Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Startup Recovery Fails - Win 7


  • This topic is locked This topic is locked
14 replies to this topic

#1 diddy1960

diddy1960

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:21 PM

Posted 24 March 2014 - 12:06 AM

After doing a Windows Update the other day, Win 7 won't start and all efforts at recovery have failed, including the numerous suggestions I've read on various websites, such as FixMbr and FixBoot etc.

 

When booted normally, it reaches a certain point after the start screeen and then gives me a black screen with mouse functionality and little else. The HDD activity LED indicates some sort of activity going on, but the flashing is random and not constant. I left it overnight last night to see if it would eventually resolve itself, but this morning it was still in the same situation. Booting in Safe mode goes through installing the drivers etc, and then produces the same effect as normal mode. Recovery tells me that it could not repair the problem, with a Locale ID of 1033.

 

I've run FRST64 and the FRST.txt file is attached.

 

Any advice, suggestions etc. greatly appreciated.

Attached Files


Edited by hamluis, 24 March 2014 - 06:11 AM.
Moved from Win 7 to Malware Removal Logs - Hamluis.


BC AdBot (Login to Remove)

 


m

#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:21 PM

Posted 24 March 2014 - 11:17 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

Fix with FRST (Recovery Environment)


  • Open notepad (Start =>All Programs => Accessories => Notepad).
  • Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

    HKLM\...\InprocServer32: [Default-wbemess]  ATTENTION! ====> ZeroAccess?
    HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox]  ATTENTION! ====> ZeroAccess?
    
    HKLM\...\.exe:  <===== ATTENTION!
    HKLM\...\exefile\DefaultIcon:  <===== ATTENTION!
    HKLM\...\exefile\open\command:  <===== ATTENTION!

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Now please enter System Recovery Options again.

  • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
  • The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

 

 

Try to boot into windows now.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 diddy1960

diddy1960
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:21 PM

Posted 25 March 2014 - 10:37 PM

Hi Marius

 

Nope, same situation as before. Won't boot into Windows in normal mode or in safe mode. Goes through the "Welcome to Windows" screen etc, then just gives me a blank screen with a mouse pointer that is active, sometimes with the little blue activity circle. No other response.

 

The last file it loads in the Safe mode list amdkmpfd.sys, if that helps, then it goes to the same blank screen.

 

FRST log below.

 

Thanks

 

=================================================================

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by SYSTEM on MININT-JSRJUP0 on 26-03-2014 10:58:28
Running from T:\
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Recovery
 
The current controlset is ControlSet002
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
 
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RunDLLEntry] - E:\Windows\system32\RunDLL32.exe E:\Windows\system32\AmbRunE.dll,RunDLLEntry
HKLM\...\Run: [EvtMgr6] - E:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
HKLM-x32\...\Run: [NUSB3MON] - "E:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
HKLM-x32\...\Run: [PWRISOVM.EXE] - E:\Program Files (x86)\PowerISO\PWRISOVM.EXE
HKLM-x32\...\Run: [M-Audio Taskbar Icon] - E:\Windows\system32\MAFWTray.exe
HKLM-x32\...\Run: [AVG_UI] - "E:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
HKLM-x32\...\Run: [WebStorage] - E:\Program Files (x86)\ASUS\WebStorage\2.0.1.213\AsusWSPanel.exe /S
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] - E:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] - E:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe
HKLM-x32\...\Run: [StartCCC] - "E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
HKLM\...\Winlogon: [Userinit] E:\Windows\system32\userinit.exe,
Winlogon\Notify\LBTWlgn: e:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [X]
HKU\Classic .NET AppPool\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Classic .NET AppPool\...\RunOnce: [mctadmin] - E:\Windows\System32\mctadmin.exe
HKU\Classic .NET AppPool\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516096 2013-09-19] (Microsoft Corporation)
HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Default\...\RunOnce: [mctadmin] - E:\Windows\System32\mctadmin.exe
HKU\DefaultAppPool\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\DefaultAppPool\...\RunOnce: [mctadmin] - E:\Windows\System32\mctadmin.exe
HKU\DefaultAppPool\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516096 2013-09-19] (Microsoft Corporation)
HKU\Diddy\...\Run: [swg] - "E:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\Diddy\...\Run: [GoogleDriveSync] - "E:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\Diddy\...\Run: [uTorrent] - "E:\Users\Diddy\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
HKU\Diddy\...\Run: [Spotify Web Helper] - "E:\Users\Diddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
HKU\Diddy\...\Run: [HydraVisionDesktopManager] - "E:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
HKU\Diddy\...\Run: [Skype] - "E:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\Diddy\...\Policies\Explorer: [NoDrives] 0x00000000
HKU\Diddy\...\Policies\Explorer: [NoInstrumentation] 0
Startup: C:\Users\Diddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HiNet - Shortcut.lnk
ShortcutTarget: HiNet - Shortcut.lnk ->  (No File)
 
==================== Services (Whitelisted) =================
 
S4 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
S3 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-13] (Microsoft Corporation)
S2 AdobeARMservice; "E:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
S3 AdobeFlashPlayerUpdateSvc; E:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X]
S2 AMD FUEL Service; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe /launchService [X]
S2 asComSvc; E:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [X]
S2 ASDiskUnlocker; "E:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe" [X]
S2 ASGT; E:\Windows\SysWOW64\ASGT.exe [X]
S2 asHmComSvc; E:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [X]
S2 AsSysCtrlService; E:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [X]
S2 ASTSRV; No ImagePath
S2 AsusFanControlService; "E:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe" [X]
S2 AVGIDSAgent; "E:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" [X]
S2 avgwd; "E:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" [X]
S2 Bonjour Service; "E:\Program Files (x86)\Bonjour\mDNSResponder.exe" [X]
S2 clr_optimization_v4.0.30319_32; E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [X]
S2 clr_optimization_v4.0.30319_64; E:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [X]
S3 FLEXnet Licensing Service; "E:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [X]
S2 gupdate; "E:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "E:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 gusvc; "E:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]
S3 LBTServ; E:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [X]
S3 Microsoft Office Groove Audit Service; "E:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe" [X]
S3 MozillaMaintenance; "E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
S4 NetMsmqActivator; "E:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [X]
S4 NetPipeActivator; E:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [X]
S4 NetTcpActivator; E:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [X]
S4 NetTcpPortSharing; E:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [X]
S2 nlsInterface; E:\Windows\system32\nlsInterface.exe [X]
S3 odserv; "E:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" [X]
S3 ose; "E:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X]
S2 SbieSvc; "E:\Program Files\Sandboxie\SbieSvc.exe" [X]
S2 SkypeUpdate; "E:\Program Files (x86)\Skype\Updater\Updater.exe" [X]
S3 Uniblue.MaxiDiskSvc; "E:\Program Files (x86)\Uniblue\MaxiDisk\service.exe" [X]
S2 USBMIDIAudioDevMon; "E:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe" [X]
S2 VMAuthdService; "E:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe" [X]
S2 VMnetDHCP; No ImagePath
S2 VMUSBArbService; "E:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe" [X]
S2 VMware NAT Service; No ImagePath
S2 vmware-converter-agent; "E:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe" -s "E:\ProgramData\VMware\VMware vCenter Converter Standalone\converter-agent.xml"
S2 vmware-converter-server; "E:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe" -s "E:\ProgramData\VMware\VMware vCenter Converter Standalone\converter-server.xml"
S2 vmware-converter-worker; "E:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe" -s "E:\ProgramData\VMware\VMware vCenter Converter Standalone\converter-worker.xml"
S3 VMwareHostd; "E:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe" -u "E:\ProgramData\VMware\hostd\config.xml"
S2 wlidsvc; "E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [X]
 
