Recently I always get the prompt that Avast! has blocked a downloading. The IP is from Vietnam, the file has the format 113.x.x.x/videoplayer/filename.cab?(some gibberish text). I scanned the computer with Avast! but it didn't remove the malware. Please help me to clean my computer.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-05-2016
Ran by HP (administrator) on LAPTOP (05-05-2016 20:42:04)
Running from C:\Users\HP\Desktop
Loaded Profiles: HP (Available Profiles: HP)
Platform: Windows 8.1 Single Language (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
() C:\Program Files\UniKey\UniKeyNT.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATII0E.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Dropbox, Inc.) C:\Users\HP\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [704344 2015-02-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510896 2014-01-14] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-29] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-29] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-29] (Hewlett-Packard)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7390608 2016-04-16] (AVAST Software)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1598329037-492615392-174970370-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3886672 2014-12-22] (Tonec Inc.)
HKU\S-1-5-21-1598329037-492615392-174970370-1001\...\Run: [UniKey] => C:\Program Files\UniKey\UniKeyNT.exe [316928 2009-11-02] ()
HKU\S-1-5-21-1598329037-492615392-174970370-1001\...\Run: [Dropbox Update] => C:\Users\HP\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-1598329037-492615392-174970370-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII0E.EXE [283232 2015-01-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1598329037-492615392-174970370-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23484296 2016-04-25] (Google)
HKU\S-1-5-21-1598329037-492615392-174970370-1001\...\MountPoints2: F - "F:\SETUP.EXE"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-04-13] (AVAST Software)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.)
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-04-16]
ShortcutTarget: Dropbox.lnk -> C:\Users\HP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A0E9E119-B625-4F23-812E-F47C23083CEC}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{A313D867-EF33-4927-84D1-D85252822AED}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{A313D867-EF33-4927-84D1-D85252822AED}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-1598329037-492615392-174970370-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1598329037-492615392-174970370-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2014-12-05] (Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-13] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2014-12-05] (Internet Download Manager, Tonec Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-13] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\8kg3s5rq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-08-14] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Extension: IDM CC - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\8kg3s5rq.default\Extensions\mozilla_cc@internetdownloadmanager.com [2015-06-22] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-04-13]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-04-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKU\S-1-5-21-1598329037-492615392-174970370-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5 [2016-04-13] [not signed]
FF HKU\S-1-5-21-1598329037-492615392-174970370-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5
Chrome:
=======
CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-22]
CHR Extension: (Google Docs) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-22]
CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Avast SafePrice) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-01-30]
CHR Extension: (Google Sheets) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-22]
CHR Extension: (Google Docs Offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (Avast Online Security) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-02-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-19]
CHR HKLM\...\Chrome\Extension: [aaaaajhmeplfccacopbgpfaibalfnhcb] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaajhmeplfccacopbgpfaibalfnhcb.crx <not found>
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-03-11]
CHR HKU\S-1-5-21-1598329037-492615392-174970370-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaajhmeplfccacopbgpfaibalfnhcb] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaajhmeplfccacopbgpfaibalfnhcb.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-04-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-13]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-03-11]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [87384 2015-02-05] (Alps Electric Co., Ltd.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-04-13] (AVAST Software)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-08-14] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-09] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-09] (Intel Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-29] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
