Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blue Screen of Death every time I try to boot


  • This topic is locked This topic is locked
14 replies to this topic

#1 heroanddeviant

heroanddeviant

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 03 March 2014 - 07:46 AM

Greetings.....

I'm new here. I hope someone could help me with my problem. I've been on the net finding solutions for this problem without any result. Then I find similiar problem in this site which explained very-very good and detailed so even someone like me who is not really good at computer thing still understand.

 

The Problem

My Sony Vaio VPCCA15FG just recently failed to boot. Everytime when it just about to enter logon screen, Blue Screen appears. It happens after my notebook start to crash when I play multiple video on youtube. When my notebook not responding anymore, I try to force shutdown it by pressing power button. Then when I switch the power again the problem starts.

I already tried to boot in safe mode, minimum graphics, and last known good configuration without any result and the Blue Screen always appear before it reach logon screen with code : STOP: 0x000000F4 (0x000000000000000003,0xFFFFFAB00C253B30,0xFFFFFAB00C253E10,0xFFFFF80003B960D0) <- I hope i write that correctly

I also tried Startup Repair, but it can't find the problem

The Problem signatures shows:

Problem Event Name: StartupRepairOffline
Problem Signature 1: 6.1.7600.16385
Problem Signature 2: 6.1.7600.16385
Problem Signature 3: unknown
Problem Signature 4: 21200245
Problem Signature 5: AutoFailover
Problem Signature 6: 24
Problem Signature 7: BadDriver
OS Version: 6.1.7600.2.0.0.256.1
Locale ID: 1033

 

Is this problem caused by a virus or malware...? 

And how I fix it...? I don't want to reinstall my notebook if I can

Thank u



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 PM

Posted 03 March 2014 - 10:01 AM

Hi there,
 
please try to run a FRST scan from Recovery Environment. That may help diagnose the problem:
 
 
 
On a clean machine, please download Farbar Recovery Scan Tool and save it to a flash drive.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html




To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

==========

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt


Select Command Prompt

==========


Once in the Command Prompt:

  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.


#3 heroanddeviant

heroanddeviant
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 03 March 2014 - 07:12 PM

Thank you for your respond
Here's the scanlog that I got
---------------------------------------------------------------------------------------------------------------------------------------------------------
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-03-2014
Ran by SYSTEM on MININT-3TP8D1F on 04-03-2014 07:01:11
Running from H:\
Windows 7 Ultimate (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
 
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-03-21] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2283816 2010-11-18] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-11-02] (Intel® Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-05] (Adobe Systems Incorporated)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [USB Security] - C:\Program Files (x86)\USB Disk Security\USBGuard.exe [658632 2013-01-02] (Zbshareware Lab)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2013-11-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [RazerGameBooster] - C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe [61152 2013-11-21] (Razer Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [811792 2014-01-20] (BlueStack Systems, Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Windows\system32\svchost\svchost.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\DeV\...\Run: [IDMan] - C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3462552 2012-02-08] (Tonec Inc.)
HKU\DeV\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [842048 2011-03-17] (DT Soft Ltd)
HKU\DeV\...\Run: [WebcamMaxAutoRun] - C:\Program Files (x86)\WebcamMax\wcmmon.exe [1038848 2011-07-16] ()
HKU\DeV\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2012-07-18] (BitTorrent, Inc.)
HKU\DeV\...\Run: [] - [X]
HKU\DeV\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1088424 2012-10-12] (Nokia)
HKU\DeV\...\Run: [Akamai NetSession Interface] - C:\Users\DeV\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-04] (Akamai Technologies, Inc.)
HKU\DeV\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\DeV\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
Startup: C:\Users\DeV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
 
