很慢的Windows 7 PC的性能

你好

会有人能帮助我吗? 我的电脑是很慢的,有时没有响应。

这里是我的个人资料

技术支持盖伊系统信息工具版本1.0.0.2
OS版本:微软Windows 7专业版,Service Pack 1的64位
处理器:英特尔(R)酷睿(TM)酷睿i3-2310M的CPU @ 2.10GHz,Intel64位家庭6 42型步进7
处理器数量:4
RAM:4007兆
显卡:英特尔(R)高清显卡家庭,1811兆
硬盘驱动器:C:总共 - 463737 MB,免费 - 371425 MB; 问:总共 - 11999 MB,免费 - 2492 MB;
主板:联想,11433KG
杀毒软件:微软安全基础,更新并启用

非常感谢

--------------解决方案-------------

嘿,

请从下面的链接下载FRST(由Farbar)并将其保存到桌面

下载镜像#1

如果你不确定你是否有32位或64位Windows,看到这里

  1. 禁用所有防病毒和反恶意软件,避免以任何方式抑制FRST。 如果您不确定如何做到这一点,看到这一点。
  2. 双击FRST.exe / FRST64.exe(取决于哪个版本,下载)来运行它。 (如果您具有Windows Vista / Windows 7中/ Windows 8的:请不要在FRST图标右键单击并选择以管理员身份运行
  3. 当出现的免责声明,请单击
  4. 点击扫描 ,开始FRST。
  5. 当FRST完成扫描,两个日志,FRST.txtAddition.txt将打开。
  6. 复制 (Ctrl + C)和粘贴 (Ctrl + V键) 这两个日志的内容到你的下一个职位,请。

嘿Machiavelli_G2G :-)

谢谢你的回复。 我有一个64位的Windows 7操作系统。

下面是FRST.txt

Farbar恢复扫描工具(FRST.txt)(6​​4)版的扫描结果:15-01-2015
通过WORKAS1阿尔文(管理员)在15-01-2015十九时13分27秒跑
从C运行:\用户\阿尔文\下载
加载配置文件:阿尔文与MSSQL $ SQLEXPRESS&$的ReportServer SQLEXPRESS&MSSQLFDLauncher $ SQLEXPRESS(可用的配置文件:阿尔文与MSSQL $ SQLEXPRESS&$的ReportServer SQLEXPRESS&MSSQLFDLauncher $ SQLEXPRESS)
平台:Windows 7专业版的Service Pack 1(X64)操作系统语言:英语(美国)
Internet Explorer版本11(默认浏览器:Chrome浏览器)
引导模式:正常
教程Farbar恢复扫描工具:http://www.geekstogo.com/forum/topic...ery-scan-tool/

====================进程(白名单)=================

(如果一个条目包括在fixlist,该过程将被关闭。该文件将不会移动)。

(联想)C:\ WINDOWS \ SYSTEM32 \ ibmpmsvc.exe
(微软公司)C:\ Program Files文件\ Microsoft安全客户端\ MsMpEng.exe
(IBM公司)C:\ Program Files文件(x86)的\的Trusteer \融洽\ BIN \ RapportMgmtService.exe
(联想集团有限公司)C:\ Program Files文件\联想\热键\ tphkload.exe
(联想集团有限公司)C:\ Program Files文件\联想\热键\ TPHKSVC.exe
(博通公司)C:\ Program Files文件\的ThinkPad \蓝牙软件\ btwdins.exe
(微软公司)C:\ Program Files文件(x86)的\ Skype的\工具栏\​​自动更新\ SkypeC2CAutoUpdateSvc.exe
(微软公司)C:\ Program Files文件(x86)的\ Skype的\工具栏\​​ PNRSvc \ SkypeC2CPNRSvc.exe
(科胜讯系统公司)C:\ WINDOWS \ SYSTEM32 \ CxAudMsg64.exe
(英特尔(R)公司)C:\ Program Files文件\英特尔\无线\ BIN \ EvtEng.exe
(微软公司)C:\ Program Files文件(x86)的\ Common Files文件\微软共享\ Phone Tools的\ CoreCon \ 11.0 \ BIN \ IpOverUsbSvc.exe
(英特尔公司)C:\ Program Files文件(x86)的\英特尔\ SERVICES \ IPT \ jhi_service.exe
(联想集团有限公司)C:\ Program Files文件\联想\通讯工具\ CamMute.exe
(联想集团有限公司)C:\ Program Files文件\联想\热键\ micmute.exe
(联想集团有限公司)C:\ Program Files文件\联想\通讯工具\ TPKNRSVC.exe
(联想集团有限公司)C:\ Program Files文件\联想\ VIRTSCRL \ lvvsst.exe
(LogMeIn的公司)C:\ Program Files文件(x86)的\ LogMeIn的\ 64 \ LMIGuardianSvc.exe
(LogMeIn的公司)C:\ Program Files文件(x86)的\ LogMeIn的\ 64 \ ramaint.exe
(微软公司)C:\ Program Files文件\ Microsoft SQL Server的\ MSSQL11.SQLEXPRESS \ MSSQL \ BINN \ SQLSERVR.EXE
(Protexis公司)C:\ Program Files文件(x86)的\ Common Files文件\ Protexis \许可服务\ PsiService_2.exe
(英特尔(R)公司)C:\ Program Files文件\ Common Files文件\英特尔\ WirelessCommon \ RegSrvc.exe
(微软公司)C:\ Program Files文件\ Microsoft SQL Server的\ MSRS11.SQLEXPRESS \ Reporting Services的\的ReportServer \ BIN \ ReportingServicesService.exe
(科胜讯系统公司)C:\ WINDOWS \ Syswow64资料\ SASrv.exe
(微软公司)C:\ Program Files文件\ Microsoft SQL Server的\ 90 \共享\ sqlwriter.exe
(友立资讯股份有限公司)C:\ Program Files文件(x86)的\ Common Files文件\ Ulead系统\ DVD \ ULCDRSvr.exe
(微软公司)C:\ Program Files文件\ Common Files文件\ Microsoft共享\的Windows Live \ WLIDSVC.EXE
(LogMeIn的公司)C:\ Program Files文件(x86)的\ LogMeIn的\ 64 \ LogMeIn.exe
(微软公司)C:\ Program Files文件\ Common Files文件\ Microsoft共享\的Windows Live \ WLIDSVCM.EXE
(微软公司)C:\ Program Files文件\ Microsoft SQL Server的\ MSSQL11.SQLEXPRESS \ MSSQL \ BINN \ fdlauncher.exe
(微软公司)C:\ Program Files文件\ Microsoft SQL Server的\ MSSQL11.SQLEXPRESS \ MSSQL \ BINN \ fdhost.exe
(联想集团有限公司)C:\ Program Files文件\联想\ VIRTSCRL \ virtscrl.exe
(微软公司)C:\ WINDOWS \ SYSTEM32 \ RUNDLL32.EXE
(联想集团有限公司)C:\ Program Files文件\联想\热键\ TPONSCR.exe
(联想集团有限公司)C:\ Program Files文件\联想\热键\ tpnumlkd.exe
(微软公司)C:\ Program Files文件\ Microsoft鼠标和键盘中心\ itype.exe
(微软公司)C:\ Program Files文件\ Microsoft鼠标和键盘中心\ ipoint.exe
(Synaptics的股份有限公司)C:\ Program Files文件\的Synaptics \ SynTP \ SynTPEnh.exe
(英特尔(R)公司)C:\ Program Files文件\ Common Files文件\英特尔\ WirelessCommon \ iFrmewrk.exe
(联想)C:\ WINDOWS \ SYSTEM32 \ TpShocks.exe
()C:\ Program Files文件\ CONEXANT \ ForteConfig \ fmapp.exe
(英特尔公司)C:\ WINDOWS \ SYSTEM32 \ igfxtray.exe
(英特尔公司)C:\ WINDOWS \ SYSTEM32 \ hkcmd.exe
(英特尔公司)C:\ WINDOWS \ SYSTEM32 \ igfxpers.exe
(联想集团有限公司)C:\ Program Files文件\联想\通讯工具\ TpKnrres.exe
(联想集团有限公司)C:\ Program Files文件\联想\自动锁闭\ ALCKRESI.exe
(LogMeIn的公司)C:\ Program Files文件(x86)的\ LogMeIn的\ 64 \ LogMeInSystray.exe
(微软公司)C:\ Program Files文件\ Microsoft安全客户端\ msseces.exe
(FileHippo.com)C:\ Program Files文件(x86)的\ FileHippo.com \ UpdateChecker.exe
(博通公司)C:\ Program Files文件\的ThinkPad \蓝牙软件\ BTTray.exe
(理光CO。,LTD。)C:\ Program Files文件(x86)的\集成摄像头驱动程序\ X64 \ RCIMGDIR.exe
(微软公司)C:\ WINDOWS \ Syswow64资料\ RUNDLL32.EXE
(微软公司)C:\ WINDOWS \ SYSTEM32 \ RUNDLL32.EXE
(细说字节AG)C:\ Program Files文件(x86)的\精心字节\ VirtualCloneDrive \ VCDDaemon.exe
公司(Oracle Corporation)C:\ Program Files文件(x86)的\ Common Files文件\的Java \ Java的更新\ jusched.exe
(微软公司)C:\ WINDOWS \ SYSTEM32 \ RUNDLL32.EXE
(谷歌公司)C:\ Program Files文件(x86)的\谷歌\铬\应用\的chrome.exe
(微软公司)C:\ WINDOWS \ Syswow64资料\ RUNDLL32.EXE
(微软公司)C:\ WINDOWS \ Microsoft.NET \框架\ v4.0.30319 \ mscorsvw.exe
(谷歌公司)C:\ Program Files文件(x86)的\谷歌\铬\应用\的chrome.exe
(联想集团有限公司)C:\ Program Files文件(x86)的\ ThinkPad的\工具\ Schtask.exe的
(Synaptics的股份有限公司)C:\ Program Files文件\的Synaptics \ SynTP \ SynTPLpr.exe
(谷歌公司)C:\ Program Files文件(x86)的\谷歌\铬\应用\的chrome.exe
(Synaptics的股份有限公司)C:\ Program Files文件\的Synaptics \ SynTP \ SynTPHelper.exe
(谷歌公司)C:\ Program Files文件(x86)的\谷歌\铬\应用\的chrome.exe
(微软公司)C:\ WINDOWS \ Microsoft.NET \ Framework64 \ 3.0 \ WPF \ PresentationFontCache.exe
(谷歌公司)C:\ Program Files文件(x86)的\谷歌\铬\应用\的chrome.exe
(IBM公司)C:\ Program Files文件(x86)的\的Trusteer \融洽\ BIN \ RapportService.exe
(英特尔公司)C:\ Program Files文件(x86)的\英特尔\英特尔(R)管理引擎组件\ LMS \ LMS.exe
(联想集团有限公司)C:\ Program Files文件(x86)的\联想\系统更新\ SUService.exe
(赛门铁克公司)C:\ Program Files文件(x86)的\赛门铁克\ VIP访问客户端\ VIPAppService.exe
(联想)C:\ Program Files文件(x86)的\ ThinkPad的\工具\ PWMDBSVC.exe
(英特尔公司)C:\ Program Files文件(x86)的\英特尔\英特尔(R)管理引擎组件\ UNS \ UNS.exe
()C:\ Program Files文件(x86)的\联想\信息中心加\ MCPLaunch.exe
(Farbar)C:\用户\阿尔文\下载\ FRST64(1).EXE
(微软公司)C:\ Program Files文件\ Microsoft安全客户端\ MpCmdRun.exe会
(微软公司)C:\ Program Files文件\ Microsoft安全客户端\ MpCmdRun.exe会
(微软公司)C:\ WINDOWS \ SYSTEM32 \ CompatTel \ wicainventory.exe

====================注册(白名单)==================

(如果某个条目包含在fixlist,注册表项目将被恢复为默认或删除该文件不会被移动。)

HKLM \ ... \运行:[IntelWireless] => C:\ Program Files文件\ Common Files文件\英特尔\ WirelessCommon \ iFrmewrk.exe [1933584 2010-12-17](英特尔(R)公司)
HKLM \ ... \运行:[TpShocks] => C:\ WINDOWS \ SYSTEM32 \ TpShocks.exe [380776 2011-03-29](联想)
HKLM \ ... \运行:[的SmartAudio] => C:\ Program Files文件\ CONEXANT \ SAII \ SAIICpl.exe [310912 2011-04-26](科胜讯系统公司)
HKLM \ ... \运行:[ForteConfig] => C:\ Program Files文件\科胜讯\ ForteConfig \ fmapp.exe [49056 2010-10-26]()
HKLM \ ... \运行:[LENOVO.TPKNRRES] => C:\ Program Files文件\联想\通讯工具\ TPKNRRES.exe [41320 2011-04-05](联想集团有限公司)
HKLM \ ... \运行:[ALCKRESI.EXE] => C:\ Program Files文件\联想\自动锁闭\ ALCKRESI.EXE [281960 2011-04-05](联想集团有限公司)
HKLM \ ... \运行:[LogMeIn的GUI] => C:\ Program Files文件(x86)的\ LogMeIn的\ 64 \ LogMeInSystray.exe [57928二零一三年十二月一十一日(LogMeIn的公司)
HKLM \ ... \运行:[海安] => C:\ Program Files文件\ Microsoft安全客户端\ msseces.exe [1331288 2014年8月22日(微软公司)
HKLM-X32 \ ... \运行:[RotateImage] => C:\ Program Files文件(x86)的\集成摄像头驱动程序\ X64 \ RCIMGDIR.exe [55808 2008-10-30](。理光CO。,LTD)
HKLM-X32 \ ... \运行:[PWMTRV] => RUNDLL32“C:\ Program Files文件(x86)的\ ThinkPad的\工具\ PWMTR64V.DLL”,PwrMgrBkGndMonitor
HKLM-X32 \ ... \运行:[联想注册] => C:\ Program Files文件(x86)的\联想注册\ LenovoReg.exe [4351712 2011-07-14](联想公司)
HKLM-X32 \ ... \运行:[ARM的Adobe] => C:\ Program Files文件(x86)的\ Common Files文件\的Adobe \ ARM \ 1.0 \ Adob​​eARM.exe [1022152 2014年12月19日](Adobe Systems公司)
HKLM-X32 \ ... \运行:[VirtualCloneDrive] => C:\ Program Files文件(x86)的\精心字节\ VirtualCloneDrive \ VCDDaemon.exe [88984 2013年3月10日(细说字节AG)
HKLM-X32 \ ... \运行:[SunJavaUpdateSched] => C:\ Program Files文件(x86)的\ Common Files文件\的Java \ Java的更新\ jusched.exe [271744 2014年9月26日]公司(Oracle Corporation)
Winlogon中\通知\ igfxcui:C:\ WINDOWS \ SYSTEM32 \ igfxdev.dll(英特尔公司)
HKU \ S-1-5-21-2423253457-56321052-3942783610-1000 \ ... \运行:[FileHippo.com] => C:\ Program Files文件(x86)的\ FileHippo.com \ UpdateChecker.exe [307712 2012 -11-23(FileHippo.com)
HKU \ S-1-5-21-2423253457-56321052-3942783610-1000 \ ... \ MountPoints2:{020141a0-13e6-11e4-84d9-f0def188a146} - E:\ vs_professional.exe
HKU \ S-1-5-21-2423253457-56321052-3942783610-1000 \ ... \ MountPoints2:{3ab7cfd9-d976-11e0-b7ae-806e6f6e6963} - Q:\ LenovoQDrive.exe
HKU \ S-1-5-21-2423253457-56321052-3942783610-1000 \ ... \ MountPoints2:{90ded61c-3e1e-11e2-b86a-f0def188a146} - E:\ IMDApp.exe
HKU \ S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133 \ ... \的RunOnce:[] => [X]
HKU \ S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133 \ ... \的RunOnce:[Lenovoautoqdrive] => C:\ Program Files文件(x86)的\ Common Files文件\联想\ LenovoDrive \ LenovoAutorunreg.exe [159744 2009-03-24]()
HKU \ S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933 \ ... \的RunOnce:[] => [X]
HKU \ S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933 \ ... \的RunOnce:[Lenovoautoqdrive] => C:\ Program Files文件(x86)的\ Common Files文件\联想\ LenovoDrive \ LenovoAutorunreg.exe [159744 2009-03-24]()
HKU \ S-1-5-80-997390408-​​2153310517-3119169589-2253446180-2226563786 \ ... \的RunOnce:[] => [X]
HKU \ S-1-5-80-997390408-​​2153310517-3119169589-2253446180-2226563786 \ ... \的RunOnce:[Lenovoautoqdrive] => C:\ Program Files文件(x86)的\ Common Files文件\联想\ LenovoDrive \ LenovoAutorunreg.exe [159744 2009-03-24]()
启动:C:\ ProgramData \微软\ WINDOWS \开始菜单\程序\启动\ Bluetooth.lnk
ShortcutTarget:Bluetooth.lnk - > C:\ Program Files文件\的ThinkPad \蓝牙软件\ BTTray.exe(博通公司)
CHR HKLM \ SOFTWARE \策略\谷歌:政策限制<=======注意