S4 McMPFSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-04-13] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-04-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-04-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-04-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-04-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-04-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-04-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-04-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-04-13] (AVAST Software)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-06] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-25] (Ralink Technology, Corp.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-23] (Hewlett-Packard Development Company, L.P.)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-05 20:42 - 2016-05-05 20:43 - 00023189 _____ C:\Users\HP\Desktop\FRST.txt
2016-05-05 20:41 - 2016-05-05 20:42 - 00000000 ____D C:\FRST
2016-05-05 20:40 - 2016-05-05 20:40 - 02379776 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2016-04-16 05:47 - 2016-04-16 05:47 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-15 10:16 - 2016-03-04 02:28 - 07452512 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-15 10:16 - 2016-03-04 02:27 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-15 10:16 - 2016-03-04 02:27 - 01663192 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-15 10:16 - 2016-03-04 02:27 - 01523216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-15 10:16 - 2016-03-04 02:27 - 01490128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-15 10:16 - 2016-03-04 02:27 - 01358960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-04-15 10:16 - 2016-03-04 01:38 - 01501496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-15 10:16 - 2016-03-04 01:29 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-04-15 10:16 - 2016-03-03 23:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-04-15 09:21 - 2016-03-03 23:47 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-15 09:21 - 2016-03-03 23:33 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-15 09:21 - 2016-03-03 08:39 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-15 09:21 - 2016-03-03 08:39 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-15 09:20 - 2016-03-16 06:00 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-04-15 09:20 - 2016-03-15 21:14 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-15 09:20 - 2016-03-11 21:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-15 09:20 - 2016-03-11 01:22 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-15 09:20 - 2016-03-11 01:21 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-15 09:20 - 2016-03-11 01:20 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-15 09:20 - 2016-03-11 00:44 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-15 09:20 - 2016-03-11 00:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-15 09:20 - 2016-03-11 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-15 09:20 - 2016-03-10 23:48 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-15 09:19 - 2016-03-31 07:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-15 09:19 - 2016-03-31 07:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-15 09:19 - 2016-03-31 07:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-15 09:19 - 2016-03-31 07:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-15 09:19 - 2016-03-31 07:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-15 09:19 - 2016-03-31 07:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-15 09:19 - 2016-03-31 06:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-04-15 09:19 - 2016-03-31 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-15 09:19 - 2016-03-31 06:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-15 09:19 - 2016-03-31 06:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-15 09:19 - 2016-03-31 06:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-15 09:19 - 2016-03-31 06:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-04-15 09:19 - 2016-03-31 06:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-15 09:19 - 2016-03-31 06:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-15 09:19 - 2016-03-31 06:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-15 09:19 - 2016-03-31 06:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-15 09:19 - 2016-03-31 06:43 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-15 09:19 - 2016-03-31 06:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-15 09:19 - 2016-03-31 06:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-15 09:19 - 2016-03-31 06:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-15 09:19 - 2016-03-31 06:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-15 09:19 - 2016-03-31 06:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-15 09:19 - 2016-03-31 06:30 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-04-15 09:19 - 2016-03-31 06:27 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-04-15 09:19 - 2016-03-31 06:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-15 09:19 - 2016-03-31 06:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-15 09:19 - 2016-03-31 06:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-15 09:19 - 2016-03-31 06:23 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-15 09:19 - 2016-03-31 06:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-15 09:19 - 2016-03-31 06:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-15 09:19 - 2016-03-31 06:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-15 09:19 - 2016-03-31 06:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-15 09:19 - 2016-03-31 06:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-15 09:19 - 2016-03-31 06:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-15 09:19 - 2015-12-04 02:41 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-15 09:15 - 2016-03-29 21:05 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-15 08:45 - 2016-04-15 08:45 - 05934784 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-04-13 22:42 - 2016-04-13 22:42 - 00007653 _____ C:\Users\HP\AppData\Local\Resmon.ResmonCfg