==================== Services (Whitelisted) =================
 
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1432080 2013-10-22] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-19] (AVG Technologies CZ, s.r.o.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-01-20] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-01-20] (BlueStack Systems, Inc.)
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-13] (Sony Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-02] ()
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-13] ()
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2012-03-30] ()
S2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-21] (Razer Inc.)
S2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [257936 2010-08-12] (Sony Corporation)
S2 Smartfren Connex EC306-2 UI. RunOuc; C:\Program Files (x86)\Smartfren Connex EC306-2 UI\UpdateDog\ouc.exe [246112 2012-02-08] ()
S3 SonicStage Back-End Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-04] (Sony Corporation)
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-13] (Sony Corporation)
S3 SSScsiSV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-04] (Sony Corporation)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-18] (TuneUp Software)
S2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [864000 2010-09-27] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-07-31] (Sony Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [50296 2012-09-03] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-24] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-19] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-19] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-19] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-06-30] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-22] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-20] (AVG Technologies CZ, s.r.o.)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [115472 2014-01-20] (BlueStack Systems)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [272448 2012-02-11] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2010-07-14] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2010-07-14] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2010-07-14] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2010-07-14] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S2 risdsnpe; C:\Windows\System32\DRIVERS\risdsnxc64.sys [98816 2010-12-26] (REDC)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-18] (TuneUp Software)
S3 UsbModemDriver; C:\Windows\System32\DRIVERS\USB_MODEM_T.sys [28160 2011-04-07] ()
S3 USB_BusEnum_T; C:\Windows\System32\DRIVERS\USB_BusEnum_T.sys [44544 2009-11-04] ()
S3 USB_ETS_T; C:\Windows\System32\DRIVERS\USB_ETS_T.sys [21760 2008-05-30] (Via Telecom, Inc.)
S3 USB_WinMux_T; C:\Windows\System32\DRIVERS\USB_WinMux_T.sys [37376 2009-10-26] ()
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2011-06-22] (Windows ® Win 7 DDK provider)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-10-31] (OpenLibSys.org)
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\PCFApiUtil64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-03 18:44 - 2014-03-04 07:01 - 00000000 ____D () C:\FRST
2014-03-02 13:45 - 2014-03-03 15:54 - 626962409 _____ () C:\Windows\MEMORY.DMP
2014-03-02 13:20 - 2014-03-02 13:20 - 00003352 ____N () C:\bootsqm.dat
2014-03-02 07:35 - 2014-03-02 07:35 - 00000000 __SHD () C:\found.001
2014-03-01 12:00 - 2014-02-01 01:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-03-01 12:00 - 2014-02-01 01:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-03-01 12:00 - 2014-02-01 01:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 19274240 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 15403520 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 03960320 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-03-01 12:00 - 2014-01-31 23:58 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 12:00 - 2014-01-31 23:58 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 12:00 - 2014-01-31 23:40 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-03-01 12:00 - 2014-01-31 23:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 12:00 - 2014-01-31 22:45 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2014-03-01 12:00 - 2014-01-31 22:38 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-01 08:25 - 2014-03-02 04:54 - 00000336 _____ () C:\Windows\setupact.log
2014-03-01 08:25 - 2014-03-01 08:25 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-28 12:08 - 2014-02-28 12:08 - 01509376 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-02-28 12:08 - 2014-02-28 12:08 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 12:08 - 2014-02-28 12:08 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-02-28 12:08 - 2014-02-28 12:08 - 01400416 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2014-02-28 12:08 - 2014-02-28 12:08 - 01054720 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00905728 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00762368 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00599552 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00441856 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2014-02-28 12:08 - 2014-02-28 12:08 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-02-28 12:08 - 2014-02-28 12:08 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00281600 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00270848 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00247296 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00226304 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00216064 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00173568 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00149504 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00144896 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00102912 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00097280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2014-02-28 12:08 - 2014-02-28 12:08 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00062976 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-02-28 12:08 - 2014-02-28 12:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00027648 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-02-28 12:06 - 2014-02-28 12:06 - 03928064 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 02776576 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01887232 _____ (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01682432 _____ (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01643520 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01504768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01424384 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01238528 _____ (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01175552 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00648192 _____ (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00522752 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00465920 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00363008 _____ (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00333312 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00245248 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00194560 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00010752 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00009728 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00002560 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-26 18:46 - 2014-02-26 18:46 - 00008581 _____ () C:\Users\DeV\Downloads\Absen Muh. Hasim.xlsx
2014-02-25 12:06 - 2014-03-01 12:04 - 00032394 _____ () C:\Windows\IE11_main.log
2014-02-23 11:17 - 2014-02-23 11:19 - 18493945 _____ () C:\Users\DeV\Downloads\gapps.mpi.v23.apk
2014-02-23 11:02 - 2014-02-23 11:02 - 00001818 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-02-23 11:02 - 2014-02-23 11:02 - 00001818 _____ () C:\ProgramData\Desktop\Apps.lnk
2014-02-23 11:02 - 2014-02-23 11:02 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-02-23 11:02 - 2014-02-23 11:02 - 00001807 _____ () C:\ProgramData\Desktop\Start BlueStacks.lnk
2014-02-23 11:02 - 2014-02-23 11:02 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-02-23 11:02 - 2014-02-23 11:02 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-02-12 12:01 - 2014-02-12 12:01 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2008
2014-02-12 12:01 - 2014-02-12 12:01 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2008
2014-02-11 23:35 - 2013-12-05 18:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2014-02-11 23:35 - 2013-12-05 18:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2014-02-11 23:35 - 2013-12-05 18:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-11 23:35 - 2013-12-05 18:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-11 16:57 - 2013-02-14 20:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-11 16:57 - 2013-02-14 20:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-02-11 16:57 - 2013-02-14 19:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-02-11 16:56 - 2013-07-04 04:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2014-02-11 16:56 - 2013-07-04 03:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-02-11 16:56 - 2013-02-14 22:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2014-02-11 16:56 - 2013-02-14 22:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-02-11 16:56 - 2013-02-14 22:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2014-02-11 12:07 - 2014-02-28 12:46 - 00108961 _____ () C:\Windows\IE10_main.log
2014-02-10 19:36 - 2014-02-10 19:36 - 00663417 _____ () C:\Users\DeV\Downloads\scannpwpdanlhkpn.zip
2014-02-09 13:29 - 2013-07-08 21:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2014-02-09 13:29 - 2013-07-08 20:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-02-09 13:28 - 2013-02-26 22:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\System32\consent.exe
2014-02-09 13:28 - 2013-02-26 21:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2014-02-09 13:28 - 2013-02-26 21:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2014-02-09 13:28 - 2013-02-26 20:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-02-09 13:27 - 2013-04-12 06:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2014-02-09 12:02 - 2014-02-09 12:02 - 00263222 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-02-09 06:40 - 2013-08-28 17:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbser.sys