====================上网(白名单)====================

(如果项目被包括在fixlist,如果是,将被删除或恢复到默认注册表项)。

访问代理服务器:[S-1-5-21-2423253457-56321052-3942783610-1000] =>
HKU \ S-1-5-21-2423253457-56321052-3942783610-1000 \软件\微软\的Internet Explorer \ MAIN,Default_Page_URL = http://www.google.com/ig/redirectdom...LENP&bmod=LENP
HKU \ S-1-5-21-2423253457-56321052-3942783610-1000 \软件\微软\的Internet Explorer \主,开始页= http://www.google.co.uk/
HKU \ S-1-5-21-2423253457-56321052-3942783610-1000 \软件\微软\的Internet Explorer \ MAIN,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU \ S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133 \软件\微软\的Internet Explorer \主要,次要初始页= http://www.lenovo.com
HKU \ S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133 \软件\微软\的Internet Explorer \ MAIN,Default_Page_URL = http://www.google.com/ig/redirectdom...LENP&bmod=LENP
HKU \ S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933 \软件\微软\的Internet Explorer \主要,次要初始页= http://www.lenovo.com
HKU \ S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933 \软件\微软\的Internet Explorer \ MAIN,Default_Page_URL = http://www.google.com/ig/redirectdom...LENP&bmod=LENP
HKU \ S-1-5-80-997390408-​​2153310517-3119169589-2253446180-2226563786 \软件\微软\的Internet Explorer \主要,次要初始页= http://www.lenovo.com
HKU \ S-1-5-80-997390408-​​2153310517-3119169589-2253446180-2226563786 \软件\微软\的Internet Explorer \ MAIN,Default_Page_URL = http://www.google.com/ig/redirectdom...LENP&bmod=LENP
SearchScopes:HKLM - > {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes:HKLM-X32 - > DefaultScope值缺失。
SearchScopes:HKU \ S-1-5-21-2423253457-56321052-3942783610-1000 - > DefaultScope {6A1806CD-94D4-468​​9-BA73-E35EA1E​​A9990} URL =
SearchScopes:HKU \ S-1-5-21-2423253457-56321052-3942783610-1000 - > {6A1806CD-94D4-468​​9-BA73-E35EA1E​​A9990} URL =
SearchScopes:HKU \ S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933 - > {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid= IE7&q =的{searchTerms}&RLS = com.microsoft:{}语:{引用:源}&IE = {inputEncoding}&OE = {outputEncoding}&RLZ = 1I7LENP
SearchScopes:HKU \ S-1-5-80-997390408-​​2153310517-3119169589-2253446180-2226563786 - > {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid= IE7&q =的{searchTerms}&RLS = com.microsoft:{}语:{引用:源}&IE = {inputEncoding}&OE = {outputEncoding}&RLZ = 1I7LENP
BHO:的Windows Live ID登录助手 - > {9030D464-4C02-4ABF-8ECC-5164760863C6} - > C:\ Program Files文件\ Common Files文件\ Microsoft共享\的Windows Live \ WindowsLiveLogin.dll(微软公司)
BHO:Skype的点击通话的Internet Explorer - > {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - > C:\ Program Files文件(x86)的\ Skype的\工具栏\​​ Internet Explorer中的x64 \ skypeieplugin.dll(微软公司)
BHO:Office文档缓存处理程序 - > {B4F3A835-0E21-4959-BA22-42B3008E02FF} - > C:\ Program Files文件\的Microsoft Office \ OFFICE14 \ URLREDIR.DLL(微软公司)
BHO:赛门铁克VIP通道扩展 - > {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - > C:\ Program Files文件(x86)的\赛门铁克\ VIP访问客户端\ 64 \ VIPAddOnForIE64.dll(赛门铁克公司)
BHO-X32:的Java(TM)插件SSV助手 - > {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - > C:\ Program Files文件(x86)的\的Java \ jre7 \ BIN \ ssv.dll公司(Oracle Corporation)
BHO-X32:的Windows Live ID登录助手 - > {9030D464-4C02-4ABF-8ECC-5164760863C6} - > C:\ Program Files文件(x86)的\ Common Files文件\ Microsoft共享\的Windows Live \ WindowsLiveLogin.dll(微软公司。)
BHO-X32:Skype的点击通话的Internet Explorer - > {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - > C:\ Program Files文件(x86)的\ Skype的\工具栏\​​的Internet Explorer \ SkypeIEPlugin.dll(微软公司)
BHO-X32:Office文档缓存处理程序 - > {B4F3A835-0E21-4959-BA22-42B3008E02FF} - > C:\ Program Files文件(x86)的\的Microsoft Office \ OFFICE14 \ URLREDIR.DLL(微软公司)
BHO-X32:赛门铁克VIP通道扩展 - > {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - > C:\ Program Files文件(x86)的\赛门铁克\ VIP访问客户端\ VIPAddOnForIE.dll(赛门铁克公司)
BHO-X32:的Java(TM)插件2 SSV助手 - > {DBC80044-A445-435b-BC74-9C25C1C588A9} - > C:\ Program Files文件(x86)的\的Java \ jre7 \ BIN \ jp2ssv.dll公司(Oracle Corporation )
工具栏:HKU \ S-1-5-21-2423253457-56321052-3942783610-1000 - >无名称 - {} 2318C2B1-4965-11D4-9B18-009027A5CD4F - 无文件
DPF:HKLM-X32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab
DPF:HKLM-X32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanage...ex-2.2.6.2.cab
DPF:HKLM-X32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/W...x/ieatgpc1.cab
DPF:HKLM-X32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=1100
处理器-X32:skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ Program Files文件(x86)的\ Common Files文件\ Skype的\ Skype4COM.dll(Skype的技术)
处理器:skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\ Program Files文件(x86)的\ Skype的\工具栏\​​ Internet Explorer中的x64 \ skypeieplugin.dll(微软公司)
处理器-X32:skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\ Program Files文件(x86)的\ Skype的\工具栏\​​的Internet Explorer \ SkypeIEPlugin.dll(微软公司)
TCPIP \参数:[DhcpNameServer] 192.168.0.1

火狐:
========
FF PROFILEPATH:C:\用户\阿尔文\应用程序数据\漫游\ Mozilla的\火狐\ Profiles文件\ smsm5i25.default-1421254884656
FF插件:@ adobe.com / flash播放器 - > C:\ WINDOWS \ SYSTEM32 \ Macromed \闪光\ NPSWF64_16_0_0_280.dll()
FF插件:@ microsoft.com /正品 - >禁用无文件
FF插件:@ Microsoft.com / NpCtrl,版本= 1.0 - > C:\ Program Files文件\微软的Silverlight \ 5.1.30514.0 \ npctrl.dll(微软公司)
FF插件:@ microsoft.com / OfficeAuthz,版本= 14.0 - > C:\ PROGRA〜1 \ MICROS〜2 \ OFFICE14 \ NPAUTHZ.DLL(微软公司)
FF插件-X32:@ adobe.com / flash播放器 - > C:\ WINDOWS \ Syswow64资料\ Macromed \闪光\ NPSWF32_16_0_0_280.dll()
FF插件-X32:@ adobe.com / ShockwavePlayer - > C:\ WINDOWS \ Syswow64资料\的Adobe \导演\ np32dsw_1168638.dll(Adobe系统公司)
FF插件-X32:@ java.com / DTPlugin,版本= 10.71.2 - > C:\ Program Files文件(x86)的\的Java \ jre7 \ BIN \ dtplugin \ npDeployJava1.dll公司(Oracle Corporation)
FF插件-X32:@ java.com / JavaPlugin,版本= 10.71.2 - > C:\ Program Files文件(x86)的\的Java \ jre7 \ BIN \ plugin2 \ npjp2.dll公司(Oracle Corporation)
FF插件-X32:@ microsoft.com /正品 - >禁用无文件
FF插件-X32:@ Microsoft.com / NpCtrl,版本= 1.0 - > C:\ Program Files文件(x86)的\微软的Silverlight \ 5.1.30514.0 \ npctrl.dll(微软公司)
FF插件-X32:@ microsoft.com / OfficeAuthz,版本= 14.0 - > C:\ PROGRA〜2 \ MICROS〜3 \ OFFICE14 \ NPAUTHZ.DLL(微软公司)
FF插件-X32:@ microsoft.com /的SharePoint,版本= 14.0 - > C:\ PROGRA〜2 \ MICROS〜3 \ OFFICE14 \ NPSPWRAP.DLL(微软公司)
FF插件-X32:@ microsoft.com / WLPG,版本= 15.4.3502.0922 - > C:\ Program Files文件(x86)的\的Windows Live \照片库\ NPWLPG.dll(微软公司)
FF插件-X32:@ microsoft.com / WLPG,版本= 15.4.3508.1109 - > C:\ Program Files文件(x86)的\的Windows Live \照片库\ NPWLPG.dll(微软公司)
FF插件-X32:@ tools.google.com /谷歌更新,版本= 3 - > C:\ Program Files文件(x86)的\谷歌\更新\ 1.3.25.11 \ npGoogleUpdate3.dll(谷歌公司)
FF插件-X32:@ tools.google.com /谷歌更新,版本= 9 - > C:\ Program Files文件(x86)的\谷歌\更新\ 1.3.25.11 \ npGoogleUpdate3.dll(谷歌公司)
FF插件-X32:ADOBE READER - > C:\ Program Files文件(x86)的\的Adobe \读卡器11.0 \读卡器\ AIR \存在Nppdf32.dll(Adobe系统公司)
FF扩展:萤火虫 - C:\Users\Alwin\AppData\Roaming\Mozilla\Firefox\Profiles\smsm5i25.default-1421254884656\Extensions\[email protected] [2015年1月14日]
FF扩展:否名称 - C:\ Program Files文件(x86)的\ Mozilla Firefox的\浏览器\扩展\ {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}的.xpi [2014年7月14日]
FF HKLM-X32 \ ... \火狐\扩展:[[email protected]] - C:\ Program Files文件(x86)的\赛门铁克\ VIP访问客户端
FF延伸:赛门铁克VIP通道扩展 - C:\ Program Files文件(x86)的\赛门铁克\ VIP访问客户端[2011-09-07]

铬:
=======
CHR开发:Chrome浏览器开发构建检测! <=======注意
CHR主页:默认 - > hxxp://www.google.co.uk/
CHR StartupUrls:默认 - >“hxxp://www.google.co.uk/”
CHR插件:(的​​Shockwave Flash) - C:\ Program Files文件(x86)的\谷歌\铬\应用\ 41.0.2251.0 \ gcswf32.dll无文件
CHR插件:(使用Adobe Acrobat) - C:\ Program Files文件(x86)的\的Adobe \读者9.0 \读者\浏览器\存在Nppdf32.dll无文件
CHR插件:(Silverlight插件) - C:\ Program Files文件(x86)的\微软的Silverlight \ 4.0.50401.0 \ npctrl.dll无文件
CHR插件:(铬盐) - C:\ Program Files文件(x86)的\谷歌\铬\应用\ 41.0.2251.0 \ ppGoogleNaClPluginChrome.dll无文件
CHR插件(Chrome PDF查看器) - C:\ Program Files文件(x86)的\谷歌\铬\应用\ 41.0.2251.0 \ pdf.dll()
CHR插件:(谷歌更新) - C:\ Program Files文件(x86)的\谷歌\更新\ 1.3.21.123 \ npGoogleUpdate3.dll无文件
CHR插件:(的​​Windows Live™照片库) - C:\ Program Files文件(x86)的\的Windows Live \照片库\ NPWLPG.dll(微软公司)
CHR插件:(默认插件) - default_plugin无文件
CHR简介:C:\用户\阿尔文\应用程序数据\本地\谷歌\铬\用户数据\ DEFAULT
CHR扩展:(书签管理器) - C:\用户\阿尔文\应用程序数据\本地\谷歌\铬\用户数据\ DEFAULT \分机\ gmlllbghnfkpflemihljekbapjopfjik [2014年12月30日]
CHR扩展:(YBS账户聚合) - C:\用户\阿尔文\应用程序数据\本地\谷歌\铬\用户数据\ DEFAULT \分机\ kpgdbjcjofhbmpjadhhhgggglmdllkpi [2012年12月18日]
CHR扩展:(铬热词共享模块) - C:\用户\阿尔文\应用程序数据\本地\谷歌\铬\用户数据\ DEFAULT \分机\ lccekmodgklaepjeofjdjpbminllajkg [2014年12月30日]
CHR扩展:(Skype的点击通话) - C:\用户\阿尔文\应用程序数据\本地\谷歌\铬\用户数据\ DEFAULT \分机\ lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014年3月25日]
CHR扩展:(谷歌钱包) - C:\用户\阿尔文\应用程序数据\本地\谷歌\铬\用户数据\ DEFAULT \分机\ nmmhkkegccagdldgiimedpiccmgmieda [2014年3月25日]
CHR HKLM-X32 \ ... \铬\扩展:[lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\ Program Files文件(x86)的\ Skype的\工具栏\​​ ChromeExtension \ skype_chrome_extension.crx [2014年7月14日]

====================服务(白名单)=================

(如果一个条目包括在fixlist,服务将被从注册表中删除该文件将不会移动,除非单独列出。)

R2 c2cautoupdatesvc; C:\ Program Files文件(x86)的\ Skype的\工具栏\​​自动更新\ SkypeC2CAutoUpdateSvc.exe [1390176 2014年7月14日(微软公司)
R2 c2cpnrsvc; C:\ Program Files文件(x86)的\ Skype的\工具栏\​​ PNRSvc \ SkypeC2CPNRSvc.exe [1767520 2014年7月14日(微软公司)
S3 C2WTS; C:\ Program Files文件\ Windows标识基础\ v3.5版本\ c2wtshost.exe [15768 2010-02-02](微软公司)
S3 fussvc; C:\ Program Files文件(x86)的\的Windows套件\ 8.1 \应用程序认证工具包\ fussvc.exe [142336 2014年2月20日(微软公司)[文件没有签名]
R2 IpOverUsbSvc; C:\ Program Files文件(x86)的\ Common Files文件\ Microsoft共享\ Phone Tools的\ CoreCon \ 11.0 \ BIN \ IpOverUsbSvc.exe [22768 2014年4月17日(微软公司)
R2 Lenovo.VIRTSCRLSVC; C:\ Program Files文件\联想\ VIRTSCRL \ lvvsst.exe [93032 2010-04-07](联想集团有限公司)
R2 LMIGuardianSvc; C:\ Program Files文件(x86)的\ LogMeIn的\ 64 \ LMIGuardianSvc.exe [377704 2015年1月14日(LogMeIn的公司)
R2 LMIMaint; C:\ Program Files文件(x86)的\ LogMeIn的\ 64 \ RaMaint.exe [226152 2015年1月14日(LogMeIn的公司)
R2 LogMeIn的; C:\ Program Files文件(x86)的\ LogMeIn的\ 64 \ LogMeIn.exe [407424 2013年12月11日(LogMeIn的公司)
R2 MsMpSvc; C:\ Program Files文件\ Microsoft安全客户端\ MsMpEng.exe [23784 2014年8月22日(微软公司)
R2 MSSQL $ SQLEXPRESS; C:\ Program Files文件\ Microsoft SQL Server的\ MSSQL11.SQLEXPRESS \ MSSQL \ BINN \ SQLSERVR.EXE [192160 2014年7月23日(微软公司)
R3 MSSQLFDLauncher $ SQLEXPRESS; C:\ Program Files文件\ Microsoft SQL Server的\ MSSQL11.SQLEXPRESS \ MSSQL \ BINN \ fdlauncher.exe [49752 2012-02-11](微软公司)
S3 MyWiFiDHCPDNS; C:\ Program Files文件\英特尔\无线\ BIN \ PanDhcpDns.exe [340240 2010-12-17]()
S3 NisSrv; C:\ Program Files文件\ Microsoft安全客户端\ NisSrv.exe [368624 2014年8月22日(微软公司)
R2 RapportMgmtService; C:\ Program Files文件(x86)的\的Trusteer \融洽\ BIN \ RapportMgmtService.exe [1919256 2014年12月22日(IBM公司)
R2的ReportServer $ SQLEXPRESS; C:\ Program Files文件\ Microsoft SQL Server的\ MSRS11.SQLEXPRESS \ Reporting Services的\的ReportServer \ BIN \ ReportingServicesService.exe [2423792 2012年10月19日(微软公司)
S4的SQLAgent $ SQLEXPRESS; C:\ Program Files文件\ Microsoft SQL Server的\ MSSQL11.SQLEXPRESS \ MSSQL \ BINN \ SQLAGENT.EXE [613024 2014年7月23日(微软公司)
R2 SUService; C:\ Program Files文件(x86)的\联想\系统更新\ SUService.exe [28672 2010-11-25](联想集团有限公司)[文件没有签名]
S3 Te.Service; C:\ Program Files文件(x86)的\的Windows套件\ 8.1 \测试\运行时\塔伊夫\ Wex.Services.exe [119808 2013年8月22日(微软公司)[文件没有签名]
R2 UleadBurningHelper; C:\ Program Files文件(x86)的\ Common Files文件\ Ulead系统\ DVD \ ULCDRSvr.exe [61440 2008-01-10](友立资讯股份有限公司)[文件没有签名]
R2 VIPAppService; C:\ Program Files文件(x86)的\赛门铁克\ VIP访问客户端\ VIPAppService.exe [82544 2011-07-12](赛门铁克公司)
S3 VsEtwService120; C:\ Program Files文件(x86)的\微软的Visual Studio 12.0 \ Common7 \包\调试\ SERVICES \ VsEtwService.exe [89232 2014年7月22日(微软公司)
S3 WinDefend; C:\ Program Files文件\ Windows Defender的\ mpsvc.dll [1011712 2013年5月27日(微软公司)

