BSoD Problem, Can't get into safe mode too

I had an ASUS A55VJ for my birthday, then i installed it with Windows 7 Pro x64. My uncle installed avast! Free Antivirus in my laptop a few days later. i was happy, but then a few days ago i updated avast to the newest version, and i hibernated it. Something happened. it won’t hibernate. just a black screen, with ‘error’ sounds coming from windows. then, a BSoD appeared. i restarted my laptop, i can’t go into windows. not even safe mode. here is the error
then, i tried to boot into safe mode. it stucks with this driver
if you have a solution, please notify me very soon. or just send an email to

Not a good idea to advertise your email address unless you don’t mind it being harvested by spammers :o

i don’t mind with spammers, i have a lot of free time to filter my e-mails. all i need now is a solution to get into safe mode :frowning:

I’ll notify one of the malware team experts ( essexboy notified ) for you as they’ll be the best to help you with this, he may not be on the forum until later this evening though.

Do note that having McAfee, avast and MSE installed is two Anti-viruses too many.

yes, i’m fond of the many antiviruses installed, i’ll try to remove the McAfee. and reinstall avast as the main antivirus
the minidump files -

Hi there, do you have a USB drive handy ?

Download the following three programmes to your desktop :

  1. Rufus

For 64bit systems
2. Windows 7 64bit RC
3. Farbar Recovery Scan Tool x64

Insert the USB stick Then run Rufus

Select the ISO file on the desktop via the ISO icon.

Press Start Burn

Then copy FRST to the same USB

Insert the USB into the sick computer and start the computer. First ensuring that the system is set to boot from USB
Note: If you are not sure how to do that follow the instructions Here

When you reboot you will see this.
Click repair my computer

Select your operating system

Select Command prompt

At the command prompt type the following :

notepad and press Enter.
The notepad opens. Under File menu select Open.
Select “Computer” and find your flash drive letter and close the notepad.
In the command window type e:\frst64.exe and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.

Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

i used a 64-bit system, is rufus necessary?
EDIT : I currently have no administrator rights, is that okay?
EDIT 2 : I’m currently networking through my dad’s pc, so i used a non-administrator user. my dad is still going for a business trip for a few days. and may i ask? if i used rufus, then re-formatting the usb drive would change it back to normal?

Okay. i’ve Downloaded Rufus, Windows 7 x64 RC iso, and the Farbar Recovery Scan. i sticked my usb drive. i ran the Rufus. in Rufus, it still says 0 Device detected. why is that? is it because i don’t have administrator rights?
Edit : in my country, it’s already ten. i’ll get some sleep first. in the morning i’ll reply as soon as i can

If the computer you are using is windows 7 or better you can use the built in burner instead of Rufus. Right click the ISO file and select burn image

my current computer are still using Windows XP Professional SP3 x86. with no administrator rights. i have Nero installed here, but Nero told me that i didn’t have the rights to burn :o

Now running FRST64 on my laptop… waiting for results

why was the menu different? there were no “List Partitions” option? is it because i’m running the windows 7 version?

Okay, i ran farbar recovery, but i didn’t see “Additional.txt”? where is it?

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-06-2013 03
Ran by SYSTEM on 02-07-2013 19:29:20
Running from G:
Windows 7 Professional (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet002
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM.…\Run: [BTMTrayAgent] rundll32.exe “C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll”,TrayApp [11406608 2011-12-19] (Intel Corporation)
HKLM.…\Run: [MSC] “C:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey [1281512 2013-01-26] (Microsoft Corporation)
HKLM.…\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [12452456 2012-02-21] (Realtek Semiconductor)
HKLM-x32.…\Runonce: [InstallShieldSetup] C:\PROGRA~2\INSTAL~1{4B784~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1{4B784~1\reboot.ini -l0x0409
HKLM-x32.…\Run: [Adobe ARM] “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [937920 2011-06-05] (Adobe Systems Incorporated)
HKLM-x32.…\Run: [BCSSync] “C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe” /DelayServices [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32.…\Run: [USB3MON] “C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe” [291608 2012-02-06] (Intel Corporation)
HKLM-x32.…\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32.…\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-18] (ASUSTek Computer Inc.)
HKLM-x32.…\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-18] (ASUS)
HKLM-x32.…\Run: [avast] “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32.…\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-18] (Adobe Systems Incorporated)
HKLM-x32.…\Run: [LanguageShortcut] “C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe” [54832 2006-12-05] ()
HKLM-x32.…\Run: [McAfeeUpdaterUI] “C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe” /StartedFromRunKey [333416 2012-09-05] (McAfee, Inc.)
HKLM-x32.…\Run: [ShStatEXE] “C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE” /STANDALONE [242792 2012-12-03] (McAfee, Inc.)
HKLM-x32.…\Run: [SunJavaUpdateSched] “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe” [253816 2013-03-11] (Oracle Corporation)
HKU\asus.…\Run: [DAEMON Tools Lite] “C:\Program Files (x86)\Daemon Tools Lite\DTLite.exe” -autorun [3674320 2013-01-08] (DT Soft Ltd)
HKU\asus.…\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot [3573624 2013-03-15] (Tonec Inc.)
HKU\asus.…\Run: C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKU\asus.…\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup [55360 2013-05-20] (Raptr, Inc)
HKU\asus.…\Policies\system: [LogonHoursAction] 2
HKU\asus.…\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [250504 2013-03-14] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll ,C:\Windows\SysWOW64\nvinit.dll [205184 2013-03-14] (NVIDIA Corporation)
BootExecute: autocheck autochk /r ??\C:autocheck autochk * aswBoot.exe /M:201c42e2

