Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by SYSTEM on MININT-KSFMKBF on 17-05-2015 14:55:56
Running from H:\
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
[b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b]

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Enhanced Performance Keyboard] => C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe [335360 2012-08-08] (LITE-ON TECHNOLOGY CORP.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [293672 2013-01-28] (Lenovo Group Limited)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Power Manager Startup Utility] => C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe [27496 2014-03-05] ()
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4315872 2011-06-01] (Lenovo, Inc.)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\PROLiNK HSPA Modem\UIExec.exe [148992 2013-07-11] ()
HKLM-x32\...\Run: [CancelAutoPlay] => C:\Program Files (x86)\PROLiNK HSPA Modem\CancelAutoPlay.exe [441344 2013-07-11] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-12] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-06] (Oracle Corporation)
HKLM\...\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe [296960 2010-11-20] (Microsoft Corporation)
Winlogon\Notify\DfLogon: LogonDll.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Default\...\RunOnce: [Lenovo.ShowBand] => C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2014-02-19] (Lenovo)
HKU\Default\...\RunOnce: [] => [X]
HKU\Default\...\RunOnce: [Lenovoautoqdrive] => C:\Program Files (x86)\Common Files\lenovo\LenovoDrive\LenovoAutorunreg.exe [159744 2013-07-01] ()
HKU\Default User\...\RunOnce: [Lenovo.ShowBand] => C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2014-02-19] (Lenovo)
HKU\Default User\...\RunOnce: [] => [X]
HKU\Default User\...\RunOnce: [Lenovoautoqdrive] => C:\Program Files (x86)\Common Files\lenovo\LenovoDrive\LenovoAutorunreg.exe [159744 2013-07-01] ()
BootExecute: autocheck autochk /r \??\C:autocheck autochk /k:C /k:D /k:Q * 