==================== Drivers (Whitelisted) ====================
 
S3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-27] (ASUSTek Computer Inc.)
S0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11904 2013-07-15] (Advanced Micro Devices Inc.)
S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21160 2013-07-15] (Advanced Micro Devices, Inc.)
S0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [35936 2013-07-16] (Advanced Micro Devices, Inc.)
S0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-05] (Asmedia Technology)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
S1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-14] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-19] (MCCI Corporation)
S3 ASUSstpt; C:\Windows\System32\DRIVERS\ASUSstpt.sys [27392 2013-03-27] (MCCI Corporation)
S3 ASUSumsc; C:\Windows\System32\DRIVERS\ASUSumsc.sys [151808 2013-03-27] (MCCI Corporation)
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-09-30] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-09] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 bmdrvr; C:\Windows\SysWow64\drivers\bmdrvr.sys [74352 2011-03-14] (VMware, Inc.)
S3 DM9USB; C:\Windows\System32\DRIVERS\dm9usb.sys [64512 2012-07-04] (DAVICOM Semiconductor, Inc.                                                    )
S3 MAFW; C:\Windows\System32\DRIVERS\mafw.sys [235312 2012-01-24] (Avid Technology, Inc.)
S3 MAUSBMIDI; C:\Windows\System32\DRIVERS\MAudioUSBMIDI.sys [200200 2010-04-12] (M-Audio)
S3 mlkumidi; C:\Windows\System32\drivers\mlkumidi.sys [57408 2012-08-29] (MusicLab, Inc.)
S3 pmserenum; C:\Windows\System32\DRIVERS\pmserenum.sys [37272 2012-08-16] (PenMount)
S0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-07-18] (Corel Corporation)
S1 VDiskBus; C:\Windows\System32\DRIVERS\VDiskBus64.sys [42656 2012-05-31] (ASUSTeK Computer Inc.)
S2 AODDriver4.01; \??\E:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S2 AODDriver4.2.0; \??\E:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 ASFLTDrv.sys; \??\E:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [X]
S3 atillk64; \??\E:\Users\Diddy\AppData\Local\Temp\RarSFX0\atillk64.sys [X]
S3 epmntdrv; \??\E:\Windows\system32\epmntdrv.sys [X]
S3 EuGdiDrv; \??\E:\Windows\system32\EuGdiDrv.sys [X]
S2 hcmon; \??\E:\Windows\system32\drivers\hcmon.sys [X]
S3 IOMap; \??\E:\Windows\system32\drivers\IOMap64.sys [X]
S3 MSI_MSIBIOS_010507; \??\C:\PROGRA~1\MSI\MSIWDev\msibios64_100507.sys [X]
S3 NTIOLib_1_0_2; \??\E:\Program Files (x86)\MSI\BIOS Code Unlocked Technology\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_4; \??\E:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_8; \??\C:\PROGRA~1\MSI\MSIWDev\NTIOLib_X64.sys [X]
S3 SbieDrv; \??\E:\Program Files\Sandboxie\SbieDrv.sys [X]
S3 vmkbd; \??\E:\Windows\system32\drivers\VMkbd.sys [X]
S2 VMnetuserif; \??\E:\Windows\system32\drivers\vmnetuserif.sys [X]
S2 VMparport; \??\E:\Windows\system32\drivers\VMparport.sys [X]
S2 vmx86; \??\E:\Windows\system32\drivers\vmx86.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-24 11:21 - 2014-03-26 10:58 - 00000000 ____D () C:\FRST
2014-03-09 05:33 - 2014-03-09 05:33 - 00003186 _____ () C:\Users\Diddy\Desktop\round_14.txt
2014-03-07 19:39 - 2013-07-02 00:29 - 00024824 _____ (ASUSTeK Computer Inc.) C:\Windows\System32\Drivers\IOMap64.sys
2014-03-06 17:53 - 2014-03-06 17:53 - 00000000 ____D () C:\Users\Diddy\AppData\Local\Skype
2014-03-03 22:08 - 2014-03-03 22:08 - 00001991 _____ () C:\Users\Diddy\Desktop\Welcome to ASUS Product Registration.lnk
2014-03-03 22:03 - 2014-03-03 22:04 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-03-03 21:55 - 2014-03-03 21:55 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-03-03 21:49 - 2013-11-27 10:07 - 08927704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd6a.dll
2014-03-03 21:49 - 2013-11-27 10:07 - 08406024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-03-03 21:49 - 2013-11-27 10:07 - 08287008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-03-03 21:49 - 2013-11-27 10:07 - 06630232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-03-03 21:49 - 2013-11-27 10:07 - 01100216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-03-03 21:49 - 2013-11-27 10:07 - 00157736 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\amdhcp64.dll
2014-03-03 21:49 - 2013-11-27 10:07 - 00142304 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2014-03-03 21:49 - 2013-11-27 10:07 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-03-03 21:49 - 2013-11-27 10:07 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiu9p64.dll
2014-03-03 21:49 - 2013-11-27 10:07 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-03-03 21:49 - 2013-11-27 10:07 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atimpc64.dll
2014-03-03 21:49 - 2013-11-27 10:07 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdpcom64.dll
2014-03-03 21:49 - 2013-11-27 10:07 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-03-03 21:49 - 2013-11-27 10:07 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-03-03 21:49 - 2013-11-27 10:06 - 07751920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd64.dll
2014-03-03 21:49 - 2013-11-27 10:04 - 13207552 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmdag.sys
2014-03-03 21:49 - 2013-11-27 09:49 - 00230912 _____ () C:\Windows\System32\clinfo.exe
2014-03-03 21:49 - 2013-11-27 09:48 - 29381632 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\amdocl64.dll
2014-03-03 21:49 - 2013-11-27 09:48 - 01187342 _____ () C:\Windows\System32\amdocl_as64.exe
2014-03-03 21:49 - 2013-11-27 09:48 - 01061902 _____ () C:\Windows\System32\amdocl_ld64.exe
2014-03-03 21:49 - 2013-11-27 09:48 - 00995342 _____ () C:\Windows\SysWOW64\amdocl_as32.exe
2014-03-03 21:49 - 2013-11-27 09:48 - 00798734 _____ () C:\Windows\SysWOW64\amdocl_ld32.exe
2014-03-03 21:49 - 2013-11-27 09:48 - 00099840 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\OpenVideo64.dll
2014-03-03 21:49 - 2013-11-27 09:48 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\OVDecode64.dll
2014-03-03 21:49 - 2013-11-27 09:48 - 00083968 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-03-03 21:49 - 2013-11-27 09:48 - 00073728 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-03-03 21:49 - 2013-11-27 09:45 - 24860160 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-03-03 21:49 - 2013-11-27 09:43 - 00063488 _____ (Khronos Group) C:\Windows\System32\OpenCL.dll
2014-03-03 21:49 - 2013-11-27 09:43 - 00057344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-03 21:49 - 2013-11-27 09:42 - 00129536 _____ (AMD) C:\Windows\System32\coinst_13.251.dll
2014-03-03 21:49 - 2013-11-27 09:23 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atio6axx.dll
2014-03-03 21:49 - 2013-11-27 09:20 - 00550456 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-03-03 21:49 - 2013-11-27 09:20 - 00550456 _____ () C:\Windows\System32\atiapfxx.blb
2014-03-03 21:49 - 2013-11-27 09:20 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atiapfxx.exe
2014-03-03 21:49 - 2013-11-27 09:19 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\aticaldd64.dll
2014-03-03 21:49 - 2013-11-27 09:19 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\aticalrt64.dll
2014-03-03 21:49 - 2013-11-27 09:19 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\aticalcl64.dll
2014-03-03 21:49 - 2013-11-27 09:19 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-03-03 21:49 - 2013-11-27 09:19 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-03-03 21:49 - 2013-11-27 09:16 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-03-03 21:49 - 2013-11-27 09:05 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-03-03 21:49 - 2013-11-27 08:59 - 00588288 _____ (AMD) C:\Windows\System32\atieclxx.exe
2014-03-03 21:49 - 2013-11-27 08:59 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atidemgy.dll
2014-03-03 21:49 - 2013-11-27 08:59 - 00031232 _____ (AMD) C:\Windows\System32\atimuixx.dll
2014-03-03 21:49 - 2013-11-27 08:58 - 00239616 _____ (AMD) C:\Windows\System32\atiesrxx.exe
2014-03-03 21:49 - 2013-11-27 08:57 - 00190976 _____ (AMD) C:\Windows\System32\atitmm64.dll
2014-03-03 21:49 - 2013-11-27 08:49 - 03426688 _____ () C:\Windows\System32\atiumd6a.cap
2014-03-03 21:49 - 2013-11-27 08:46 - 00204952 _____ () C:\Windows\SysWOW64\ativvsvl.dat
2014-03-03 21:49 - 2013-11-27 08:46 - 00204952 _____ () C:\Windows\System32\ativvsvl.dat
2014-03-03 21:49 - 2013-11-27 08:46 - 00157144 _____ () C:\Windows\SysWOW64\ativvsva.dat
2014-03-03 21:49 - 2013-11-27 08:46 - 00157144 _____ () C:\Windows\System32\ativvsva.dat