2016-04-13 22:35 - 2016-04-13 22:35 - 00003044 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1460274905
2016-04-13 22:35 - 2016-04-13 22:35 - 00001060 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-04-13 22:35 - 2016-04-13 22:35 - 00001060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-04-13 22:29 - 2016-05-03 15:53 - 00002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-13 22:29 - 2016-05-03 15:53 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-13 22:26 - 2016-04-13 22:27 - 00987728 _____ (Google Inc.) C:\Users\HP\Downloads\ChromeSetup.exe
2016-04-13 22:20 - 2016-04-13 22:18 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-04-13 22:19 - 2016-04-13 22:19 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-04-13 22:19 - 2016-04-13 22:19 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-04-13 20:40 - 2016-04-13 21:04 - 00000000 ____D C:\Windows\pss
2016-04-12 10:35 - 2016-04-13 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7
2016-04-12 10:35 - 2016-04-13 21:05 - 00000000 ____D C:\Program Files (x86)\Your Uninstaller! 7
2016-04-12 10:35 - 2016-04-12 10:35 - 00000000 ____D C:\Users\HP\AppData\Roaming\URSoft
2016-04-06 11:18 - 2016-04-13 21:05 - 00000000 ____D C:\ProgramData\Apple Computer
2016-04-06 11:18 - 2016-04-13 21:05 - 00000000 ____D C:\Program Files\iTunes
2016-04-06 11:18 - 2016-04-13 21:05 - 00000000 ____D C:\Program Files\iPod
2016-04-06 11:18 - 2016-04-13 21:05 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-04-06 11:18 - 2016-04-06 11:39 - 00000000 ____D C:\Users\HP\AppData\Roaming\Apple Computer
2016-04-06 11:18 - 2016-04-06 11:18 - 00000000 ____D C:\Users\HP\AppData\Local\Apple Computer
2016-04-06 11:15 - 2016-04-06 11:15 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-06 11:15 - 2016-04-06 11:15 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-04-06 11:15 - 2016-04-06 11:15 - 00000000 ____D C:\Users\HP\AppData\Local\Apple
2016-04-06 11:15 - 2016-04-06 11:15 - 00000000 ____D C:\Program Files\Bonjour
2016-04-06 11:15 - 2016-04-06 11:15 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-04-06 11:15 - 2016-04-06 11:15 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-04-06 11:14 - 2016-04-06 11:15 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-04-06 11:10 - 2016-04-06 11:12 - 169713992 _____ (Apple Inc.) C:\Users\HP\Downloads\iTunes6464Setup.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-05 20:40 - 2014-12-26 09:25 - 00000000 ____D C:\Users\HP\AppData\Roaming\IDM
2016-05-05 20:35 - 2014-03-18 16:53 - 00958356 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-05 20:35 - 2013-08-22 20:36 - 00000000 ____D C:\Windows\Inf
2016-05-05 20:05 - 2016-02-22 13:06 - 00000000 ___RD C:\Users\HP\Google Drive
2016-05-05 20:05 - 2014-12-29 18:09 - 00000000 ___RD C:\Users\HP\Dropbox
2016-05-05 20:03 - 2014-12-24 19:58 - 00000000 ____D C:\Users\HP\Documents\Youcam
2016-05-05 20:02 - 2015-06-22 20:37 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-05-05 20:02 - 2014-12-26 10:14 - 00000000 ___RD C:\Users\HP\OneDrive
2016-05-05 20:02 - 2014-12-24 21:12 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-05 16:06 - 2014-12-26 09:25 - 00000000 ____D C:\Users\HP\AppData\Roaming\DMCache
2016-05-05 15:50 - 2014-12-24 21:12 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-05 15:46 - 2015-06-16 15:36 - 00000920 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1598329037-492615392-174970370-1001UA.job
2016-05-05 15:45 - 2014-12-24 22:17 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-05 14:57 - 2014-12-24 20:00 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1598329037-492615392-174970370-1001
2016-05-05 14:42 - 2013-08-22 22:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-05 14:42 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\AppReadiness
2016-05-04 21:09 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-05-02 23:09 - 2016-03-17 22:25 - 00003142 _____ C:\Windows\System32\Tasks\HPCeeScheduleForHP
2016-05-02 23:09 - 2016-03-12 20:49 - 00000334 _____ C:\Windows\Tasks\HPCeeScheduleForHP.job
2016-05-02 13:46 - 2015-06-16 15:36 - 00000868 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1598329037-492615392-174970370-1001Core.job
2016-04-30 11:34 - 2013-08-22 22:20 - 00000000 ____D C:\Windows\CbsTemp
2016-04-30 11:33 - 2014-12-27 23:22 - 00000000 ____D C:\Windows\system32\MRT
2016-04-30 11:27 - 2014-12-27 23:22 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-29 19:51 - 2016-02-22 13:03 - 00002065 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-04-29 19:51 - 2016-02-22 13:03 - 00002063 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-04-29 19:51 - 2016-02-22 13:03 - 00002053 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-04-29 19:51 - 2016-02-22 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-04-26 22:22 - 2013-08-22 21:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-26 22:19 - 2013-08-22 20:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-04-26 19:36 - 2014-12-25 18:54 - 00000000 ____D C:\Users\HP\AppData\Local\Packages
2016-04-26 19:11 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\system32\NDF
2016-04-17 16:27 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\rescache
2016-04-16 21:10 - 2013-08-22 21:44 - 00481528 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-16 05:50 - 2014-12-29 17:25 - 00000000 ____D C:\Users\HP\AppData\Roaming\Dropbox