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-17] (ArcSoft Inc.)
S2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-12] (ASUS)
S3 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Autodesk Content Service\Connect.Service.ContentService.exe [18656 2011-02-01] ()
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-05-10] (Intel Corporation)
S2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2013-03-11] ()
S2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [132712 2012-09-05] (McAfee, Inc.)
S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [241016 2013-06-19] (McAfee, Inc.)
S2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [206448 2012-12-03] (McAfee, Inc.)
S2 mfevtp; C:\Windows\system32\mfevtps.exe [177680 2013-06-19] (McAfee, Inc.)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-26] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-07] ()
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-26] (Microsoft Corporation)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-06-24] ()
S2 Smartfren Connex EC306-2 UI. RunOuc; C:\Program Files (x86)\Smartfren Connex EC306-2 UI\UpdateDog\ouc.exe [246112 2013-04-19] ()
S2 TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [3647272 2009-03-26] (Wacom Technology, Corp.)
S2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-05] (Western Digital)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-07] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S3 AiCharger; C:\Windows\SysWow64\DRIVERS\AiCharger.sys [17152 2012-01-29] (ASUSTek Computer Inc.)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030440 2013-06-26] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-26] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-05-09] ()
S3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [61824 2012-10-30] (ASUS Corporation)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-13] (DT Soft Ltd)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [35256 2011-08-26] ()
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [35256 2011-08-26] ()
S3 KernelMemory; C:\Windows\SysWow64\drivers\KernelMemory.sys [2432 2013-05-06] ()
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [178840 2013-06-19] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309400 2013-06-19] (McAfee, Inc.)
S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771096 2013-06-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2013-06-19] (McAfee, Inc.)
S0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [339392 2013-06-19] (McAfee, Inc.)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S2 npf; C:\Windows\System32\drivers\npf.sys [35344 2012-11-29] (CACE Technologies, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-03-06] ()
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-03-06] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [9584 2013-03-06] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [9584 2013-03-06] ()
S3 UsbModemDriver; C:\Windows\System32\DRIVERS\USB_MODEM_H.sys [28160 2011-04-07] ()
S3 USB_BusEnum_H; C:\Windows\System32\DRIVERS\USB_BusEnum_H.sys [44544 2009-11-04] ()
S3 USB_ETS_H; C:\Windows\System32\DRIVERS\USB_ETS_H.sys [21760 2008-05-29] (Via Telecom, Inc.)
S3 USB_WinMux_H; C:\Windows\System32\DRIVERS\USB_WinMux_H.sys [37376 2009-10-26] ()
S0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-23] (VMware, Inc.)
S3 KernelMemory; ??\C:\Windows\system32\drivers\KernelMemory.sys
S3 X6va012; ??\C:\Windows\SysWOW64\Drivers\X6va012