2014-03-03 21:49 - 2013-11-27 08:38 - 03461040 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-03-03 21:49 - 2013-11-27 08:30 - 01144320 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atiadlxx.dll
2014-03-03 21:49 - 2013-11-27 08:30 - 00825344 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-03-03 21:49 - 2013-11-27 08:30 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdave64.dll
2014-03-03 21:49 - 2013-11-27 08:30 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-03-03 21:49 - 2013-11-27 08:29 - 00626176 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmpag.sys
2014-03-03 21:49 - 2013-11-27 08:29 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6txx.dll
2014-03-03 21:49 - 2013-11-27 08:29 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-03-03 21:49 - 2013-11-27 08:29 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atisamu64.dll
2014-03-03 21:49 - 2013-11-27 08:29 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-03-03 21:49 - 2013-11-27 08:29 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6pxx.dll
2014-03-03 21:49 - 2013-11-27 08:29 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-03-03 21:49 - 2013-11-27 08:29 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiglpxx.dll
2014-03-03 21:49 - 2013-11-27 08:25 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\ati2erec.dll
2014-03-03 21:49 - 2013-11-01 00:08 - 00721296 _____ () C:\Windows\System32\atiicdxx.dat
2014-03-03 21:49 - 2013-09-30 12:48 - 00047887 _____ () C:\Windows\atiogl.xml
2014-03-03 21:49 - 2013-09-26 13:14 - 00083552 _____ () C:\Windows\System32\ativce02.dat
2014-03-03 21:49 - 2013-09-12 08:31 - 00233776 _____ () C:\Windows\System32\ativvaxy_cik_nd.dat
2014-03-03 21:49 - 2013-09-12 08:30 - 00234036 _____ () C:\Windows\System32\ativvaxy_cik.dat
2014-03-03 21:49 - 2013-04-10 07:34 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\ATIODE.exe
2014-03-03 21:49 - 2013-04-10 07:34 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atibtmon.exe
2014-03-03 21:49 - 2013-04-10 07:34 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\ATIODCLI.exe
2014-03-03 21:49 - 2011-09-12 14:06 - 00003917 _____ () C:\Windows\SysWOW64\atipblag.dat
2014-03-03 21:49 - 2011-09-12 14:06 - 00003917 _____ () C:\Windows\System32\atipblag.dat
2014-03-03 21:31 - 2014-03-03 21:31 - 05353952 _____ () C:\Windows\PE_File.dll
2014-03-03 16:48 - 2014-03-03 16:48 - 00000000 ____D () C:\Windows\Sun
2014-03-03 16:16 - 2014-03-03 16:16 - 00000000 ____D () C:\Users\Diddy\AppData\Roaming\WebStorage
2014-03-03 15:56 - 2014-01-08 18:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-03 15:56 - 2014-01-03 14:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-03-03 05:19 - 2013-10-01 18:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2014-03-03 05:19 - 2013-10-01 18:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2014-03-03 05:19 - 2013-10-01 18:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2014-03-03 05:19 - 2013-10-01 17:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\MsRdpWebAccess.dll
2014-03-03 05:19 - 2013-10-01 17:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\System32\wksprtPS.dll
2014-03-03 05:19 - 2013-10-01 17:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2014-03-03 05:19 - 2013-10-01 17:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll
2014-03-03 05:19 - 2013-10-01 16:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\System32\rdvidcrl.dll
2014-03-03 05:19 - 2013-10-01 16:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-03-03 05:19 - 2013-10-01 16:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-03-03 05:19 - 2013-10-01 16:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2014-03-03 05:19 - 2013-10-01 16:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2014-03-03 05:19 - 2013-10-01 15:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-03 05:19 - 2013-10-01 15:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2014-03-03 05:19 - 2013-10-01 15:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-03 05:19 - 2013-10-01 14:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-03-03 05:17 - 2013-09-24 18:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\System32\TSWorkspace.dll
2014-03-03 05:17 - 2013-09-24 17:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-03-02 00:20 - 2014-03-02 00:20 - 00060777 _____ () C:\Windows\SysWOW64\CCCInstall_201403021620397998.log
2014-03-02 00:19 - 2014-03-02 00:19 - 00000000 ____D () C:\Program Files\AMD
2014-03-01 23:55 - 2014-03-01 23:55 - 00000000 ____D () C:\Users\Diddy\AppData\Roaming\Oracle
2014-03-01 23:54 - 2014-03-01 23:54 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-01 23:54 - 2013-12-18 05:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-01 23:54 - 2013-12-18 05:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-01 23:54 - 2013-12-18 05:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-01 23:54 - 2013-12-18 05:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-01 23:53 - 2014-03-01 23:54 - 00006443 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-03-01 23:42 - 2014-03-01 23:42 - 00003270 _____ () C:\Windows\System32\Tasks\{4DEF07F3-0B09-4886-877E-FFCD419F43B8}
2014-03-01 23:41 - 2014-03-01 23:41 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\1043_ASUSTeK_M5A99X EVO R2.0.alu
2014-03-01 23:31 - 2014-03-01 23:31 - 00000000 _____ () C:\Windows\MB.idx
2014-03-01 22:52 - 2013-12-31 15:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-03-01 22:52 - 2013-12-31 15:04 - 00420008 _____ () C:\Windows\System32\locale.nls
2014-03-01 22:51 - 2013-12-24 15:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-03-01 22:51 - 2013-12-24 14:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2014-03-01 22:51 - 2013-12-05 18:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2014-03-01 22:51 - 2013-12-05 18:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2014-03-01 22:51 - 2013-12-05 18:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-03-01 22:51 - 2013-12-05 18:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-03-01 22:51 - 2013-12-03 18:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\System32\secproc.dll
2014-03-01 22:51 - 2013-12-03 18:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\System32\secproc_isv.dll
2014-03-01 22:51 - 2013-12-03 18:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\System32\secproc_ssp_isv.dll
2014-03-01 22:51 - 2013-12-03 18:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\System32\secproc_ssp.dll
2014-03-01 22:51 - 2013-12-03 18:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\System32\msdrm.dll
2014-03-01 22:51 - 2013-12-03 18:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\System32\RMActivate_isv.exe
2014-03-01 22:51 - 2013-12-03 18:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\System32\RMActivate.exe
2014-03-01 22:51 - 2013-12-03 18:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp.exe
2014-03-01 22:51 - 2013-12-03 18:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp_isv.exe
2014-03-01 22:51 - 2013-12-03 18:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-03-01 22:51 - 2013-12-03 18:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-03-01 22:51 - 2013-12-03 18:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-03-01 22:51 - 2013-12-03 18:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-03-01 22:51 - 2013-12-03 18:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-03-01 22:51 - 2013-12-03 17:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-03-01 22:51 - 2013-12-03 17:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-03-01 22:51 - 2013-12-03 17:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-03-01 22:51 - 2013-12-03 17:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-03-01 22:51 - 2013-11-26 00:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-03-01 22:51 - 2013-11-22 14:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2014-03-01 22:49 - 2014-03-01 22:49 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_dm9usb_01009.Wdf
2014-03-01 22:49 - 2014-03-01 22:49 - 00000000 ____D () C:\Program Files\DIFX
2014-03-01 22:49 - 2014-03-01 22:49 - 00000000 ____D () C:\Program Files (x86)\Davicom
2014-03-01 20:48 - 2014-03-01 20:48 - 00001159 _____ () C:\Users\Public\Desktop\FL Studio 10.lnk
2014-03-01 12:00 - 2014-03-01 12:00 - 00003202 _____ () C:\Windows\System32\Tasks\{81164504-DA9D-45AF-BA41-2F965D299F42}
2014-03-01 11:54 - 2012-04-10 17:40 - 00082560 _____ (Advanced Micro Devices) C:\Windows\System32\Drivers\amd_sata.sys
2014-03-01 11:54 - 2012-04-10 17:40 - 00042624 _____ (Advanced Micro Devices) C:\Windows\System32\Drivers\amd_xata.sys
2014-03-01 11:39 - 2014-03-01 11:39 - 00001920 _____ () C:\Users\Public\Desktop\Remote GO!.lnk