2016-04-16 05:48 - 2015-06-16 15:36 - 00000000 ____D C:\Users\HP\AppData\Local\Dropbox
2016-04-15 22:32 - 2014-12-26 11:51 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-04-15 22:27 - 2013-08-22 20:25 - 00000199 _____ C:\Windows\win.ini
2016-04-15 08:45 - 2014-12-24 22:17 - 00003582 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-14 01:00 - 2015-06-29 22:33 - 00001862 _____ C:\Windows\System32\Tasks\avastBCLRestart_chrome.exe
2016-04-14 01:00 - 2015-06-16 15:36 - 00003146 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1598329037-492615392-174970370-1001UA
2016-04-14 01:00 - 2015-06-16 15:36 - 00002766 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1598329037-492615392-174970370-1001Core
2016-04-14 01:00 - 2014-11-17 02:34 - 00002100 _____ C:\Windows\System32\Tasks\CLVDLauncher
2016-04-14 01:00 - 2014-11-17 02:34 - 00002100 _____ C:\Windows\System32\Tasks\CLMLSvc_P2G8
2016-04-14 01:00 - 2014-11-17 02:32 - 00002096 _____ C:\Windows\System32\Tasks\YCMServiceAgent
2016-04-13 22:21 - 2015-06-22 20:37 - 00287528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-04-13 22:19 - 2015-06-22 20:37 - 00465792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-04-13 22:19 - 2015-06-22 20:37 - 00166432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-04-13 22:19 - 2015-06-22 20:37 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-04-13 22:19 - 2015-06-22 20:37 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-04-13 22:19 - 2015-06-22 20:37 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-04-13 22:19 - 2015-06-22 20:37 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-04-13 22:18 - 2015-06-22 20:37 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-04-13 22:14 - 2015-06-22 20:37 - 00001945 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-04-13 22:03 - 2014-12-25 18:54 - 00000000 ____D C:\Users\HP
2016-04-13 21:05 - 2015-12-05 11:10 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-04-13 21:05 - 2015-10-03 20:05 - 00000000 ___SD C:\Windows\system32\XTgt
2016-04-13 21:05 - 2015-04-19 19:41 - 00000000 ___SD C:\Windows\system32\GWX
2016-04-13 21:05 - 2015-01-21 22:48 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2016-04-13 21:05 - 2014-12-26 09:25 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-04-13 21:05 - 2014-12-26 09:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-04-13 21:05 - 2014-12-26 09:25 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-04-13 21:05 - 2013-08-22 22:36 - 00000000 ____D C:\Program Files\Windows Defender
2016-04-13 20:56 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\registration
2016-04-13 20:53 - 2015-03-01 20:37 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-13 20:53 - 2015-01-21 22:48 - 00000000 ____D C:\Users\HP\AppData\Local\AskPartnerNetwork
2016-04-13 20:51 - 2014-12-26 11:47 - 00000000 ____D C:\Program Files\Microsoft Office
2016-04-13 20:49 - 2015-06-22 20:34 - 00000000 ____D C:\Program Files\AVAST Software
2016-04-13 20:49 - 2014-12-26 11:47 - 00000000 __RHD C:\MSOCache
2016-04-13 17:40 - 2015-09-18 08:14 - 00000000 ____D C:\Users\HP\Desktop\TÂM LÝ HỌC PHÁT TRIỂN
2016-04-10 22:40 - 2016-03-12 20:58 - 00000000 ____D C:\Users\HP\Desktop\Video Note 3
2016-04-06 11:15 - 2014-11-17 02:25 - 00000000 ____D C:\ProgramData\Apple
2016-04-06 04:53 - 2016-03-18 20:35 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-06 04:53 - 2016-03-18 20:35 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2015-10-19 21:34 - 2015-10-19 21:34 - 0002081 _____ () C:\Users\HP\AppData\Local\recently-used.xbel
2016-04-13 22:42 - 2016-04-13 22:42 - 0007653 _____ () C:\Users\HP\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\HP\AppData\Local\Temp\COMAP.EXE
C:\Users\HP\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwsalwn.dll
C:\Users\HP\AppData\Local\Temp\handbrake-setup.exe
C:\Users\HP\AppData\Local\Temp\HPSFUpdater.exe
C:\Users\HP\AppData\Local\Temp\ose00000.exe
C:\Users\HP\AppData\Local\Temp\qing_update.exe
C:\Users\HP\AppData\Local\Temp\SkypeSetup.exe
C:\Users\HP\AppData\Local\Temp\swt-gdip-win32-3452.dll
C:\Users\HP\AppData\Local\Temp\swt-win32-3452.dll
C:\Users\HP\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\HP\AppData\Local\Temp\uttA480.tmp.exe
C:\Users\HP\AppData\Local\Temp\uttD96D.tmp.exe
C:\Users\HP\AppData\Local\Temp\{79F2C1EF-0AD5-4A5E-9AD0-B0876D584AC8}-49.0.2623.110_49.0.2623.87_chrome_updater.exe
C:\Users\HP\AppData\Local\Temp\{D6FADA52-AF04-4558-8282-67B5E12C320E}-DropboxClient_3.8.5.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-01 23:52
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-05-2016
Ran by HP (administrator) on LAPTOP (05-05-2016 20:42:04)
Running from C:\Users\HP\Desktop
Loaded Profiles: HP (Available Profiles: HP)
Platform: Windows 8.1 Single Language (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
() C:\Program Files\UniKey\UniKeyNT.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATII0E.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Dropbox, Inc.) C:\Users\HP\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [704344 2015-02-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510896 2014-01-14] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-29] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-29] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-29] (Hewlett-Packard)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7390608 2016-04-16] (AVAST Software)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1598329037-492615392-174970370-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3886672 2014-12-22] (Tonec Inc.)