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AiCharger.sys 16F6F6B7903B913AB41AB848C8BB5658
C:\Windows\SysWow64\DRIVERS\AiCharger.sys 16F6F6B7903B913AB41AB848C8BB5658
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\DRIVERS\AMPPAL.sys 1C591C1A0CB8ABE215FF66F9A1D8E955
C:\Windows\System32\DRIVERS\amppal.sys 1C591C1A0CB8ABE215FF66F9A1D8E955
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 4C016FD76ED5C05E84CA8CAB77993961
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 4C016FD76ED5C05E84CA8CAB77993961
C:\Windows\system32\drivers\aswMonFlt.sys FA562F34ED6633C66170B09182B4C049
C:\Windows\System32\Drivers\aswRvrt.sys 5573AA70993A2BB81525B1C704B88763
C:\Windows\System32\Drivers\aswSnx.sys 20BFB4D024ABE314277A7B88659981D7
C:\Windows\System32\Drivers\aswSP.sys 3BDAF3590BB288366F7FE7438E9829C2
C:\Windows\System32\Drivers\aswVmm.sys 6359B99C955DB9F40B653159A0EED261
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys 881AF14AD2F1207672873B65ACA6C92F
C:\Windows\System32\DRIVERS\athurx.sys EA0AF9B866DF07E8FE6C2342585788B0
C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys 41CEAFFCF3550785E59E3EC9BEE8D97A
C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys 41CEAFFCF3550785E59E3EC9BEE8D97A
C:\Windows\System32\DRIVERS\AsusTP.sys 5E442C5711272E89AED228523D7F8A1E
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 64C198198501F7560EE41D8D1EFA7952
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\btmaux.sys 988CC6CC49303665D3B2435C51505C3F
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys AAFCB52FE0037207FB6FBEA070D25EFE
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 0B3F6C8F93C5C25977EA5A8B2E656357
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 46571ED73AE84469DCA53081D33CF3C8
C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbwwan.sys 334C907536E815E56CD13108A6D5FB9D
C:\Windows\System32\DRIVERS\ew_hwusbdev.sys 86F7951BBCEE4A86E79A97306BD14318
C:\Windows\System32\DRIVERS\ew_usbenumfilter.sys 55E0EDA185869F7EA67EA97FD0655B39
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B
C:\Windows\system32\drivers\hcmon.sys 3CC07DAD48FA53193AE2F85DD8200B5E
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ew_jubusenum.sys 1642C62F1FD5E1FF44608283994A7BB8
C:\Windows\System32\DRIVERS\ewusbmdm.sys 4B80AF36EE9F31361C1DCB2EE563719A
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys C224331A54571C8C9162F7714400BBBD
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\idmwfp.sys 3CBC834892B5E04CE635BB60FB0EE6FF
C:\Windows\System32\DRIVERS\igdkmd64.sys 276EE9CDAB16C50E1DF0E4CEFA882F5F
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 059DDDEDBE5701DC3B779D32798108AC
C:\Windows\System32\DRIVERS\IntcDAud.sys 6C9FFFECA9FED31347D211C5D1FFBD2D
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys 67F6D2A931F194396BDA9B05690008D2
C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys 67F6D2A931F194396BDA9B05690008D2
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iusb3hcs.sys 6BCEF45131C8B8E1C558BE540B190B3C
C:\Windows\System32\DRIVERS\iusb3hub.sys F080EADA8715F811B58BD35BB774F2F9
C:\Windows\System32\DRIVERS\iusb3xhc.sys 0F1756D9396740F053221FA6260FCE66
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\KernelMemory.sys 84359AA1F691C9FD9DBB6B9A623E842A
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 7EFB9333E4ECCE6AE4AE9D777D9E553E
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys 772A1DEEDFDBC244183B5C805D1B7D85
C:\Windows\System32\drivers\mfeapfk.sys 2C3955F7E03E8981316DC3865AB91516
C:\Windows\System32\drivers\mfeavfk.sys 0200C7F230B7DE84E93093233EAB297D
C:\Windows\System32\drivers\mfehidk.sys 2DA1B2DD0B7395292582113FFAFF1A09
C:\Windows\System32\drivers\mferkdet.sys 6FB5ACE08DC6136EC41FC3E3D11F6FC3
C:\Windows\System32\drivers\mfewfpk.sys 78B66873B6A8BD48E0F80848D11E0C75
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys F8A10560B35C66F9DE212F03DAD5BFA7
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys 162100E0BC8377710F9D170631921C03
C:\Windows\System32\drivers\npf.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvlddmkm.sys 4EE399576F76D38C04745DB739BBC8C7
C:\Windows\System32\DRIVERS\nvpciflt.sys 7067753FA8B75A3BDBA5633B4D2A5D0A
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\pwdrvio.sys B39371544C22DEDDE79490FDCF5F3B96
C:\Windows\system32\pwdrvio.sys B39371544C22DEDDE79490FDCF5F3B96
C:\Windows\system32\pwdspio.sys EC2A33B9F1A21500FADA5E599C381090
C:\Windows\system32\pwdspio.sys EC2A33B9F1A21500FADA5E599C381090
C:\Windows\System32\Drivers\PxHlpa64.sys A6BF0A9B5A30D743623CA0D3BE35DF05
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\RtsBaStor.sys 704743274BF9476D34C6DAD3D6C091AA
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys 9140DB0911DE035FED0A9A77A2D156EA
C:\Windows\System32\DRIVERS\Rtlh64.sys A6284C8C29CCCCAD9109C4DA5CD916BD
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssudmdm.sys EA8F41484CCC5BA6A1455C2AD3D1BE3C
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 9849EA3843A2ADBDD1497E97A85D8CAE
C:\Windows\System32\DRIVERS\tcpip.sys 9849EA3843A2ADBDD1497E97A85D8CAE
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbehci.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbhub.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USB_MODEM_H.sys F0B7639E9B40BBC1F9C783006C39B5E0
C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbser.sys 4ACEE387FA8FD39F83564FCD2FC234F2
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50
C:\Windows\System32\DRIVERS\USB_BusEnum_H.sys 712569CAF1099404F04DB2F73E03C5F8
C:\Windows\System32\DRIVERS\USB_ETS_H.sys D81A7A4875CB431815C7E04046201208
C:\Windows\System32\DRIVERS\USB_WinMux_H.sys 5438E4DA624A8C4728D51CA095F48804
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vmci.sys 6203C901DEFF10631AAD919B3BD1489B
C:\Windows\system32\drivers\VMkbd.sys E75DDD0A4768CF509C80E76B8428A644
C:\Windows\System32\DRIVERS\vmnetadapter.sys AEF53B47E960F227BF7638A6A1A9D5C6
C:\Windows\System32\DRIVERS\vmnetbridge.sys C234A1DC2F06A15B9210787F54253810
C:\Windows\system32\drivers\vmnetuserif.sys 25FBBC8C168AEE1753C330352EA6D009
C:\Windows\System32\Drivers\vmusb.sys 415B167695C4B5960A13098622EF3D80
C:\Windows\system32\drivers\vmx86.sys D37CB37BF3FB6612BCA19D81EFA16122
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vsock.sys EF1E48D431223F670CFFD6169B1A136F
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wacmoumonitor.sys F39FC224758290A3193C68C091E6F11A
C:\Windows\System32\DRIVERS\wacommousefilter.sys E04D43C7D1641E95D35CAE6086C7E350
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wacomvhid.sys BB9D431C8D025BA13E60ADDDCFF04F1A
C:\Windows\System32\DRIVERS\WacomVKHid.sys 8B4255329EDFBA3ECFBD0714476FAD38
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wdcsam64.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-07-02 19:24 - 2013-07-02 19:24 - 00000000 ____D C:\FRST
2013-06-30 23:22 - 2013-06-30 23:22 - 370715405 ____A C:\Windows\MEMORY.DMP
2013-06-28 04:44 - 2013-06-28 04:44 - 00007088 ____N C:\bootsqm.dat
2013-06-28 03:06 - 2013-06-28 03:06 - 00262144 ____A C:\Windows\Minidump\062813-24538-01.dmp
2013-06-28 02:27 - 2013-06-28 02:27 - 00262144 ____A C:\Windows\Minidump\062813-74615-01.dmp
2013-06-27 06:01 - 2013-06-27 06:01 - 00000000 ____D C:\Users\asus\AppData\Roaming\Milestone
2013-06-27 00:34 - 2013-06-27 00:34 - 00000251 ____A C:\Users\asus\Downloads\Windows 7 Professional Keys.txt
2013-06-27 00:22 - 2013-06-27 00:22 - 00000486 ____A C:\Users\asus\Downloads\Windows 8 Professional Download Link.txt
2013-06-26 22:20 - 2013-06-26 22:20 - 00000175 ____A C:\Windows\System32\Drivers\aswSP.sys.sum
2013-06-26 22:20 - 2013-06-26 22:20 - 00000175 ____A C:\Windows\System32\Drivers\aswSnx.sys.sum