2014-03-01 11:37 - 2013-02-20 19:40 - 00032840 _____ (NT Kernel Resources) C:\Windows\System32\Drivers\ndisrd.sys
2014-02-28 22:36 - 2014-02-28 22:36 - 00000146 _____ () C:\Users\Diddy\Desktop\Device Manager - Shortcut.lnk
2014-02-28 22:20 - 2014-02-28 22:20 - 00003146 _____ () C:\Windows\System32\Tasks\{E4C72B78-8397-47D8-B0A0-513B87BEAEDB}
2014-02-28 20:49 - 2014-02-28 20:49 - 00003120 _____ () C:\Windows\System32\Tasks\{43EE002E-38CE-4CE1-9702-13AD2A7AEE67}
2014-02-28 05:49 - 2013-12-21 01:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-02-28 05:49 - 2013-12-21 00:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-28 05:47 - 2014-02-06 04:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-02-28 05:47 - 2014-02-06 03:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-02-28 05:47 - 2014-02-06 03:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-02-28 05:47 - 2014-02-06 03:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-02-28 05:47 - 2014-02-06 03:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-02-28 05:47 - 2014-02-06 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-02-28 05:47 - 2014-02-06 02:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-02-28 05:47 - 2014-02-06 02:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-02-28 05:47 - 2014-02-06 02:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-02-28 05:47 - 2014-02-06 02:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-02-28 05:47 - 2014-02-06 02:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-02-28 05:47 - 2014-02-06 02:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag(34).dll
2014-02-28 05:47 - 2014-02-06 02:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-02-28 05:47 - 2014-02-06 02:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-28 05:47 - 2014-02-06 02:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-02-28 05:47 - 2014-02-06 02:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit(32).exe
2014-02-28 05:47 - 2014-02-06 02:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-28 05:47 - 2014-02-06 02:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml(38).tlb
2014-02-28 05:47 - 2014-02-06 02:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-02-28 05:47 - 2014-02-06 02:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-02-28 05:47 - 2014-02-06 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-28 05:47 - 2014-02-06 02:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-28 05:47 - 2014-02-06 01:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-28 05:47 - 2014-02-06 01:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-02-28 05:47 - 2014-02-06 01:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds(35).dll
2014-02-28 05:47 - 2014-02-06 01:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-28 05:47 - 2014-02-06 01:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-28 05:47 - 2014-02-06 01:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce(37).dll
2014-02-28 05:47 - 2014-02-06 01:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-02-28 05:47 - 2014-02-06 01:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-28 05:47 - 2014-02-06 01:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 05:47 - 2014-02-06 01:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-28 05:47 - 2014-02-06 01:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-28 05:47 - 2014-02-06 01:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-28 05:47 - 2014-02-06 01:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-02-28 05:47 - 2014-02-06 01:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\System32\wininet(36).dll
2014-02-28 05:47 - 2014-02-06 01:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-02-28 05:47 - 2014-02-06 01:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-28 05:47 - 2014-02-06 01:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 05:47 - 2014-02-06 01:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-28 05:47 - 2014-02-06 00:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-02-28 05:47 - 2014-02-06 00:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-28 05:47 - 2014-02-06 00:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-02-28 05:47 - 2014-02-06 00:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr(33).dll
2014-02-28 05:47 - 2014-02-06 00:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-28 05:47 - 2014-02-06 00:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 05:04 - 2014-02-28 05:04 - 00000000 ____D () C:\Program Files (x86)\ASM106xSATA
2014-02-28 03:58 - 2014-02-28 03:58 - 00001874 _____ () C:\Users\Diddy\Desktop\Windows Compatibility Report.htm
2014-02-28 03:16 - 2014-02-28 03:16 - 00000000 ____D () C:\Windows\AsusInstAll
2014-02-28 03:15 - 2014-02-28 03:15 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-02-28 03:14 - 2011-08-11 00:55 - 00001332 ____R () C:\Windows\System32\Drivers\DTSU2P.DAT
2014-02-28 03:13 - 2013-08-08 03:57 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-02-28 02:49 - 2014-02-28 02:49 - 00000785 _____ () C:\Users\Public\Desktop\GPUTweakStreaming.lnk
2014-02-28 02:48 - 2014-02-28 02:48 - 00000812 _____ () C:\Users\Public\Desktop\ASUS GPU Tweak.lnk
2014-02-28 02:47 - 2014-02-28 02:48 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-02-28 02:47 - 2014-02-28 02:47 - 00060601 _____ () C:\Windows\SysWOW64\CCCInstall_201402281847050881.log
2014-02-28 02:42 - 2014-03-02 00:15 - 00000000 ____D () C:\AMD
2014-02-28 02:42 - 2013-09-24 06:53 - 00094208 _____ (Advanced Micro Devices) C:\Windows\System32\Drivers\AtihdW76.sys
2014-02-28 02:42 - 2013-09-24 06:51 - 00110080 _____ (TODO: <Company name>) C:\Windows\System32\DelayAPO.dll
2014-02-28 02:39 - 2014-03-03 20:35 - 00000000 _____ () C:\Windows\Path.idx
2014-02-28 02:38 - 2014-02-28 02:39 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-28 02:34 - 2014-03-07 19:41 - 01048576 _____ () C:\Windows\PE_Rom.dll
2014-02-28 02:26 - 2014-02-28 02:26 - 00001286 _____ () C:\Users\Public\Desktop\WebStorage.lnk
2014-02-28 02:26 - 2014-02-28 02:26 - 00000946 _____ () C:\Users\Public\Desktop\CPUID ASUS CPU-Z.lnk
2014-02-28 02:26 - 2014-02-28 02:26 - 00000000 ____D () C:\Users\Diddy\Documents\Asus WebStorage
2014-02-28 02:26 - 2014-02-28 02:26 - 00000000 ____D () C:\ProgramData\WebStorage
2014-02-28 02:26 - 2014-02-28 02:26 - 00000000 ____D () C:\ProgramData\ASUS WebStorage
2014-02-28 02:26 - 2014-02-28 02:26 - 00000000 ____D () C:\Program Files\CPUID
2014-02-28 02:23 - 2014-02-28 02:23 - 00014848 _____ (ASUSTek Computer Inc.) C:\Windows\SysWOW64\Drivers\AiCharger.sys
2014-02-28 02:23 - 2014-02-28 02:23 - 00001996 _____ () C:\Users\Public\Desktop\ASUS Boot Setting 1.00.17.lnk
2014-02-28 02:22 - 2014-02-28 02:23 - 00000090 _____ () C:\Windows\FastBoot.log
2014-02-28 02:14 - 2014-02-28 02:14 - 00000000 ____D () C:\Program Files\ASUS
2014-02-28 02:14 - 2013-03-27 23:17 - 00151808 _____ (MCCI Corporation) C:\Windows\System32\Drivers\ASUSumsc.sys
2014-02-28 02:14 - 2013-03-27 23:17 - 00027392 _____ (MCCI Corporation) C:\Windows\System32\Drivers\ASUSstpt.sys
2014-02-28 02:14 - 2013-03-27 23:17 - 00018688 _____ (MCCI Corporation) C:\Windows\System32\Drivers\ASUSwh.sys
2014-02-28 02:14 - 2013-03-27 23:17 - 00017152 _____ (MCCI Corporation) C:\Windows\System32\Drivers\ASUScr.sys
2014-02-28 02:09 - 2014-02-28 02:09 - 00000000 ____D () C:\Users\Diddy\Documents\ASUS Remote GO!
2014-02-28 02:03 - 2013-01-27 23:58 - 00014848 _____ (ASUSTek Computer Inc.) C:\Windows\SysWOW64\Drivers\AiChargerPlus.sys
2014-02-28 02:01 - 2008-12-02 04:05 - 00184320 _____ (ASUSTeK) C:\Windows\SysWOW64\Drivers\UpdateHelper.dll
2014-02-28 02:00 - 2014-02-28 02:00 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\MFDLL
2014-02-28 02:00 - 2014-02-28 02:00 - 00000000 ____D () C:\ProgramData\ASUS
2014-02-28 02:00 - 2012-08-22 01:54 - 00015232 ____R () C:\Windows\SysWOW64\Drivers\AsIO.sys
2014-02-28 02:00 - 2010-06-28 23:41 - 00028672 ____R (ASUSTek Computer Inc.) C:\Windows\SysWOW64\AsIO.dll
2014-02-28 02:00 - 2008-01-03 21:34 - 00011832 ____N () C:\Windows\SysWOW64\Drivers\AsInsHelp64.sys
2014-02-28 01:59 - 2014-02-28 06:36 - 00039938 _____ () C:\Windows\Ascd_log.ini
2014-02-28 01:59 - 2014-02-28 06:36 - 00000332 _____ () C:\Windows\scd.ini
2014-02-28 01:59 - 2014-02-28 06:36 - 00000000 _____ () C:\Windows\Ascd_err.ini
2014-02-28 01:58 - 2014-03-01 23:41 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-02-28 01:58 - 2014-02-28 05:02 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-02-28 01:57 - 2014-02-28 01:57 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
2014-02-28 01:56 - 2014-03-01 22:49 - 00050204 _____ () C:\Windows\DPINST.LOG
 