HKU\S-1-5-21-1598329037-492615392-174970370-1001\...\Run: [UniKey] => C:\Program Files\UniKey\UniKeyNT.exe [316928 2009-11-02] ()
HKU\S-1-5-21-1598329037-492615392-174970370-1001\...\Run: [Dropbox Update] => C:\Users\HP\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-1598329037-492615392-174970370-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII0E.EXE [283232 2015-01-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1598329037-492615392-174970370-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23484296 2016-04-25] (Google)
HKU\S-1-5-21-1598329037-492615392-174970370-1001\...\MountPoints2: F - "F:\SETUP.EXE"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-04-13] (AVAST Software)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.)
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-04-16]
ShortcutTarget: Dropbox.lnk -> C:\Users\HP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A0E9E119-B625-4F23-812E-F47C23083CEC}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{A313D867-EF33-4927-84D1-D85252822AED}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{A313D867-EF33-4927-84D1-D85252822AED}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-1598329037-492615392-174970370-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1598329037-492615392-174970370-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2014-12-05] (Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-13] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2014-12-05] (Internet Download Manager, Tonec Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-13] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\8kg3s5rq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-08-14] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Extension: IDM CC - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\8kg3s5rq.default\Extensions\mozilla_cc@internetdownloadmanager.com [2015-06-22] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-04-13]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-04-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKU\S-1-5-21-1598329037-492615392-174970370-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5 [2016-04-13] [not signed]
FF HKU\S-1-5-21-1598329037-492615392-174970370-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5
Chrome:
=======
CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-22]
CHR Extension: (Google Docs) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-22]
CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Avast SafePrice) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-01-30]
CHR Extension: (Google Sheets) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-22]
CHR Extension: (Google Docs Offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (Avast Online Security) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-02-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-19]
CHR HKLM\...\Chrome\Extension: [aaaaajhmeplfccacopbgpfaibalfnhcb] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaajhmeplfccacopbgpfaibalfnhcb.crx <not found>
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-03-11]
CHR HKU\S-1-5-21-1598329037-492615392-174970370-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaajhmeplfccacopbgpfaibalfnhcb] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaajhmeplfccacopbgpfaibalfnhcb.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-04-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-13]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-03-11]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [87384 2015-02-05] (Alps Electric Co., Ltd.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-04-13] (AVAST Software)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-08-14] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-09] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-09] (Intel Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-29] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
S4 McMPFSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-04-13] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-04-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-04-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-04-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-04-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-04-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-04-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-04-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-04-13] (AVAST Software)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-06] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-25] (Ralink Technology, Corp.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-23] (Hewlett-Packard Development Company, L.P.)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-05 20:42 - 2016-05-05 20:43 - 00023189 _____ C:\Users\HP\Desktop\FRST.txt
2016-05-05 20:41 - 2016-05-05 20:42 - 00000000 ____D C:\FRST