2013-06-26 04:49 - 2013-06-26 04:49 - 00000000 ____D C:\Users\asus\Documents\Command and Conquer Generals Zero Hour Data
2013-06-26 04:48 - 2013-06-26 21:23 - 00000000 ____D C:\Users\asus\Documents\Command and Conquer Generals Data
2013-06-26 04:45 - 2013-06-26 04:45 - 00000645 ____A C:\Users\Public\Desktop\Command & Conquer Generals Zero Hour .lnk
2013-06-26 04:42 - 2013-06-26 04:47 - 00000980 ____A C:\Windows\eReg.dat
2013-06-26 04:39 - 2013-06-26 04:39 - 00000591 ____A C:\Users\Public\Desktop\Command & Conquer Generals.lnk
2013-06-26 04:08 - 2013-06-26 04:29 - 00000000 ____D C:\Program Files (x86)\Black_Box
2013-06-26 02:08 - 2013-05-07 22:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-25 20:02 - 2013-06-25 20:02 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle
2013-06-25 20:02 - 2013-06-25 20:02 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-06-25 20:02 - 2013-06-25 20:02 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle
2013-06-25 20:02 - 2013-06-25 20:02 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-06-25 06:15 - 2013-06-25 06:15 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-06-25 05:10 - 2013-06-25 05:10 - 06299769 ____A C:\Users\asus\Downloads\Android System.apk
2013-06-25 05:10 - 2013-06-25 05:10 - 01614772 ____A C:\Users\asus\Downloads\Hackers Handbook.apk
2013-06-25 05:10 - 2013-06-25 05:10 - 00289988 ____A C:\Users\asus\Downloads\SMS Auto Reply (Pro).apk
2013-06-25 05:09 - 2013-06-25 05:10 - 47841825 ____A C:\Users\asus\Downloads\CHAOS.apk
2013-06-25 05:09 - 2013-06-25 05:10 - 13722161 ____A C:\Users\asus\Downloads\DIY Mosatsu.apk
2013-06-25 05:09 - 2013-06-25 05:09 - 09876639 ____A C:\Users\asus\Downloads\AR Magic Battle.apk
2013-06-25 05:09 - 2013-06-25 05:09 - 09024785 ____A C:\Users\asus\Downloads\Theme Anime Fantasy GOLauncher EX Theme.apk
2013-06-25 05:09 - 2013-06-25 05:09 - 06301210 ____A C:\Users\asus\Downloads\Casual photo.apk
2013-06-25 05:09 - 2013-06-25 05:09 - 03201921 ____A C:\Users\asus\Downloads\Hack RUN.apk
2013-06-25 05:09 - 2013-06-25 05:09 - 02427215 ____A C:\Users\asus\Downloads\Theme Sexy Girls GO Launcher EX.apk
2013-06-25 05:09 - 2013-06-25 05:09 - 01900657 ____A C:\Users\asus\Downloads\X-Plane.apk
2013-06-25 05:09 - 2013-06-25 05:09 - 00820749 ____A C:\Users\asus\Downloads\Mp3 Music Download+.apk
2013-06-25 05:09 - 2013-06-25 05:09 - 00417327 ____A C:\Users\asus\Downloads\Pure Black GO TaskManagerEX.apk
2013-06-25 05:07 - 2013-06-25 05:07 - 09565202 ____A C:\Users\asus\Downloads\Ama-Hina.apk
2013-06-25 05:07 - 2013-06-25 05:07 - 03581878 ____A C:\Users\asus\Downloads\Facebook Hack.apk
2013-06-25 05:07 - 2013-06-25 05:07 - 00440382 ____A C:\Users\asus\Downloads\SSCamera.apk
2013-06-25 05:03 - 2013-06-25 05:04 - 05207898 ____A C:\Users\asus\Downloads\Asian Hot Girls.apk
2013-06-25 05:02 - 2013-06-25 05:03 - 02228159 ____A C:\Users\asus\Downloads\Blackmart.apk
2013-06-24 18:53 - 2013-06-24 18:56 - 03916021 ____A C:\Users\asus\Downloads\
2013-06-24 18:50 - 2013-06-24 18:51 - 01100260 ____A C:\Users\asus\Downloads\
2013-06-24 00:48 - 2013-06-24 00:48 - 00000000 ____D C:\Users\asus\AppData\Local\storage
2013-06-23 19:14 - 2013-06-24 04:19 - 00001212 ____A C:\Users\asus\Desktop\Uplay.lnk
2013-06-23 01:23 - 2013-06-24 04:39 - 00298032 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2013-06-23 01:23 - 2013-06-23 01:23 - 00000000 ____D C:\Users\asus\AppData\Local\PunkBuster
2013-06-23 01:22 - 2013-06-24 05:01 - 00000000 ____D C:\Users\asus\AppData\Roaming\Ubisoft
2013-06-23 01:22 - 2013-06-24 02:05 - 00000000 ____D C:\Users\asus\Documents\Ubisoft
2013-06-22 20:12 - 2013-06-22 20:12 - 00000000 ____D C:\Users\asus\AppData\Local\techland
2013-06-22 20:11 - 2013-06-22 20:11 - 00000742 ____A C:\Users\Public\Desktop\Call of Juarez Gunslinger.lnk
2013-06-22 04:40 - 2013-06-22 04:40 - 00000000 ____D C:\Users\asus\Documents\NeroVideo
2013-06-22 03:25 - 2013-06-22 03:25 - 00002903 ____A C:\Users\asus\Desktop\template.txt
2013-06-20 23:26 - 2013-06-25 01:30 - 00000000 ____D C:\Users\asus\AppData\Roaming\Raptr
2013-06-20 23:26 - 2013-06-20 23:32 - 00000000 ____D C:\Program Files (x86)\Raptr
2013-06-20 23:26 - 2013-06-20 23:26 - 00001650 ____A C:\Users\asus\Desktop\Raptr.lnk
2013-06-20 23:20 - 2013-06-20 23:20 - 00000652 ____A C:\Users\asus\Desktop\MicroVolts.lnk