==================== One Month Modified Files and Folders =======
 
2014-03-26 10:58 - 2014-03-24 11:21 - 00000000 ____D () C:\FRST
2014-03-23 17:40 - 2013-12-30 16:32 - 00462018 _____ () C:\Windows\setupact.log
2014-03-23 16:13 - 2012-06-23 00:38 - 01720210 _____ () C:\Windows\WindowsUpdate.log
2014-03-23 16:13 - 2011-02-01 03:41 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-23 16:11 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-23 16:10 - 2013-03-21 18:49 - 00017077 _____ () C:\Windows\mlkumidi.log
2014-03-23 06:56 - 2009-07-13 20:45 - 00006144 _____ () C:\Windows\System32\umstartup.etl
2014-03-22 23:50 - 2012-07-08 04:25 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-22 23:50 - 2012-06-12 19:33 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-03-22 23:50 - 2012-03-08 18:59 - 00000000 ____D () C:\Users\Diddy\AppData\Roaming\uTorrent
2014-03-22 23:50 - 2012-01-11 16:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-22 23:50 - 2012-01-11 16:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-22 23:50 - 2011-11-13 01:30 - 00000000 ____D () C:\Windows\System32\Macromed
2014-03-22 23:50 - 2011-01-31 22:34 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-03-22 23:50 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2014-03-22 23:50 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-03-22 23:50 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\AppCompat
2014-03-22 23:49 - 2013-04-07 06:39 - 00000000 ____D () C:\Users\Diddy\AppData\Roaming\Skype
2014-03-22 23:49 - 2011-03-04 07:19 - 00000000 ____D () C:\ProgramData\Real
2014-03-22 15:51 - 2013-05-17 06:50 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-22 08:52 - 2009-07-13 20:45 - 00028160 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-22 08:52 - 2009-07-13 20:45 - 00028160 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-22 08:23 - 2012-06-22 23:37 - 00000000 ____D () C:\users\Diddy
2014-03-22 04:48 - 2013-07-27 18:01 - 00000000 ____D () C:\Windows\System32\MRT
2014-03-21 07:05 - 2012-08-04 11:50 - 00000000 ____D () C:\Users\Diddy\AppData\Roaming\SolSuite
2014-03-11 07:37 - 2011-01-31 22:39 - 00004554 _____ () C:\Windows\Solitaire.ini
2014-03-11 00:12 - 2011-02-01 03:41 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-09 05:33 - 2014-03-09 05:33 - 00003186 _____ () C:\Users\Diddy\Desktop\round_14.txt
2014-03-07 22:22 - 2013-08-20 21:37 - 00000000 ___RD () C:\Users\Diddy\Google Drive
2014-03-07 19:41 - 2014-02-28 02:34 - 01048576 _____ () C:\Windows\PE_Rom.dll
2014-03-07 19:40 - 2013-07-16 00:19 - 00000340 _____ () C:\Windows\Tasks\DriverScanner.job
2014-03-06 17:53 - 2014-03-06 17:53 - 00000000 ____D () C:\Users\Diddy\AppData\Local\Skype
2014-03-06 17:53 - 2013-04-07 06:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-06 17:53 - 2013-04-07 06:39 - 00000000 ____D () C:\ProgramData\Skype
2014-03-05 04:23 - 2013-11-05 01:08 - 00003340 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2164934503-4027386832-2054466341-1000
2014-03-05 04:23 - 2013-11-05 01:08 - 00003206 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2164934503-4027386832-2054466341-1000
2014-03-04 05:51 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-03-03 22:08 - 2014-03-03 22:08 - 00001991 _____ () C:\Users\Diddy\Desktop\Welcome to ASUS Product Registration.lnk
2014-03-03 22:04 - 2014-03-03 22:03 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-03-03 22:03 - 2011-02-14 00:56 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-03 21:57 - 2009-07-13 21:13 - 00884272 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-03-03 21:55 - 2014-03-03 21:55 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-03-03 21:55 - 2011-02-14 01:27 - 00000000 ____D () C:\ProgramData\AMD
2014-03-03 21:31 - 2014-03-03 21:31 - 05353952 _____ () C:\Windows\PE_File.dll
2014-03-03 20:35 - 2014-02-28 02:39 - 00000000 _____ () C:\Windows\Path.idx
2014-03-03 16:48 - 2014-03-03 16:48 - 00000000 ____D () C:\Windows\Sun
2014-03-03 16:16 - 2014-03-03 16:16 - 00000000 ____D () C:\Users\Diddy\AppData\Roaming\WebStorage
2014-03-03 16:13 - 2013-12-30 16:30 - 00137568 _____ () C:\Windows\PFRO.log
2014-03-03 05:19 - 2012-06-24 16:10 - 88567024 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-03-02 00:20 - 2014-03-02 00:20 - 00060777 _____ () C:\Windows\SysWOW64\CCCInstall_201403021620397998.log
2014-03-02 00:20 - 2011-01-31 22:10 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-03-02 00:19 - 2014-03-02 00:19 - 00000000 ____D () C:\Program Files\AMD
2014-03-02 00:15 - 2014-02-28 02:42 - 00000000 ____D () C:\AMD
2014-03-01 23:55 - 2014-03-01 23:55 - 00000000 ____D () C:\Users\Diddy\AppData\Roaming\Oracle
2014-03-01 23:55 - 2012-04-12 23:16 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-01 23:54 - 2014-03-01 23:54 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-01 23:54 - 2014-03-01 23:53 - 00006443 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-03-01 23:42 - 2014-03-01 23:42 - 00003270 _____ () C:\Windows\System32\Tasks\{4DEF07F3-0B09-4886-877E-FFCD419F43B8}
2014-03-01 23:41 - 2014-03-01 23:41 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\1043_ASUSTeK_M5A99X EVO R2.0.alu
