-16 09:01 - 2014-09-03 22:34 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-05-16 09:01 - 2014-08-10 01:27 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-05-16 09:01 - 2014-08-10 01:27 - 000000000 ____D C:\Windows\System32\Macromed
2020-05-16 08:52 - 2020-04-12 23:49 - 000000000 ____D C:\Users\\AppData\Local\Adobe
2020-05-16 08:51 - 2020-04-10 22:47 - 000000000 ____D C:\users\
2020-05-16 08:36 - 2020-04-10 22:52 - 000000000 ____D C:\Users\\Documents\Bluetooth Folder
2020-05-15 01:39 - 2020-01-09 17:16 - 000000348 __RSH C:\ProgramData\ntuser.pol
2020-05-04 13:20 - 2018-09-03 14:32 - 000000000 ____D C:\ProgramData\cpafService
2020-05-04 12:29 - 2018-06-16 19:11 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\uwrlok
2020-05-04 12:29 - 2017-11-16 20:40 - 000000000 ____D C:\Users\dell-PC\Desktop\桌面1
2020-05-04 12:29 - 2016-12-28 20:43 - 000000000 ____D C:\Users\dell-PC\AppData\Local\xldl
2020-05-04 12:27 - 2018-05-15 08:00 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\ygngb
2020-05-04 12:27 - 2018-05-12 10:03 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\smshxb
2020-05-04 12:27 - 2016-12-20 01:37 - 000000000 ____D C:\ProgramData\epgt7
2020-05-04 12:27 - 2014-07-03 01:32 - 000000000 ____D C:\Users\dell-PC\Desktop\鑫
2020-05-04 03:28 - 2018-11-13 21:54 - 000005589 _____ C:\Windows\System32\std.out
2020-05-04 02:29 - 2014-11-26 22:42 - 000000000 ____D C:\Windows\SysWOW64\directx
2020-05-04 02:28 - 2015-03-17 18:47 - 000000000 ____D C:\Temp
2020-05-03 22:15 - 2014-07-03 04:10 - 001279332 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-05-03 20:20 - 2020-04-10 21:10 - 000000000 ____D C:\Windows\pss
2020-05-03 04:37 - 2020-04-14 23:00 - 000000000 ____D C:\Users\\AppData\LocalLow\xfplay
2020-05-02 21:47 - 2020-04-12 22:57 - 000000000 ____D C:\Users\\AppData\Roaming\inkscape
2020-05-02 21:27 - 2019-12-28 22:17 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\lds
2020-05-02 21:27 - 2018-05-14 19:29 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\kydgw
2020-05-02 21:27 - 2017-01-26 04:14 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\lockhomepage
2020-05-02 21:27 - 2017-01-13 00:33 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\legendGame
2020-05-02 21:26 - 2014-07-02 19:04 - 000000000 ____D C:\Users\dell-PC\AppData\LocalLow\360WD
2020-05-02 21:25 - 2018-02-25 00:47 - 000000000 ____D C:\Users\dell-PC\Desktop\高温合金的金相研究_10132470
2020-05-01 05:10 - 2019-08-19 21:40 - 000000000 ____D C:\Users\dell-PC\Downloads\Telegram Desktop
2020-05-01 05:08 - 2018-11-13 21:44 - 000000000 ____D C:\Users\dell-PC\Desktop\201811-13
2020-05-01 05:08 - 2018-09-28 21:18 - 000000000 ____D C:\Users\dell-PC\Desktop\calibration
2020-05-01 05:08 - 2018-05-02 23:53 - 000000000 ____D C:\Users\dell-PC\Desktop\5.2xrd