====================驱动器(白名单)====================

(如果一个条目包括在fixlist,服务将被从注册表中删除该文件将不会移动,除非单独列出。)

R2 LMIInfo; C:\ Program Files文件(x86)的\ LogMeIn的\ 64 \ RaInfo.sys [16056 2013年12月11日(LogMeIn的公司)
S4 LMIRfsClientNP; 没有的ImagePath
R0 MpFilter; C:\ WINDOWS \ SYSTEM32 \ DRIVERS \ MpFilter.sys [269008 2014年7月17日(微软公司)
S3 NisDrv; C:\ WINDOWS \ SYSTEM32 \ DRIVERS \ NisDrvWFP.sys [125584 2014年7月17日(微软公司)
R1 RapportCerberus_80120; C:\ ProgramData \的Trusteer \融洽\店\ EXTS \ RapportCerberus \基线\融洽Cerberus64_80120.sys [845464 2015年1月14日(IBM公司)
R1 RapportEI64; C:\ Program Files文件(x86)的\的Trusteer \融洽\ BIN \ 64 \ RapportEI64.sys [445816情节中字](IBM公司)
R0 RapportKE64; C:\ WINDOWS \ SYSTEM32 \ DRIVERS \ RapportKE64.sys [535576情节中字](IBM公司)
R1 RapportPG64; C:\ Program Files文件(x86)的\的Trusteer \融洽\ BIN \ 64 \ RapportPG64.sys [558872情节中字](IBM公司)
S4 RsFx0201; C:\ WINDOWS \ SYSTEM32 \ DRIVERS \ RsFx0201.sys [336880 2012年10月19日(微软公司)

==================== NetSvcs(白名单)===================

(如果项目被包括在fixlist,它将被从注册表中删除。在任何相关的文件可以被单独列出要被移动)。

====================一个月创建的文件和文件夹========

(如果一个条目包括在fixlist,文件\文件夹将被移动)。

2015年1月15日19:13 - 2015年1月15日19:14 - 00025533 _____()C:\用户\阿尔文\下载\ FRST.txt
2015年1月15日19:07 - 2015年1月15日19:13 - 00000000 ____D()C:\ FRST
2015年1月15日19:06 - 2015年1月15日19:06 - 02125312 _____(Farbar)C:\用户\阿尔文\下载\ FRST64(1).EXE
2015年1月15日19:05 - 2015年1月15日19:05 - 02125312 _____(Farbar)C:\用户\阿尔文\下载\ FRST64.exe
2015年1月14日19:19 - 2015年1月14日19:20 - 09646448 _____(LogMeIn的公司)C:\用户\阿尔文\下载\ logmeinignitionusb.exe
2015年1月14日19:14 - 2015年1月14日19:14 - 00000000 ____D()C:\用户\阿尔文\应用程序数据\本地\ LogMeInIgnition
2015年1月14日18:40 - 2015年1月14日18:40 - 00001170 _____()C:\ ProgramData \微软\ WINDOWS \开始菜单\程序\ Mozilla的Firefox.lnk
2015年1月14日18:40 - 2015年1月14日18:40 - 00001158 _____()C:\用户\公用\桌面\ Mozilla的Firefox.lnk
2015年1月14日18:40 - 2015年1月14日18:40 - 00000000 ____D()C:\ Program Files文件(x86)的\ Mozilla的维护服务
2015年1月14日18:37 - 2015年1月14日18:38 - 00243504 _____()C:\用户\阿尔文\下载\ Firefox的设置存根35.0.exe
2015年1月14日18:04 - 05:35 2014-12-12 - 05553592 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ ntoskrnl.exe中
2015年1月14日18:04 - 05:31 2014-12-12 - 00503808 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ srcore.dll
2015年1月14日18:04 - 05:31 2014-12-12 - 00296960 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ rstrui.exe
2015年1月14日18:04 - 05:31 2014-12-12 - 00050176 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ srclient.dll
2015年1月14日18:04 - 05:11 2014-12-12 - 03971512 _____(微软公司)C:\ WINDOWS \ Syswow64资料\ ntkrnlpa.exe
2015年1月14日18:04 - 05:11 2014-12-12 - 03916728 _____(微软公司)C:\ WINDOWS \ Syswow64资料\ ntoskrnl.exe中
2015年1月14日18:04 - 05:07 2014-12-12 - 00043008 _____(微软公司)C:\ WINDOWS \ Syswow64资料\ srclient.dll
2015年1月14日17:52 - 2015年1月14日17:52 - 00509440 _____(技术支持盖伊系统)C:\用户\阿尔文\下载\ SYSINFO(1).EXE
2015年1月14日17:51 - 2015年1月14日17:51 - 00509440 _____(技术支持盖伊系统)C:\用户\阿尔文\下载\ SYSINFO.EXE
2015年1月14日17:38 - 03:06情节中字 - 00210432 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ profsvc.dll
2015年1月14日17:38 - 01:46情节中字 - 00141312 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ DRIVERS \ mrxdav.sys
2015年1月14日17:38 - 2014年12月13日05:09 - 00144384 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ ieUnatt.exe
2015年1月14日17:38 - 2014年12月13日03:33 - 00115712 _____(微软公司)C:\ WINDOWS \ Syswow64资料\ ieUnatt.exe
2015年1月14日17:38 - 2014年12月11日17:47 - 00087040 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ TSWbPrxy.exe
2015年1月14日17:38 - 04:17 2014-12-06 - 00303616 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ nlasvc.dll
2015年1月14日17:38 - 03:50 2014-12-06 - 00156672 _____(微软公司)C:\ WINDOWS \ Syswow64资料\ ncsi.dll
2015年1月14日17:38 - 03:50 2014-12-06 - 00052224 _____(微软公司)C:\ WINDOWS \ Syswow64资料\ nlaapi.dll
2015年1月14日17:21 - 2015年1月14日17:21 - 00000000 ____D()C:\ WINDOWS \ SYSTEM32 \鉴定
2015年1月14日16:57 - 2015年1月14日16:57 - 00000000 ____D()C:d52a2f5e2bd0344809b8f53d5db
2014年12月30日23:22 - 2014年10月18日02:05 - 04121600 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ mf.dll
2014年12月30日23:22 - 2014年10月18日01:33 - 03209728 _____(微软公司)C:\ WINDOWS \ Syswow64资料\ mf.dll
2014年12月30日23:22 - 2014年7月7日02:06 - 00206848 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ mfps.dll
2014年12月30日23:22 - 2014年7月7日02:06 - 00055808 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ rrinstaller.exe
2014年12月30日23:22 - 2014年7月7日02:06 - 00024576 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ mfpmp.exe
2014年12月30日23:22 - 2014年7月7日02:02 - 00002048 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ mferror.dll
2014年12月30日23:22 - 2014年7月7日01:40 - 00103424 _____(微软公司)C:\ WINDOWS \ Syswow64资料\ mfps.dll
2014年12月30日23:22 - 2014年7月7日01:39 - 00050176 _____(微软公司)C:\ WINDOWS \ Syswow64资料\ rrinstaller.exe
2014年12月30日23:22 - 2014年7月7日01:39 - 00023040 _____(微软公司)C:\ WINDOWS \ Syswow64资料\ mfpmp.exe
2014年12月30日23点22分 - 2014年7月7日1时37分 - 00002048 _____(微软公司)C:\ WINDOWS \ Syswow64资料\ mferror.dll
2014年12月30日17:40 - 2014年12月4日02:50 - 00830976 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ appraiser.dll
2014年12月30日17:40 - 2014年12月4日02:50 - 00741376 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ invagent.dll
2014年12月30日17:40 - 2014年12月4日02:50 - 00413184 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ generaltel.dll
2014年12月30日17:40 - 2014年12月4日02:50 - 00396800 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ devinv.dll
2014年12月30日17:40 - 2014年12月4日02:50 - 00227328 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ aepdu.dll
2014年12月30日17:40 - 2014年12月4日02:50 - 00192000 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ aepic.dll
2014年12月30日17:40 - 2014年12月4日02:44 - 01083392 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ aeinv.dll
2014年12月30日17:40 - 2014年12月1日23:28 - 01232040 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ aitstatic.exe
2014年12月30日17:40 - 2014年11月27日01:43 - 00389296 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ iedkcs32.dll
2014年12月30日17:40 - 2014年11月27日01:10 - 00342200 _____(微软公司)C:\ WINDOWS \ Syswow64资料\ iedkcs32.dll
2014年12月30日17:40 - 2014年11月22日03:13 - 25059840 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ Mshtml.dll中
2014年12月30日17:40 - 2014年11月22日03:06 - 02724864 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ MSHTML.tlb的
2014年12月30日17:40 - 2014年11月22日03:06 - 00004096 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ ieetwcollectorres.dll
2014年12月30日17:40 - 2014年11月22日02:50 - 00580096 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ vbscript.dll中
2014年12月30日17:40 - 2014年11月22日02:50 - 00066560 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ iesetup.dll
2014年12月30日17:40 - 2014年11月22日02:49 - 02885120 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ iertutil.dll
2014年12月30日17:40 - 2014年11月22日02:49 - 00048640 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ ieetwproxystub.dll
2014年12月30日17:40 - 2014年11月22日02:48 - 00088064 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ MshtmlDac.dll
2014年12月30日17:40 - 2014年11月22日02:41 - 00054784 _____(微软公司)C:\ WINDOWS \ SYSTEM32 \ jsproxy.dll
2014-12-30 17:40 - 2014-11-22 02:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-30 17:40 - 2014-11-22 02:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-30 17:40 - 2014-11-22 02:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-30 17:40 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-30 17:40 - 2014-11-22 02:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-30 17:40 - 2014-11-22 02:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-30 17:40 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-30 17:40 - 2014-11-22 02:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-30 17:40 - 2014-11-22 02:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-30 17:40 - 2014-11-22 02:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-30 17:40 - 2014-11-22 02:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-30 17:40 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-30 17:40 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-30 17:40 - 2014-11-22 02:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-30 17:40 - 2014-11-22 02:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-30 17:40 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-30 17:40 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-30 17:40 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-30 17:40 - 2014-11-22 01:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-30 17:40 - 2014-11-22 01:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-30 17:40 - 2014-11-22 01:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-30 17:40 - 2014-11-22 01:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-30 17:40 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-30 17:40 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-30 17:40 - 2014-11-22 01:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-30 17:40 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-30 17:40 - 2014-11-22 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-30 17:40 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-30 17:40 - 2014-11-22 01:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-30 17:40 - 2014-11-22 01:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-30 17:40 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-30 17:40 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-30 17:40 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-30 17:40 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-30 17:40 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-30 17:40 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-30 17:40 - 2014-11-22 01:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-30 17:40 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-30 17:40 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-30 17:40 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-30 17:40 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-30 17:40 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-30 17:40 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-30 17:40 - 2014-11-11 03:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-30 17:40 - 2014-11-11 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-30 17:40 - 2014-11-11 01:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-30 17:39 - 2014-11-08 03:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-30 17:39 - 2014-11-08 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-30 17:39 - 2014-10-30 02:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-30 17:39 - 2014-10-30 01:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-30 17:39 - 2014-10-03 02:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-30 17:39 - 2014-10-03 02:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-30 17:39 - 2014-10-03 02:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-30 17:39 - 2014-10-03 02:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-30 17:39 - 2014-10-03 02:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-30 17:39 - 2014-10-03 01:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-30 17:39 - 2014-10-03 01:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-30 17:39 - 2014-10-03 01:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-30 17:39 - 2014-10-03 01:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-30 17:39 - 2014-10-03 01:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-30 17:31 - 2014-12-30 17:31 - 00000000 ____D () C:\Program Files (x86)\YBS
2014-12-30 17:30 - 2014-12-30 17:31 - 00507904 _____ () C:\Users\Alwin\Downloads\ybs.msi

====================一个月修改的文件和文件夹=======

(如果一个条目包括在fixlist,文件\文件夹将被移动)。

2015-01-15 19:14 - 2011-09-07 18:01 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-15 19:14 - 2011-09-07 17:27 - 01602847 _____ () C:\Windows\WindowsUpdate.log
2015-01-15 19:08 - 2009-07-14 04:45 - 00031616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-15 19:08 - 2009-07-14 04:45 - 00031616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-15 19:07 - 2012-12-02 14:43 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2015-01-15 18:59 - 2014-04-07 21:11 - 00001015 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-01-15 18:59 - 2014-04-07 21:10 - 00000999 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-01-15 18:58 - 2012-12-03 16:18 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-01-15 18:58 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 18:58 - 2009-07-14 04:51 - 00061363 _____ () C:\Windows\setupact.log
2015-01-14 18:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-14 18:32 - 2013-04-08 13:25 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-14 18:31 - 2011-09-07 18:01 - 00000000 ____D () C:\Program Files\Google
2015-01-14 18:31 - 2011-09-07 18:01 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-14 18:31 - 2010-11-21 03:47 - 00703136 _____ () C:\Windows\PFRO.log
2015-01-14 18:28 - 2013-04-08 13:25 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-14 18:28 - 2012-12-10 20:37 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-14 18:28 - 2012-12-10 20:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-14 18:28 - 2012-12-02 15:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-14 18:20 - 2012-12-02 14:44 - 00000000 ____D () C:\Users\Alwin\AppData\Local\Google
2015-01-14 18:19 - 2013-08-27 21:23 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 17:37 - 2013-09-03 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2015-01-14 17:21 - 2014-05-25 16:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-14 17:21 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-14 17:09 - 2012-12-02 14:43 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2015-01-14 17:07 - 2012-12-02 14:43 - 00003490 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-01-14 17:01 - 2014-03-25 22:10 - 00000000 ____D () C:\Users\Alwin\Desktop\Old Firefox Data
2015-01-14 16:55 - 2014-04-07 21:10 - 00000000 ____D () C:\Program Files (x86)\LogMeIn
2015-01-14 16:54 - 2014-04-07 21:11 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2015-01-14 16:54 - 2014-04-07 21:11 - 00092520 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2015-01-14 16:54 - 2014-04-07 21:11 - 00035688 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2015-01-14 16:53 - 2012-12-02 14:43 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2015-01-14 16:49 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-31 13:12 - 2012-12-04 10:26 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-31 11:14 - 2010-11-21 03:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-30 23:24 - 2013-10-09 09:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-30 19:30 - 2011-09-07 17:59 - 00000000 ____D () C:\ProgramData\PCDr
2014-12-30 17:48 - 2012-12-02 14:43 - 00004230 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-12-30 17:22 - 2013-09-05 09:46 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-30 17:18 - 2012-12-02 15:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-22 17:52 - 2013-03-12 09:01 - 00535576 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKE64.sys