2013-06-20 20:04 - 2013-06-20 20:04 - 00001191 ____A C:\Users\Public\Desktop\IObit Unlocker.lnk
2013-06-20 20:04 - 2013-06-20 20:04 - 00000000 ____D C:\ProgramData\IObit
2013-06-20 20:04 - 2013-06-20 20:04 - 00000000 ____D C:\Program Files (x86)\IObit
2013-06-20 00:12 - 2013-06-20 00:13 - 00000000 ____D C:\Users\asus\AppData\Local\Line
2013-06-20 00:12 - 2013-06-20 00:12 - 00001068 ____A C:\Users\Public\Desktop\LINE.lnk
2013-06-20 00:12 - 2013-06-20 00:12 - 00000000 ____D C:\Program Files (x86)\Naver
2013-06-19 22:17 - 2013-06-12 06:47 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-19 22:17 - 2013-06-12 06:43 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-19 22:17 - 2013-06-12 06:43 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-19 22:17 - 2013-06-12 06:43 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-19 22:15 - 2013-06-19 22:17 - 00004802 ____A C:\Windows\SysWOW64\jupdate-1.7.0_25-b16.log
2013-06-19 22:15 - 2013-04-25 21:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-19 22:15 - 2013-04-25 20:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-19 20:37 - 2013-05-16 22:14 - 01188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-19 20:37 - 2013-05-16 22:13 - 01492992 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-19 20:37 - 2013-05-16 22:13 - 00134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-19 20:37 - 2013-05-16 22:10 - 09061376 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-19 20:37 - 2013-05-16 22:10 - 00735232 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-19 20:37 - 2013-05-16 22:10 - 00097792 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-19 20:37 - 2013-05-16 22:09 - 12294656 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-19 20:37 - 2013-05-16 22:09 - 02458112 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-19 20:37 - 2013-05-16 22:09 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-19 20:37 - 2013-05-16 22:09 - 00064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-19 20:37 - 2013-05-16 10:21 - 01231872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-19 20:37 - 2013-05-16 10:21 - 00981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-19 20:37 - 2013-05-16 10:21 - 00132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-19 20:37 - 2013-05-16 10:18 - 06034432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-19 20:37 - 2013-05-16 10:18 - 00627712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-19 20:37 - 2013-05-16 10:18 - 00067584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-19 20:37 - 2013-05-16 10:17 - 11020800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-19 20:37 - 2013-05-16 10:17 - 02078208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-19 20:37 - 2013-05-16 10:17 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-19 20:37 - 2013-05-16 10:17 - 00048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-19 20:37 - 2013-05-12 21:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-19 20:37 - 2013-05-12 21:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-19 20:37 - 2013-05-12 21:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-19 20:37 - 2013-05-12 21:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-19 20:37 - 2013-05-12 20:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-19 20:37 - 2013-05-12 20:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-19 20:37 - 2013-05-12 20:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-19 20:37 - 2013-05-12 19:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-19 20:37 - 2013-05-12 19:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-19 20:37 - 2013-05-12 19:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-19 20:36 - 2013-05-16 09:10 - 01638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-19 20:36 - 2013-05-16 08:44 - 01638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-19 18:55 - 2013-06-19 18:57 - 00000000 ____D C:\MicroVolts Package
2013-06-19 01:01 - 2013-06-19 01:01 - 00262144 ____A C:\Windows\System32\config\ELAM
2013-06-19 01:01 - 2013-06-19 01:01 - 00000000 ____D C:\Users\asus\AppData\Roaming\McAfee
2013-06-19 01:00 - 2013-06-19 00:58 - 00771096 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfehidk.sys