2020-05-01 05:08 - 2018-02-07 23:10 - 000000000 ____D C:\Users\dell-PC\Desktop\h sc
2020-05-01 05:08 - 2017-09-28 21:09 - 000000000 ____D C:\Users\dell-PC\Desktop\gk
2020-05-01 05:05 - 2018-05-05 17:21 - 000000000 ____D C:\Users\dell-PC\Desktop\
2020-05-01 05:04 - 2018-11-02 13:05 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\nrdmum
2020-05-01 05:04 - 2018-06-18 08:50 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\pqciuiv
2020-05-01 05:04 - 2018-05-12 13:27 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\nkyxbl
2020-05-01 05:04 - 2018-03-28 10:44 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\potter
2020-05-01 05:04 - 2017-11-21 21:32 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\MWF
2020-05-01 05:04 - 2014-09-23 22:27 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\qmacro
2020-05-01 05:03 - 2018-10-24 15:48 - 000000000 ____D C:\Users\dell-PC\Desktop\muti aged .etc
2020-05-01 05:01 - 2015-07-29 21:07 - 000000000 ____D C:\Users\dell-PC\AppData\LocalLow\RouterHelper
2020-05-01 05:01 - 2014-07-02 17:01 - 000000000 ____D C:\Users\dell-PC\AppData\LocalLow\SogouPY.users
2020-05-01 05:01 - 2014-07-02 17:01 - 000000000 ____D C:\Users\dell-PC\AppData\LocalLow\SogouPY
2020-05-01 04:58 - 2020-02-06 01:46 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\HaoZip
2020-05-01 04:58 - 2020-01-08 04:02 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\DrvMgr
2020-05-01 04:58 - 2019-10-04 21:07 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\dg
2020-05-01 04:58 - 2019-06-05 12:09 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\fityk
2020-05-01 04:58 - 2019-04-28 06:33 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\GameHall_2345
2020-05-01 04:58 - 2019-03-11 18:58 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\CCDC
2020-05-01 04:58 - 2018-12-13 20:38 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\551138298976448591A2E84A130DFBC9
2020-05-01 04:58 - 2018-12-01 19:53 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\inkscape
2020-05-01 04:58 - 2018-06-18 15:21 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\edrtide
2020-05-01 04:58 - 2018-05-14 15:29 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\gthygr
2020-05-01 04:58 - 2018-05-01 18:07 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\Helper_2345
2020-05-01 04:58 - 2018-03-07 19:01 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\auto
2020-05-01 04:58 - 2017-12-20 12:29 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\InsLogicCfg
2020-05-01 04:58 - 2017-09-25 22:20 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\Atheros
2020-05-01 04:58 - 2017-09-07 20:10 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\CleanTrash