TEMP的一些内容:
====================
C:\Users\Alwin\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Alwin\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Alwin\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Alwin\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Alwin\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

(没有为未通过验证的文件不会自动修复。)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-26 22:37

==================== End Of Log ============================

And here is the Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015
Ran by Alwin at 2015-01-15 19:15:39
Running from C:\Users\Alwin\Downloads
引导模式:正常
================================================== ========

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.280 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.280 - Adobe Systems Incorporated)
ADOBE READER XI(11.0.10)(HKLM-X32 \ ... \ {AC76BA86-7AD7-1033-7B44-AB0000000001})(版本:11.0.10 - Adob​​e系统公司)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Application Insights Tools for Visual Studio 2013 (x32 Version: 2.1 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
BisonCam Twain Pro (HKLM-x32\...\{F2672232-FF17-4DC9-8F24-A1E1829FE086}) (Version: 1.5.4.7 - Bison WebCam Ap)
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.2200 - Broadcom Corporation)
Build Tools - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.27.0 - Conexant)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.828 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
EditPad Lite 7.3.0 (HKLM\...\EditPad Lite) (Version: 7.3.0 - Just Great Software)
Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{3F29268A-F53A-4387-9F2B-E9368A823178}) (Version: 11.1.30729.00 - Microsoft Corporation)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - )
GDR 3128 for SQL Server 2012 (KB2793634) (64-bit) (HKLM\...\KB2793634) (Version: 11.1.3128.0 - Microsoft Corporation)
GDR 3153 for SQL Server 2012 (KB2977326) (64-bit) (HKLM\...\KB2977326) (Version: 11.1.3153.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2251.0 - Google Inc.)
谷歌更新助手(X32版本:1.3.25.11 - 谷歌公司)隐藏
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2372 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel(R) Wireless Display (HKLM-x32\...\{025055FC-779B-42F3-95A5-F6926B2964EF}) (Version: 2.0.31.0 - Intel Corporation)
IntelliJ IDEA Community Edition 13.1.3 (HKLM-x32\...\IntelliJ IDEA Community Edition 13.1.3) (Version: 135.909 - JetBrains sro)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.710 - Oracle)
Java SE Development Kit 7 Update 40 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170400}) (Version: 1.7.0.400 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kit SDK de vérification de Visual Studio*2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5802.24 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
LogMeIn (HKLM-x32\...\{F8511796-1457-4A92-BEF7-71080FCF297A}) (Version: 4.1.4132 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Memory Profiler (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
微软的.NET Framework 4.5.1(HKLM \ ... \ {92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033)(版本:4.5.50938 - 微软公司)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{B29CAAEC-E52C-4941-9729-1AB85B7970CA}) (Version: 11.1.3153.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Policies (HKLM-x32\...\{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{FE022499-97DD-45C9-A86B-7D34EA4E3A8D}) (Version: 11.1.3153.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{D6737142-1A85-4299-8523-5F3A1636EBE7}) (Version: 11.1.3153.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM\...\{A67C75DE-BED6-4F1B-97EB-30CD1D40FFED}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32\...\{F3BBC56F-2282-4464-952F-A89772181F30}) (Version: 10.3.20116.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
微软的Visual C ++ 2005可再发行(HKLM-X32 \ ... \ {710f4c1c-cc18-4c49-8cbf-51240c89a1a2})(版本:8.0.61001 - 微软公司)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
微软的Visual C ++ 2008可再发行 - 64 9.0.30729.17(HKLM \ ... \ {8220EEFE-38CD-377E-8595-13398D740ACE})(版本:9.0.30729 - 微软公司)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
微软的Visual C ++ 2008可再发行 - 86 9.0.30729.17(HKLM-X32 \ ... \ {9A25302D-30C0-39D9-BD6F-21E6EC160475})(版本:9.0.30729 - 微软公司)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
微软的Visual C ++ 2010可再发行64 - 10.0.40219(HKLM \ ... \ {1D8E6291-B0D5-35EC-8441-6616F567A0F7})(版本:10.0.40219 - 微软公司)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
微软的Visual C ++ 2012可再发行组件(64) - 11.0.60610(HKLM-X32 \ ... \ {a1909659-0a08-4554-8af1-2175904903a1})(版本:11.0.60610.1 - 微软公司)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Integrated) - ENU (HKLM-x32\...\{012D26C3-E12A-3BDA-8ECE-DF14E721A507}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM-x32\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 3 (HKLM-x32\...\{1ef771b4-b774-439e-a015-23dec292d9a4}) (Version: 12.0.30723.0 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{6dff50d0-3bc3-4a92-b724-bf6d6a99de4f}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Mozilla Firefox 35.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-GB)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NUnit 2.6.3 (HKLM-x32\...\{002B407D-DE66-4601-A10C-45941586C767}) (Version: 2.6.3.13283 - nunit.org)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.42.00 - )
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.66.3 - Lenovo Group Limited)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Python 3.3.3 (HKLM-x32\...\{39b6eb84-331c-3657-ad2e-837537ddf04f}) (Version: 3.3.3150 - Python Software Foundation)
Python Tools Redirection Template (x32 Version: 1.0 - Microsoft Corporation) Hidden
Python Tools Redirection Template (x32 Version: 1.2 - Microsoft Corporation) Hidden
qBittorrent 3.1.9.2 (HKLM-x32\...\qbittorrent) (Version: 3.1.9.2 - The qBittorrent project)
Rapid Environment Editor version 8.0.0.920 (HKLM\...\{34AD4E52-723F-4377-9CDD-BCBD892264FA}_is1) (Version: 8.0.0.920 - Oleg Danilov)
RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.10 - Lenovo)
Rapport (x32 Version: 3.5.1404.61 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Remote Access Viewer (HKLM-x32\...\Remote Access Viewer_is1) (Version: - Pro Softnet Corp)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RICOH_Media_Driver_v2.13.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.13.18.02 - RICOH)
SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Service Pack 1 for SQL Server 2012 (KB2674319) (64-bit) (HKLM\...\KB2674319) (Version: 11.1.3000.0 - Microsoft Corporation)
Service Pack 2的Microsoft Office 2010的(KB2687455)32位版本 (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies SA)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SQL Server 2012 BI Development Studio (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Client Tools (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Documentation Components (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Full text search (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 SQL Data Quality Common (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.1.3000.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0039 - Lenovo)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.2200 - Broadcom Corporation)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.75 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.02 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.06 - Lenovo)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1404.61 - Trusteer)
TypeScript Power Tool (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.2.141 - VeriSign)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Visual Studio 2013 Update 3 (KB2829760) (HKLM-x32\...\{86438e3d-7f83-4dd2-94aa-047e7c3974cb}) (Version: 12.0.30723 - Microsoft Corporation)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
VS Update core components (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows Driver Package - Intel (iaStor) hdc (11/06/2010 10.1.0.1008) (HKLM\...\73C6BE3E3B6FC5418F2B47E6C75F6C8F9552DC12) (Version: 11/06/2010 10.1.0.1008 - Intel)
Windows Driver Package - Lenovo 1.62.00.00 (01/19/2011 1.62.00.00) (HKLM\...\D01A7EE241898C810674C69EB908D655D149BE77) (Version: 01/19/2011 1.62.00.00 - Lenovo)
Windows Driver Package - Realtek (RTL8167) Net (12/29/2010 7.037.1229.2010) (HKLM\...\828B05D2B647CDAEA22493F7BFB96847265EE596) (Version: 12/29/2010 7.037.1229.2010 - Realtek)
Windows Driver Package - Synaptics (SynTP) Mouse (05/05/2011 15.3.6.0) (HKLM\...\C63C03BF3BE2B6F6204BB54541690449FFF79F4F) (Version: 05/05/2011 15.3.6.0 - Synaptics)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Wing IDE 101 5.0.0-1 (HKLM-x32\...\Wing IDE 101 5.0_is1) (Version: - )
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden
YBS Account Aggregation (HKLM-x32\...\{CC8A563E-7D2D-4589-B628-4379F1E8D4E1}) (Version: 1.0.197 - YBS)
Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

27-10-2014 20:07:26 Windows Update
27-10-2014 20:57:30 Update for Microsoft Visual Studio 2013 (KB2932965)
08-12-2014 19:09:54 Windows Update
08-12-2014 19:12:08 Windows Backup
08-12-2014 19:40:55 Windows Update
08-12-2014 20:19:49 Installed Rapport
08-12-2014 20:54:02 Installed Power Manager
30-12-2014 17:25:42 Windows Backup
30-12-2014 17:25:50 Windows Update
30-12-2014 23:19:54 Windows Update
14-01-2015 17:00:35 Windows Update
14-01-2015 17:08:30 Windows Backup
14-01-2015 17:31:50 Installed Rapport
14-01-2015 18:04:50 Windows Update
14-01-2015 18:23:11 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {16485B91-8364-4F20-8FE5-8AEE90509AA5} - \MediaPlayerplus-codedownloader No Task File <==== ATTENTION
Task: {1EA8F088-778B-4BE4-84E3-AFE2285E9F9E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {2BC49CD5-64D2-406B-9235-916633F92483} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {2EEFE1A9-64A7-46ED-AA00-08C5049D3BD6} - \MediaPlayerplus-enabler No Task File <==== ATTENTION
Task: {34FF7C53-E88C-4409-987C-3E36D9C0B2AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {3C47D25F-D637-4877-9988-4AF1EE2CB7AA} - \MediaPlayerplus-firefoxinstaller No Task File <==== ATTENTION
Task: {4110FBAD-1C82-41BB-A46C-78466CE9A2B7} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-24] (Synaptics Incorporated)
Task: {43A3AFF2-1C97-484B-8951-CA44583F74E8} - \MediaPlayerplus-chromeinstaller No Task File <==== ATTENTION
Task: {55C13541-FBFC-4B29-BB0E-BF330CFA8876} - System32\Tasks\4688 => Wscript.exe C:\Users\Alwin\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {647C062C-416C-4460-92AC-5D021E88D97E} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-03-31] (PC-Doctor, Inc.)
Task: {6F23BB72-3F7A-4C28-A149-9D77B618390C} - \MediaPlayerplus-updater No Task File <==== ATTENTION
Task: {778202D1-F3C7-4DBF-A1EF-04EB9D0EF061} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {94D5B952-5AB1-405D-B94D-D06D2651503E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {95AA77D8-B1D2-484B-8568-686A17AF87F8} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-03-31] (PC-Doctor, Inc.)
Task: {97C2C998-2F9F-4B15-8A37-2DAB30D02167} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-03-31] (PC-Doctor, Inc.)
Task: {B24FEC02-B4F2-43CE-9CE6-FA11C7E2703C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {B4298D89-689E-4E03-BB76-DBC81EFBB0AF} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {B587349B-CCE5-4595-A6C0-CC63B00A7647} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28] ()
Task: {B8B1A87E-9F81-4520-9F83-C0F7348EC4EF} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {BB941E11-4B01-4B6B-96A4-758B2E675A43} - System32\Tasks => Iexplore.exe <==== ATTENTION
Task: {C74D78F0-9500-4CBF-ADFC-82844F66EE9D} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {CA2587AD-7655-4FCB-828A-7A2A1D873B21} - System32\Tasks\{B0E86DA9-ED96-4C7E-B538-BE6607C0BB63} => pcalua.exe -a C:\Users\Alwin\Desktop\HijackThis.exe -d C:\Users\Alwin\Desktop
Task: {CCCAA958-2420-400D-AB45-145196CDC6EC} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2014-09-10] (Lenovo Group Limited)
Task: {E372B79B-6662-49FD-A555-E3BA4162661D} - System32\Tasks\{515C6BFA-8519-4451-99B8-CC7560975CB5} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller" -c -hunter
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe

==================== Loaded Modules (whitelisted) =============

2011-06-22 05:48 - 2011-06-22 05:48 - 00034304 _____ () C:\Windows\System32\ssp7ml6.dll
2010-12-17 20:53 - 2010-12-17 20:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-09-07 17:50 - 2014-09-10 06:06 - 00104960 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2010-12-17 20:53 - 2010-12-17 20:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-09-07 17:46 - 2010-10-26 03:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2011-09-07 17:46 - 2011-04-27 23:46 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2009-05-28 05:09 - 2009-05-28 05:09 - 00049976 _____ () C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
2011-09-07 17:51 - 2010-04-06 16:05 - 02085888 _____ () C:\Program Files\Lenovo\AutoLock\cv210.dll
2011-09-07 17:52 - 2010-04-06 16:04 - 02201088 _____ () C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2014-12-30 17:24 - 2014-12-16 17:04 - 01168712 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2251.0\libglesv2.dll
2014-12-30 17:24 - 2014-12-16 17:04 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2251.0\libegl.dll
2014-12-30 17:24 - 2014-12-16 17:04 - 09207112 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2251.0\pdf.dll
2014-12-30 17:25 - 2014-12-16 17:04 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2251.0\PepperFlash\pepflashplayer.dll
2014-03-23 16:04 - 2014-03-23 16:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-2423253457-56321052-3942783610-500 - Administrator - Disabled)
Alwin (S-1-5-21-2423253457-56321052-3942783610-1000 - Administrator - Enabled) => C:\Users\Alwin
Guest (S-1-5-21-2423253457-56321052-3942783610-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

应用程序错误:
==================
Error: (01/15/2015 06:59:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
说明://./root/CIMV2SELECT * FROM __InstanceModificationEvent在60 WHERE TargetInstance ISA“Win32_Processor”AND TargetInstance.LoadPercentage> 990x80041003

Error: (01/14/2015 07:20:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".E rror in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" 上线 C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
通过与其它组件版本已经激活的应用程序冲突所需的组件版本。
冲突的组件有:。
第一部分: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
第二部分: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/14/2015 06:34:17 PM) (Source: Report Server Windows Service (SQLEXPRESS)) (EventID: 107) (User: )
Description: Report Server Windows Service (SQLEXPRESS) cannot connect to the report server database.

Error: (01/14/2015 06:33:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
说明://./root/CIMV2SELECT * FROM __InstanceModificationEvent在60 WHERE TargetInstance ISA“Win32_Processor”AND TargetInstance.LoadPercentage> 990x80041003

Error: (01/14/2015 05:26:53 PM) (Source: Report Server Windows Service (SQLEXPRESS)) (EventID: 107) (User: )
Description: Report Server Windows Service (SQLEXPRESS) cannot connect to the report server database.

Error: (01/14/2015 05:26:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
说明://./root/CIMV2SELECT * FROM __InstanceModificationEvent在60 WHERE TargetInstance ISA“Win32_Processor”AND TargetInstance.LoadPercentage> 990x80041003

Error: (01/14/2015 05:13:06 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7076) Asapi: (17:13:06:1730)(7076) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt

Error: (01/14/2015 05:13:06 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7076) Asapi: (17:13:06:1730)(7076) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt

Error: (01/14/2015 05:13:06 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7076) Asapi: (17:13:06:1730)(7076) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.body locale: PCDLocale: language = en, customer = lenovo, variant = ltt

Error: (01/14/2015 05:13:06 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7076) Asapi: (17:13:06:1730)(7076) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.title locale: PCDLocale: language = en, customer = lenovo, variant = ltt

系统错误:
=============
Error: (01/15/2015 07:01:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (01/15/2015 06:59:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

模块路径:C:\ WINDOWS \ SYSTEM32 \ IWMSSvc.dll
Error Code: 87

Error: (01/14/2015 05:36:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel(R) Management and Security Application User Notification Service service hung on starting.

Error: (01/14/2015 05:36:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

Error: (01/14/2015 05:35:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

Error: (01/14/2015 05:34:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Security Center service hung on starting.

Error: (01/14/2015 05:34:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

Error: (01/14/2015 05:33:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

Error: (01/14/2015 05:21:28 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.