2013-06-19 00:58 - 2013-06-19 01:00 - 00309400 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeavfk.sys
2013-06-19 00:58 - 2013-06-19 01:00 - 00178840 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeapfk.sys
2013-06-19 00:58 - 2013-06-19 01:00 - 00118416 ____A (McAfee, Inc.) C:\Windows\System32\MfeOtlkAddin.dll
2013-06-19 00:58 - 2013-06-19 01:00 - 00106112 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mferkdet.sys
2013-06-19 00:58 - 2013-06-19 01:00 - 00090576 ____A (McAfee, Inc.) C:\Windows\SysWOW64\MfeOtlkAddin.dll
2013-06-19 00:58 - 2013-06-19 01:00 - 00010288 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeclnk.sys
2013-06-19 00:58 - 2013-06-19 00:59 - 00339392 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfewfpk.sys
2013-06-19 00:58 - 2013-06-19 00:59 - 00177680 ____A (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
2013-06-19 00:58 - 2013-06-19 00:58 - 00000000 ____D C:\Program Files\Common Files\McAfee
2013-06-19 00:58 - 2013-03-11 10:12 - 00000000 ____D C:\ProgramData\McAfee
2013-06-19 00:58 - 2009-10-22 05:07 - 00024168 ____A (McAfee, Inc.) C:\Windows\SysWOW64\MFEOtlk.dll
2013-06-19 00:57 - 2013-03-11 10:11 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-06-18 23:00 - 2013-03-11 22:56 - 00000000 ____D C:\Users\asus\Downloads\Video
2013-06-18 04:19 - 2013-06-18 04:19 - 00000000 ____D C:\Users\asus\AppData\Local\Chromium
2013-06-18 04:16 - 2013-06-18 04:16 - 00000000 ____D C:\Users\asus\AppData\Roaming\Sports Interactive
2013-06-18 04:16 - 2013-06-18 04:16 - 00000000 ____D C:\Users\asus\AppData\Local\Sports Interactive
2013-06-18 04:16 - 2013-03-29 18:57 - 00000000 ____D C:\Users\asus\AppData\Local\SKIDROW
2013-06-18 01:35 - 2013-03-13 06:40 - 00000000 ____D C:\Users\asus\AppData\Roaming\DAEMON Tools Lite
2013-06-18 00:19 - 2013-03-12 00:36 - 00002258 ____A C:\Windows\System32\ServiceFilter.ini
2013-06-17 22:10 - 2013-06-17 22:10 - 00000000 ____A C:\Windows\setuperr.log
2013-06-17 03:56 - 2013-06-17 03:56 - 00001124 ____A C:\Users\Public\Desktop\WD Drive Utilities.lnk
2013-06-17 03:55 - 2013-06-17 03:55 - 00005472 ____A C:\Windows\DPINST.LOG
2013-06-17 03:55 - 2013-06-17 03:55 - 00000000 ____D C:\Program Files (x86)\Western Digital
2013-06-16 23:40 - 2013-06-16 23:40 - 00000219 ____A C:\Users\asus\Desktop\Dota 2.url
2013-06-15 23:27 - 2013-06-15 23:27 - 00000000 ____D C:\ProgramData\Elcomsoft Password Recovery
2013-06-15 23:27 - 2013-06-15 23:27 - 00000000 ____D C:\Program Files (x86)\Elcomsoft Password Recovery
2013-06-15 23:27 - 2013-06-15 23:27 - 00000000 ____D C:\Program Files (x86)\Elcomsoft
2013-06-15 20:08 - 2013-06-15 20:08 - 00023069 ____A C:\Users\asus\Downloads[isoHunt] Need For Speed Hot Pursuit Limited Edition v. 2010 PC RePack ?? Spieler.torrent
2013-06-15 17:24 - 2013-03-15 02:35 - 00000000 ____D C:\Users\asus\Documents\Activision
2013-06-15 02:04 - 2013-03-12 04:03 - 00000000 ____D C:\Users\asus\AppData\Local\Adobe
2013-06-15 01:49 - 2013-03-12 03:57 - 00000000 ____D C:\Program Files\Adobe
2013-06-15 01:36 - 2013-03-12 03:57 - 00000000 ____D C:\Users\asus\AppData\Roaming\Adobe
2013-06-15 01:36 - 2013-03-11 09:56 - 00000000 ____D C:\ProgramData\Adobe
2013-06-14 07:09 - 2013-04-20 16:48 - 00000000 ____D C:\Users\asus\AppData\Roaming\Azureus
2013-06-14 03:26 - 2013-03-11 09:28 - 00000000 ____D C:\users\asus
2013-06-14 03:25 - 2013-06-14 03:25 - 00000965 ____A C:\Users\Public\Desktop\Dishonored.lnk
2013-06-14 03:08 - 2013-04-09 03:13 - 00000000 ____D C:\Program Files (x86)\Kansei
2013-06-14 02:27 - 2013-06-14 02:27 - 00001017 ____A C:\Users\UpdatusUser\Desktop\Cool Beans NFO Creator.lnk
2013-06-14 02:27 - 2013-06-14 02:27 - 00001017 ____A C:\Users\asus\Desktop\Cool Beans NFO Creator.lnk
2013-06-14 02:27 - 2013-06-14 02:27 - 00000000 ____D C:\Program Files (x86)\Cool Beans NFO Creator
2013-06-14 02:26 - 2013-06-14 02:26 - 00591337 ____A C:\Users\asus\Downloads\nfo01.exe
2013-06-13 23:03 - 2013-04-20 08:12 - 00000000 ____D C:\Users\asus\AppData\Roaming\Origin
2013-06-13 23:03 - 2013-04-20 08:08 - 00000000 ____D C:\ProgramData\Origin