2014-03-01 23:41 - 2014-02-28 01:58 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-03-01 23:31 - 2014-03-01 23:31 - 00000000 _____ () C:\Windows\MB.idx
2014-03-01 22:49 - 2014-03-01 22:49 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_dm9usb_01009.Wdf
2014-03-01 22:49 - 2014-03-01 22:49 - 00000000 ____D () C:\Program Files\DIFX
2014-03-01 22:49 - 2014-03-01 22:49 - 00000000 ____D () C:\Program Files (x86)\Davicom
2014-03-01 22:49 - 2014-02-28 01:56 - 00050204 _____ () C:\Windows\DPINST.LOG
2014-03-01 20:48 - 2014-03-01 20:48 - 00001159 _____ () C:\Users\Public\Desktop\FL Studio 10.lnk
2014-03-01 12:00 - 2014-03-01 12:00 - 00003202 _____ () C:\Windows\System32\Tasks\{81164504-DA9D-45AF-BA41-2F965D299F42}
2014-03-01 11:39 - 2014-03-01 11:39 - 00001920 _____ () C:\Users\Public\Desktop\Remote GO!.lnk
2014-02-28 22:36 - 2014-02-28 22:36 - 00000146 _____ () C:\Users\Diddy\Desktop\Device Manager - Shortcut.lnk
2014-02-28 22:32 - 2013-08-06 21:48 - 00000000 ____D () C:\Users\Diddy\AppData\Roaming\VMware
2014-02-28 22:32 - 2013-08-06 21:48 - 00000000 ____D () C:\Users\Diddy\AppData\Local\VMware
2014-02-28 22:25 - 2013-08-08 00:27 - 00000000 ___RD () C:\Users\Diddy\Virtual Machines
2014-02-28 22:20 - 2014-02-28 22:20 - 00003146 _____ () C:\Windows\System32\Tasks\{E4C72B78-8397-47D8-B0A0-513B87BEAEDB}
2014-02-28 20:49 - 2014-02-28 20:49 - 00003120 _____ () C:\Windows\System32\Tasks\{43EE002E-38CE-4CE1-9702-13AD2A7AEE67}
2014-02-28 20:41 - 2013-08-06 21:44 - 00000000 ____D () C:\ProgramData\VMware
2014-02-28 17:09 - 2013-12-09 18:38 - 00000000 ____D () C:\Users\Diddy\AppData\Roaming\Foxit Software
2014-02-28 17:07 - 2014-01-30 19:27 - 00000000 ____D () C:\Program Files (x86)\FOXIT SOFTWARE
2014-02-28 06:36 - 2014-02-28 01:59 - 00039938 _____ () C:\Windows\Ascd_log.ini
2014-02-28 06:36 - 2014-02-28 01:59 - 00000332 _____ () C:\Windows\scd.ini
2014-02-28 06:36 - 2014-02-28 01:59 - 00000000 _____ () C:\Windows\Ascd_err.ini
2014-02-28 06:36 - 2014-02-19 04:01 - 00030951 _____ () C:\Windows\Ascd_tmp.ini
2014-02-28 06:36 - 2014-02-19 04:01 - 00000480 _____ () C:\Windows\As_Utilities.log
2014-02-28 05:51 - 2012-06-22 23:37 - 00878648 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-28 05:21 - 2014-02-09 21:51 - 00003169 _____ () C:\Windows\LkmdfCoInst.log
2014-02-28 05:21 - 2012-06-22 23:35 - 00018960 _____ (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2014-02-28 05:04 - 2014-02-28 05:04 - 00000000 ____D () C:\Program Files (x86)\ASM106xSATA
2014-02-28 05:02 - 2014-02-28 01:58 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-02-28 04:59 - 2014-02-19 04:01 - 00001769 _____ () C:\Windows\Language_trs.ini
2014-02-28 03:58 - 2014-02-28 03:58 - 00001874 _____ () C:\Users\Diddy\Desktop\Windows Compatibility Report.htm
2014-02-28 03:58 - 2011-10-08 19:32 - 00002889 _____ () C:\Windows\diagwrn.xml
2014-02-28 03:58 - 2011-10-08 19:32 - 00001908 _____ () C:\Windows\diagerr.xml
2014-02-28 03:55 - 2013-12-30 16:32 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-28 03:27 - 2014-02-02 03:53 - 00000000 ____D () C:\Users\Diddy\AppData\Local\WebPlayer
2014-02-28 03:16 - 2014-02-28 03:16 - 00000000 ____D () C:\Windows\AsusInstAll
2014-02-28 03:15 - 2014-02-28 03:15 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-02-28 02:49 - 2014-02-28 02:49 - 00000785 _____ () C:\Users\Public\Desktop\GPUTweakStreaming.lnk
2014-02-28 02:48 - 2014-02-28 02:48 - 00000812 _____ () C:\Users\Public\Desktop\ASUS GPU Tweak.lnk
2014-02-28 02:48 - 2014-02-28 02:47 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-02-28 02:47 - 2014-02-28 02:47 - 00060601 _____ () C:\Windows\SysWOW64\CCCInstall_201402281847050881.log
2014-02-28 02:47 - 2011-01-31 22:11 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-02-28 02:39 - 2014-02-28 02:38 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-28 02:26 - 2014-02-28 02:26 - 00001286 _____ () C:\Users\Public\Desktop\WebStorage.lnk
2014-02-28 02:26 - 2014-02-28 02:26 - 00000946 _____ () C:\Users\Public\Desktop\CPUID ASUS CPU-Z.lnk
2014-02-28 02:26 - 2014-02-28 02:26 - 00000000 ____D () C:\Users\Diddy\Documents\Asus WebStorage
2014-02-28 02:26 - 2014-02-28 02:26 - 00000000 ____D () C:\ProgramData\WebStorage
2014-02-28 02:26 - 2014-02-28 02:26 - 00000000 ____D () C:\ProgramData\ASUS WebStorage
2014-02-28 02:26 - 2014-02-28 02:26 - 00000000 ____D () C:\Program Files\CPUID
2014-02-28 02:23 - 2014-02-28 02:23 - 00014848 _____ (ASUSTek Computer Inc.) C:\Windows\SysWOW64\Drivers\AiCharger.sys
2014-02-28 02:23 - 2014-02-28 02:23 - 00001996 _____ () C:\Users\Public\Desktop\ASUS Boot Setting 1.00.17.lnk
2014-02-28 02:23 - 2014-02-28 02:22 - 00000090 _____ () C:\Windows\FastBoot.log
2014-02-28 02:14 - 2014-02-28 02:14 - 00000000 ____D () C:\Program Files\ASUS
2014-02-28 02:09 - 2014-02-28 02:09 - 00000000 ____D () C:\Users\Diddy\Documents\ASUS Remote GO!
2014-02-28 02:00 - 2014-02-28 02:00 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\MFDLL
2014-02-28 02:00 - 2014-02-28 02:00 - 00000000 ____D () C:\ProgramData\ASUS
2014-02-28 01:57 - 2014-02-28 01:57 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
 