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 DFServ; C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe [1073664 2010-05-20] (Faronics Corporation)
S2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9954096 2014-03-31] (DisplayLink Corp.)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [532224 2014-04-22] (Lenovo)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1662424 2014-02-19] ()
S2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2014-02-14] (Nitro PDF Software)
S2 PCM3.0 for SCCM Agent; C:\Program Files (x86)\Lenovo\PCM3.0Agent\SCCM_Agent.exe [571712 2014-03-03] ()
S2 PCMAgent; C:\Program Files (x86)\Lenovo\PCMAgent\Server.exe [902952 2014-08-13] (Lenovo)
S3 Power Manager DBC Service; C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE [63848 2014-03-05] (Lenovo)
S2 ppspm; C:\_inject-ppspm\sql\bin\mysqld-nt.exe [5730304 2007-07-05] ()
S3 PwmEWSvc; C:\Program Files (x86)\Lenovo\PowerMgr\PWMEWSVC.EXE [186728 2014-03-05] (Lenovo Group Limited)
S2 SAS; c:\DBSAS\bin\mysqld.exe [6094848 2010-09-22] ()
S2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-12] (DEVGURU Co., LTD.)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
S2 UI Assistant Service; C:\Program Files (x86)\PROLiNK HSPA Modem\AssistantServices.exe [268288 2013-07-11] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 DeepFrz; C:\Windows\System32\Drivers\DeepFrz.sys [227352 2010-05-20] (Faronics Corporation)
S0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-02-06] (Intel Corporation)
S1 NetWorkLocker; C:\Windows\syswow64\drivers\NetworkLocker_x64.sys [20392 2014-08-13] ()
S3 PROLiNKusbdiag; C:\Windows\System32\DRIVERS\PROLiNKusbdiag.sys [123392 2013-08-25] (PROLINK Corporation)
S3 PROLiNKusbmodem; C:\Windows\System32\DRIVERS\PROLiNKusbmodem.sys [123392 2013-08-25] (PROLINK Corporation)
S3 PROLiNKusbnmea; C:\Windows\System32\DRIVERS\PROLiNKusbnmea.sys [123392 2013-08-25] (PROLINK Corporation)
S3 PROLiNKusbvoice; C:\Windows\System32\DRIVERS\PROLiNKusbvoice.sys [123392 2013-08-25] (PROLINK Corporation)
S0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 14:42 - 2015-05-17 14:55 - 00000000 ____D () C:\FRST
2015-05-11 16:49 - 2015-05-11 16:52 - 00065504 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\NTAgent.exe
2015-05-06 00:40 - 2015-05-06 00:40 - 00000652 _____ () C:\Users\Public\Desktop\Aplikasi PIN PPSPM (Tanda Tangan Elektronik).lnk
2015-05-06 00:40 - 2012-02-01 23:48 - 04245504 _____ (Oracle Corporation) C:\Windows\SysWOW64\myodbc3.dll
2015-05-06 00:40 - 2012-02-01 23:48 - 03597312 _____ () C:\Windows\SysWOW64\myodbc3S.dll
2015-05-06 00:40 - 2012-02-01 23:48 - 00184320 _____ () C:\Windows\SysWOW64\myodbc3i.exe
2015-05-06 00:40 - 2012-02-01 23:48 - 00016544 _____ () C:\Windows\SysWOW64\myodbc3.lib
2015-05-06 00:40 - 2012-02-01 23:48 - 00001932 _____ () C:\Windows\SysWOW64\myodbc3S.lib
2015-05-06 00:38 - 2015-05-12 18:17 - 00000000 ____D () C:\_inject-ppspm
2015-05-05 23:21 - 2015-05-14 16:29 - 00017408 _____ () C:\Windows\SysWOW64\rpcnetp.exe
2015-05-05 23:21 - 2015-05-14 16:29 - 00017408 _____ () C:\Windows\SysWOW64\rpcnetp.dll
2015-05-05 22:24 - 2015-05-05 22:24 - 00783769 _____ () C:\Windows\SysWOW64\EPSTP64U_000.CAB
2015-05-05 22:24 - 2015-05-05 22:24 - 00451484 _____ () C:\Windows\SysWOW64\EPSETUP_003.CAB
2015-05-05 22:24 - 2015-05-05 22:24 - 00451484 _____ () C:\Windows\SysWOW64\EPSETUP_000.CAB
2015-05-05 22:24 - 2015-05-05 22:24 - 00316755 _____ () C:\Windows\SysWOW64\EPPRTDRV_003.CAB
2015-05-05 22:24 - 2015-05-05 22:24 - 00316755 _____ () C:\Windows\SysWOW64\EPPRTDRV_000.CAB
2015-05-05 22:24 - 2015-05-05 22:24 - 00079187 _____ () C:\Windows\SysWOW64\EPSMTL32_002.CAB
2015-05-05 22:24 - 2004-04-20 09:00 - 00005729 _____ () C:\Windows\SysWOW64\EPSUI64W_000.dat
2015-05-05 22:16 - 2015-05-05 22:16 - 00451484 _____ () C:\Windows\SysWOW64\EPSETUP_002.CAB
2015-05-05 22:16 - 2015-05-05 22:16 - 00316755 _____ () C:\Windows\SysWOW64\EPPRTDRV_002.CAB
2015-05-05 22:16 - 2015-05-05 22:16 - 00079187 _____ () C:\Windows\SysWOW64\EPSMTL32_001.CAB
2015-05-05 21:20 - 2015-05-05 21:20 - 00451484 _____ () C:\Windows\SysWOW64\EPSETUP_001.CAB
2015-05-05 21:20 - 2015-05-05 21:20 - 00316755 _____ () C:\Windows\SysWOW64\EPPRTDRV_001.CAB
2015-05-05 21:20 - 2015-05-05 21:20 - 00079187 _____ () C:\Windows\SysWOW64\EPSMTL32_000.CAB
2015-05-05 21:20 - 2015-05-05 21:20 - 00000000 ____D () C:\Program Files\EPSON
2015-05-04 23:46 - 2015-05-04 23:48 - 00049536 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\agremove.exe
2015-05-04 01:26 - 2015-05-04 01:26 - 01680186 _____ () C:\Users\LENOVO\Desktop\PMK PASAL 36.pptx
2015-04-27 00:19 - 2015-04-27 00:21 - 00000000 ____D () C:\Users\LENOVO\.android
2015-04-27 00:19 - 2015-04-27 00:19 - 00000000 ____D () C:\Program Files (x86)\Android
2015-04-27 00:06 - 2015-04-27 00:06 - 00000000 ____D () C:\Program Files\SAMSUNG
2015-04-27 00:06 - 2014-10-12 21:57 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
2015-04-27 00:06 - 2014-10-12 21:57 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys
2015-04-27 00:05 - 2015-04-27 00:05 - 00000000 ____D () C:\ProgramData\Samsung
2015-04-26 21:10 - 2015-04-26 21:10 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\System32\aswBoot.exe
2015-04-26 21:10 - 2015-04-26 21:10 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-26 21:10 - 2015-03-31 20:19 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\System32\Drivers\asw42CA.tmp
2015-04-26 21:10 - 2015-03-31 20:19 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\System32\Drivers\asw4EE0.tmp
2015-04-26 21:10 - 2015-03-31 20:19 - 00271200 _____ () C:\Windows\System32\Drivers\asw50C5.tmp
2015-04-26 21:10 - 2015-03-31 20:19 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\System32\Drivers\asw523C.tmp
2015-04-26 21:10 - 2015-03-31 20:19 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\System32\Drivers\asw4589.tmp
2015-04-26 21:10 - 2015-03-31 20:19 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\System32\Drivers\asw4AC9.tmp
2015-04-26 21:10 - 2015-03-31 20:19 - 00065736 _____ () C:\Windows\System32\Drivers\asw4D49.tmp
2015-04-26 21:10 - 2015-03-31 20:19 - 00029168 _____ () C:\Windows\System32\Drivers\asw47AC.tmp
2015-04-23 18:16 - 2015-04-23 18:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-22 18:39 - 2015-05-13 01:43 - 00000000 ____D () C:\Users\LENOVO\Desktop\Karya Ilmiah
2015-04-22 18:33 - 2015-05-06 02:39 - 00000000 ____D () C:\Users\LENOVO\Desktop\TAP
2015-04-22 17:55 - 2015-04-22 18:00 - 00000000 ____D () C:\Users\LENOVO\Desktop\Metode Penelitian Sosial
2015-04-22 17:53 - 2015-04-22 17:54 - 00000000 ____D () C:\Users\LENOVO\Desktop\Perencanaan Pemasaran
2015-04-22 17:20 - 2015-04-22 17:21 - 00000000 ____D () C:\Users\LENOVO\Desktop\Hukum Bisnis
2015-04-22 17:16 - 2015-04-22 17:18 - 00000000 ____D () C:\Users\LENOVO\Desktop\Kewirausahaan
2015-04-22 17:14 - 2015-04-27 02:46 - 00000000 ____D () C:\Users\LENOVO\Desktop\Analisis Kasus Bisnis