2014-02-09 06:39 - 2013-11-26 17:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2014-02-09 06:39 - 2013-11-26 17:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2014-02-09 06:39 - 2013-11-26 17:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2014-02-09 06:39 - 2013-11-26 17:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2014-02-09 06:39 - 2013-11-26 17:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2014-02-09 06:39 - 2013-11-26 17:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2014-02-09 06:39 - 2013-11-26 17:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2014-02-09 06:38 - 2013-10-05 12:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2014-02-09 06:38 - 2013-10-05 11:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-02-09 06:38 - 2013-07-08 21:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2014-02-09 06:38 - 2013-07-08 21:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2014-02-09 06:38 - 2013-07-08 20:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-02-09 06:38 - 2013-07-08 20:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-02-09 06:22 - 2013-10-03 18:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2014-02-09 06:22 - 2013-10-03 17:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2014-02-09 06:22 - 2013-09-27 17:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2014-02-09 06:22 - 2013-09-24 18:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2014-02-09 06:22 - 2013-09-24 18:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2014-02-09 06:22 - 2013-09-24 18:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2014-02-09 06:22 - 2013-09-24 18:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2014-02-09 06:22 - 2013-09-24 18:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2014-02-09 06:22 - 2013-09-24 18:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2014-02-09 06:22 - 2013-09-24 18:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2014-02-09 06:22 - 2013-09-24 18:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2014-02-09 06:22 - 2013-09-24 17:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-02-09 06:22 - 2013-09-24 17:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-02-09 06:22 - 2013-09-24 17:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-02-09 06:22 - 2013-09-24 17:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-02-09 06:22 - 2013-09-24 17:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2014-02-09 06:22 - 2013-08-01 18:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2014-02-09 06:22 - 2013-08-01 18:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2014-02-09 06:22 - 2013-08-01 18:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-02-09 06:22 - 2013-08-01 18:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2014-02-09 06:22 - 2013-08-01 17:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-02-09 06:22 - 2013-08-01 17:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-02-09 06:22 - 2013-08-01 17:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-02-09 06:22 - 2013-07-04 04:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2014-02-09 06:21 - 2013-08-01 18:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2014-02-09 06:21 - 2013-08-01 18:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2014-02-09 06:21 - 2013-08-01 18:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2014-02-09 06:21 - 2013-08-01 18:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2014-02-09 06:21 - 2013-08-01 18:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-02-09 06:21 - 2013-08-01 17:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-02-09 06:21 - 2013-08-01 17:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 17:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2014-02-09 06:21 - 2013-08-01 16:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2014-02-09 06:21 - 2013-08-01 16:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-02-09 06:21 - 2013-08-01 16:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-02-09 06:21 - 2013-08-01 16:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-02-09 06:21 - 2013-08-01 16:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-02-09 06:21 - 2013-08-01 16:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 16:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 16:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-02-09 06:21 - 2013-08-01 16:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-02-09 06:21 - 2013-07-25 01:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2014-02-09 06:21 - 2013-07-25 00:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-02-09 06:21 - 2013-07-12 02:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2014-02-09 06:21 - 2013-07-12 02:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys
2014-02-09 06:21 - 2013-07-08 21:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2014-02-09 06:21 - 2013-07-08 20:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-02-09 06:21 - 2012-10-31 21:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2014-02-09 06:21 - 2012-10-31 20:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-02-08 23:33 - 2013-06-05 21:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll
2014-02-08 23:33 - 2013-06-05 21:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2014-02-08 23:33 - 2013-06-05 21:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2014-02-08 23:33 - 2013-06-05 21:47 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2014-02-08 23:33 - 2013-06-05 20:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-02-08 23:33 - 2013-06-05 20:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-02-08 23:33 - 2013-06-05 20:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-02-08 23:33 - 2013-06-05 19:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2014-02-08 23:33 - 2013-06-05 19:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-02-08 23:33 - 2013-06-05 19:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-02-08 23:31 - 2013-11-11 18:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2014-02-08 23:31 - 2013-11-11 18:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-02-08 23:31 - 2013-10-18 18:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2014-02-08 23:31 - 2013-10-18 17:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-02-08 23:31 - 2013-06-25 14:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2014-02-08 23:31 - 2013-02-11 20:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023x.sys
2014-02-08 23:31 - 2013-02-11 20:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2014-02-08 23:31 - 2012-11-28 14:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2014-02-08 23:31 - 2012-11-28 14:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2014-02-08 23:31 - 2012-11-28 14:56 - 00000003 _____ () C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-02-08 23:28 - 2013-07-02 20:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbscan.sys
2014-02-08 23:28 - 2013-07-02 20:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2014-02-08 23:28 - 2013-07-02 20:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2014-02-08 23:27 - 2013-06-03 22:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
2014-02-08 23:27 - 2013-06-03 20:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-02-08 23:27 - 2012-11-01 21:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2014-02-08 23:27 - 2012-11-01 21:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-02-08 23:26 - 2013-11-26 02:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-02-08 23:26 - 2013-06-14 20:35 - 01111552 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2014-02-08 23:26 - 2013-06-14 20:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2014-02-08 23:25 - 2013-10-02 18:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-02-08 23:25 - 2013-10-02 18:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-02-08 23:25 - 2013-07-25 18:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2014-02-08 23:25 - 2013-07-25 18:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2014-02-08 23:25 - 2013-07-25 17:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-02-08 23:25 - 2013-07-25 17:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-02-08 23:25 - 2013-07-20 02:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2014-02-08 23:25 - 2013-07-20 02:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-02-08 23:25 - 2013-07-05 22:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2014-02-08 23:25 - 2013-04-25 21:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2014-02-08 23:25 - 2013-04-25 20:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-02-08 23:25 - 2013-01-02 22:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2014-02-08 23:25 - 2012-11-22 19:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2014-02-08 23:25 - 2012-09-25 14:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-02-08 23:25 - 2012-09-25 14:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\System32\synceng.dll
2014-02-08 23:24 - 2013-10-11 18:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\System32\wshom.ocx
2014-02-08 23:24 - 2013-10-11 18:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\System32\scrrun.dll
2014-02-08 23:24 - 2013-10-11 18:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2014-02-08 23:24 - 2013-10-11 18:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2014-02-08 23:24 - 2013-10-11 18:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2014-02-08 23:24 - 2013-10-11 18:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-02-08 23:24 - 2013-10-11 18:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-02-08 23:24 - 2013-10-11 18:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-02-08 23:24 - 2013-10-11 18:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-02-08 23:24 - 2013-10-11 17:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\System32\wscript.exe
2014-02-08 23:24 - 2013-10-11 17:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\System32\cscript.exe
2014-02-08 23:24 - 2013-10-11 17:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-02-08 23:24 - 2013-10-11 17:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-02-08 23:24 - 2013-08-01 04:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2014-02-08 23:24 - 2013-05-12 21:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\certenc.dll
2014-02-08 23:24 - 2013-05-12 19:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\System32\certutil.exe
2014-02-08 23:24 - 2013-05-12 19:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-02-08 23:24 - 2013-05-12 19:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-02-08 23:24 - 2013-04-09 22:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2014-02-08 23:24 - 2011-02-03 03:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\cdd.dll
2014-02-08 02:38 - 2014-02-08 02:38 - 00000000 ____D () C:\Users\DeV\Documents\Razer
2014-02-08 02:38 - 2014-02-08 02:38 - 00000000 ____D () C:\Users\DeV\AppData\Local\Razer_Inc
2014-02-08 02:27 - 2014-02-08 02:27 - 00002125 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk
2014-02-08 02:27 - 2014-02-08 02:27 - 00002125 _____ () C:\ProgramData\Desktop\Razer Game Booster.lnk
2014-02-08 02:27 - 2014-02-08 02:27 - 00000000 ____D () C:\Users\DeV\AppData\Local\Razer
2014-02-08 02:27 - 2014-02-08 02:27 - 00000000 ____D () C:\ProgramData\Razer
2014-02-08 02:27 - 2014-02-08 02:27 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-02-08 02:18 - 2014-02-08 02:18 - 00000000 ____D () C:\Users\DeV\AppData\Roaming\rmi
2014-02-06 17:20 - 2014-02-06 17:20 - 07618083 _____ () C:\Users\DeV\Downloads\fwdsptppndes2013ksomitra (2).zip
2014-02-06 17:15 - 2014-02-06 17:15 - 07618083 _____ () C:\Users\DeV\Downloads\fwdsptppndes2013ksomitra (1).zip
2014-02-06 17:14 - 2014-02-06 17:14 - 07618083 _____ () C:\Users\DeV\Downloads\fwdsptppndes2013ksomitra.zip
2014-02-06 16:59 - 2014-02-06 16:59 - 08798168 _____ () C:\Users\DeV\Downloads\permintaannoseriptsamataindahlestari.zip
2014-02-06 16:59 - 2014-02-06 16:59 - 00002193 _____ () C:\Users\DeV\Downloads\csvptsamataoktsddes2013.zip
 