2016-05-05 20:40 - 2016-05-05 20:40 - 02379776 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2016-04-16 05:47 - 2016-04-16 05:47 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-15 10:16 - 2016-03-04 02:28 - 07452512 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-15 10:16 - 2016-03-04 02:27 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-15 10:16 - 2016-03-04 02:27 - 01663192 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-15 10:16 - 2016-03-04 02:27 - 01523216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-15 10:16 - 2016-03-04 02:27 - 01490128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-15 10:16 - 2016-03-04 02:27 - 01358960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-04-15 10:16 - 2016-03-04 01:38 - 01501496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-15 10:16 - 2016-03-04 01:29 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-04-15 10:16 - 2016-03-03 23:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-04-15 09:21 - 2016-03-03 23:47 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-15 09:21 - 2016-03-03 23:33 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-15 09:21 - 2016-03-03 08:39 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-15 09:21 - 2016-03-03 08:39 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-15 09:20 - 2016-03-16 06:00 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-04-15 09:20 - 2016-03-15 21:14 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-15 09:20 - 2016-03-11 21:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-15 09:20 - 2016-03-11 01:22 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-15 09:20 - 2016-03-11 01:21 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-15 09:20 - 2016-03-11 01:20 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-15 09:20 - 2016-03-11 00:44 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-15 09:20 - 2016-03-11 00:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-15 09:20 - 2016-03-11 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-15 09:20 - 2016-03-10 23:48 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-15 09:19 - 2016-03-31 07:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-15 09:19 - 2016-03-31 07:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-15 09:19 - 2016-03-31 07:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-15 09:19 - 2016-03-31 07:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-15 09:19 - 2016-03-31 07:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-15 09:19 - 2016-03-31 07:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-15 09:19 - 2016-03-31 06:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-04-15 09:19 - 2016-03-31 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-15 09:19 - 2016-03-31 06:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-15 09:19 - 2016-03-31 06:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-15 09:19 - 2016-03-31 06:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-15 09:19 - 2016-03-31 06:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-04-15 09:19 - 2016-03-31 06:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-15 09:19 - 2016-03-31 06:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-15 09:19 - 2016-03-31 06:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-15 09:19 - 2016-03-31 06:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-15 09:19 - 2016-03-31 06:43 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-15 09:19 - 2016-03-31 06:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-15 09:19 - 2016-03-31 06:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-15 09:19 - 2016-03-31 06:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-15 09:19 - 2016-03-31 06:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-15 09:19 - 2016-03-31 06:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-15 09:19 - 2016-03-31 06:30 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-04-15 09:19 - 2016-03-31 06:27 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-04-15 09:19 - 2016-03-31 06:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-15 09:19 - 2016-03-31 06:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-15 09:19 - 2016-03-31 06:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-15 09:19 - 2016-03-31 06:23 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-15 09:19 - 2016-03-31 06:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-15 09:19 - 2016-03-31 06:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-15 09:19 - 2016-03-31 06:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-15 09:19 - 2016-03-31 06:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-15 09:19 - 2016-03-31 06:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-15 09:19 - 2016-03-31 06:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-15 09:19 - 2015-12-04 02:41 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-15 09:15 - 2016-03-29 21:05 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-15 08:45 - 2016-04-15 08:45 - 05934784 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-04-13 22:42 - 2016-04-13 22:42 - 00007653 _____ C:\Users\HP\AppData\Local\Resmon.ResmonCfg