2020-05-01 04:58 - 2017-07-02 22:44 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\Expert PDF Reader
2020-05-01 04:58 - 2017-07-01 11:08 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\kcane4709
2020-05-01 04:58 - 2017-06-06 00:17 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\bubblenav
2020-05-01 04:58 - 2017-05-29 18:59 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\Gridsum
2020-05-01 04:58 - 2017-01-13 00:38 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\BlueMoon
2020-05-01 04:58 - 2016-12-20 01:39 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\iehelper
2020-05-01 04:58 - 2016-05-26 23:58 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\feiq
2020-05-01 04:58 - 2016-05-14 22:23 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\CC
2020-05-01 04:58 - 2016-01-19 02:21 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\EndNote
2020-05-01 04:58 - 2015-11-06 19:24 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\CleanAndroid
2020-05-01 04:58 - 2015-05-02 22:09 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\360SuperKiller
2020-05-01 04:58 - 2015-02-24 11:12 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\iHouPlugin
2020-05-01 04:58 - 2014-08-20 18:13 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\Expert
2020-05-01 04:58 - 2014-07-05 01:37 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\bonet
2020-05-01 04:57 - 2018-11-01 12:28 - 000000000 ____D C:\Users\dell-PC\Desktop\jmatPro
2020-05-01 04:57 - 2018-10-08 10:50 - 000000000 ____D C:\Users\dell-PC\Desktop\email xia
2020-05-01 04:57 - 2018-06-10 17:01 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\zjw666
2020-05-01 04:57 - 2018-05-07 16:34 - 000000000 ____D C:\Users\dell-PC\Desktop\hydrocephalus pneumonia
2020-05-01 04:57 - 2018-02-02 23:14 - 000000000 ____D C:\Users\dell-PC\Desktop\ligongxrd and material institute
2020-05-01 04:57 - 2018-01-05 23:38 - 000000000 ____D C:\Users\dell-PC\Desktop\patent
2020-05-01 04:57 - 2017-11-13 16:01 - 000000000 ____D C:\Users\dell-PC\Desktop\jade.origin例子
2020-05-01 04:57 - 2017-11-01 22:17 - 000000000 ____D C:\Users\dell-PC\Desktop\aging om
2020-05-01 04:57 - 2013-09-04 12:00 - 000000000 ____D C:\Users\dell-PC\AppData\Local\c15f7bb7
2020-05-01 04:55 - 2018-02-28 23:53 - 000000000 ____D C:\Users\dell-PC\Desktop\2.28
2020-05-01 04:52 - 2019-12-26 14:58 - 000000000 ____D C:\Users\dell-PC\Desktop\论文写作中英文所需内容(原桌面)
2020-05-01 04:52 - 2018-02-24 02:47 - 000000000 ____D C:\Users\dell-PC\Desktop\类246合金组织
2020-05-01 04:52 - 2018-01-04 04:10 - 000000000 ____D C:\Users\dell-PC\Desktop\桌面文章整理18.1.4
2020-05-01 04:52 - 2017-11-20 14:28 - 000000000 ____D C:\Users\dell-PC\Desktop\桌面3