==================== One Month Modified Files and Folders =======
 
2014-03-04 07:01 - 2014-03-03 18:44 - 00000000 ____D () C:\FRST
2014-03-03 15:54 - 2014-03-02 13:45 - 626962409 _____ () C:\Windows\MEMORY.DMP
2014-03-02 13:20 - 2014-03-02 13:20 - 00003352 ____N () C:\bootsqm.dat
2014-03-02 07:35 - 2014-03-02 07:35 - 00000000 __SHD () C:\found.001
2014-03-02 06:42 - 2012-12-12 23:47 - 00665994 _____ () C:\Windows\PFRO.log
2014-03-02 05:29 - 2012-02-08 08:25 - 00000000 ____D () C:\Users\DeV\AppData\Roaming\uTorrent
2014-03-02 05:13 - 2012-06-23 02:51 - 00001014 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1041353636-540036412-1479743784-1000UA.job
2014-03-02 04:54 - 2014-03-01 08:25 - 00000336 _____ () C:\Windows\setupact.log
2014-03-02 04:54 - 2012-03-07 02:06 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-02 04:39 - 2012-02-08 19:30 - 01064976 _____ () C:\Windows\WindowsUpdate.log
2014-03-02 04:32 - 2013-11-25 03:14 - 00000000 ____D () C:\Users\DeV\.VirtualBox
2014-03-01 20:16 - 2012-02-08 06:23 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E24818CA-3DC3-4580-B32C-F801CE3FA4B0}
2014-03-01 20:10 - 2014-01-08 02:26 - 00000000 ____D () C:\Users\DeV\AppData\Roaming\newnext.me
2014-03-01 20:05 - 2012-10-11 13:20 - 00501542 _____ () C:\Windows\System32\perfh006.dat
2014-03-01 20:05 - 2012-10-11 13:20 - 00098850 _____ () C:\Windows\System32\perfc006.dat
2014-03-01 20:05 - 2012-10-11 12:45 - 00706008 _____ () C:\Windows\System32\prfh0416.dat
2014-03-01 20:05 - 2012-10-11 12:45 - 00147848 _____ () C:\Windows\System32\prfc0416.dat
2014-03-01 20:05 - 2012-10-11 12:30 - 00721146 _____ () C:\Windows\System32\prfh0816.dat
2014-03-01 20:05 - 2012-10-11 12:30 - 00153098 _____ () C:\Windows\System32\prfc0816.dat
2014-03-01 20:05 - 2012-10-11 12:18 - 00732486 _____ () C:\Windows\System32\perfh015.dat
2014-03-01 20:05 - 2012-10-11 12:18 - 00156064 _____ () C:\Windows\System32\perfc015.dat
2014-03-01 20:05 - 2012-10-11 11:19 - 00486642 _____ () C:\Windows\System32\perfh014.dat
2014-03-01 20:05 - 2012-10-11 11:19 - 00095596 _____ () C:\Windows\System32\perfc014.dat
2014-03-01 20:05 - 2012-10-10 16:46 - 00408906 _____ () C:\Windows\System32\perfh011.dat
2014-03-01 20:05 - 2012-10-10 16:46 - 00122292 _____ () C:\Windows\System32\perfc011.dat
2014-03-01 20:05 - 2012-10-10 16:30 - 00648810 _____ () C:\Windows\System32\perfh01F.dat
2014-03-01 20:05 - 2012-10-10 16:30 - 00140192 _____ () C:\Windows\System32\perfc01F.dat
2014-03-01 20:05 - 2012-10-10 16:19 - 00716728 _____ () C:\Windows\System32\perfh019.dat
2014-03-01 20:05 - 2012-10-10 16:19 - 00151034 _____ () C:\Windows\System32\perfc019.dat
2014-03-01 20:05 - 2012-10-10 16:09 - 00599116 _____ () C:\Windows\System32\perfh008.dat
2014-03-01 20:05 - 2012-10-10 16:09 - 00111320 _____ () C:\Windows\System32\perfc008.dat
2014-03-01 20:05 - 2012-10-04 17:28 - 00737584 _____ () C:\Windows\System32\perfh00A.dat
2014-03-01 20:05 - 2012-10-04 17:28 - 00675882 _____ () C:\Windows\System32\perfh00E.dat
2014-03-01 20:05 - 2012-10-04 17:28 - 00420552 _____ () C:\Windows\System32\perfh012.dat
2014-03-01 20:05 - 2012-10-04 17:28 - 00171466 _____ () C:\Windows\System32\perfc00E.dat
2014-03-01 20:05 - 2012-10-04 17:28 - 00158666 _____ () C:\Windows\System32\perfc00A.dat
2014-03-01 20:05 - 2012-10-04 17:28 - 00120576 _____ () C:\Windows\System32\perfc012.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00735626 _____ () C:\Windows\System32\perfh013.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00660968 _____ () C:\Windows\System32\perfh005.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00655848 _____ () C:\Windows\System32\perfh01D.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00473622 _____ () C:\Windows\System32\perfh00B.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00384472 _____ () C:\Windows\System32\perfh00D.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00153294 _____ () C:\Windows\System32\perfc013.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00142666 _____ () C:\Windows\System32\perfc01D.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00141618 _____ () C:\Windows\System32\perfc005.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00101712 _____ () C:\Windows\System32\perfc00B.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00084950 _____ () C:\Windows\System32\perfc00D.dat
2014-03-01 20:05 - 2012-10-04 01:38 - 00732174 _____ () C:\Windows\System32\perfh010.dat
2014-03-01 20:05 - 2012-10-04 01:38 - 00147038 _____ () C:\Windows\System32\perfc010.dat
2014-03-01 20:05 - 2012-10-04 01:24 - 00689336 _____ () C:\Windows\System32\perfh007.dat
2014-03-01 20:05 - 2012-10-04 01:24 - 00149308 _____ () C:\Windows\System32\perfc007.dat
2014-03-01 20:05 - 2012-02-08 19:31 - 00393150 _____ () C:\Windows\System32\prfh0404.dat
2014-03-01 20:05 - 2012-02-08 19:31 - 00115282 _____ () C:\Windows\System32\prfc0404.dat
2014-03-01 20:05 - 2010-09-06 11:12 - 00376078 _____ () C:\Windows\System32\prfh0804.dat
2014-03-01 20:05 - 2010-09-06 11:12 - 00119784 _____ () C:\Windows\System32\prfc0804.dat
2014-03-01 20:05 - 2010-09-06 11:07 - 00737844 _____ () C:\Windows\System32\perfh00C.dat
2014-03-01 20:05 - 2010-09-06 11:07 - 00471142 _____ () C:\Windows\System32\perfh001.dat
2014-03-01 20:05 - 2010-09-06 11:07 - 00149772 _____ () C:\Windows\System32\perfc00C.dat
2014-03-01 20:05 - 2010-09-06 11:07 - 00094964 _____ () C:\Windows\System32\perfc001.dat
2014-03-01 20:05 - 2009-07-13 21:13 - 17450240 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-03-01 20:04 - 2009-07-13 20:45 - 00029488 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-01 20:04 - 2009-07-13 20:45 - 00029488 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-01 19:59 - 2013-04-05 06:02 - 00002982 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-03-01 19:59 - 2013-04-05 06:02 - 00000292 _____ () C:\Windows\Tasks\AutoKMS.job
2014-03-01 19:58 - 2013-06-02 04:41 - 00151552 _____ () C:\Windows\KMSEmulator.exe
2014-03-01 19:58 - 2010-09-06 11:32 - 00000000 ____D () C:\Windows\Panther
2014-03-01 19:57 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-01 19:54 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-03-01 19:54 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\bg-BG
2014-03-01 19:53 - 2012-02-08 08:13 - 00000000 ____D () C:\Users\DeV\AppData\Roaming\DMCache
2014-03-01 19:53 - 2010-09-06 11:16 - 00000000 ____D () C:\Windows\SysWOW64\vi-VN
2014-03-01 19:53 - 2010-09-06 11:16 - 00000000 ____D () C:\Windows\System32\vi-VN
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\zh-HK
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\uk-UA
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\tr-TR
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\th-TH
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\sl-SI
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\sk-SK
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\lv-LV
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\he-IL
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\ar-SA
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-01 19:40 - 2012-02-08 08:13 - 00000000 ____D () C:\Users\DeV\Downloads\Video
2014-03-01 19:39 - 2012-02-08 08:13 - 00000000 ____D () C:\Users\DeV\Downloads\Compressed
2014-03-01 12:04 - 2014-02-25 12:06 - 00032394 _____ () C:\Windows\IE11_main.log
2014-03-01 08:25 - 2014-03-01 08:25 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-01 07:32 - 2012-03-09 03:10 - 00000000 ____D () C:\Windows\Minidump
2014-03-01 07:13 - 2012-06-23 02:51 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1041353636-540036412-1479743784-1000Core.job
2014-03-01 07:01 - 2014-01-15 18:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-28 12:46 - 2014-02-11 12:07 - 00108961 _____ () C:\Windows\IE10_main.log