==================== Known DLLs (Whitelisted) ================
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points  =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 7%
Total physical RAM: 16284.35 MB
Available physical RAM: 15025.61 MB
Total Pagefile: 16282.55 MB
Available Pagefile: 15043.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB
 
==================== Drives ================================
 
Drive c: (Windows 7) (Fixed) (Total:195.32 GB) (Free:64.03 GB) NTFS
Drive d: (XP-C) (Fixed) (Total:195.32 GB) (Free:32.5 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:78.12 GB) (Free:48.14 GB) NTFS
Drive f: (DaVidz) (Fixed) (Total:976.56 GB) (Free:216.74 GB) NTFS
Drive g: (DaSongz) (Fixed) (Total:577.47 GB) (Free:426.52 GB) NTFS
Drive h: (Sound Projects) (Fixed) (Total:341.79 GB) (Free:248.97 GB) NTFS
Drive i: (Diddyweb) (Fixed) (Total:53.78 GB) (Free:39.54 GB) NTFS
Drive j: (Email) (Fixed) (Total:19.47 GB) (Free:8.25 GB) NTFS
Drive k: (Images) (Fixed) (Total:58.59 GB) (Free:24.97 GB) NTFS
Drive l: (Video Projects) (Fixed) (Total:457.88 GB) (Free:178.82 GB) NTFS
Drive n: (Available) (Fixed) (Total:296.17 GB) (Free:132.46 GB) NTFS
Drive o: (Teaching) (Fixed) (Total:98.21 GB) (Free:78.03 GB) NTFS
Drive p: (Installations) (Fixed) (Total:146.5 GB) (Free:11.92 GB) NTFS
Drive q: (YouDrive) (Fixed) (Total:78.13 GB) (Free:24.85 GB) NTFS
Drive r: (Va-Voom) (Fixed) (Total:76.64 GB) (Free:55.22 GB) NTFS
Drive s: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.16 GB) (Free:0 GB) UDF
Drive t: () (Removable) (Total:7.51 GB) (Free:2.7 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (Clean7) (Fixed) (Total:292.98 GB) (Free:195.14 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: B379DF3D)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 5D4F179A)
Partition 1: (Not Active) - (Size=932 GB) - (Type=OF Extended)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: F5964BF9)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 233 GB) (Disk ID: A4C2656B)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 4 (Size: 8 GB) (Disk ID: 04DD5721)
Partition 1: (Not Active) - (Size=8 GB) - (Type=0B)
 
 
LastRegBack: 2014-03-19 08:07
 
==================== End Of Log ============================


#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:21 PM

Posted 26 March 2014 - 05:22 AM

Try to do a system restore to a point where the startup completed successfully.

Tell me if that worked for you.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 diddy1960

diddy1960
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:21 PM

Posted 26 March 2014 - 09:32 AM

There are no restore points, or else they are corrupt... that was the first thing I tried. 



#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:21 PM

Posted 26 March 2014 - 10:05 AM

System File Check (offline mode)

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:
  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt

Select Command Prompt
  • In the command window:
  • type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your system drive letter and system path (for example, D:\windows\) and close the notepad.
  • enter the following command:


sfc /scannow /offbootdir=d:\ /offwindir=d:\windows


Replace the red and pink parts with the informations you obtained from the last step of this tutorial.

Note: Depending on how your computer is setup, the Command Prompt, when used from outside of Windows, doesn't always assign drive letters in the same way that you see them from inside Windows. In other words, Windows might be at C:\Windows when you're using it, but D:\Windows from the Command Prompt in System Recovery Options.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 diddy1960

diddy1960
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:21 PM

Posted 26 March 2014 - 03:47 PM

I'm not sure what that was supposed to achieve, but I got a message saying that no integrity errors were found.