Error: (01/14/2015 05:19:59 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070652: Update for Microsoft OneNote 2010 (KB2597088) 32-Bit Edition.

微软办公会议:
=========================
Error: (01/15/2015 06:59:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
说明://./root/CIMV2SELECT * FROM __InstanceModificationEvent在60 WHERE TargetInstance ISA“Win32_Processor”AND TargetInstance.LoadPercentage> 990x80041003

Error: (01/14/2015 07:20:29 PM) (Source: SideBySide) (EventID: 80) (User: )
描述: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\W indows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\U sers\Alwin\Downloads\logmeinignitionusb.exe

Error: (01/14/2015 06:34:17 PM) (Source: Report Server Windows Service (SQLEXPRESS)) (EventID: 107) (User: )
Description: Report Server Windows Service (SQLEXPRESS)

Error: (01/14/2015 06:33:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
说明://./root/CIMV2SELECT * FROM __InstanceModificationEvent在60 WHERE TargetInstance ISA“Win32_Processor”AND TargetInstance.LoadPercentage> 990x80041003

Error: (01/14/2015 05:26:53 PM) (Source: Report Server Windows Service (SQLEXPRESS)) (EventID: 107) (User: )
Description: Report Server Windows Service (SQLEXPRESS)

Error: (01/14/2015 05:26:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
说明://./root/CIMV2SELECT * FROM __InstanceModificationEvent在60 WHERE TargetInstance ISA“Win32_Processor”AND TargetInstance.LoadPercentage> 990x80041003

Error: (01/14/2015 05:13:06 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7076) Asapi: (17:13:06:1730)(7076) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt

Error: (01/14/2015 05:13:06 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7076) Asapi: (17:13:06:1730)(7076) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt

Error: (01/14/2015 05:13:06 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7076) Asapi: (17:13:06:1730)(7076) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.body locale: PCDLocale: language = en, customer = lenovo, variant = ltt

Error: (01/14/2015 05:13:06 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7076) Asapi: (17:13:06:1730)(7076) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.title locale: PCDLocale: language = en, customer = lenovo, variant = ltt

CodeIntegrity Errors:
===================================
Date: 2014-05-25 17:54:20.486
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-25 17:54:20.417
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-25 17:54:20.354
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-25 17:54:20.227
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-25 17:54:20.131
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-25 17:54:20.023
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-25 17:54:19.755
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-25 17:54:19.582
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-25 17:54:19.335
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-25 17:54:18.893
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 83%
Total physical RAM: 4007.23 MB
Available physical RAM: 676.05 MB
Total Pagefile: 8012.65 MB
Available Pagefile: 3880.82 MB
总的虚拟:8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:452.87 GB) (Free:365.63 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (VS2013_3_DSKEXP_ENU) (CDROM) (Total:4.69 GB) (Free:0 GB) CDFS
Drive q: (Lenovo_Recovery) (Fixed) (Total:11.72 GB) (Free:2.43 GB) NTFS

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (Size: 465.8 GB) (Disk ID: 92484C6A)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=452.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

非常感谢
嘿,
Please move FRST to your Desktop.

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop :

Download Mirror #1

  1. Right-click on AdwCleaner.exe and select Run as administrator . (If you have Windows XP the just run it)
  2. Click Scan and let the scan run.
  3. When it finishes, click Clean , following the on screen prompts
  4. After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.

Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

Go back to the Dashboard and select Scan Now

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

*Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • 运行通过双击它的工具。 If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • 该工具将打开并开始扫描你的系统。
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • 完成后,日志(JRT.txt)被保存到桌面,并且会自动打开。
  • 发表JRT.txt的内容到你的下一条消息。

Step 4: FRST Scan

  1. Run FRST . (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator )
  2. 点击扫描 ,开始FRST。
  3. When FRST finishes scanning, a log, FRST.txt , will open.
  4. Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

嗨:-)

非常感谢你。 OK firstly here is the ADWCleaner log

# AdwCleaner v4.107 - Report created 15/01/2015 at 21:32:58
#由XPLODE更新2015年7月1日
#数据库:2015-01-13.2 [直播]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Alwin - WORKAS1
# Running from : C:\Users\Alwin\Desktop\AdwCleaner.exe
#选项:清洁

***** [ 服务 ] *****

***** [文件/文件夹] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAFPlayer
File Deleted : C:\Users\Alwin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\Alwin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal

***** [计划任务] *****

***** [快捷键] *****

***** [注册] *****

键删除:HKCU \软件\微软\的Internet Explorer \ LowRegistry \ DOMStorage \ superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Taronja
键删除:HKLM \ SOFTWARE \微软\的Windows \ CurrentVersion \卸载\ VOPackage
键删除:[64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components238BBE24EA3A70408B81E4BB89C15E5
键删除:[64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\ComponentsC776EBEBCBCFBE408892EE7B12517FC
键删除:[64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
键删除:[64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
键删除:[64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
键删除:[64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
键删除:[64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\ProductsC776EBEBCBCFBE408892EE7B12517FC
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\delta-search.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ib.adnxs.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\iminent.com

***** [浏览器] *****

- \\ Internet Explorer的v11.0.9600.17496

-\\ Mozilla Firefox v35.0 (x86 en-GB)

-\\ Google Chrome v41.0.2272.3

*************************

AdwCleaner[R2].txt - [2673 octets] - [15/01/2015 21:29:14]
AdwCleaner[S2].txt - [2600 octets] - [15/01/2015 21:32:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2660 octets] ##########

2. The Malware log

的Malwarebytes反恶意软件
www.malwarebytes.org

Scan Date: 15/01/2015
Scan Time: 21:53:10
Logfile: Scanning History log 15012015.txt
管理员:是的

版本:2.00.4.1028
Malware Database: v2015.01.15.13
Rootkit的数据库:v2015.01.14.01
授权方式:免费
恶意软件防护:禁用
恶意网站防护:禁用
自我保护:禁用

操作系统:Windows 7 Service Pack 1的
CPU:64
文件系统:NTFS
User: Alwin

扫描类型:威胁扫描
结果:已完成
Objects Scanned: 533744
Time Elapsed: 41 min, 27 sec

内存:已启用
启动:启用
文件系统:启用
档案:启用
rootkit的:启用
启发式:启用
PUP:启用
PUM:启用

流程:0
(未检测到的恶意项)

模块:0
(未检测到的恶意项)

注册表项:0
(未检测到的恶意项)

注册表值:0
(未检测到的恶意项)

注册表数据:0
(未检测到的恶意项)

文件夹:0
(未检测到的恶意项)

文件:1
PUP.Optional.OptimumInstaller.A, C:\Users\Alwin\Downloads\Setup.exe, Quarantined, [97ba4fa855343ff7b639df907c85b848],

物理扇区:0
(未检测到的恶意项)

(结束)

3. Junkware Removal log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~
Junkware删除工具(JRT)由Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Professional x64
Ran by Alwin on 15/01/2015 at 22:51:19.41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~注册表项