2020-05-01 04:52 - 2017-09-24 22:17 - 000000000 ____D C:\Users\dell-PC\Documents\Bluetooth Folder
2020-05-01 04:49 - 2020-03-29 10:29 - 000000000 ____D C:\Users\dell-PC\Desktop\revision
2020-05-01 04:49 - 2020-02-07 15:57 - 000000000 ____D C:\Users\dell-PC\Desktop\ref alien thesis
2020-05-01 04:49 - 2018-09-02 11:12 - 000000000 ____D C:\Users\dell-PC\Desktop\njs
2020-05-01 04:48 - 2020-02-29 21:40 - 000000000 ____D C:\Users\dell-PC\Desktop\coarsening behavior
2020-05-01 04:48 - 2020-02-29 21:38 - 000000000 ____D C:\Users\dell-PC\Desktop\m23c6
2020-05-01 04:48 - 2020-02-29 21:36 - 000000000 ____D C:\Users\dell-PC\Desktop\directional growth γ'arithmetic mean
2020-05-01 04:48 - 2020-01-31 06:13 - 000000000 ____D C:\Users\dell-PC\Desktop\2020抽盲审
2020-05-01 04:48 - 2019-05-06 23:55 - 000000000 ____D C:\Users\dell-PC\Desktop\essay 5.6
2020-05-01 04:48 - 2019-04-18 23:47 - 000000000 ____D C:\Users\dell-PC\Desktop\20190418dj
2020-05-01 04:48 - 2019-03-26 18:37 - 000000000 ____D C:\Users\dell-PC\Desktop\3.25交essay用到的文献
2020-05-01 04:48 - 2018-11-21 01:41 - 000000000 ____D C:\Users\dell-PC\Desktop\1120中文
2020-05-01 04:48 - 2018-08-01 02:40 - 000000000 ____D C:\Users\dell-PC\Desktop\7,8月essay
2020-05-01 04:48 - 2018-05-05 12:34 - 000000000 ____D C:\Users\dell-PC\Desktop\18.9.5
2020-05-01 04:48 - 2018-01-20 19:07 - 000000000 ____D C:\Users\dell-PC\Desktop\mds
2020-05-01 04:48 - 2018-01-18 08:39 - 000000000 ____D C:\Users\dell-PC\Desktop\diffusion couple
2020-05-01 04:48 - 2017-12-06 13:50 - 000000000 ____D C:\Users\dell-PC\Desktop\12.6libraryUpan
2020-05-01 04:48 - 2017-11-16 21:46 - 000000000 ____D C:\Users\dell-PC\Desktop\jade,origin分析
2020-05-01 04:48 - 2017-11-14 14:32 - 000000000 ____D C:\Users\dell-PC\Desktop\hk
2020-05-01 04:48 - 2017-10-31 18:55 - 000000000 ____D C:\Users\dell-PC\Desktop\jade et al
2020-05-01 04:48 - 2017-10-17 12:37 - 000000000 ____D C:\Users\dell-PC\Desktop\22
2020-05-01 04:44 - 2018-11-11 19:45 - 000000000 ____D C:\Users\dell-PC\Desktop\18.11.7 - ps
2020-05-01 04:44 - 2018-10-29 17:26 - 000000000 ____D C:\Users\dell-PC\Desktop\hx4
2020-05-01 04:44 - 2017-11-20 16:19 - 000000000 ___RD C:\Users\dell-PC\Documents\Scanned Documents
2020-05-01 04:44 - 2017-10-29 08:13 - 000000000 ____D C:\Users\dell-PC\Desktop\ppt图片
2020-05-01 04:44 - 2015-07-21 02:03 - 000000000 ____D C:\Users\dell-PC\Documents\360截图
2020-05-01 04:43 - 2018-09-03 11:00 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\Qianyi
2020-05-01 04:43 - 2016-12-28 22:20 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\kpdown
2020-05-01 04:41 - 2018-11-04 23:07 - 000000000 ____D C:\Users\dell-PC\Desktop\ni3al surface diffusion
2020-05-01 04:41 - 2018-02-11 03:41 - 000000000 ____D C:\Users\dell-PC\Desktop\ni3al martensite,tetragonal,solidification