 

Is there any way to delete the pending updates that were being installed at the time?
 
I notice on that drive, there's no bootmgr or BOOTSECT.BAK files, as with my Windows installations on other drives. Could that be causing the problem?
 
Thanks for your efforts.


#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:21 PM

Posted 27 March 2014 - 04:03 AM

No, as your system is booting up. The problems starts when windows is loaded already.

From within the Recovery Environment, run the Command Prompt again.

Type in the following command:

chkdsk /r

Hit enter. Checkdisk will check your hard drive for errors. This may take a long time, so please be patient.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 diddy1960

diddy1960
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:21 PM

Posted 28 March 2014 - 07:24 PM

Still the same situation, I have attached the output from the chkdsk command below.

 

When it starts, the boot sequence gets to the Windows logo, then the screen flickers like its about to go to the next stage,  and the mouse pointer appears with the little blue activity circle and the HDD activity light seems to be doing a lot of work (constantly lit for at least 45 seconds), before slowing to random slow flashes. Yesterday, I left the machine on for about 8 hour hoping it might eventually get over it's problem, but no luck.

 

I'm getting to the point of reformat/reinstall, but I'm really hoping to avoid that if I can.

 

Thanks again.

 

CHKDSK report

 

M:\>chkdsk m: /r
The type of the file system is NTFS.
Cannot lock current drive.
 
Chkdsk cannot run because the volume is in use by another
process.  Chkdsk may run if this volume is dismounted first.
ALL OPENED HANDLES TO THIS VOLUME WOULD THEN BE INVALID.
Would you like to force a dismount on this volume? (Y/N) y
Volume dismounted.  All opened handles to this volume are now invalid
Volume label is Windows 7.
 
CHKDSK is verifying files (stage 1 of 5)...
  1568768 file records processed.
File verification completed.
  1138 large file records processed.
  0 bad file records processed.
  2 EA records processed.
  44 reparse records processed.
CHKDSK is verifying indexes (stage 2 of 5)...
  1659162 index entries processed.
Index verification completed.
  0 unindexed files scanned.
  0 unindexed files recovered.
CHKDSK is verifying security descriptors (stage 3 of 5)...
  1568768 file SDs/SIDs processed.
CHKDSK is compacting the security descriptor stream
  45198 data files processed.
CHKDSK is verifying Usn Journal...
  36060184 USN bytes processed.
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
  1568752 files processed.
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  16641047 free clusters processed.
Free space verification is complete.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
Correcting errors in the Volume Bitmap.
Windows has made corrections to the file system.
 
 204804620 KB total disk space.
 136318256 KB in 380631 files.
    244564 KB in 45201 indexes.
         0 KB in bad sectors.
   1677612 KB in use by the system.
     65536 KB occupied by the log file.
  66564188 KB available on disk.
 
      4096 bytes in each allocation unit.
  51201155 total allocation units on disk.
  16641047 allocation units available on disk.
Failed to transfer logged messages to the event log with status 50.
M:\>


#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:21 PM

Posted 31 March 2014 - 02:47 AM

Please run System file check´s offline version:

 

 

System File Check (offline mode)

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:
  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt

Select Command Prompt
  • In the command window:
  • type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your system drive letter and system path (for example, D:\windows\) and close the notepad.
  • enter the following command:


sfc /scannow /offbootdir=d:\ /offwindir=d:\windows


Replace the red and pink parts with the informations you obtained from the last step of this tutorial.

Note: Depending on how your computer is setup, the Command Prompt, when used from outside of Windows, doesn't always assign drive letters in the same way that you see them from inside Windows. In other words, Windows might be at C:\Windows when you're using it, but D:\Windows from the Command Prompt in System Recovery Options.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 diddy1960

diddy1960
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:21 PM

Posted 01 April 2014 - 07:38 PM

I did this, and got the following message:

Windows Resource Protection did not find any integrity violations.

 

So I guess nothing major.

 

When I attempt to do a repair, it tells me that there's a problem with Locale ID 1033, but my investigations have found little to help me, as most people are talking about BSOD, and I'm not getting that. Obviously a driver issue, but what one. I could just diable it if I knew that. :-)

 

If this is of interest, here is the activity log for that Windows installation since the crash. It seems to be trying to do something, but I don't understand what "fail to register class object 0x80040155" means and a Google search hasn't helped

 

There are 5 entries exactly the same as this.This is the first after the boot failure.

 

2014-03-23 00:23:46:156 1416 3d4 Misc ===========  Logging initialized (build: 7.6.7600.256, tz: +0800)  ===========
2014-03-23 00:23:46:171 1416 3d4 Misc  = Process: E:\Windows\system32\svchost.exe
2014-03-23 00:23:46:171 1416 3d4 Misc  = Module: e:\windows\system32\wuaueng.dll
2014-03-23 00:23:46:156 1416 3d4 Service *************
2014-03-23 00:23:46:171 1416 3d4 Service ** START **  Service: Service startup
2014-03-23 00:23:46:171 1416 3d4 Service *********
2014-03-23 00:23:46:265 1416 3d4 Agent  * WU client version 7.6.7600.256
2014-03-23 00:23:46:265 1416 3d4 Agent  * Base directory: E:\Windows\SoftwareDistribution
2014-03-23 00:23:46:265 1416 3d4 Agent  * Access type: No proxy
2014-03-23 00:23:46:265 1416 3d4 Agent  * Network state: Connected
2014-03-23 00:23:46:655 1416 3d4 Agent FATAL: fail to register class object 0x80040155
2014-03-23 00:23:46:655 1416 3d4 Agent FATAL: Client call recorder fails to init with error 0x80040155
2014-03-23 00:23:46:655 1416 3d4 Agent  * FATAL: Failed to initialize with error 0x80040155 from component Agent
2014-03-23 00:23:46:655 1416 3d4 Service FATAL: Failed to initialize WU client: 0x80040155
2014-03-23 00:23:46:655 1416 3d4 Service *********
2014-03-23 00:23:46:717 1416 3d4 Service **  END  **  Service: Service exit [Exit code = 0x80040155]
2014-03-23 00:23:46:717 1416 3d4 Service *************
 
As I can access the Windows installation from my Windows XP and alternate Windows 7 systems, is there anything I can delete, rename or modify that is preventing it from booting, like outstanding Windows update tasks (which I suspect is that main cause of this), so that I can get it past the problem.
 
Thanks again.
 
David


#12 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:21 PM

Posted 02 April 2014 - 06:19 AM

As your problem seems to be not malware related, please start a new topic here:

 

http://www.bleepingcomputer.com/forums/f/167/windows-7/


Edited by TB-Psychotic, 02 April 2014 - 06:19 AM.

Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#13 diddy1960

diddy1960
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:21 PM

Posted 02 April 2014 - 08:51 AM

As your problem seems to be not malware related, please start a new topic here:

 

http://www.bleepingcomputer.com/forums/f/167/windows-7/

 

Strangely enough, that's where I originally posted it, before it got moved to this section by Hamluis...

 

Frustrating, but thanks anyway.



#14 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:21 PM

Posted 03 April 2014 - 03:11 AM

Please tell your helper that you came from here and that we couldn´t find malware within the logs. :)


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#15 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:21 PM

Posted 09 April 2014 - 03:42 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users