2016-04-13 22:35 - 2016-04-13 22:35 - 00003044 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1460274905
2016-04-13 22:35 - 2016-04-13 22:35 - 00001060 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-04-13 22:35 - 2016-04-13 22:35 - 00001060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-04-13 22:29 - 2016-05-03 15:53 - 00002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-13 22:29 - 2016-05-03 15:53 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-13 22:26 - 2016-04-13 22:27 - 00987728 _____ (Google Inc.) C:\Users\HP\Downloads\ChromeSetup.exe
2016-04-13 22:20 - 2016-04-13 22:18 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-04-13 22:19 - 2016-04-13 22:19 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-04-13 22:19 - 2016-04-13 22:19 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-04-13 20:40 - 2016-04-13 21:04 - 00000000 ____D C:\Windows\pss
2016-04-12 10:35 - 2016-04-13 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7
2016-04-12 10:35 - 2016-04-13 21:05 - 00000000 ____D C:\Program Files (x86)\Your Uninstaller! 7
2016-04-12 10:35 - 2016-04-12 10:35 - 00000000 ____D C:\Users\HP\AppData\Roaming\URSoft
2016-04-06 11:18 - 2016-04-13 21:05 - 00000000 ____D C:\ProgramData\Apple Computer
2016-04-06 11:18 - 2016-04-13 21:05 - 00000000 ____D C:\Program Files\iTunes
2016-04-06 11:18 - 2016-04-13 21:05 - 00000000 ____D C:\Program Files\iPod
2016-04-06 11:18 - 2016-04-13 21:05 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-04-06 11:18 - 2016-04-06 11:39 - 00000000 ____D C:\Users\HP\AppData\Roaming\Apple Computer
2016-04-06 11:18 - 2016-04-06 11:18 - 00000000 ____D C:\Users\HP\AppData\Local\Apple Computer
2016-04-06 11:15 - 2016-04-06 11:15 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-06 11:15 - 2016-04-06 11:15 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-04-06 11:15 - 2016-04-06 11:15 - 00000000 ____D C:\Users\HP\AppData\Local\Apple
2016-04-06 11:15 - 2016-04-06 11:15 - 00000000 ____D C:\Program Files\Bonjour
2016-04-06 11:15 - 2016-04-06 11:15 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-04-06 11:15 - 2016-04-06 11:15 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-04-06 11:14 - 2016-04-06 11:15 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-04-06 11:10 - 2016-04-06 11:12 - 169713992 _____ (Apple Inc.) C:\Users\HP\Downloads\iTunes6464Setup.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-05 20:40 - 2014-12-26 09:25 - 00000000 ____D C:\Users\HP\AppData\Roaming\IDM
2016-05-05 20:35 - 2014-03-18 16:53 - 00958356 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-05 20:35 - 2013-08-22 20:36 - 00000000 ____D C:\Windows\Inf
2016-05-05 20:05 - 2016-02-22 13:06 - 00000000 ___RD C:\Users\HP\Google Drive
2016-05-05 20:05 - 2014-12-29 18:09 - 00000000 ___RD C:\Users\HP\Dropbox
2016-05-05 20:03 - 2014-12-24 19:58 - 00000000 ____D C:\Users\HP\Documents\Youcam
2016-05-05 20:02 - 2015-06-22 20:37 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-05-05 20:02 - 2014-12-26 10:14 - 00000000 ___RD C:\Users\HP\OneDrive
2016-05-05 20:02 - 2014-12-24 21:12 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-05 16:06 - 2014-12-26 09:25 - 00000000 ____D C:\Users\HP\AppData\Roaming\DMCache
2016-05-05 15:50 - 2014-12-24 21:12 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-05 15:46 - 2015-06-16 15:36 - 00000920 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1598329037-492615392-174970370-1001UA.job
2016-05-05 15:45 - 2014-12-24 22:17 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-05 14:57 - 2014-12-24 20:00 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1598329037-492615392-174970370-1001
2016-05-05 14:42 - 2013-08-22 22:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-05 14:42 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\AppReadiness
2016-05-04 21:09 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-05-02 23:09 - 2016-03-17 22:25 - 00003142 _____ C:\Windows\System32\Tasks\HPCeeScheduleForHP
2016-05-02 23:09 - 2016-03-12 20:49 - 00000334 _____ C:\Windows\Tasks\HPCeeScheduleForHP.job
2016-05-02 13:46 - 2015-06-16 15:36 - 00000868 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1598329037-492615392-174970370-1001Core.job
2016-04-30 11:34 - 2013-08-22 22:20 - 00000000 ____D C:\Windows\CbsTemp
2016-04-30 11:33 - 2014-12-27 23:22 - 00000000 ____D C:\Windows\system32\MRT
2016-04-30 11:27 - 2014-12-27 23:22 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-29 19:51 - 2016-02-22 13:03 - 00002065 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-04-29 19:51 - 2016-02-22 13:03 - 00002063 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-04-29 19:51 - 2016-02-22 13:03 - 00002053 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-04-29 19:51 - 2016-02-22 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-04-26 22:22 - 2013-08-22 21:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-26 22:19 - 2013-08-22 20:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-04-26 19:36 - 2014-12-25 18:54 - 00000000 ____D C:\Users\HP\AppData\Local\Packages