2014-02-28 12:08 - 2014-02-28 12:08 - 01509376 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-02-28 12:08 - 2014-02-28 12:08 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 12:08 - 2014-02-28 12:08 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-02-28 12:08 - 2014-02-28 12:08 - 01400416 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2014-02-28 12:08 - 2014-02-28 12:08 - 01054720 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00905728 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00762368 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00599552 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00441856 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2014-02-28 12:08 - 2014-02-28 12:08 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-02-28 12:08 - 2014-02-28 12:08 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00281600 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00270848 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00247296 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00226304 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00216064 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00173568 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00149504 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00144896 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00102912 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00097280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2014-02-28 12:08 - 2014-02-28 12:08 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00062976 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-02-28 12:08 - 2014-02-28 12:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00027648 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-02-28 12:06 - 2014-02-28 12:06 - 03928064 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 02776576 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01887232 _____ (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01682432 _____ (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01643520 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01504768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01424384 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01238528 _____ (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01175552 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00648192 _____ (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00522752 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00465920 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00363008 _____ (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00333312 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00245248 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00194560 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00010752 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00009728 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00002560 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-26 18:46 - 2014-02-26 18:46 - 00008581 _____ () C:\Users\DeV\Downloads\Absen Muh. Hasim.xlsx
2014-02-26 17:09 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\NDF
2014-02-25 18:34 - 2013-09-04 06:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-25 12:02 - 2012-02-08 06:42 - 17061148 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-24 23:47 - 2012-02-10 09:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-02-24 23:47 - 2012-02-09 08:33 - 00000000 ____D () C:\Users\DeV\AppData\Local\Mozilla
2014-02-23 11:19 - 2014-02-23 11:17 - 18493945 _____ () C:\Users\DeV\Downloads\gapps.mpi.v23.apk
2014-02-23 11:02 - 2014-02-23 11:02 - 00001818 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-02-23 11:02 - 2014-02-23 11:02 - 00001818 _____ () C:\ProgramData\Desktop\Apps.lnk
2014-02-23 11:02 - 2014-02-23 11:02 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-02-23 11:02 - 2014-02-23 11:02 - 00001807 _____ () C:\ProgramData\Desktop\Start BlueStacks.lnk
2014-02-23 11:02 - 2014-02-23 11:02 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-02-23 11:02 - 2014-02-23 11:02 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-02-23 11:02 - 2009-07-13 19:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-21 20:38 - 2012-03-16 19:57 - 00000023 _____ () C:\test.xml
2014-02-21 19:47 - 2012-03-28 20:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 19:47 - 2012-02-08 06:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 16:56 - 2012-02-08 07:19 - 00002354 _____ () C:\Users\DeV\Desktop\Google Chrome.lnk
2014-02-12 12:06 - 2012-02-08 07:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-12 12:01 - 2014-02-12 12:01 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2008
2014-02-12 12:01 - 2014-02-12 12:01 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2008
2014-02-12 08:26 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2014-02-12 08:26 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-02-12 08:26 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2014-02-12 08:26 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2014-02-12 08:26 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2014-02-12 08:26 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\sr-Latn-CS
2014-02-12 08:26 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\ro-RO
2014-02-12 08:26 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\lt-LT
2014-02-12 08:26 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\hr-HR
2014-02-12 08:26 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\et-EE
2014-02-12 08:12 - 2009-07-13 18:34 - 00000510 _____ () C:\Windows\win.ini
2014-02-11 15:57 - 2012-09-23 23:17 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-02-11 15:57 - 2012-02-08 19:42 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-02-11 15:57 - 2012-02-08 19:33 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-11 15:57 - 2012-02-08 19:22 - 00000000 ____D () C:\Program Files\Sony
2014-02-11 15:54 - 2012-09-23 23:16 - 00000000 ____D () C:\Update
2014-02-11 12:01 - 2012-05-21 12:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-02-11 12:01 - 2012-05-21 12:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-02-11 07:08 - 2012-06-23 02:51 - 00003980 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1041353636-540036412-1479743784-1000UA
2014-02-11 07:08 - 2012-06-23 02:51 - 00003584 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1041353636-540036412-1479743784-1000Core
2014-02-10 19:36 - 2014-02-10 19:36 - 00663417 _____ () C:\Users\DeV\Downloads\scannpwpdanlhkpn.zip
2014-02-09 12:56 - 2009-07-13 20:45 - 05013408 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-02-09 12:50 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-02-09 12:50 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-02-09 12:48 - 2011-01-12 17:27 - 00000000 ____D () C:\Program Files\Windows Journal
2014-02-09 12:02 - 2014-02-09 12:02 - 00263222 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-02-08 02:38 - 2014-02-08 02:38 - 00000000 ____D () C:\Users\DeV\Documents\Razer
2014-02-08 02:38 - 2014-02-08 02:38 - 00000000 ____D () C:\Users\DeV\AppData\Local\Razer_Inc
2014-02-08 02:27 - 2014-02-08 02:27 - 00002125 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk
2014-02-08 02:27 - 2014-02-08 02:27 - 00002125 _____ () C:\ProgramData\Desktop\Razer Game Booster.lnk
2014-02-08 02:27 - 2014-02-08 02:27 - 00000000 ____D () C:\Users\DeV\AppData\Local\Razer
2014-02-08 02:27 - 2014-02-08 02:27 - 00000000 ____D () C:\ProgramData\Razer
2014-02-08 02:27 - 2014-02-08 02:27 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-02-08 02:18 - 2014-02-08 02:18 - 00000000 ____D () C:\Users\DeV\AppData\Roaming\rmi
2014-02-06 17:20 - 2014-02-06 17:20 - 07618083 _____ () C:\Users\DeV\Downloads\fwdsptppndes2013ksomitra (2).zip
2014-02-06 17:15 - 2014-02-06 17:15 - 07618083 _____ () C:\Users\DeV\Downloads\fwdsptppndes2013ksomitra (1).zip
2014-02-06 17:14 - 2014-02-06 17:14 - 07618083 _____ () C:\Users\DeV\Downloads\fwdsptppndes2013ksomitra.zip
2014-02-06 16:59 - 2014-02-06 16:59 - 08798168 _____ () C:\Users\DeV\Downloads\permintaannoseriptsamataindahlestari.zip
2014-02-06 16:59 - 2014-02-06 16:59 - 00002193 _____ () C:\Users\DeV\Downloads\csvptsamataoktsddes2013.zip
 