2013-06-13 23:02 - 2013-04-20 08:12 - 00000000 ____D C:\Users\asus\AppData\Local\Origin
2013-06-13 23:02 - 2013-04-20 08:08 - 00000000 ____D C:\Program Files (x86)\Origin
2013-06-13 04:57 - 2013-06-13 04:57 - 30411385 ____A C:\Users\asus\Downloads\Untitled-1.psd
2013-06-13 04:30 - 2013-04-14 06:32 - 00000132 ____A C:\Users\asus\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-06-12 22:55 - 2013-06-12 22:54 - 209715200 ____A C:\Users\asus\Downloads[Nitro+] Saya no Uta.part2.rar
2013-06-12 06:48 - 2013-03-11 23:47 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-12 06:48 - 2013-03-11 23:47 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-12 06:47 - 2013-06-19 22:17 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-12 06:43 - 2013-06-19 22:17 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-12 06:43 - 2013-06-19 22:17 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-12 06:43 - 2013-06-19 22:17 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-12 06:38 - 2013-06-12 06:38 - 209715200 ____A C:\Users\asus\Downloads[Nitro+] Saya no Uta.part1.rar
2013-06-12 05:28 - 2013-06-12 05:28 - 06296935 ____A C:\Users\asus\Downloads[Nitro+] Saya no Uta.part3.rar
2013-06-12 01:47 - 2013-06-12 01:47 - 00000000 ____D C:\Users\asus\AppData\Roaming\UTAU
2013-06-11 22:42 - 2013-06-11 22:42 - 00000874 ____A C:\Users\Public\Desktop\µTorrent.lnk
2013-06-11 22:34 - 2013-06-01 03:11 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2013-06-11 01:30 - 2013-06-11 01:30 - 00000636 ____A C:\Users\Public\Desktop\osu!.lnk
2013-06-11 01:27 - 2013-06-11 01:27 - 00000000 ____D C:\Users\asus\AppData\Roaming\Downloaded Installations
2013-06-11 01:16 - 2013-06-11 01:16 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2013-06-11 01:16 - 2013-06-11 01:16 - 00000000 ____D C:\Users\asus\AppData\Roaming\Samsung
2013-06-11 01:16 - 2013-06-11 01:16 - 00000000 ____D C:\Users\asus\AppData\Local\Samsung
2013-06-11 01:07 - 2013-06-11 01:07 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2013-06-11 00:06 - 2013-06-11 00:00 - 23279036 ____A C:\Users\asus\Downloads\
2013-06-08 20:18 - 2013-03-12 02:50 - 00000000 ____D C:\Users\asus\AppData\Roaming\Audacity
2013-06-07 21:36 - 2013-06-07 21:36 - 00000754 ____A C:\Users\Public\Desktop\Jet Set Radio.lnk
2013-06-07 20:39 - 2013-06-07 20:37 - 00000000 ____D C:\Program Files (x86)\Machinarium
2013-06-07 20:37 - 2013-06-07 20:37 - 00001054 ____A C:\Users\UpdatusUser\Desktop\Machinarium.lnk
2013-06-07 20:37 - 2013-06-07 20:37 - 00001054 ____A C:\Users\asus\Desktop\Machinarium.lnk
2013-06-07 00:46 - 2013-06-06 05:13 - 00000000 ____D C:\ProgramData\Skype
2013-06-07 00:45 - 2013-06-06 05:13 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-07 00:31 - 2013-06-07 00:31 - 00000000 ____D C:\Users\asus\AppData\Roaming\Microsoft Games
2013-06-07 00:28 - 2013-06-07 00:28 - 00001007 ____A C:\Users\UpdatusUser\Desktop\GameSpy Arcade.lnk
2013-06-06 07:03 - 2013-06-06 07:03 - 00000840 ____A C:\Users\Public\Desktop\Remember Me.lnk
2013-06-06 05:14 - 2013-06-06 05:14 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2013-06-06 04:53 - 2013-03-30 18:52 - 00000000 ____D C:\Users\asus\AppData\Local\Facebook
2013-06-06 04:44 - 2013-06-06 04:44 - 00000819 ____A C:\Users\asus\Downloads\512D25A1977862E1C7ACCA224E11A52FCC5AA373.torrent
2013-06-05 23:53 - 2013-06-05 20:40 - 00000000 ____D C:\Users\asus\AppData\Roaming\EVDO_Haier
2013-06-05 04:09 - 2013-06-05 04:08 - 00033995 ____A C:\Users\asus\Downloads[]syndicate.skidrow.torrent
2013-06-05 04:06 - 2013-06-05 04:06 - 00005059 ____A C:\Users\asus\Downloads[]
2013-06-05 04:06 - 2013-06-05 04:06 - 00000642 ____A C:\Users\asus\Downloads[]
2013-06-04 22:44 - 2013-06-01 03:20 - 00001502 ____A C:\Users\asus\Desktop\RuLEZ.txt
2013-06-03 18:15 - 2013-06-03 18:15 - 00708168 ____A (Microsoft Corporation) C:\Windows\System32\WinUSBCoInstaller.dll
2013-06-03 18:15 - 2013-06-03 18:15 - 00203672 ____A (DEVGURU Co., LTD.( C:\Windows\System32\Drivers\ssudmdm.sys
2013-06-03 18:15 - 2013-06-03 18:15 - 00103448 ____A (DEVGURU Co., LTD.( C:\Windows\System32\Drivers\ssudbus.sys