2016-04-26 19:11 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\system32\NDF
2016-04-17 16:27 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\rescache
2016-04-16 21:10 - 2013-08-22 21:44 - 00481528 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-16 05:50 - 2014-12-29 17:25 - 00000000 ____D C:\Users\HP\AppData\Roaming\Dropbox
2016-04-16 05:48 - 2015-06-16 15:36 - 00000000 ____D C:\Users\HP\AppData\Local\Dropbox
2016-04-15 22:32 - 2014-12-26 11:51 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-04-15 22:27 - 2013-08-22 20:25 - 00000199 _____ C:\Windows\win.ini
2016-04-15 08:45 - 2014-12-24 22:17 - 00003582 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-14 01:00 - 2015-06-29 22:33 - 00001862 _____ C:\Windows\System32\Tasks\avastBCLRestart_chrome.exe
2016-04-14 01:00 - 2015-06-16 15:36 - 00003146 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1598329037-492615392-174970370-1001UA
2016-04-14 01:00 - 2015-06-16 15:36 - 00002766 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1598329037-492615392-174970370-1001Core
2016-04-14 01:00 - 2014-11-17 02:34 - 00002100 _____ C:\Windows\System32\Tasks\CLVDLauncher
2016-04-14 01:00 - 2014-11-17 02:34 - 00002100 _____ C:\Windows\System32\Tasks\CLMLSvc_P2G8
2016-04-14 01:00 - 2014-11-17 02:32 - 00002096 _____ C:\Windows\System32\Tasks\YCMServiceAgent
2016-04-13 22:21 - 2015-06-22 20:37 - 00287528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-04-13 22:19 - 2015-06-22 20:37 - 00465792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-04-13 22:19 - 2015-06-22 20:37 - 00166432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-04-13 22:19 - 2015-06-22 20:37 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-04-13 22:19 - 2015-06-22 20:37 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-04-13 22:19 - 2015-06-22 20:37 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-04-13 22:19 - 2015-06-22 20:37 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-04-13 22:18 - 2015-06-22 20:37 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-04-13 22:14 - 2015-06-22 20:37 - 00001945 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-04-13 22:03 - 2014-12-25 18:54 - 00000000 ____D C:\Users\HP
2016-04-13 21:05 - 2015-12-05 11:10 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-04-13 21:05 - 2015-10-03 20:05 - 00000000 ___SD C:\Windows\system32\XTgt
2016-04-13 21:05 - 2015-04-19 19:41 - 00000000 ___SD C:\Windows\system32\GWX
2016-04-13 21:05 - 2015-01-21 22:48 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2016-04-13 21:05 - 2014-12-26 09:25 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-04-13 21:05 - 2014-12-26 09:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-04-13 21:05 - 2014-12-26 09:25 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-04-13 21:05 - 2013-08-22 22:36 - 00000000 ____D C:\Program Files\Windows Defender
2016-04-13 20:56 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\registration
2016-04-13 20:53 - 2015-03-01 20:37 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-13 20:53 - 2015-01-21 22:48 - 00000000 ____D C:\Users\HP\AppData\Local\AskPartnerNetwork
2016-04-13 20:51 - 2014-12-26 11:47 - 00000000 ____D C:\Program Files\Microsoft Office
2016-04-13 20:49 - 2015-06-22 20:34 - 00000000 ____D C:\Program Files\AVAST Software
2016-04-13 20:49 - 2014-12-26 11:47 - 00000000 __RHD C:\MSOCache
2016-04-13 17:40 - 2015-09-18 08:14 - 00000000 ____D C:\Users\HP\Desktop\TÂM LÝ HỌC PHÁT TRIỂN
2016-04-10 22:40 - 2016-03-12 20:58 - 00000000 ____D C:\Users\HP\Desktop\Video Note 3
2016-04-06 11:15 - 2014-11-17 02:25 - 00000000 ____D C:\ProgramData\Apple
2016-04-06 04:53 - 2016-03-18 20:35 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-06 04:53 - 2016-03-18 20:35 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2015-10-19 21:34 - 2015-10-19 21:34 - 0002081 _____ () C:\Users\HP\AppData\Local\recently-used.xbel
2016-04-13 22:42 - 2016-04-13 22:42 - 0007653 _____ () C:\Users\HP\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\HP\AppData\Local\Temp\COMAP.EXE
C:\Users\HP\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwsalwn.dll
C:\Users\HP\AppData\Local\Temp\handbrake-setup.exe
C:\Users\HP\AppData\Local\Temp\HPSFUpdater.exe
C:\Users\HP\AppData\Local\Temp\ose00000.exe
C:\Users\HP\AppData\Local\Temp\qing_update.exe
C:\Users\HP\AppData\Local\Temp\SkypeSetup.exe
C:\Users\HP\AppData\Local\Temp\swt-gdip-win32-3452.dll
C:\Users\HP\AppData\Local\Temp\swt-win32-3452.dll
C:\Users\HP\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\HP\AppData\Local\Temp\uttA480.tmp.exe
C:\Users\HP\AppData\Local\Temp\uttD96D.tmp.exe
C:\Users\HP\AppData\Local\Temp\{79F2C1EF-0AD5-4A5E-9AD0-B0876D584AC8}-49.0.2623.110_49.0.2623.87_chrome_updater.exe
C:\Users\HP\AppData\Local\Temp\{D6FADA52-AF04-4558-8282-67B5E12C320E}-DropboxClient_3.8.5.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-01 23:52
==================== End of FRST.txt ============================