2020-05-01 04:39 - 2018-05-26 18:06 - 000000000 ____D C:\Users\dell-PC\Desktop\book脑积水治疗与康复_12648248
2020-05-01 04:39 - 2018-01-20 15:44 - 000000000 ____D C:\Users\dell-PC\Desktop\application
2020-05-01 04:38 - 2014-07-02 21:11 - 000000000 __SHD C:\Users\dell-PC\AppData\Roaming\360Quarant
2020-05-01 04:38 - 2014-07-02 19:03 - 000000000 ____D C:\Users\dell-PC\AppData\Roaming\360Safe
2020-05-01 04:37 - 2020-03-26 01:12 - 000000000 ____D C:\Users\dell-PC\Desktop\查重报告ppps
2020-05-01 04:37 - 2018-12-21 13:16 - 000000000 ____D C:\Users\dell-PC\Desktop\新建文件ref
2020-05-01 04:36 - 2020-03-17 04:08 - 000000000 ____D C:\Users\dell-PC\Desktop\大论文汇报3.17
2020-05-01 04:36 - 2020-02-29 21:47 - 000000000 ____D C:\Users\dell-PC\Desktop\大论文ref
2020-05-01 04:36 - 2020-02-09 18:42 - 000000000 ____D C:\Users\dell-PC\Desktop\传彭远祎错配度计算
2020-05-01 04:36 - 2019-12-26 15:49 - 000000000 ____D C:\Users\dell-PC\Desktop\原桌面doc,ppt
2020-05-01 04:36 - 2019-12-25 14:48 - 000000000 ____D C:\Users\dell-PC\Desktop\submission
2020-05-01 04:36 - 2019-12-17 16:25 - 000000000 ____D C:\Users\dell-PC\Desktop\大论文
2020-05-01 04:36 - 2018-12-25 11:16 - 000000000 ____D C:\Users\dell-PC\Desktop\其他图片,新建文件
2020-05-01 04:36 - 2018-11-26 13:00 - 000000000 ____D C:\Users\dell-PC\Desktop\开题报告
2020-05-01 04:36 - 2018-11-21 02:21 - 000000000 ____D C:\Users\dell-PC\Desktop\文献etc
2020-05-01 04:36 - 2018-10-28 17:10 - 000000000 ____D C:\Users\dell-PC\Desktop\xrd camera recrystallization
2020-05-01 04:36 - 2018-04-07 23:20 - 000000000 ____D C:\Users\dell-PC\Desktop\凝固俄
2020-05-01 04:36 - 2018-03-10 20:22 - 000000000 ____D C:\Users\dell-PC\Desktop\x-xrd
2020-05-01 04:36 - 2018-02-27 02:58 - 000000000 ____D C:\Users\dell-PC\Desktop\富al的r'晶格畸变(262的延伸)
2020-05-01 04:36 - 2018-02-23 23:49 - 000000000 ____D C:\Users\dell-PC\Desktop\专利
2020-05-01 04:36 - 2018-02-22 23:15 - 000000000 ____D C:\Users\dell-PC\Desktop\博硕士论文
2020-05-01 04:36 - 2018-01-23 23:47 - 000000000 ____D C:\Users\dell-PC\Desktop\xrd数据
2020-05-01 04:36 - 2017-12-03 20:29 - 000000000 ____D C:\Users\dell-PC\Desktop\天大组es(组内)
2020-05-01 04:36 - 2017-11-24 06:11 - 000000000 ____D C:\Users\dell-PC\Desktop\孪ppt
2020-05-01 04:36 - 2017-11-23 12:32 - 000000000 ____D C:\Users\dell-PC\Desktop\扫描结果
2020-05-01 04:36 - 2017-11-19 12:40 - 000000000 ____D C:\Users\dell-PC\Desktop\固溶3,15h
2020-05-01 04:36 - 2017-10-31 17:57 - 000000000 ____D C:\Users\dell-PC\Desktop\扫面能谱
2020-05-01 04:36 - 2015-10-21 19:16 - 000000000 ____D C:\Users\dell-PC\Desktop\文件夹 (5)
2020-05-01 04:29 - 2014-09-23 22:27 - 000000000 ____D C:\Users\dell-PC\AppData\Local\AnJianSetupSkin
2020-05-01 04:29 - 2013-09-04 12:00 - 000000000 ____D C:\Users\dell-PC\AppData\Local\7bb7f51c
2020-05-01 04:27 - 2014-07-02 16:38 - 000000000 ____D C:\users\dell-PC