==================== Known DLLs (Whitelisted) ================
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points  =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 12%
Total physical RAM: 8103.2 MB
Available physical RAM: 7104.87 MB
Total Pagefile: 8101.35 MB
Available Pagefile: 7095.1 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:117.2 GB) (Free:1 GB) NTFS
Drive d: (Data) (Fixed) (Total:336.96 GB) (Free:5.08 GB) NTFS
Drive f: (Recovery) (Fixed) (Total:11.5 GB) (Free:1.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (TOSHIBA) (Removable) (Total:7.21 GB) (Free:7.2 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F8EBB9DA)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 63985825)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)
 
 
LastRegBack: 2014-02-18 00:25
 
==================== End Of Log ============================


#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 PM

Posted 04 March 2014 - 04:06 AM

Hi,
 
there is a malware entry in your log. Not sure if it is related to your bsod but let's try to fix it and see if anything changes:


Please download this attached Attached File  fixlist.txt   131bytes   1 downloads and save it on the same flash drive as FRST.
  • Plug in the flash drive to the infected computer, enter the System Recovery Options and open FRST.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) is saved on the flash drive.
    Please copy and paste its contents in your next reply.


#5 heroanddeviant

heroanddeviant
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 04 March 2014 - 04:36 AM

Hi...

I tried your suggestion, BSOD still happens :(

oh yeah, here's the fixlog

 

thank u

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-03-2014
Ran by SYSTEM at 2014-03-04 16:30:35 Run:2
Running from H:\
Boot Mode: Recovery
==============================================
 
Content of fixlist:
*****************
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Windows\system32\svchost\svchost.exe
C:\Windows\system32\svchost
*****************
 
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => Value was restored successfully.
"C:\Windows\system32\svchost" => File/Directory not found.
 
==== End of Fixlog ====


#6 heroanddeviant

heroanddeviant
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 08 March 2014 - 09:43 PM

Hi aharonov
It's been five days since your last reply...
I hope you still guide me to find the solution to fix my notebook
thank you in advance



#7 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 PM

Posted 09 March 2014 - 05:23 AM

I'm sorry I missed your answer.
Please try the following. Is there still the BSOD when you try to boot afterwards?


Please download this attached Attached File  fixlist.txt   29bytes   2 downloads and save it on the same flash drive as FRST.
  • Plug in the flash drive to the infected computer, enter the System Recovery Options and open FRST.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) is saved on the flash drive.
    Please copy and paste its contents in your next reply.


#8 heroanddeviant

heroanddeviant
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 09 March 2014 - 08:53 AM

Hi When I try that, there's no BSOD at first. But at the same spot when BSOD always happen (right before entering logon screen) it keeps restarting (no BSOD everytime it restart). After several restart, I try with a safe mode and then BSOD shows up again. Here's the fixlog btw... ------------------------------------------------------------------------------------------------------------------------- Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-03-2014 Ran by SYSTEM at 2014-03-09 20:27:57 Run:3 Running from H:\ Boot Mode: Recovery ============================================== Content of fixlist: ***************** LastRegBack: 2014-02-18 00:25 ***************** DEFAULT hive was successfully copied to System32\config\HiveBackup DEFAULT hive was successfully restored from registry back up. SAM hive was successfully copied to System32\config\HiveBackup SAM hive was successfully restored from registry back up. SECURITY hive was successfully copied to System32\config\HiveBackup SECURITY hive was successfully restored from registry back up. SOFTWARE hive was successfully copied to System32\config\HiveBackup SOFTWARE hive was successfully restored from registry back up. SYSTEM hive was successfully copied to System32\config\HiveBackup SYSTEM hive was successfully restored from registry back up. ==== End of Fixlog ====

#9 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 PM

Posted 11 March 2014 - 07:02 AM

Have you updated any drivers or installed anything new just before the problems started?



#10 heroanddeviant

heroanddeviant
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 11 March 2014 - 02:35 PM

The change that I made recently before the problem that I remember:

- some windows update. If i'm not mistaken, there's pending windows update that will be installed on next startup (that's the last time my notebook still normal)

- Upgrading an app called Bluestacks (some android emulator) to newest version

- Updating flash player to newest version

- the last app I install is "Razer Game Booster"

- downloading some files on email (I think it's safe because I only download from person I know and work related)

 

Oh yeah maybe just more info. Before it keep showing bluescreen, My logon screen usually takes longer to appear than normal notebook. About 30 seconds after bootscreen (it should be faster than that right...?)



#11 heroanddeviant

heroanddeviant
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 13 March 2014 - 04:26 AM

Hi aharonov, it's been awhile since your last reply

I've been searching about my problem on google and asking my friend and still can't figure out what's wrong and how to fix it.

Based on your experience, what happened to my notebook..?

I hope I don't have to reinstall it....



#12 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 PM

Posted 14 March 2014 - 05:14 PM

Hi,

sorry for the delay.
Please run a FRST scan again, but this time check all available checkboxes.

#13 heroanddeviant

heroanddeviant
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 15 March 2014 - 08:20 AM


Hello...

here's the scan result.

------------------------------------------------------------------------------------------------------------------------

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by SYSTEM on MININT-S5K2IHK on 15-03-2014 20:02:21
Running from H:\
Windows 7 Ultimate (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
 
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-03-21] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2283816 2010-11-18] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-11-02] (Intel® Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-05] (Adobe Systems Incorporated)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [USB Security] - C:\Program Files (x86)\USB Disk Security\USBGuard.exe [658632 2013-01-02] (Zbshareware Lab)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2013-11-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [811792 2014-01-20] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [RazerGameBooster] - C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe [61152 2013-11-21] (Razer Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Windows\system32\svchost\svchost.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\DeV\...\Run: [IDMan] - C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3462552 2012-02-08] (Tonec Inc.)
HKU\DeV\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [842048 2011-03-17] (DT Soft Ltd)
HKU\DeV\...\Run: [WebcamMaxAutoRun] - C:\Program Files (x86)\WebcamMax\wcmmon.exe [1038848 2011-07-16] ()
HKU\DeV\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2012-07-18] (BitTorrent, Inc.)
HKU\DeV\...\Run: [] - [X]
HKU\DeV\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1088424 2012-10-12] (Nokia)
HKU\DeV\...\Run: [Akamai NetSession Interface] - C:\Users\DeV\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-04] (Akamai Technologies, Inc.)
HKU\DeV\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\DeV\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
Startup: C:\Users\DeV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
 
==================== Services (Whitelisted) =================
 
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1432080 2013-10-22] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-19] (AVG Technologies CZ, s.r.o.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-01-20] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-01-20] (BlueStack Systems, Inc.)
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-13] (Sony Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-02] ()
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-13] ()
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2012-03-30] ()
S2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-21] (Razer Inc.)
S2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [257936 2010-08-12] (Sony Corporation)
S2 Smartfren Connex EC306-2 UI. RunOuc; C:\Program Files (x86)\Smartfren Connex EC306-2 UI\UpdateDog\ouc.exe [246112 2012-02-08] ()
S3 SonicStage Back-End Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-04] (Sony Corporation)
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-13] (Sony Corporation)
S3 SSScsiSV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-04] (Sony Corporation)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-18] (TuneUp Software)
S2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [864000 2010-09-27] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-07-31] (Sony Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [50296 2012-09-03] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-24] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-19] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-19] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-19] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-06-30] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-22] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-20] (AVG Technologies CZ, s.r.o.)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [115472 2014-01-20] (BlueStack Systems)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [272448 2012-02-11] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2010-07-14] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2010-07-14] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2010-07-14] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2010-07-14] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S2 risdsnpe; C:\Windows\System32\DRIVERS\risdsnxc64.sys [98816 2010-12-26] (REDC)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-18] (TuneUp Software)
S3 UsbModemDriver; C:\Windows\System32\DRIVERS\USB_MODEM_T.sys [28160 2011-04-07] ()
S3 USB_BusEnum_T; C:\Windows\System32\DRIVERS\USB_BusEnum_T.sys [44544 2009-11-04] ()
S3 USB_ETS_T; C:\Windows\System32\DRIVERS\USB_ETS_T.sys [21760 2008-05-30] (Via Telecom, Inc.)
S3 USB_WinMux_T; C:\Windows\System32\DRIVERS\USB_WinMux_T.sys [37376 2009-10-26] ()
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2011-06-22] (Windows ® Win 7 DDK provider)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-10-31] (OpenLibSys.org)
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\PCFApiUtil64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
========================== Drivers MD5 =======================
 