~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-7AE0A20E.pf

~~~文件夹

Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\Alwin\AppData\Roaming\pcdr"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~
Scan was completed on 15/01/2015 at 22:59:48.83
JRT日志结束
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~

4. And here are the FRST and Addition logs

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015
Ran by Alwin (administrator) on WORKAS1 on 15-01-2015 23:03:57
Running from C:\Users\Alwin\Downloads
Loaded Profiles: Alwin & MSSQL$SQLEXPRESS & ReportServer$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS (Available profiles: Alwin & MSSQL$SQLEXPRESS & ReportServer$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
引导模式:正常
教程Farbar恢复扫描工具:http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS11.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\fdhost.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

====================注册(白名单)==================

(如果某个条目包含在fixlist,注册表项目将被恢复为默认或删除该文件不会被移动。)

HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2011-03-29] (Lenovo.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [310912 2011-04-26] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-04-05] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281960 2011-04-05] (Lenovo Group Limited)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2013-12-11] (LogMeIn, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-14] (Lenovo, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2423253457-56321052-3942783610-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKU\S-1-5-21-2423253457-56321052-3942783610-1000\...\MountPoints2: {020141a0-13e6-11e4-84d9-f0def188a146} - E:\vs_professional.exe
HKU\S-1-5-21-2423253457-56321052-3942783610-1000\...\MountPoints2: {3ab7cfd9-d976-11e0-b7ae-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-2423253457-56321052-3942783610-1000\...\MountPoints2: {90ded61c-3e1e-11e2-b86a-f0def188a146} - E:\IMDApp.exe
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\...\RunOnce: [] => [X]
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\...\RunOnce: [Lenovoautoqdrive] => C:\Program Files (x86)\Common Files\Lenovo\LenovoDrive\LenovoAutorunreg.exe [159744 2009-03-24] ()
HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933\...\RunOnce: [] => [X]
HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933\...\RunOnce: [Lenovoautoqdrive] => C:\Program Files (x86)\Common Files\Lenovo\LenovoDrive\LenovoAutorunreg.exe [159744 2009-03-24] ()
HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786\...\RunOnce: [] => [X]
HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786\...\RunOnce: [Lenovoautoqdrive] => C:\Program Files (x86)\Common Files\Lenovo\LenovoDrive\LenovoAutorunreg.exe [159744 2009-03-24] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
CHR HKLM \ SOFTWARE \策略\谷歌:政策限制<=======注意

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-2423253457-56321052-3942783610-1000] =>
HKU\S-1-5-21-2423253457-56321052-3942783610-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdom...LENP&bmod=LENP
HKU\S-1-5-21-2423253457-56321052-3942783610-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKU\S-1-5-21-2423253457-56321052-3942783610-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdom...LENP&bmod=LENP
HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdom...LENP&bmod=LENP
HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdom...LENP&bmod=LENP
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2423253457-56321052-3942783610-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer: source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP
SearchScopes: HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer: source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2423253457-56321052-3942783610-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanage...ex-2.2.6.2.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/W...x/ieatgpc1.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=1100
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Alwin\AppData\Roaming\Mozilla\Firefox\Profiles\smsm5i25.default-1421254884656
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_280.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_280.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Firebug - C:\Users\Alwin\AppData\Roaming\Mozilla\Firefox\Profiles\smsm5i25.default-1421254884656\Extensions\[email protected] [2015-01-14]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2011-09-07]

铬:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://www.google.co.uk/
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.3\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.3\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.3\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Alwin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YBS Account Aggregation) - C:\Users\Alwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpgdbjcjofhbmpjadhhhgggglmdllkpi [2012-12-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Alwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2014-12-30]
CHR Extension: (Skype Click to Call) - C:\Users\Alwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-25]
CHR Extension: (Google Wallet) - C:\Users\Alwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(如果一个条目包括在fixlist,服务将被从注册表中删除该文件将不会移动,除非单独列出。)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-02] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [377704 2015-01-14] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226152 2015-01-14] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-12-11] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [192160 2014-07-23] (Microsoft Corporation)
R3 MSSQLFDLauncher$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe [49752 2012-02-11] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-12-22] (IBM Corp.)
R2 ReportServer$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSRS11.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2423792 2012-10-19] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613024 2014-07-23] (Microsoft Corporation)
R2 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2010-11-25] (Lenovo Group Limited) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed]
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [82544 2011-07-12] (Symantec Corporation)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(如果一个条目包括在fixlist,服务将被从注册表中删除该文件将不会移动,除非单独列出。)

R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-12-11] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R1 RapportCerberus_80120; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\Rapport Cerberus64_80120.sys [845464 2015-01-14] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [445816 2014-12-22] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [535576 2014-12-22] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [558872 2014-12-22] (IBM Corp.)
S4 RsFx0201; C:\Windows\System32\DRIVERS\RsFx0201.sys [336880 2012-10-19] (Microsoft Corporation)

==================== NetSvcs(白名单)===================

(如果项目被包括在fixlist,它将被从注册表中删除。在任何相关的文件可以被单独列出要被移动)。

==================== One Month Created Files and Folders ========

(如果一个条目包括在fixlist,文件\文件夹将被移动)。

2015-01-15 23:03 - 2015-01-15 23:04 - 00025079 _____ () C:\Users\Alwin\Downloads\FRST.txt
2015-01-15 23:02 - 2015-01-15 23:02 - 01707939 _____ (Thisisu) C:\Users\Alwin\Downloads\JRT (2).exe
2015-01-15 23:00 - 2015-01-15 23:00 - 00000841 _____ () C:\Users\Alwin\Desktop\JRT15012015.txt
2015-01-15 22:59 - 2015-01-15 22:59 - 00000841 _____ () C:\Users\Alwin\Desktop\JRT.txt
2015-01-15 22:50 - 2015-01-15 22:50 - 01707939 _____ (Thisisu) C:\Users\Alwin\Downloads\JRT (1).exe
2015-01-15 21:48 - 2015-01-15 21:49 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Alwin\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-01-15 21:48 - 2015-01-15 21:48 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Alwin\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-15 21:36 - 2015-01-15 21:36 - 00002768 _____ () C:\Users\Alwin\Desktop\AdwCleaner213015012015.txt
2015-01-15 21:27 - 2015-01-15 21:45 - 00000000 ____D () C:\AdwCleaner
2015-01-15 21:27 - 2015-01-15 21:27 - 02191360 _____ () C:\Users\Alwin\Downloads\AdwCleaner (1).exe
2015-01-15 21:27 - 2015-01-15 21:27 - 02191360 _____ () C:\Users\Alwin\Desktop\AdwCleaner.exe
2015-01-15 19:15 - 2015-01-15 19:16 - 00047623 _____ () C:\Users\Alwin\Desktop\Addition.txt
2015-01-15 19:13 - 2015-01-15 19:16 - 00044689 _____ () C:\Users\Alwin\Desktop\FRST.txt
2015-01-15 19:07 - 2015-01-15 23:04 - 00000000 ____D () C:\FRST
2015-01-15 19:06 - 2015-01-15 19:06 - 02125312 _____ (Farbar) C:\Users\Alwin\Downloads\FRST64 (1).exe
2015-01-15 19:05 - 2015-01-15 19:05 - 02125312 _____ (Farbar) C:\Users\Alwin\Downloads\FRST64.exe
2015-01-14 19:19 - 2015-01-14 19:20 - 09646448 _____ (LogMeIn, Inc.) C:\Users\Alwin\Downloads\logmeinignitionusb.exe
2015-01-14 19:14 - 2015-01-14 19:14 - 00000000 ____D () C:\Users\Alwin\AppData\Local\LogMeInIgnition
2015-01-14 18:40 - 2015-01-14 18:40 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-14 18:40 - 2015-01-14 18:40 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-14 18:40 - 2015-01-14 18:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-14 18:37 - 2015-01-14 18:38 - 00243504 _____ () C:\Users\Alwin\Downloads\Firefox Setup Stub 35.0.exe
2015-01-14 18:04 - 2014-12-12 05:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 18:04 - 2014-12-12 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 18:04 - 2014-12-12 05:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 18:04 - 2014-12-12 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 18:04 - 2014-12-12 05:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 18:04 - 2014-12-12 05:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 18:04 - 2014-12-12 05:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 17:52 - 2015-01-14 17:52 - 00509440 _____ (Tech Support Guy System) C:\Users\Alwin\Downloads\SysInfo (1).exe
2015-01-14 17:51 - 2015-01-14 17:51 - 00509440 _____ (Tech Support Guy System) C:\Users\Alwin\Downloads\SysInfo.exe
2015-01-14 17:38 - 2014-12-19 03:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 17:38 - 2014-12-19 01:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 17:38 - 2014-12-13 05:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-14 17:38 - 2014-12-13 03:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-14 17:38 - 2014-12-11 17:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 17:38 - 2014-12-06 04:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 17:38 - 2014-12-06 03:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 17:38 - 2014-12-06 03:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 17:21 - 2015-01-14 17:21 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-14 16:57 - 2015-01-14 16:57 - 00000000 ____D () C:d52a2f5e2bd0344809b8f53d5db
2014-12-30 23:22 - 2014-10-18 02:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-30 23:22 - 2014-10-18 01:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-30 23:22 - 2014-07-07 02:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-30 23:22 - 2014-07-07 02:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-30 23:22 - 2014-07-07 02:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-30 23:22 - 2014-07-07 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-30 23:22 - 2014-07-07 01:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-30 23:22 - 2014-07-07 01:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-30 23:22 - 2014-07-07 01:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-30 23:22 - 2014-07-07 01:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-30 17:40 - 2014-12-04 02:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-30 17:40 - 2014-12-04 02:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-30 17:40 - 2014-12-04 02:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-30 17:40 - 2014-12-04 02:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-30 17:40 - 2014-12-04 02:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-30 17:40 - 2014-12-04 02:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-30 17:40 - 2014-12-04 02:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-30 17:40 - 2014-12-01 23:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-30 17:40 - 2014-11-27 01:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-30 17:40 - 2014-11-27 01:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-30 17:40 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-30 17:40 - 2014-11-22 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-30 17:40 - 2014-11-22 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-30 17:40 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-30 17:40 - 2014-11-22 02:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-30 17:40 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-30 17:40 - 2014-11-22 02:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-30 17:40 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-30 17:40 - 2014-11-22 02:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-30 17:40 - 2014-11-22 02:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-30 17:40 - 2014-11-22 02:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-30 17:40 - 2014-11-22 02:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-30 17:40 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-30 17:40 - 2014-11-22 02:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-30 17:40 - 2014-11-22 02:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-30 17:40 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-30 17:40 - 2014-11-22 02:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-30 17:40 - 2014-11-22 02:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-30 17:40 - 2014-11-22 02:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-30 17:40 - 2014-11-22 02:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-30 17:40 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-30 17:40 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-30 17:40 - 2014-11-22 02:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-30 17:40 - 2014-11-22 02:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-30 17:40 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-30 17:40 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-30 17:40 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-30 17:40 - 2014-11-22 01:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-30 17:40 - 2014-11-22 01:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-30 17:40 - 2014-11-22 01:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-30 17:40 - 2014-11-22 01:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-30 17:40 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-30 17:40 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-30 17:40 - 2014-11-22 01:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-30 17:40 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-30 17:40 - 2014-11-22 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-30 17:40 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-30 17:40 - 2014-11-22 01:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-30 17:40 - 2014-11-22 01:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-30 17:40 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-30 17:40 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-30 17:40 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-30 17:40 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-30 17:40 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-30 17:40 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-30 17:40 - 2014-11-22 01:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-30 17:40 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-30 17:40 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-30 17:40 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-30 17:40 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-30 17:40 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-30 17:40 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-30 17:40 - 2014-11-11 03:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-30 17:40 - 2014-11-11 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-30 17:40 - 2014-11-11 01:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-30 17:39 - 2014-11-08 03:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-30 17:39 - 2014-11-08 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-30 17:39 - 2014-10-30 02:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-30 17:39 - 2014-10-30 01:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-30 17:39 - 2014-10-03 02:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-30 17:39 - 2014-10-03 02:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-30 17:39 - 2014-10-03 02:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-30 17:39 - 2014-10-03 02:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-30 17:39 - 2014-10-03 02:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-30 17:39 - 2014-10-03 01:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-30 17:39 - 2014-10-03 01:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-30 17:39 - 2014-10-03 01:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-30 17:39 - 2014-10-03 01:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-30 17:39 - 2014-10-03 01:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-30 17:31 - 2014-12-30 17:31 - 00000000 ____D () C:\Program Files (x86)\YBS
2014-12-30 17:30 - 2014-12-30 17:31 - 00507904 _____ () C:\Users\Alwin\Downloads\ybs.msi

====================一个月修改的文件和文件夹=======

(如果一个条目包括在fixlist,文件\文件夹将被移动)。

2015-01-15 23:01 - 2011-09-07 17:27 - 01650971 _____ () C:\Windows\WindowsUpdate.log
2015-01-15 22:53 - 2014-04-15 20:38 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-15 22:50 - 2009-07-14 04:45 - 00031616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-15 22:50 - 2009-07-14 04:45 - 00031616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-15 22:41 - 2014-04-07 21:11 - 00001015 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-01-15 22:41 - 2014-04-07 21:10 - 00000999 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-01-15 22:40 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 22:40 - 2009-07-14 04:51 - 00061531 _____ () C:\Windows\setupact.log
2015-01-15 22:39 - 2010-11-21 03:47 - 00704076 _____ () C:\Windows\PFRO.log
2015-01-15 22:28 - 2013-04-08 13:25 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-15 22:14 - 2011-09-07 18:01 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-15 21:50 - 2014-04-15 20:37 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-15 21:50 - 2014-04-15 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-15 21:50 - 2014-04-15 20:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-15 21:34 - 2012-12-02 14:43 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2015-01-15 19:20 - 2012-12-02 14:43 - 00003490 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-01-15 19:20 - 2012-12-02 14:43 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2015-01-15 18:58 - 2012-12-03 16:18 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-01-14 18:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-14 18:31 - 2011-09-07 18:01 - 00000000 ____D () C:\Program Files\Google
2015-01-14 18:31 - 2011-09-07 18:01 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-14 18:28 - 2013-04-08 13:25 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-14 18:28 - 2012-12-10 20:37 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-14 18:28 - 2012-12-10 20:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-14 18:28 - 2012-12-02 15:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-14 18:20 - 2012-12-02 14:44 - 00000000 ____D () C:\Users\Alwin\AppData\Local\Google
2015-01-14 18:19 - 2013-08-27 21:23 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 17:37 - 2013-09-03 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2015-01-14 17:21 - 2014-05-25 16:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-14 17:21 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-14 17:01 - 2014-03-25 22:10 - 00000000 ____D () C:\Users\Alwin\Desktop\Old Firefox Data
2015-01-14 16:55 - 2014-04-07 21:10 - 00000000 ____D () C:\Program Files (x86)\LogMeIn
2015-01-14 16:54 - 2014-04-07 21:11 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2015-01-14 16:54 - 2014-04-07 21:11 - 00092520 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2015-01-14 16:54 - 2014-04-07 21:11 - 00035688 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2015-01-14 16:53 - 2012-12-02 14:43 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2015-01-14 16:49 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-31 13:12 - 2012-12-04 10:26 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-31 11:14 - 2010-11-21 03:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-30 23:24 - 2013-10-09 09:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-30 17:48 - 2012-12-02 14:43 - 00004230 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-12-30 17:22 - 2013-09-05 09:46 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-30 17:18 - 2012-12-02 15:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-22 17:52 - 2013-03-12 09:01 - 00535576 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKE64.sys

TEMP的一些内容:
====================
C:\Users\Alwin\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Alwin\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Alwin\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Alwin\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Alwin\AppData\Local\Temp\Quarantine.exe
C:\Users\Alwin\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(没有为未通过验证的文件不会自动修复。)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-26 22:37

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015
Ran by Alwin at 2015-01-15 23:05:04
Running from C:\Users\Alwin\Downloads
引导模式:正常
================================================== ========

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.280 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.280 - Adobe Systems Incorporated)
ADOBE READER XI(11.0.10)(HKLM-X32 \ ... \ {AC76BA86-7AD7-1033-7B44-AB0000000001})(版本:11.0.10 - Adob​​e系统公司)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Application Insights Tools for Visual Studio 2013 (x32 Version: 2.1 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
BisonCam Twain Pro (HKLM-x32\...\{F2672232-FF17-4DC9-8F24-A1E1829FE086}) (Version: 1.5.4.7 - Bison WebCam Ap)
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.2200 - Broadcom Corporation)
Build Tools - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.27.0 - Conexant)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.828 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
EditPad Lite 7.3.0 (HKLM\...\EditPad Lite) (Version: 7.3.0 - Just Great Software)
Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{3F29268A-F53A-4387-9F2B-E9368A823178}) (Version: 11.1.30729.00 - Microsoft Corporation)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - )
GDR 3128 for SQL Server 2012 (KB2793634) (64-bit) (HKLM\...\KB2793634) (Version: 11.1.3128.0 - Microsoft Corporation)
GDR 3153 for SQL Server 2012 (KB2977326) (64-bit) (HKLM\...\KB2977326) (Version: 11.1.3153.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.3 - Google Inc.)
谷歌更新助手(X32版本:1.3.25.11 - 谷歌公司)隐藏
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2372 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel(R) Wireless Display (HKLM-x32\...\{025055FC-779B-42F3-95A5-F6926B2964EF}) (Version: 2.0.31.0 - Intel Corporation)
