Need help. Computer is facing black screen up on start up. Did lot of reading online and founf this FRST 64X tool which I ran thorugh Recover Option cmd and came up with a FRST.txt file.
Now i don't know what it means? What is next step? Would someone help me decoding the attached log and give me solution?
I am not able to boot comp even in safe mode....tried absolutely everything....dont want to fresh install....
Please help!!!
Mayur
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 01
Ran by SYSTEM on MININT-AM77Q0R on 12-06-2014 16:09:22
Running from H:\
Platform: Windows 7 Professional (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-17] (Realtek Semiconductor)
HKLM\...\Run: [Quick Heal Core UI] => C:\Program Files\Quick Heal\Quick Heal Total Security\strtupap.exe [194984 2013-07-20] (Quick Heal Technologies (P) Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-05] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-11] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1801168 2014-03-18] (APN)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,userinit.exe, [X]
HKU\admim\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [149040 2007-03-19] (Nero AG)
HKU\admim\...\Run: [KingTranslate] => "C:\Program Files (x86)\KingTranslate\KingTranslate.exe" /NotShowMainWindow
HKU\admim\...\Run: [SpeedUpMyComputer] => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe [2054776 2013-07-22] ()
HKU\admim\...\Run: [FixMyRegistry] => C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss
HKU\admim\...\Run: [uTorrent] => C:\Users\admim\AppData\Roaming\uTorrent\uTorrent.exe [1272912 2014-06-03] (BitTorrent Inc.)
AppInit_DLLs: Scdetour.dll => C:\Windows\system32\Scdetour.dll [391648 2013-09-12] (Quick Heal Technologies (P) Ltd.)
AppInit_DLLs-x32: scdetour.dll => C:\Windows\SysWOW64\scdetour.dll [326048 2013-09-12] (Quick Heal Technologies (P) Ltd.)
Lsa: [Notification Packages] scecli ScSecAuth
Startup: C:\Users\admim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
BootExecute: autocheck autochk * bootdelete
==================== Services (Whitelisted) =================
S2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-03-18] (APN LLC.)
S2 Behavior Detection System; C:\Program Files\Quick Heal\Quick Heal Total Security\bdssvc.exe [27560 2013-08-12] (Quick Heal Technologies (P) Ltd.)
S2 Core Mail Protection; C:\Program Files\Quick Heal\Quick Heal Total Security\EMLPROXY.EXE [44136 2014-06-04] (Quick Heal Technologies (P) Ltd.)
S2 Core Scanning Server; C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE [262568 2013-08-12] (Quick Heal Technologies (P) Ltd.)
S2 Core Scanning ServerEx; C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE [262568 2013-08-12] (Quick Heal Technologies (P) Ltd.)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-12] (Intel® Corporation)
S2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-11] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-11] (Intel Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [267824 2007-03-19] (Nero AG)
S2 Online Protection System; C:\Program Files\Quick Heal\Quick Heal Total Security\opssvc.exe [34728 2013-08-12] (Quick Heal Technologies (P) Ltd.)
S2 Quick Update Service; C:\Program Files\Quick Heal\Quick Heal Total Security\quhlpsvc.exe [128104 2014-06-04] (Quick Heal Technologies (P) Ltd.)
S2 ScanWscS; C:\Program Files\Quick Heal\Quick Heal Total Security\SCANWSCS.EXE [319152 2014-03-12] (Quick Heal Technologies (P) Ltd.)
S2 ScSecSvc; C:\Program Files\Quick Heal\Quick Heal Total Security\ScSecSvc.exe [497576 2013-09-12] (Quick Heal Technologies (P) Ltd.)
==================== Drivers (Whitelisted) ====================
S1 bdsflt; C:\Windows\System32\DRIVERS\bdsflt.sys [257112 2013-09-13] (Quick Heal Technologies (P) Ltd.)
S1 bdsnm; C:\Windows\System32\DRIVERS\bdsnm.sys [25688 2013-09-13] (Quick Heal Technologies (P) Ltd.)
S2 catflt; C:\Windows\System32\DRIVERS\catflt.sys [56920 2013-07-20] (Quick Heal Technologies (P) Ltd.)
S3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [490256 2013-01-22] (Intel Corporation)
S2 EMLSS; C:\Windows\System32\drivers\emltdi.sys [19032 2013-07-20] (Quick Heal Technologies (P) Ltd.)