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys D39BB7315C0F5FDF8258BDBFC4268AF0
C:\Windows\System32\DRIVERS\atikmpag.sys 4AEDBEDB288E6A32FD48F2768D59826D
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys C130BC4A51B1382B2BE8E44579EC4C0A
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\system32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avgfwd6a.sys 3D1FFAA3358CA0D8A298DEA8BECFC468
C:\Windows\System32\DRIVERS\avgidsdrivera.sys 92B7689FBC131E143421A19C18320E34
C:\Windows\System32\DRIVERS\avgidsha.sys C8D9EEACF266512C1FA52E2ECF5AD944
C:\Windows\System32\DRIVERS\avgldx64.sys FACD18A89FDEBC35C85CAF762B294BE2
C:\Windows\System32\DRIVERS\avgloga.sys 29FCDEAC6086FB7E55344B51E35D99CE
C:\Windows\System32\DRIVERS\avgmfx64.sys 85053293DCDE19829E8691A9E9E8A6FF
C:\Windows\System32\DRIVERS\avgrkx64.sys E191E443B0F7B05E784279A1C29B9D2A
C:\Windows\System32\DRIVERS\avgtdia.sys 69BD90E337625F96C718CACE7A9C9E29
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys CA89DF45447E77419DD26E40E8F6185C
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\System32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\drivers\btwampfl.sys 7A2CE8C1BF4DAA1F2766E21E9CA11078
C:\Windows\System32\drivers\btwaudio.sys A75BF6802A967F5AACECC3C67FEBDF55
C:\Windows\System32\drivers\btwavdt.sys D895DC213EDBDA5FCC53AAD1F1E0E63B
C:\Windows\System32\DRIVERS\btwl2cap.sys 07096D2BC22CCB6CEA5A532DF0BE8A75
C:\Windows\System32\DRIVERS\btwrchid.sys 6D7AA2BDE0135599C5F230D69DB3B420
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 0B3F6C8F93C5C25977EA5A8B2E656357
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 1CECD1252261153C7873B5D9EB259D65
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\System32\DRIVERS\e1y60x64.sys 50AD8FC1DC800FF36087994C8F7FDFF2
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\epmntdrv.sys 9EAFB3B3B60B8AD958985152A9309ACA
C:\Windows\SysWOW64\epmntdrv.sys 539CA34FBC74EC366A0D751028C32A08
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\system32\EuGdiDrv.sys FB949ED2C93C878A189039F3D7730942
C:\Windows\SysWOW64\EuGdiDrv.sys 1F2F4AB15CE03ECC257FEB2F6DC5A013
C:\Windows\System32\DRIVERS\ewusbwwan.sys 334C907536E815E56CD13108A6D5FB9D
C:\Windows\System32\DRIVERS\ew_hwusbdev.sys 86F7951BBCEE4A86E79A97306BD14318
C:\Windows\System32\DRIVERS\ew_usbenumfilter.sys 55E0EDA185869F7EA67EA97FD0655B39
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ew_jubusenum.sys 1642C62F1FD5E1FF44608283994A7BB8
C:\Windows\System32\DRIVERS\ewusbmdm.sys 4B80AF36EE9F31361C1DCB2EE563719A
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys 26CF4275034214ECEDD8EC17B0A18A99
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\idmwfp.sys C3FAB09DEF3FC44E4C20078A1E7C0808
C:\Windows\System32\DRIVERS\igdkmd64.sys 0AC9E321D604BE48A0D72B69BA484BDC
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 88798B4381FD58FAE2DA07880C177C5C
C:\Windows\System32\DRIVERS\IntcDAud.sys FC727061C0F47C8059E88E05D5C8E381
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\igdpmd64.sys 0AC9E321D604BE48A0D72B69BA484BDC
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C62x64.sys 173666119D217E3739205C169E2BF0E5
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netw5v64.sys 64428DFDAF6E88366CB51F45A79C5F69
C:\Windows\System32\DRIVERS\NETwNs64.sys 9EC1EDEBBA8CF6A30899EE38AB1352CC
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\drivers\ccdcmbx64.sys 4903177FC90E77ABEB19021451E9475E
C:\Windows\System32\drivers\ccdcmbox64.sys E6844A4C97E5409BBE24BB4ED000320D
C:\Windows\System32\drivers\nmwcdnsucx64.sys F59F8CF59F7905622686637177E2A828
C:\Windows\System32\drivers\nmwcdnsux64.sys A0E7F80157AF77B1CEAA8ADD3A3E7D85
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nusb3hub.sys 01266516E6E88D183A2B58722EEB4443
C:\Windows\System32\DRIVERS\nusb3xhc.sys 5EC04F55CC5F165F21752712437DF638
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\DRIVERS\pccsmcfdx64.sys 3FDE033DFB0D07F8B7D5C9A3044AA121
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\Drivers\PxHlpa64.sys 5D6C8E778F0218FCD2CCA0EFBC9766CA
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rimssne64.sys FF71ECB1B121C6273EC4C45EDDBC4FE4
C:\Windows\System32\Drivers\RimUsb_AMD64.sys 7B04C9843921AB1F695FB395422C5360
C:\Windows\System32\DRIVERS\risdsnxc64.sys E33075C22C14C57095F037253F936BB8
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\drivers\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SFEP.sys 286D3889E6AB5589646FF8A63CB928AE
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\VSTAZL6.SYS 0C4540311E11664B245A263E1154CEF8
C:\Windows\System32\DRIVERS\VSTDPV6.SYS 02071D207A9858FBE3A48CBFD59C4A04
C:\Windows\System32\DRIVERS\VSTCNXT6.SYS 18E40C245DBFAF36FD0134A7EF2DF396
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssudmdm.sys EA8F41484CCC5BA6A1455C2AD3D1BE3C
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 420BFFA74350020E0AD6F22E73CB63B6
C:\Windows\System32\DRIVERS\taphss.sys F33FDC72298DF4BF9813A55D21F4EB31
C:\Windows\System32\drivers\tcpip.sys DB74544B75566C974815E79A62433F29
C:\Windows\System32\DRIVERS\tcpip.sys DB74544B75566C974815E79A62433F29
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\tpm.sys DBCC20C02E8A3E43B03C304A4E40A84F
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys 7BC3381C0713F613B31ACDE38B71CB53
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys 907F50B8695DAA65A9445D27AD306E65
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\System32\DRIVERS\USB_MODEM_T.sys F0B7639E9B40BBC1F9C783006C39B5E0
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\system32\drivers\usbser.sys B57B4F0BEC4270A281B9F8537EB2FA04
C:\Windows\System32\DRIVERS\usbser_lowerfltjx64.sys 3F7498527B48657091C355F683BEB0DD
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\DRIVERS\USB_BusEnum_T.sys 712569CAF1099404F04DB2F73E03C5F8
C:\Windows\System32\DRIVERS\USB_ETS_T.sys D81A7A4875CB431815C7E04046201208
C:\Windows\system32\drivers\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29
C:\Windows\System32\DRIVERS\USB_WinMux_T.sys 5438E4DA624A8C4728D51CA095F48804
C:\Windows\System32\DRIVERS\VBoxDrv.sys AD6D273E646B94BB6668C8CB439CFBD3
C:\Windows\System32\DRIVERS\VBoxNetAdp.sys B0A8C5BC95689A130F9E05492341833D
C:\Windows\System32\DRIVERS\VBoxNetFlt.sys 2966838EDAFBEB2819D127BF7D23F27B
C:\Windows\System32\DRIVERS\VBoxUSBMon.sys E5C140160617B2B0545B4051AA9507FF
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wcmvcam64.sys 3A2D452C40162823B79867040B46D4A8
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wdcsam64.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys 0C0195C48B6B8582FA6F6373032118DA
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\drivers\WmBEnum.sys 680A7846370000D20D7E74917D5B7936
C:\Windows\System32\drivers\WmFilter.sys 14C35BA8189C6F65D839163AA285E954
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\System32\drivers\WmVirHid.sys 8488DD91A3EE54A8E29F02AD7BB8201E
C:\Windows\System32\drivers\WmXlCore.sys 14802B3A30AA849C97CB968CCC813BF3
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\xusb21.sys 38F55D07B1D3391065C40EC065F984E2
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-15 16:24 - 2014-03-15 16:24 - 00000462 _____ () C:\Recovery (F) - Shortcut.lnk
2014-03-09 20:27 - 2014-03-13 06:55 - 00000000 ____D () C:\Windows\System32\config\HiveBackup
2014-03-03 18:44 - 2014-03-15 20:02 - 00000000 ____D () C:\FRST
2014-03-02 13:45 - 2014-03-15 02:07 - 629854185 _____ () C:\Windows\MEMORY.DMP
2014-03-02 13:20 - 2014-03-02 13:20 - 00003352 ____N () C:\bootsqm.dat
2014-03-02 07:35 - 2014-03-02 07:35 - 00000000 __SHD () C:\found.001
2014-03-01 12:00 - 2014-02-01 01:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-03-01 12:00 - 2014-02-01 01:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-03-01 12:00 - 2014-02-01 01:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 19274240 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 15403520 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 03960320 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-03-01 12:00 - 2014-02-01 01:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-03-01 12:00 - 2014-01-31 23:58 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 12:00 - 2014-01-31 23:58 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 12:00 - 2014-01-31 23:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 12:00 - 2014-01-31 23:40 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-03-01 12:00 - 2014-01-31 23:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 12:00 - 2014-01-31 22:45 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2014-03-01 12:00 - 2014-01-31 22:38 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-01 08:25 - 2014-03-02 04:54 - 00000336 _____ () C:\Windows\setupact.log
2014-03-01 08:25 - 2014-03-01 08:25 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-28 12:08 - 2014-02-28 12:08 - 01509376 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-02-28 12:08 - 2014-02-28 12:08 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 12:08 - 2014-02-28 12:08 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-02-28 12:08 - 2014-02-28 12:08 - 01400416 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2014-02-28 12:08 - 2014-02-28 12:08 - 01054720 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00905728 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00762368 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00599552 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00441856 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2014-02-28 12:08 - 2014-02-28 12:08 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-02-28 12:08 - 2014-02-28 12:08 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00281600 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00270848 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00247296 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00226304 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00216064 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00173568 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00149504 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00144896 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00102912 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00097280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2014-02-28 12:08 - 2014-02-28 12:08 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00062976 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-02-28 12:08 - 2014-02-28 12:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00027648 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-02-28 12:06 - 2014-02-28 12:06 - 03928064 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 02776576 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01887232 _____ (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01682432 _____ (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01643520 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01504768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01424384 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01238528 _____ (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01175552 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00648192 _____ (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00522752 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00465920 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00363008 _____ (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00333312 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00245248 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00194560 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00010752 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00009728 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00002560 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-25 12:06 - 2014-03-01 12:04 - 00032394 _____ () C:\Windows\IE11_main.log
2014-02-23 11:02 - 2014-02-23 11:02 - 00001818 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-02-23 11:02 - 2014-02-23 11:02 - 00001818 _____ () C:\ProgramData\Desktop\Apps.lnk
2014-02-23 11:02 - 2014-02-23 11:02 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-02-23 11:02 - 2014-02-23 11:02 - 00001807 _____ () C:\ProgramData\Desktop\Start BlueStacks.lnk
2014-02-23 11:02 - 2014-02-23 11:02 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-02-23 11:02 - 2014-02-23 11:02 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
 