==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================

HKLM.….exe: exefile => OK
HKLM.…\exefile\DefaultIcon: %1 => OK
HKLM.…\exefile\open\command: “%1” %* => OK

==================== Restore Points =========================

Restore point made on: 2013-06-26 21:55:49
Restore point made on: 2013-06-27 05:50:06

==================== BCD ================================

Windows Boot Manager

identifier {bootmgr}
device partition=Y:
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {default}
resumeobject {5f8c60b0-8aed-11e2-83fd-9237e3e45600}
displayorder {default}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader

identifier {default}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {5f8c60b2-8aed-11e2-83fd-9237e3e45600}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {5f8c60b0-8aed-11e2-83fd-9237e3e45600}
nx OptIn

Windows Boot Loader

identifier {5f8c60b2-8aed-11e2-83fd-9237e3e45600}
device ramdisk=[C:]\Recovery\5f8c60b2-8aed-11e2-83fd-9237e3e45600\Winre.wim,{5f8c60b3-8aed-11e2-83fd-9237e3e45600}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\5f8c60b2-8aed-11e2-83fd-9237e3e45600\Winre.wim,{5f8c60b3-8aed-11e2-83fd-9237e3e45600}
systemroot \windows
nx OptIn
winpe Yes

Resume from Hibernate

identifier {5f8c60b0-8aed-11e2-83fd-9237e3e45600}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Windows Memory Tester

identifier {memdiag}
device partition=Y:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings

identifier {emssettings}
bootems Yes

Debugger Settings

identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects

identifier {badmemory}

Global Settings

identifier {globalsettings}
inherit {dbgsettings}

Boot Loader Settings

identifier {bootloadersettings}
inherit {globalsettings}

Hypervisor Settings

identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings

identifier {resumeloadersettings}
inherit {globalsettings}

Device options

identifier {5f8c60b3-8aed-11e2-83fd-9237e3e45600}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\5f8c60b2-8aed-11e2-83fd-9237e3e45600\boot.sdi

==================== Memory info ===========================

Percentage of memory in use: 16%
Total physical RAM: 3981.48 MB
Available physical RAM: 3314.02 MB
Total Pagefile: 3979.63 MB
Available Pagefile: 3314.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (SYSTEMS) (Fixed) (Total:97.56 GB) (Free:18.47 GB) NTFS (Disk=0 Partition=2)
Drive e: (Data) (Fixed) (Total:600.98 GB) (Free:151 GB) NTFS (Disk=0 Partition=3)
Drive f: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.16 GB) (Free:0 GB) UDF
Drive g: (MAMA DOC) (Removable) (Total:3.73 GB) (Free:3.72 GB) FAT32 (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 2BFB4DC8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=601 GB) - (Type=07 NTFS)

Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)

LastRegBack: 2013-06-26 07:37

==================== End Of Log ============================

There is no “Addition.txt” in my usb drive. where can i find it?

Hi first I will remove the McAfee active drivers, if that fails I will then uninstall Avast. The additional txt will only appear if FRST is run from safe mode

You can attach files like FRST and that will make it easier for you

Download the attached fixlist.txt to the same USB as FRST
Run FRST as before and press fix.
On completion of the fix try a normal boot

so, i guess like this?

  1. Download the fixlist to the same directory as FRST64
  2. scan using FRST
  3. click fix
  4. after the fix was complete, try to boot normally

Ummm, i tried to boot using the windows 7 x64 RC, but it won’t skip the “Startup Repair”. it won’t cancel. any help?