IntelliJ IDEA Community Edition 13.1.3 (HKLM-x32\...\IntelliJ IDEA Community Edition 13.1.3) (Version: 135.909 - JetBrains sro)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.710 - Oracle)
Java SE Development Kit 7 Update 40 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170400}) (Version: 1.7.0.400 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kit SDK de vérification de Visual Studio*2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5802.24 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
LogMeIn (HKLM-x32\...\{F8511796-1457-4A92-BEF7-71080FCF297A}) (Version: 4.1.4132 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Memory Profiler (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
微软的.NET Framework 4.5.1(HKLM \ ... \ {92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033)(版本:4.5.50938 - 微软公司)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{B29CAAEC-E52C-4941-9729-1AB85B7970CA}) (Version: 11.1.3153.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Policies (HKLM-x32\...\{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{FE022499-97DD-45C9-A86B-7D34EA4E3A8D}) (Version: 11.1.3153.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{D6737142-1A85-4299-8523-5F3A1636EBE7}) (Version: 11.1.3153.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM\...\{A67C75DE-BED6-4F1B-97EB-30CD1D40FFED}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32\...\{F3BBC56F-2282-4464-952F-A89772181F30}) (Version: 10.3.20116.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
微软的Visual C ++ 2005可再发行(HKLM-X32 \ ... \ {710f4c1c-cc18-4c49-8cbf-51240c89a1a2})(版本:8.0.61001 - 微软公司)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
微软的Visual C ++ 2008可再发行 - 64 9.0.30729.17(HKLM \ ... \ {8220EEFE-38CD-377E-8595-13398D740ACE})(版本:9.0.30729 - 微软公司)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
微软的Visual C ++ 2008可再发行 - 86 9.0.30729.17(HKLM-X32 \ ... \ {9A25302D-30C0-39D9-BD6F-21E6EC160475})(版本:9.0.30729 - 微软公司)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
微软的Visual C ++ 2010可再发行64 - 10.0.40219(HKLM \ ... \ {1D8E6291-B0D5-35EC-8441-6616F567A0F7})(版本:10.0.40219 - 微软公司)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
微软的Visual C ++ 2012可再发行组件(64) - 11.0.60610(HKLM-X32 \ ... \ {a1909659-0a08-4554-8af1-2175904903a1})(版本:11.0.60610.1 - 微软公司)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Integrated) - ENU (HKLM-x32\...\{012D26C3-E12A-3BDA-8ECE-DF14E721A507}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM-x32\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 3 (HKLM-x32\...\{1ef771b4-b774-439e-a015-23dec292d9a4}) (Version: 12.0.30723.0 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{6dff50d0-3bc3-4a92-b724-bf6d6a99de4f}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Mozilla Firefox 35.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-GB)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NUnit 2.6.3 (HKLM-x32\...\{002B407D-DE66-4601-A10C-45941586C767}) (Version: 2.6.3.13283 - nunit.org)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.42.00 - )
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.66.3 - Lenovo Group Limited)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Python 3.3.3 (HKLM-x32\...\{39b6eb84-331c-3657-ad2e-837537ddf04f}) (Version: 3.3.3150 - Python Software Foundation)
Python Tools Redirection Template (x32 Version: 1.0 - Microsoft Corporation) Hidden
Python Tools Redirection Template (x32 Version: 1.2 - Microsoft Corporation) Hidden
qBittorrent 3.1.9.2 (HKLM-x32\...\qbittorrent) (Version: 3.1.9.2 - The qBittorrent project)
Rapid Environment Editor version 8.0.0.920 (HKLM\...\{34AD4E52-723F-4377-9CDD-BCBD892264FA}_is1) (Version: 8.0.0.920 - Oleg Danilov)
RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.10 - Lenovo)
Rapport (x32 Version: 3.5.1404.61 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Remote Access Viewer (HKLM-x32\...\Remote Access Viewer_is1) (Version: - Pro Softnet Corp)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RICOH_Media_Driver_v2.13.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.13.18.02 - RICOH)
SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Service Pack 1 for SQL Server 2012 (KB2674319) (64-bit) (HKLM\...\KB2674319) (Version: 11.1.3000.0 - Microsoft Corporation)
Service Pack 2的Microsoft Office 2010的(KB2687455)32位版本 (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies SA)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SQL Server 2012 BI Development Studio (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Client Tools (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Documentation Components (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Full text search (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 SQL Data Quality Common (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.1.3000.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0039 - Lenovo)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.2200 - Broadcom Corporation)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.75 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.02 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.06 - Lenovo)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1404.61 - Trusteer)
TypeScript Power Tool (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.2.141 - VeriSign)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Visual Studio 2013 Update 3 (KB2829760) (HKLM-x32\...\{86438e3d-7f83-4dd2-94aa-047e7c3974cb}) (Version: 12.0.30723 - Microsoft Corporation)
VS Update core components (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows Driver Package - Intel (iaStor) hdc (11/06/2010 10.1.0.1008) (HKLM\...\73C6BE3E3B6FC5418F2B47E6C75F6C8F9552DC12) (Version: 11/06/2010 10.1.0.1008 - Intel)
Windows Driver Package - Lenovo 1.62.00.00 (01/19/2011 1.62.00.00) (HKLM\...\D01A7EE241898C810674C69EB908D655D149BE77) (Version: 01/19/2011 1.62.00.00 - Lenovo)
Windows Driver Package - Realtek (RTL8167) Net (12/29/2010 7.037.1229.2010) (HKLM\...\828B05D2B647CDAEA22493F7BFB96847265EE596) (Version: 12/29/2010 7.037.1229.2010 - Realtek)
Windows Driver Package - Synaptics (SynTP) Mouse (05/05/2011 15.3.6.0) (HKLM\...\C63C03BF3BE2B6F6204BB54541690449FFF79F4F) (Version: 05/05/2011 15.3.6.0 - Synaptics)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Wing IDE 101 5.0.0-1 (HKLM-x32\...\Wing IDE 101 5.0_is1) (Version: - )
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden
YBS Account Aggregation (HKLM-x32\...\{CC8A563E-7D2D-4589-B628-4379F1E8D4E1}) (Version: 1.0.197 - YBS)
Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

27-10-2014 20:07:26 Windows Update
27-10-2014 20:57:30 Update for Microsoft Visual Studio 2013 (KB2932965)
08-12-2014 19:09:54 Windows Update
08-12-2014 19:12:08 Windows Backup
08-12-2014 19:40:55 Windows Update
08-12-2014 20:19:49 Installed Rapport
08-12-2014 20:54:02 Installed Power Manager
30-12-2014 17:25:42 Windows Backup
30-12-2014 17:25:50 Windows Update
30-12-2014 23:19:54 Windows Update
14-01-2015 17:00:35 Windows Update
14-01-2015 17:08:30 Windows Backup
14-01-2015 17:31:50 Installed Rapport
14-01-2015 18:04:50 Windows Update
14-01-2015 18:23:11 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {16485B91-8364-4F20-8FE5-8AEE90509AA5} - \MediaPlayerplus-codedownloader No Task File <==== ATTENTION
Task: {1EA8F088-778B-4BE4-84E3-AFE2285E9F9E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {2BC49CD5-64D2-406B-9235-916633F92483} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {2EEFE1A9-64A7-46ED-AA00-08C5049D3BD6} - \MediaPlayerplus-enabler No Task File <==== ATTENTION
Task: {34FF7C53-E88C-4409-987C-3E36D9C0B2AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {3C47D25F-D637-4877-9988-4AF1EE2CB7AA} - \MediaPlayerplus-firefoxinstaller No Task File <==== ATTENTION
Task: {4110FBAD-1C82-41BB-A46C-78466CE9A2B7} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-24] (Synaptics Incorporated)
Task: {43A3AFF2-1C97-484B-8951-CA44583F74E8} - \MediaPlayerplus-chromeinstaller No Task File <==== ATTENTION
Task: {55C13541-FBFC-4B29-BB0E-BF330CFA8876} - System32\Tasks\4688 => Wscript.exe C:\Users\Alwin\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {647C062C-416C-4460-92AC-5D021E88D97E} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-03-31] (PC-Doctor, Inc.)
Task: {6F23BB72-3F7A-4C28-A149-9D77B618390C} - \MediaPlayerplus-updater No Task File <==== ATTENTION
Task: {778202D1-F3C7-4DBF-A1EF-04EB9D0EF061} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {94D5B952-5AB1-405D-B94D-D06D2651503E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {95AA77D8-B1D2-484B-8568-686A17AF87F8} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-03-31] (PC-Doctor, Inc.)
Task: {97C2C998-2F9F-4B15-8A37-2DAB30D02167} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-03-31] (PC-Doctor, Inc.)
Task: {B24FEC02-B4F2-43CE-9CE6-FA11C7E2703C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {B4298D89-689E-4E03-BB76-DBC81EFBB0AF} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {B587349B-CCE5-4595-A6C0-CC63B00A7647} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28] ()
Task: {B8B1A87E-9F81-4520-9F83-C0F7348EC4EF} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {BB941E11-4B01-4B6B-96A4-758B2E675A43} - System32\Tasks => Iexplore.exe <==== ATTENTION
Task: {C74D78F0-9500-4CBF-ADFC-82844F66EE9D} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {CA2587AD-7655-4FCB-828A-7A2A1D873B21} - System32\Tasks\{B0E86DA9-ED96-4C7E-B538-BE6607C0BB63} => pcalua.exe -a C:\Users\Alwin\Desktop\HijackThis.exe -d C:\Users\Alwin\Desktop
Task: {CCCAA958-2420-400D-AB45-145196CDC6EC} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2014-09-10] (Lenovo Group Limited)
Task: {E372B79B-6662-49FD-A555-E3BA4162661D} - System32\Tasks\{515C6BFA-8519-4451-99B8-CC7560975CB5} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller" -c -hunter
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe

==================== Loaded Modules (whitelisted) =============

2010-12-17 20:53 - 2010-12-17 20:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-06-22 05:48 - 2011-06-22 05:48 - 00034304 _____ () C:\Windows\System32\ssp7ml6.dll
2010-12-17 20:53 - 2010-12-17 20:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-09-07 17:46 - 2010-10-26 03:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2011-09-07 17:46 - 2011-04-27 23:46 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2009-05-28 05:09 - 2009-05-28 05:09 - 00049976 _____ () C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
2011-09-07 17:50 - 2014-09-10 06:06 - 00104960 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2014-03-23 16:04 - 2014-03-23 16:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2011-09-07 17:51 - 2010-04-06 16:05 - 02085888 _____ () C:\Program Files\Lenovo\AutoLock\cv210.dll
2011-09-07 17:52 - 2010-04-06 16:04 - 02201088 _____ () C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2015-01-15 19:16 - 2015-01-13 03:27 - 01174344 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.3\libglesv2.dll
2015-01-15 19:16 - 2015-01-13 03:27 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.3\libegl.dll
2015-01-15 19:16 - 2015-01-13 03:27 - 09276744 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.3\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-2423253457-56321052-3942783610-500 - Administrator - Disabled)
Alwin (S-1-5-21-2423253457-56321052-3942783610-1000 - Administrator - Enabled) => C:\Users\Alwin
Guest (S-1-5-21-2423253457-56321052-3942783610-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

应用程序错误:
==================

系统错误:
=============

微软办公会议:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-05-25 17:54:20.486
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-25 17:54:20.417
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-25 17:54:20.354
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-25 17:54:20.227
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-25 17:54:20.131
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-25 17:54:20.023
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-25 17:54:19.755
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-25 17:54:19.582
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-25 17:54:19.335
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-25 17:54:18.893
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 54%
Total physical RAM: 4007.23 MB
Available physical RAM: 1820.2 MB
Total Pagefile: 8012.65 MB
Available Pagefile: 5225.62 MB
总的虚拟:8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:452.87 GB) (Free:365.7 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (VS2013_3_DSKEXP_ENU) (CDROM) (Total:4.69 GB) (Free:0 GB) CDFS
Drive q: (Lenovo_Recovery) (Fixed) (Total:11.72 GB) (Free:2.43 GB) NTFS

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (Size: 465.8 GB) (Disk ID: 92484C6A)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=452.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

:-)
嘿,

Step 1: FRST Fix

  • Please open Notepad.exe . Make sure that you don't use any other software than Notepad.exe! [/*]
  • Copy and Paste the content of the codebox below into the empty textfile:

    CHR HKLM \ SOFTWARE \策略\谷歌:政策限制<=======注意
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2423253457-56321052-3942783610-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
    SearchScopes: HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    Toolbar: HKU\S-1-5-21-2423253457-56321052-3942783610-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    Task: {16485B91-8364-4F20-8FE5-8AEE90509AA5} - \MediaPlayerplus-codedownloader No Task File <==== ATTENTION
    Task: {2EEFE1A9-64A7-46ED-AA00-08C5049D3BD6} - \MediaPlayerplus-enabler No Task File <==== ATTENTION
    Task: {3C47D25F-D637-4877-9988-4AF1EE2CB7AA} - \MediaPlayerplus-firefoxinstaller No Task File <==== ATTENTION
    Task: {43A3AFF2-1C97-484B-8951-CA44583F74E8} - \MediaPlayerplus-chromeinstaller No Task File <==== ATTENTION
    Task: {55C13541-FBFC-4B29-BB0E-BF330CFA8876} - System32\Tasks\4688 => Wscript.exe C:\Users\Alwin\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
    Task: {6F23BB72-3F7A-4C28-A149-9D77B618390C} - \MediaPlayerplus-updater No Task File <==== ATTENTION
    Task: {BB941E11-4B01-4B6B-96A4-758B2E675A43} - System32\Tasks => Iexplore.exe <==== ATTENTION
    AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
    EmptyTemp:
  • Then click on File >> Save as
    • File Name: Fixlist.txt[/*]
    • From the Save as type drop down list, choose All Files
  • It is very important that you save this textfile on your Desktop !

Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • Run FRST.exe/FRST64.exe (Note: If FRST advises there is a new updated version to be downloaded, allow this.)and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log ( Fixlog.txt ) in the same location the tool was run, please post it to your reply

Step 2: FRST Scan

  • Run FRST . (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator )
  • 点击扫描 ,开始FRST。
  • When FRST finishes scanning, a log, FRST.txt , will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

Step 3: ESET

Please run a free online scan with the ESET Online Scanner:

IMPORTANT: You MUST use Internet Explorer for this step!

  • Visit the ESET Online Scanner Web Page
  • Select the blue Run ESET Online Scanner button:
    很慢的Windows 7 PC的性能
  • Tick the box next to YES, I accept the Terms of Use and click Start
    很慢的Windows 7 PC的性能


  • When asked, allow the ActiveX control to install.
  • Select Enable detection of potentially unwanted applications and select Advanced Settings :
    很慢的Windows 7 PC的性能


  • Make sure to check the options Remove found threats and Enable Anti-Stealth technology are checked:
    很慢的Windows 7 PC的性能


  • 单击开始 。 (This scan can take several hours, so please be patient):
    很慢的Windows 7 PC的性能


  • Once the scan is completed, select List of found threats :
    很慢的Windows 7 PC的性能


  • Select Export to text file... and save the file as ESETlog.txt on your Desktop :
    很慢的Windows 7 PC的性能


  • Click the Back button.
  • Click the Finish button:
    很慢的Windows 7 PC的性能


  • Use Notepad to open the saved log file (on your Desktop- ESET.txt)[/b]
  • 复制和粘贴的身份登录到这个话题的答复。

Step 4: Question

How is your PC running?
晚上好

Thank you again :-)

1. Here is the Fixlog
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-01-2015
Ran by Alwin at 2015-01-16 22:35:54 Run:1
Running from C:\Users\Alwin\Desktop
Loaded Profiles: Alwin & ReportServer$SQLEXPRESS (Available profiles: Alwin & MSSQL$SQLEXPRESS & ReportServer$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS)
引导模式:正常
==============================================

fixlist的内容:
*****************
CHR HKLM \ SOFTWARE \策略\谷歌:政策限制<=======注意
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2423253457-56321052-3942783610-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-2423253457-56321052-3942783610-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
Task: {16485B91-8364-4F20-8FE5-8AEE90509AA5} - \MediaPlayerplus-codedownloader No Task File <==== ATTENTION
Task: {2EEFE1A9-64A7-46ED-AA00-08C5049D3BD6} - \MediaPlayerplus-enabler No Task File <==== ATTENTION
Task: {3C47D25F-D637-4877-9988-4AF1EE2CB7AA} - \MediaPlayerplus-firefoxinstaller No Task File <==== ATTENTION
Task: {43A3AFF2-1C97-484B-8951-CA44583F74E8} - \MediaPlayerplus-chromeinstaller No Task File <==== ATTENTION
Task: {55C13541-FBFC-4B29-BB0E-BF330CFA8876} - System32\Tasks\4688 => Wscript.exe C:\Users\Alwin\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {6F23BB72-3F7A-4C28-A149-9D77B618390C} - \MediaPlayerplus-updater No Task File <==== ATTENTION
Task: {BB941E11-4B01-4B6B-96A4-758B2E675A43} - System32\Tasks => Iexplore.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
EmptyTemp:
*****************

"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2423253457-56321052-3942783610-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-21-2423253457-56321052-3942783610-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{16485B91-8364-4F20-8FE5-8AEE90509AA5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16485B91-8364-4F20-8FE5-8AEE90509AA5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MediaPlayerplus-codedownloader" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2EEFE1A9-64A7-46ED-AA00-08C5049D3BD6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EEFE1A9-64A7-46ED-AA00-08C5049D3BD6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MediaPlayerplus-enabler" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3C47D25F-D637-4877-9988-4AF1EE2CB7AA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C47D25F-D637-4877-9988-4AF1EE2CB7AA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MediaPlayerplus-firefoxinstaller" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{43A3AFF2-1C97-484B-8951-CA44583F74E8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43A3AFF2-1C97-484B-8951-CA44583F74E8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MediaPlayerplus-chromeinstaller" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{55C13541-FBFC-4B29-BB0E-BF330CFA8876}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55C13541-FBFC-4B29-BB0E-BF330CFA8876}" => Key deleted successfully.
C:\Windows\System32\Tasks\4688 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4688" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6F23BB72-3F7A-4C28-A149-9D77B618390C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F23BB72-3F7A-4C28-A149-9D77B618390C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MediaPlayerplus-updater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB941E11-4B01-4B6B-96A4-758B2E675A43}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB941E11-4B01-4B6B-96A4-758B2E675A43}" => Key deleted successfully.
C:\Windows\System32\Tasks => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree" => Key deleted successfully.
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully.
EmptyTemp: => Removed 1.6 GB temporary data.

The system needed a reboot.

==== End of Fixlog 22:37:32 ====

2. The FRST.log

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015
Ran by Alwin (administrator) on WORKAS1 on 16-01-2015 22:47:44
Running from C:\Users\Alwin\Desktop
Loaded Profiles: Alwin & MSSQL$SQLEXPRESS & ReportServer$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS (Available profiles: Alwin & MSSQL$SQLEXPRESS & ReportServer$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
引导模式:正常
教程Farbar恢复扫描工具:http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS11.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\fdhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe

====================注册(白名单)==================

(如果某个条目包含在fixlist,注册表项目将被恢复为默认或删除该文件不会被移动。)

HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2011-03-29] (Lenovo.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [310912 2011-04-26] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-04-05] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281960 2011-04-05] (Lenovo Group Limited)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2013-12-11] (LogMeIn, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-14] (Lenovo, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2423253457-56321052-3942783610-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKU\S-1-5-21-2423253457-56321052-3942783610-1000\...\MountPoints2: {020141a0-13e6-11e4-84d9-f0def188a146} - E:\vs_professional.exe
HKU\S-1-5-21-2423253457-56321052-3942783610-1000\...\MountPoints2: {3ab7cfd9-d976-11e0-b7ae-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-2423253457-56321052-3942783610-1000\...\MountPoints2: {90ded61c-3e1e-11e2-b86a-f0def188a146} - E:\IMDApp.exe
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\...\RunOnce: [] => [X]
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\...\RunOnce: [Lenovoautoqdrive] => C:\Program Files (x86)\Common Files\Lenovo\LenovoDrive\LenovoAutorunreg.exe [159744 2009-03-24] ()
HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933\...\RunOnce: [] => [X]
HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933\...\RunOnce: [Lenovoautoqdrive] => C:\Program Files (x86)\Common Files\Lenovo\LenovoDrive\LenovoAutorunreg.exe [159744 2009-03-24] ()
HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786\...\RunOnce: [] => [X]
HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786\...\RunOnce: [Lenovoautoqdrive] => C:\Program Files (x86)\Common Files\Lenovo\LenovoDrive\LenovoAutorunreg.exe [159744 2009-03-24] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-2423253457-56321052-3942783610-1000] =>
HKU\S-1-5-21-2423253457-56321052-3942783610-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdom...LENP&bmod=LENP
HKU\S-1-5-21-2423253457-56321052-3942783610-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKU\S-1-5-21-2423253457-56321052-3942783610-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdom...LENP&bmod=LENP
HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdom...LENP&bmod=LENP
HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdom...LENP&bmod=LENP
SearchScopes: HKU\S-1-5-21-2423253457-56321052-3942783610-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer: source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP
SearchScopes: HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer: source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanage...ex-2.2.6.2.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/W...x/ieatgpc1.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=1100
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Alwin\AppData\Roaming\Mozilla\Firefox\Profiles\smsm5i25.default-1421254884656