==================== KnownDLLs (将列入优先名单) =========================

[2009-07-14 07:59] - [2009-07-14 09:26] - 001297408 _____ (Microsoft Corporation) C:\Windows\System32\comres.dll
[2009-07-14 07:44] - [2009-07-14 09:04] - 001297408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comres.dll
[2009-07-14 07:41] - [2009-07-14 09:40] - 000569344 _____ (Microsoft Corporation) C:\Windows\System32\ddraw.dll
[2009-07-14 07:27] - [2009-07-14 09:15] - 000531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ddraw.dll
[2009-07-14 08:18] - [2009-07-14 09:40] - 000540672 _____ (Microsoft Corporation) C:\Windows\System32\dsound.dll
[2009-07-14 08:03] - [2009-07-14 09:15] - 000453632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsound.dll

Offline larry evans

  • Newbie
  • *
  • Posts: 11
last part of FRST.txt. I dont know how to get the fixlist.txt.

==================== SigCheck ============================


C:\Windows\System32\winlogon.exe => MD5合法
C:\Windows\System32\wininit.exe => MD5合法
C:\Windows\SysWOW64\wininit.exe => MD5合法
C:\Windows\explorer.exe => MD5合法
C:\Windows\SysWOW64\explorer.exe => MD5合法
C:\Windows\System32\svchost.exe => MD5合法
C:\Windows\SysWOW64\svchost.exe => MD5合法
C:\Windows\System32\services.exe => MD5合法
C:\Windows\System32\User32.dll => MD5合法
C:\Windows\SysWOW64\User32.dll => MD5合法
C:\Windows\System32\userinit.exe => MD5合法
C:\Windows\SysWOW64\userinit.exe => MD5合法
C:\Windows\System32\rpcss.dll => MD5合法
C:\Windows\System32\dnsapi.dll => MD5合法
C:\Windows\SysWOW64\dnsapi.dll => MD5合法
C:\Windows\System32\dllhost.exe => MD5合法
C:\Windows\SysWOW64\dllhost.exe => MD5合法
C:\Windows\System32\Drivers\volsnap.sys => MD5合法

==================== 社区 (将列入优先名单) =============

==================== 重启点  =========================

==================== 内存信息 ===========================

内存使用百分比: 12%
总内存: 8096.45 MB
可用内存: 7058.92 MB
全虚拟: 8094.64 MB
可用的虚拟: 7071.12 MB

==================== 驱动程序 ================================

Drive c: () (Fixed) (Total:100.81 GB) (Free:36.22 GB) NTFS
Drive d: (工作) (Fixed) (Total:146.48 GB) (Free:19.89 GB) NTFS
Drive e: (游戏) (Fixed) (Total:304.75 GB) (Free:30.67 GB) NTFS
Drive g: (娱乐) (Fixed) (Total:20.48 GB) (Free:20.06 GB) NTFS
Drive i: (GSP1RMCULXFRER_CN_DVD) (Removable) (Total:29.82 GB) (Free:26.53 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (系统保留) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[系统 使用引导组件 (从获得 驱动程序)]

==================== MBR & 分区表 ====================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: E76C6EA1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=577.2 GB) - (Type=0F Extended)

Disk: 1 (Size: 29.8 GB) (Disk ID: 34E0D666)
Partition 1: (Active) - (Size=29.8 GB) - (Type=07 NTFS)

LastRegBack: 2020-04-10 22:34
==================== 结束 在 FRST.txt ========================

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89675
  • No support PMs thanks
You are making life difficult for yourself and anyone able to analyse the logs.

Use the 'Attachments and other options' text below text window to attach logs.
Click to expand
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD - 27" external monitor 1440p 2560x1440 resolution - avast! free  24.9.6130 (build 24.9.9452.762) UI 1.0.818/ Firefox, uBlock Origin Lite, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline larry evans

  • Newbie
  • *
  • Posts: 11
ok,i attach my FRST.txt.

Offline Sass Drake

  • MyCity AMF R2
  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 820
Create fixlist.txt on USB drive with following content:

Code: [Select]
S0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37856 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206120 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [234776 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178968 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60696 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42984 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175920 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [500960 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-05-04] (AVAST Software s.r.o. -> AVAST Software)
S1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109480 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85056 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851808 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [459408 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235696 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
S0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [317280 2020-05-04] (Avast Software s.r.o. -> AVAST Software)
  • In System Recovery Mode click on Command Prompt
  • In Command Prompt type notepad and press Enter
  • In Notepad, go to File -> Open and go to Computer and locate USB drive and remember it's letter (it can be D:, E:, ...)
  • Return to command prompt and type E:\FRST.exe or E:\FRST64.exe depending on downloaded FRST version. Replace E: with letter of USB drive.
  • FRST will open. Click on Yes and then on Fix
  • When finished, FRST will generate fixlog.txt on your USB drive. Attach it to you post.

Offline larry evans

  • Newbie
  • *
  • Posts: 11
thank u so much. my computer successfully boot again.

Offline dvhk1

  • Newbie
  • *
  • Posts: 1
I have same problem, i send my logs