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 12:36 - 2014-10-10 03:24 - 00000000 ____D () C:\users\LENOVO
2015-05-16 18:46 - 2015-03-31 19:59 - 00002756 _____ () C:\Windows\System32\Tasks\AutoKMSDaily
2015-05-16 18:46 - 2015-03-31 19:59 - 00000218 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2015-05-16 18:46 - 2015-03-31 19:59 - 00000218 _____ () C:\Windows\Tasks\AutoKMS.job
2015-05-16 18:45 - 2015-03-31 20:32 - 00009446 _____ () C:\Windows\setupact.log
2015-05-16 18:45 - 2015-03-31 19:59 - 00151552 _____ () C:\Windows\KMSEmulator.exe
2015-05-16 18:45 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-15 02:19 - 2015-03-31 20:32 - 00036780 _____ () C:\Windows\DFError.log
2015-05-15 02:19 - 2014-10-10 03:27 - 00379221 _____ () C:\Windows\WindowsUpdate.log
2015-05-14 16:37 - 2009-07-13 20:45 - 00031312 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-14 16:37 - 2009-07-13 20:45 - 00031312 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-14 16:29 - 2015-03-31 20:17 - 00000000 ____D () C:\Program Files (x86)\SMADAV
2015-05-14 16:29 - 2014-08-13 02:15 - 00017408 _____ () C:\Windows\System32\rpcnetp.exe
2015-05-13 00:09 - 2015-02-01 18:56 - 00000000 ____D () C:\AplikasiSAS2015
2015-05-12 17:36 - 2009-07-13 21:13 - 00783114 _____ () C:\Windows\System32\PerfStringBackup.INI
2015-05-11 18:56 - 2015-04-05 19:50 - 00006276 _____ () C:\Users\LENOVO\jinitiator13122.trace
2015-05-11 17:03 - 2015-03-31 18:48 - 00000000 ____D () C:\Program Files (x86)\PROLiNK HSPA Modem
2015-05-06 00:40 - 2015-02-01 18:58 - 00000411 _____ () C:\Windows\ODBCINST.INI
2015-05-04 16:31 - 2015-03-31 20:18 - 00078032 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.dll
2015-05-03 20:52 - 2015-04-01 19:24 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-04-29 02:44 - 2015-02-05 01:46 - 00002000 ____H () C:\Users\LENOVO\Documents\Default.rdp
2015-04-27 16:29 - 2015-03-31 20:32 - 00002922 _____ () C:\Windows\PFRO.log
2015-04-26 23:13 - 2015-03-17 03:24 - 00000000 ____D () C:\Users\LENOVO\AppData\Local\Lenovo
2015-04-26 20:33 - 2015-01-27 03:12 - 00000000 ____D () C:\Users\LENOVO\Downloads\Compressed
2015-04-26 16:30 - 2015-03-31 19:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