==================== One Month Modified Files and Folders =======
 
2014-03-15 20:02 - 2014-03-03 18:44 - 00000000 ____D () C:\FRST
2014-03-15 16:24 - 2014-03-15 16:24 - 00000462 _____ () C:\Recovery (F) - Shortcut.lnk
2014-03-15 02:07 - 2014-03-02 13:45 - 629854185 _____ () C:\Windows\MEMORY.DMP
2014-03-14 10:33 - 2014-02-08 02:27 - 00002081 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk
2014-03-14 10:33 - 2014-02-08 02:27 - 00002081 _____ () C:\ProgramData\Desktop\Razer Game Booster.lnk
2014-03-14 10:33 - 2012-10-19 03:54 - 00002139 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2014-03-14 10:33 - 2012-10-19 03:54 - 00002139 _____ () C:\ProgramData\Desktop\TuneUp Utilities 2013.lnk
2014-03-13 06:55 - 2014-03-09 20:27 - 00000000 ____D () C:\Windows\System32\config\HiveBackup
2014-03-02 13:20 - 2014-03-02 13:20 - 00003352 ____N () C:\bootsqm.dat
2014-03-02 07:35 - 2014-03-02 07:35 - 00000000 __SHD () C:\found.001
2014-03-02 06:42 - 2012-12-12 23:47 - 00665994 _____ () C:\Windows\PFRO.log
2014-03-02 05:29 - 2012-02-08 08:25 - 00000000 ____D () C:\Users\DeV\AppData\Roaming\uTorrent
2014-03-02 05:13 - 2012-06-23 02:51 - 00001014 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1041353636-540036412-1479743784-1000UA.job
2014-03-02 04:54 - 2014-03-01 08:25 - 00000336 _____ () C:\Windows\setupact.log
2014-03-02 04:54 - 2012-03-07 02:06 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-02 04:39 - 2012-02-08 19:30 - 01064976 _____ () C:\Windows\WindowsUpdate.log
2014-03-02 04:32 - 2013-11-25 03:14 - 00000000 ____D () C:\Users\DeV\.VirtualBox
2014-03-01 20:16 - 2012-02-08 06:23 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E24818CA-3DC3-4580-B32C-F801CE3FA4B0}
2014-03-01 20:10 - 2014-01-08 02:26 - 00000000 ____D () C:\Users\DeV\AppData\Roaming\newnext.me
2014-03-01 20:05 - 2012-10-11 13:20 - 00501542 _____ () C:\Windows\System32\perfh006.dat
2014-03-01 20:05 - 2012-10-11 13:20 - 00098850 _____ () C:\Windows\System32\perfc006.dat
2014-03-01 20:05 - 2012-10-11 12:45 - 00706008 _____ () C:\Windows\System32\prfh0416.dat
2014-03-01 20:05 - 2012-10-11 12:45 - 00147848 _____ () C:\Windows\System32\prfc0416.dat
2014-03-01 20:05 - 2012-10-11 12:30 - 00721146 _____ () C:\Windows\System32\prfh0816.dat
2014-03-01 20:05 - 2012-10-11 12:30 - 00153098 _____ () C:\Windows\System32\prfc0816.dat
2014-03-01 20:05 - 2012-10-11 12:18 - 00732486 _____ () C:\Windows\System32\perfh015.dat
2014-03-01 20:05 - 2012-10-11 12:18 - 00156064 _____ () C:\Windows\System32\perfc015.dat
2014-03-01 20:05 - 2012-10-11 11:19 - 00486642 _____ () C:\Windows\System32\perfh014.dat
2014-03-01 20:05 - 2012-10-11 11:19 - 00095596 _____ () C:\Windows\System32\perfc014.dat
2014-03-01 20:05 - 2012-10-10 16:46 - 00408906 _____ () C:\Windows\System32\perfh011.dat
2014-03-01 20:05 - 2012-10-10 16:46 - 00122292 _____ () C:\Windows\System32\perfc011.dat
2014-03-01 20:05 - 2012-10-10 16:30 - 00648810 _____ () C:\Windows\System32\perfh01F.dat
2014-03-01 20:05 - 2012-10-10 16:30 - 00140192 _____ () C:\Windows\System32\perfc01F.dat
2014-03-01 20:05 - 2012-10-10 16:19 - 00716728 _____ () C:\Windows\System32\perfh019.dat
2014-03-01 20:05 - 2012-10-10 16:19 - 00151034 _____ () C:\Windows\System32\perfc019.dat
2014-03-01 20:05 - 2012-10-10 16:09 - 00599116 _____ () C:\Windows\System32\perfh008.dat
2014-03-01 20:05 - 2012-10-10 16:09 - 00111320 _____ () C:\Windows\System32\perfc008.dat
2014-03-01 20:05 - 2012-10-04 17:28 - 00737584 _____ () C:\Windows\System32\perfh00A.dat
2014-03-01 20:05 - 2012-10-04 17:28 - 00675882 _____ () C:\Windows\System32\perfh00E.dat
2014-03-01 20:05 - 2012-10-04 17:28 - 00420552 _____ () C:\Windows\System32\perfh012.dat
2014-03-01 20:05 - 2012-10-04 17:28 - 00171466 _____ () C:\Windows\System32\perfc00E.dat
2014-03-01 20:05 - 2012-10-04 17:28 - 00158666 _____ () C:\Windows\System32\perfc00A.dat
2014-03-01 20:05 - 2012-10-04 17:28 - 00120576 _____ () C:\Windows\System32\perfc012.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00735626 _____ () C:\Windows\System32\perfh013.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00660968 _____ () C:\Windows\System32\perfh005.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00655848 _____ () C:\Windows\System32\perfh01D.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00473622 _____ () C:\Windows\System32\perfh00B.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00384472 _____ () C:\Windows\System32\perfh00D.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00153294 _____ () C:\Windows\System32\perfc013.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00142666 _____ () C:\Windows\System32\perfc01D.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00141618 _____ () C:\Windows\System32\perfc005.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00101712 _____ () C:\Windows\System32\perfc00B.dat
2014-03-01 20:05 - 2012-10-04 17:27 - 00084950 _____ () C:\Windows\System32\perfc00D.dat
2014-03-01 20:05 - 2012-10-04 01:38 - 00732174 _____ () C:\Windows\System32\perfh010.dat
2014-03-01 20:05 - 2012-10-04 01:38 - 00147038 _____ () C:\Windows\System32\perfc010.dat
2014-03-01 20:05 - 2012-10-04 01:24 - 00689336 _____ () C:\Windows\System32\perfh007.dat
2014-03-01 20:05 - 2012-10-04 01:24 - 00149308 _____ () C:\Windows\System32\perfc007.dat
2014-03-01 20:05 - 2012-02-08 19:31 - 00393150 _____ () C:\Windows\System32\prfh0404.dat
2014-03-01 20:05 - 2012-02-08 19:31 - 00115282 _____ () C:\Windows\System32\prfc0404.dat
2014-03-01 20:05 - 2010-09-06 11:12 - 00376078 _____ () C:\Windows\System32\prfh0804.dat
2014-03-01 20:05 - 2010-09-06 11:12 - 00119784 _____ () C:\Windows\System32\prfc0804.dat
2014-03-01 20:05 - 2010-09-06 11:07 - 00737844 _____ () C:\Windows\System32\perfh00C.dat
2014-03-01 20:05 - 2010-09-06 11:07 - 00471142 _____ () C:\Windows\System32\perfh001.dat
2014-03-01 20:05 - 2010-09-06 11:07 - 00149772 _____ () C:\Windows\System32\perfc00C.dat
2014-03-01 20:05 - 2010-09-06 11:07 - 00094964 _____ () C:\Windows\System32\perfc001.dat
2014-03-01 20:05 - 2009-07-13 21:13 - 17450240 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-03-01 20:04 - 2009-07-13 20:45 - 00029488 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-01 20:04 - 2009-07-13 20:45 - 00029488 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-01 19:59 - 2013-04-05 06:02 - 00002982 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-03-01 19:59 - 2013-04-05 06:02 - 00000292 _____ () C:\Windows\Tasks\AutoKMS.job
2014-03-01 19:58 - 2013-06-02 04:41 - 00151552 _____ () C:\Windows\KMSEmulator.exe
2014-03-01 19:58 - 2010-09-06 11:32 - 00000000 ____D () C:\Windows\Panther
2014-03-01 19:57 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-01 19:54 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-03-01 19:54 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\bg-BG
2014-03-01 19:53 - 2012-02-08 08:13 - 00000000 ____D () C:\Users\DeV\AppData\Roaming\DMCache
2014-03-01 19:53 - 2010-09-06 11:16 - 00000000 ____D () C:\Windows\SysWOW64\vi-VN
2014-03-01 19:53 - 2010-09-06 11:16 - 00000000 ____D () C:\Windows\System32\vi-VN
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\zh-HK
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\uk-UA
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\tr-TR
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\th-TH
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\sl-SI
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\sk-SK
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\lv-LV
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\he-IL
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\ar-SA
2014-03-01 19:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-01 12:04 - 2014-02-25 12:06 - 00032394 _____ () C:\Windows\IE11_main.log
2014-03-01 08:25 - 2014-03-01 08:25 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-01 07:32 - 2012-03-09 03:10 - 00000000 ____D () C:\Windows\Minidump
2014-03-01 07:13 - 2012-06-23 02:51 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1041353636-540036412-1479743784-1000Core.job
2014-03-01 07:01 - 2014-01-15 18:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-28 12:46 - 2014-02-11 12:07 - 00108961 _____ () C:\Windows\IE10_main.log
2014-02-28 12:08 - 2014-02-28 12:08 - 01509376 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-02-28 12:08 - 2014-02-28 12:08 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 12:08 - 2014-02-28 12:08 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-02-28 12:08 - 2014-02-28 12:08 - 01400416 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2014-02-28 12:08 - 2014-02-28 12:08 - 01054720 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00905728 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00762368 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00599552 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00441856 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2014-02-28 12:08 - 2014-02-28 12:08 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-02-28 12:08 - 2014-02-28 12:08 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00281600 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00270848 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00247296 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00226304 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00216064 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00173568 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00149504 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00144896 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00102912 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00097280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2014-02-28 12:08 - 2014-02-28 12:08 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00062976 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-02-28 12:08 - 2014-02-28 12:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00027648 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-02-28 12:08 - 2014-02-28 12:08 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2014-02-28 12:08 - 2014-02-28 12:08 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-02-28 12:06 - 2014-02-28 12:06 - 03928064 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 02776576 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01887232 _____ (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01682432 _____ (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01643520 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01504768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01424384 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01238528 _____ (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01175552 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00648192 _____ (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00522752 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00465920 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00363008 _____ (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00333312 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00245248 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00194560 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00010752 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00009728 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-28 12:06 - 2014-02-28 12:06 - 00002560 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-26 17:09 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\NDF
2014-02-25 18:34 - 2013-09-04 06:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-25 12:02 - 2012-02-08 06:42 - 17061148 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-24 23:47 - 2012-02-10 09:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-02-24 23:47 - 2012-02-09 08:33 - 00000000 ____D () C:\Users\DeV\AppData\Local\Mozilla
2014-02-23 11:02 - 2014-02-23 11:02 - 00001818 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-02-23 11:02 - 2014-02-23 11:02 - 00001818 _____ () C:\ProgramData\Desktop\Apps.lnk
2014-02-23 11:02 - 2014-02-23 11:02 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-02-23 11:02 - 2014-02-23 11:02 - 00001807 _____ () C:\ProgramData\Desktop\Start BlueStacks.lnk
2014-02-23 11:02 - 2014-02-23 11:02 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-02-23 11:02 - 2014-02-23 11:02 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-02-23 11:02 - 2009-07-13 19:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-21 20:38 - 2012-03-16 19:57 - 00000023 _____ () C:\test.xml
2014-02-21 19:47 - 2012-03-28 20:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 19:47 - 2012-02-08 06:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 16:56 - 2012-02-08 07:19 - 00002354 _____ () C:\Users\DeV\Desktop\Google Chrome.lnk
 
==================== Known DLLs (Whitelisted) ================
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points  =========================
 
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=Y:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {default}
resumeobject            {32483d0c-52cd-11e1-b51f-b930a1daeaeb}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {32483d0c-52cd-11e1-b51f-b930a1daeaeb}
nx                      OptIn
 
Windows Boot Loader
-------------------
identifier              {current}
device                  ramdisk=[F:]\Recovery\WindowsRE\Winre.wim,{32483d0f-52cd-11e1-b51f-b930a1daeaeb}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[F:]\Recovery\WindowsRE\Winre.wim,{32483d0f-52cd-11e1-b51f-b930a1daeaeb}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {32483d0c-52cd-11e1-b51f-b930a1daeaeb}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {32483d0f-52cd-11e1-b51f-b930a1daeaeb}
description             Ramdisk Options
ramdisksdidevice        partition=F:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 12%
Total physical RAM: 8103.2 MB
Available physical RAM: 7118.01 MB
Total Pagefile: 8101.35 MB
Available Pagefile: 7114.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:117.2 GB) (Free:10.09 GB) NTFS
Drive d: (Data) (Fixed) (Total:336.96 GB) (Free:5.08 GB) NTFS
Drive f: (Recovery) (Fixed) (Total:11.5 GB) (Free:1.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (TOSHIBA) (Removable) (Total:7.21 GB) (Free:0.57 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F8EBB9DA)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 65F527D4)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)
 
 
LastRegBack: 2014-02-18 00:25
 
==================== End Of Log ============================

 



#14 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 PM

Posted 17 March 2014 - 11:14 AM

I cannot see a connection to malware yet.. Have you tried to run sfc (to check for corrupted system files) from Recovery Environment command prompt? (Described here: http://www.sevenforums.com/tutorials/139810-sfc-scannow-run-command-prompt-boot.html)

#15 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 PM

Posted 25 March 2014 - 01:31 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users