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_280.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_280.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Firebug - C:\Users\Alwin\AppData\Roaming\Mozilla\Firefox\Profiles\smsm5i25.default-1421254884656\Extensions\[email protected] [2015-01-14]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2011-09-07]

铬:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://www.google.co.uk/
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.3\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.3\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.3\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Alwin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YBS Account Aggregation) - C:\Users\Alwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpgdbjcjofhbmpjadhhhgggglmdllkpi [2012-12-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Alwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2014-12-30]
CHR Extension: (Skype Click to Call) - C:\Users\Alwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-25]
CHR Extension: (Google Wallet) - C:\Users\Alwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(如果一个条目包括在fixlist,服务将被从注册表中删除该文件将不会移动,除非单独列出。)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-02] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [377704 2015-01-14] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226152 2015-01-14] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-12-11] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [192160 2014-07-23] (Microsoft Corporation)
R3 MSSQLFDLauncher$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe [49752 2012-02-11] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-12-22] (IBM Corp.)
R2 ReportServer$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSRS11.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2423792 2012-10-19] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613024 2014-07-23] (Microsoft Corporation)
R2 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2010-11-25] (Lenovo Group Limited) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed]
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [82544 2011-07-12] (Symantec Corporation)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(如果一个条目包括在fixlist,服务将被从注册表中删除该文件将不会移动,除非单独列出。)

R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-12-11] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R1 RapportCerberus_80120; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\Rapport Cerberus64_80120.sys [845464 2015-01-14] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [445816 2014-12-22] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [535576 2014-12-22] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [558872 2014-12-22] (IBM Corp.)
S4 RsFx0201; C:\Windows\System32\DRIVERS\RsFx0201.sys [336880 2012-10-19] (Microsoft Corporation)

==================== NetSvcs(白名单)===================

(如果项目被包括在fixlist,它将被从注册表中删除。在任何相关的文件可以被单独列出要被移动)。

==================== One Month Created Files and Folders ========

(如果一个条目包括在fixlist,文件\文件夹将被移动)。

2015-01-16 21:57 - 2015-01-16 21:57 - 00000000 ____D () C:\Users\Alwin\AppData\Roaming\PCDr
2015-01-16 21:43 - 2015-01-16 21:57 - 00000000 ____D () C:\ProgramData\PCDr
2015-01-15 23:06 - 2015-01-15 23:06 - 00045897 _____ () C:\Users\Alwin\Desktop\FRST230515012015.txt
2015-01-15 23:06 - 2015-01-15 23:06 - 00039242 _____ () C:\Users\Alwin\Desktop\Addition230515012015.txt
2015-01-15 23:05 - 2015-01-15 23:05 - 00039242 _____ () C:\Users\Alwin\Downloads\Addition.txt
2015-01-15 23:03 - 2015-01-16 21:59 - 00044776 _____ () C:\Users\Alwin\Downloads\FRST.txt
2015-01-15 23:02 - 2015-01-15 23:02 - 01707939 _____ (Thisisu) C:\Users\Alwin\Downloads\JRT (2).exe
2015-01-15 23:00 - 2015-01-15 23:00 - 00000841 _____ () C:\Users\Alwin\Desktop\JRT15012015.txt
2015-01-15 22:59 - 2015-01-15 22:59 - 00000841 _____ () C:\Users\Alwin\Desktop\JRT.txt
2015-01-15 22:50 - 2015-01-15 22:50 - 01707939 _____ (Thisisu) C:\Users\Alwin\Downloads\JRT (1).exe
2015-01-15 21:48 - 2015-01-15 21:49 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Alwin\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-01-15 21:48 - 2015-01-15 21:48 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Alwin\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-15 21:36 - 2015-01-15 21:36 - 00002768 _____ () C:\Users\Alwin\Desktop\AdwCleaner213015012015.txt
2015-01-15 21:27 - 2015-01-15 21:45 - 00000000 ____D () C:\AdwCleaner
2015-01-15 21:27 - 2015-01-15 21:27 - 02191360 _____ () C:\Users\Alwin\Downloads\AdwCleaner (1).exe
2015-01-15 21:27 - 2015-01-15 21:27 - 02191360 _____ () C:\Users\Alwin\Desktop\AdwCleaner.exe
2015-01-15 19:15 - 2015-01-15 19:16 - 00047623 _____ () C:\Users\Alwin\Desktop\Addition.txt
2015-01-15 19:13 - 2015-01-16 22:47 - 00024800 _____ () C:\Users\Alwin\Desktop\FRST.txt
2015-01-15 19:07 - 2015-01-16 22:47 - 00000000 ____D () C:\FRST
2015-01-15 19:06 - 2015-01-15 19:06 - 02125312 _____ (Farbar) C:\Users\Alwin\Downloads\FRST64 (1).exe
2015-01-15 19:05 - 2015-01-15 19:05 - 02125312 _____ (Farbar) C:\Users\Alwin\Desktop\FRST64.exe
2015-01-14 19:19 - 2015-01-14 19:20 - 09646448 _____ (LogMeIn, Inc.) C:\Users\Alwin\Downloads\logmeinignitionusb.exe
2015-01-14 19:14 - 2015-01-14 19:14 - 00000000 ____D () C:\Users\Alwin\AppData\Local\LogMeInIgnition
2015-01-14 18:40 - 2015-01-14 18:40 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-14 18:40 - 2015-01-14 18:40 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-14 18:40 - 2015-01-14 18:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-14 18:37 - 2015-01-14 18:38 - 00243504 _____ () C:\Users\Alwin\Downloads\Firefox Setup Stub 35.0.exe
2015-01-14 18:04 - 2014-12-12 05:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 18:04 - 2014-12-12 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 18:04 - 2014-12-12 05:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 18:04 - 2014-12-12 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 18:04 - 2014-12-12 05:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 18:04 - 2014-12-12 05:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 18:04 - 2014-12-12 05:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 17:52 - 2015-01-14 17:52 - 00509440 _____ (Tech Support Guy System) C:\Users\Alwin\Downloads\SysInfo (1).exe
2015-01-14 17:51 - 2015-01-14 17:51 - 00509440 _____ (Tech Support Guy System) C:\Users\Alwin\Downloads\SysInfo.exe
2015-01-14 17:38 - 2014-12-19 03:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 17:38 - 2014-12-19 01:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 17:38 - 2014-12-13 05:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-14 17:38 - 2014-12-13 03:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-14 17:38 - 2014-12-11 17:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 17:38 - 2014-12-06 04:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 17:38 - 2014-12-06 03:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 17:38 - 2014-12-06 03:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 17:21 - 2015-01-14 17:21 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-14 16:57 - 2015-01-14 16:57 - 00000000 ____D () C:d52a2f5e2bd0344809b8f53d5db
2014-12-30 23:22 - 2014-10-18 02:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-30 23:22 - 2014-10-18 01:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-30 23:22 - 2014-07-07 02:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-30 23:22 - 2014-07-07 02:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-30 23:22 - 2014-07-07 02:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-30 23:22 - 2014-07-07 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-30 23:22 - 2014-07-07 01:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-30 23:22 - 2014-07-07 01:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-30 23:22 - 2014-07-07 01:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-30 23:22 - 2014-07-07 01:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-30 17:40 - 2014-12-04 02:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-30 17:40 - 2014-12-04 02:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-30 17:40 - 2014-12-04 02:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-30 17:40 - 2014-12-04 02:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-30 17:40 - 2014-12-04 02:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-30 17:40 - 2014-12-04 02:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-30 17:40 - 2014-12-04 02:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-30 17:40 - 2014-12-01 23:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-30 17:40 - 2014-11-27 01:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-30 17:40 - 2014-11-27 01:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-30 17:40 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-30 17:40 - 2014-11-22 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-30 17:40 - 2014-11-22 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-30 17:40 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-30 17:40 - 2014-11-22 02:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-30 17:40 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-30 17:40 - 2014-11-22 02:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-30 17:40 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-30 17:40 - 2014-11-22 02:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-30 17:40 - 2014-11-22 02:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-30 17:40 - 2014-11-22 02:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-30 17:40 - 2014-11-22 02:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-30 17:40 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-30 17:40 - 2014-11-22 02:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-30 17:40 - 2014-11-22 02:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-30 17:40 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-30 17:40 - 2014-11-22 02:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-30 17:40 - 2014-11-22 02:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-30 17:40 - 2014-11-22 02:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-30 17:40 - 2014-11-22 02:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-30 17:40 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-30 17:40 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-30 17:40 - 2014-11-22 02:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-30 17:40 - 2014-11-22 02:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-30 17:40 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-30 17:40 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-30 17:40 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-30 17:40 - 2014-11-22 01:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-30 17:40 - 2014-11-22 01:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-30 17:40 - 2014-11-22 01:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-30 17:40 - 2014-11-22 01:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-30 17:40 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-30 17:40 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-30 17:40 - 2014-11-22 01:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-30 17:40 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-30 17:40 - 2014-11-22 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-30 17:40 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-30 17:40 - 2014-11-22 01:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-30 17:40 - 2014-11-22 01:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-30 17:40 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-30 17:40 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-30 17:40 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-30 17:40 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-30 17:40 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-30 17:40 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-30 17:40 - 2014-11-22 01:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-30 17:40 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-30 17:40 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-30 17:40 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-30 17:40 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-30 17:40 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-30 17:40 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-30 17:40 - 2014-11-11 03:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-30 17:40 - 2014-11-11 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-30 17:40 - 2014-11-11 01:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-30 17:39 - 2014-11-08 03:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-30 17:39 - 2014-11-08 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-30 17:39 - 2014-10-30 02:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-30 17:39 - 2014-10-30 01:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-30 17:39 - 2014-10-03 02:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-30 17:39 - 2014-10-03 02:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-30 17:39 - 2014-10-03 02:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-30 17:39 - 2014-10-03 02:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-30 17:39 - 2014-10-03 02:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-30 17:39 - 2014-10-03 01:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-30 17:39 - 2014-10-03 01:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-30 17:39 - 2014-10-03 01:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-30 17:39 - 2014-10-03 01:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-30 17:39 - 2014-10-03 01:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-30 17:31 - 2014-12-30 17:31 - 00000000 ____D () C:\Program Files (x86)\YBS
2014-12-30 17:30 - 2014-12-30 17:31 - 00507904 _____ () C:\Users\Alwin\Downloads\ybs.msi

====================一个月修改的文件和文件夹=======

(如果一个条目包括在fixlist,文件\文件夹将被移动)。

2015-01-16 22:40 - 2014-04-07 21:11 - 00001015 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-01-16 22:40 - 2014-04-07 21:10 - 00000999 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-01-16 22:39 - 2012-12-02 14:43 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2015-01-16 22:39 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-16 22:39 - 2009-07-14 04:51 - 00061643 _____ () C:\Windows\setupact.log
2015-01-16 22:38 - 2011-09-07 17:27 - 01745448 _____ () C:\Windows\WindowsUpdate.log
2015-01-16 22:28 - 2013-04-08 13:25 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-16 22:14 - 2011-09-07 18:01 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-16 21:56 - 2012-12-02 14:43 - 00003490 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-01-16 21:56 - 2012-12-02 14:43 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2015-01-16 21:49 - 2009-07-14 04:45 - 00031616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-16 21:49 - 2009-07-14 04:45 - 00031616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-16 21:38 - 2010-11-21 03:47 - 00704430 _____ () C:\Windows\PFRO.log
2015-01-16 04:00 - 2012-12-03 16:18 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-01-15 23:52 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2015-01-15 22:53 - 2014-04-15 20:38 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-15 21:50 - 2014-04-15 20:37 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-15 21:50 - 2014-04-15 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-15 21:50 - 2014-04-15 20:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-14 18:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-14 18:31 - 2011-09-07 18:01 - 00000000 ____D () C:\Program Files\Google
2015-01-14 18:31 - 2011-09-07 18:01 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-14 18:28 - 2013-04-08 13:25 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-14 18:28 - 2012-12-10 20:37 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-14 18:28 - 2012-12-10 20:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-14 18:28 - 2012-12-02 15:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-14 18:20 - 2012-12-02 14:44 - 00000000 ____D () C:\Users\Alwin\AppData\Local\Google
2015-01-14 18:19 - 2013-08-27 21:23 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 17:37 - 2013-09-03 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2015-01-14 17:21 - 2014-05-25 16:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-14 17:21 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-14 17:01 - 2014-03-25 22:10 - 00000000 ____D () C:\Users\Alwin\Desktop\Old Firefox Data
2015-01-14 16:55 - 2014-04-07 21:10 - 00000000 ____D () C:\Program Files (x86)\LogMeIn
2015-01-14 16:54 - 2014-04-07 21:11 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2015-01-14 16:54 - 2014-04-07 21:11 - 00092520 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2015-01-14 16:54 - 2014-04-07 21:11 - 00035688 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2015-01-14 16:53 - 2012-12-02 14:43 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2015-01-14 16:49 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-31 13:12 - 2012-12-04 10:26 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-31 11:14 - 2010-11-21 03:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-30 23:24 - 2013-10-09 09:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-30 17:48 - 2012-12-02 14:43 - 00004230 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-12-30 17:22 - 2013-09-05 09:46 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-30 17:18 - 2012-12-02 15:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-22 17:52 - 2013-03-12 09:01 - 00535576 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKE64.sys

==================== Bamital & volsnap Check =================

(没有为未通过验证的文件不会自动修复。)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-15 23:44

==================== End Of Log ============================

3. ESET

C:\Users\Alwin\AppData\Roaming\Mozilla\Firefox\Profiles\user.js JS/SecurityDisabler.B potentially unwanted application deleted - quarantined

4.It appears to be OK

谢谢
Please reinstall Chrome.

====================

你好,
in my opinion your PC is clean. If you would like to donate some money to me that I can buy some beer, then click on the button . I'd really appreciate it, my friend.

We need to remove the tools we've used during cleaning your machine.

  1. Download Delfix from here and run it (If you have Windows Vista / Windows 7 / Windows 8 please do a Right click on the Delfix icon and select Run as Administrator).
  2. Ensure Remove disinfection tools is ticked
    此外打勾:

    • Create registry backup
    • 清除系统还原

    很慢的Windows 7 PC的性能

  3. Click Run

The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply



Exercise common sense

Having security programs installed is very helpful to you, but none of them have the gift of human thought. The best way to make sure you don't get infected is to look before you leap. Be careful of what websites you visit - if a site looks suspicious, trust your instincts and get out of there. Be careful of what attachments you open in emails and files you download from websites - check them over carefully and look at the file extensions to make sure that you know what you're getting. Using peer-to-peer file sharing programs or downloading cracks and keygens is something else to avoid - the files you will be downloading are infected in the vast majority of cases, and the benefits simply aren't worth the risk to your computer.

Keep up on Windows updates

Along with keeping all of the security programs that you choose to use updated, it is also important to keep up on system updates from Microsoft, as these patch critical security vulnerabilities and help to keep you safe. Typically the windows update icon will appear in your taskbar when new updates are available, whenever you see it you should open the menu up and install the updates that are available. Although it may be an annoyance, that little bit of extra time it takes to stay updated is very well worth it instead of getting infected from an exploit and having to clean your PC again.

Slow computer?

If your computer begins to slow down again in the future for no particular reason, your first step should not be to come back to the malware forum. As your computer ages and is used, its parts wear, files and programs accumulate, and its performance speed can decrease. To restore your computer's performance to its best possible level, follow the steps in this guide written by tech expert Artellos.

注意安全!
你好

Thank you :-) You should have a donation from me via paypal :-)

Here is my log

# DelFix v10.8 - Logfile created 18/01/2015 at 20:32:50
# Updated 29/07/2014 by Xplode
# Username : Alwin - WORKAS1
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

〜移除工具消毒...

删除:C:\ FRST
删除C:\ AdwCleaner
Deleted : C:\Users\Alwin\Desktop\Addition.txt
Deleted : C:\Users\Alwin\Desktop\Addition230515012015.txt
Deleted : C:\Users\Alwin\Desktop\AdwCleaner.exe
Deleted : C:\Users\Alwin\Desktop\AdwCleaner213015012015.txt
Deleted : C:\Users\Alwin\Desktop\AdwCleaner[S0].txt
Deleted : C:\Users\Alwin\Desktop\Fixlog.txt
Deleted : C:\Users\Alwin\Desktop\FRST.txt
Deleted : C:\Users\Alwin\Desktop\FRST230515012015.txt
Deleted : C:\Users\Alwin\Desktop\FRST64.exe
Deleted : C:\Users\Alwin\Desktop\JRT.txt
Deleted : C:\Users\Alwin\Desktop\JRT15012015.txt
Deleted : C:\Users\Alwin\Desktop\HijackThis.exe
Deleted : C:\Users\Alwin\Desktop\hijackthis.log
Deleted : C:\Users\Alwin\Downloads\Addition.txt
Deleted : C:\Users\Alwin\Downloads\AdwCleaner (1).exe
Deleted : C:\Users\Alwin\Downloads\esetsmartinstaller_enu.exe
Deleted : C:\Users\Alwin\Downloads\FRST.txt
Deleted : C:\Users\Alwin\Downloads\FRST64 (1).exe
Deleted : C:\Users\Alwin\Downloads\JRT (1).exe
Deleted : C:\Users\Alwin\Downloads\JRT (2).exe
Deleted : C:\Users\Alwin\Downloads\JRT.exe
Deleted : C:\Users\Alwin\Downloads\MBR.dat
Deleted : C:\Users\Alwin\Downloads\SecurityCheck (1).exe
Deleted : C:\Users\Alwin\Downloads\SecurityCheck.exe
删除:HKLM \ SOFTWARE \ AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

########## - EOF - ##########

Thank you again ;-)

alwins
The Delfix log again, this time correctly checked

# DelFix v10.8 - Logfile created 18/01/2015 at 20:36:23
# Updated 29/07/2014 by Xplode
# Username : Alwin - WORKAS1
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

〜移除工具消毒...

~ Creating registry backup ... OK

〜清洗系统还原...

Deleted : RP #160 [Windows Update | 12/08/2014 19:09:54]
Deleted : RP #161 [Windows Backup | 12/08/2014 19:12:08]
Deleted : RP #162 [Windows Update | 12/08/2014 19:40:55]
Deleted : RP #163 [Installed Rapport | 12/08/2014 20:19:49]
Deleted : RP #164 [Installed Power Manager | 12/08/2014 20:54:02]
Deleted : RP #165 [Windows Backup | 12/30/2014 17:25:42]
Deleted : RP #166 [Windows Update | 12/30/2014 17:25:50]
Deleted : RP #167 [Windows Update | 12/30/2014 23:19:54]
Deleted : RP #168 [Windows Update | 01/14/2015 17:00:35]
Deleted : RP #169 [Windows Backup | 01/14/2015 17:08:30]
Deleted : RP #170 [Installed Rapport | 01/14/2015 17:31:50]
Deleted : RP #171 [Windows Update | 01/14/2015 18:04:50]
Deleted : RP #172 [Windows Update | 01/14/2015 18:23:11]
Deleted : RP #173 [Windows Update | 01/17/2015 06:00:15]
Deleted : RP #174 [Windows Backup | 01/18/2015 20:33:45]

新的还原点创建!

########## - EOF - ##########
Many, many thanks for the donation.

Do you have any further questions?

分类:安全和恶意软件删除 时间:2014-10-03 人气:1
本文关键词:
分享到:

相关文章

Copyright (C) 55228885.com, All Rights Reserved.

55228885 版权所有 京ICP备15002868号

processed in 1.367 (s). 10 q(s)