Some content of TEMP:
====================
C:\Users\LENOVO\AppData\Local\Temp\EPSDIW64_000.EXE
C:\Users\LENOVO\AppData\Local\Temp\EPSDIW64_001.EXE
C:\Users\LENOVO\AppData\Local\Temp\EPSDIW64_002.EXE
C:\Users\LENOVO\AppData\Local\Temp\EPSTPA64_000.EXE
C:\Users\LENOVO\AppData\Local\Temp\EPSTPA64_001.EXE
C:\Users\LENOVO\AppData\Local\Temp\EPSTPA64_002.EXE


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================

Restore point made on: 2015-04-07 21:43:56
Restore point made on: 2015-04-15 21:54:22
Restore point made on: 2015-04-23 17:43:14
Restore point made on: 2015-04-26 21:01:35
Restore point made on: 2015-05-03 21:38:28
Restore point made on: 2015-05-11 21:25:53

==================== Memory info =========================== 

Percentage of memory in use: 21%
Total physical RAM: 4009.08 MB
Available physical RAM: 3163.54 MB
Total Pagefile: 4007.28 MB
Available Pagefile: 3151.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:135.3 GB) (Free:98.43 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: () (Fixed) (Total:315.7 GB) (Free:187.73 GB) NTFS
Drive f: (Lenovo_Recovery) (Fixed) (Total:13.3 GB) (Free:2.34 GB) NTFS
Drive h: (REMOVABLE D) (Removable) (Total:7.44 GB) (Free:7.44 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM_DRV) (Fixed) (Total:1.46 GB) (Free:1.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0A02B8A2)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=135.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=315.7 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.


LastRegBack: 2015-05-14 16:53

==================== End Of Log ============================