S1 ggc; C:\Windows\System32\DRIVERS\ggc.sys [73816 2013-09-06] (Quick Heal Technologies (P) Ltd.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2013-11-09] ()
S3 llio; C:\Windows\system32\DRIVERS\llio.sys [68328 2014-03-27] (Quick Heal Technologies (P) Ltd.)
S0 mscank; C:\Windows\System32\DRIVERS\mscank.sys [40536 2013-08-23] (Quick Heal Technologies (P) Ltd.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S2 webssx; C:\Windows\System32\DRIVERS\webssx.sys [60648 2013-12-30] (Quick Heal Technologies (P) Ltd.)
S1 wsnf; C:\Windows\System32\DRIVERS\wsnf.sys [72936 2013-12-27] (Quick Heal Technologies (P) Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-12 16:09 - 2014-06-12 16:09 - 00000000 ____D () C:\FRST
2014-06-11 13:40 - 2014-06-11 13:40 - 00000000 __SHD () C:\found.000
2014-06-11 03:23 - 2014-06-11 03:23 - 00003544 ____N () C:\bootsqm.dat
2014-06-11 01:19 - 2014-06-11 01:19 - 00000000 __SHD () C:\found.001
2014-06-10 19:38 - 2014-06-10 19:38 - 00000000 ___HD () C:\Users\admim\ScStore
2014-06-10 02:04 - 2014-06-10 02:09 - 03239391 _____ () C:\Users\admim\Downloads\MP-PHE.rar
2014-06-10 02:03 - 2014-06-10 02:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-09 00:58 - 2014-06-10 20:50 - 00001159 _____ () C:\Users\admim\Documents\plot.log
2014-06-06 00:11 - 2014-06-06 00:11 - 00000188 ____H () C:\Users\admim\Documents\Drawing1.dwl2
2014-06-06 00:11 - 2014-06-06 00:11 - 00000038 ____H () C:\Users\admim\Documents\Drawing1.dwl
2014-06-04 22:12 - 2014-06-07 03:04 - 1713874944 _____ () C:\Users\admim\Downloads\keiso_isac3d32014tv.iso
2014-06-04 22:06 - 2014-06-07 02:24 - 00000000 ____D () C:\Users\admim\Downloads\InfiniteSkills.Learning.AutoDesk.Revit.MEP.2013.Training.Video
2014-06-03 20:58 - 2014-06-08 19:40 - 00000000 ____D () C:\Users\admim\Desktop\Aj_Ref files
2014-06-03 01:58 - 2014-06-03 02:03 - 00000000 ____D () C:\Users\admim\Downloads\Nitro PDF Professional Enterprise 8 (32-bit+64-bit) v8.1.1.3 + Key - {Cyclonoid}
2014-06-03 01:57 - 2014-06-03 01:57 - 00000848 _____ () C:\Users\admim\Desktop\µTorrent.lnk
2014-06-03 01:56 - 2014-06-10 23:29 - 00000000 ____D () C:\Users\admim\AppData\Roaming\uTorrent
2014-06-03 01:55 - 2014-06-03 01:56 - 01272912 _____ (BitTorrent Inc.) C:\Users\admim\Downloads\uTorrent.exe
2014-06-03 00:43 - 2014-06-03 00:43 - 00000000 ____D () C:\Users\admim\AppData\Local\CutePDF Writer
2014-06-03 00:42 - 2014-06-03 00:42 - 00003120 _____ () C:\Windows\System32\Tasks\{E8899465-8959-46B9-8BDA-A23B2DD0A993}
2014-06-03 00:42 - 2014-06-03 00:42 - 00000000 ____D () C:\Program Files (x86)\GPLGS
2014-06-03 00:36 - 2014-06-03 00:41 - 05254656 _____ () C:\Users\admim\Downloads\converter.exe
2014-06-03 00:34 - 2014-06-03 00:34 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-06-03 00:34 - 2014-06-03 00:34 - 00000000 ____D () C:\ProgramData\APN
2014-06-03 00:34 - 2014-06-03 00:34 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-06-03 00:34 - 2014-06-03 00:34 - 00000000 ____D () C:\Program Files (x86)\Acro Software
2014-06-03 00:34 - 2014-03-05 15:31 - 00489392 _____ (Ask Partner Network) C:\Users\admim\Documents\APNSetup1.exe
2014-06-03 00:34 - 2013-10-23 00:54 - 00087600 _____ () C:\Windows\System32\cpwmon64.dll
2014-06-03 00:32 - 2014-06-03 00:33 - 02003352 _____ (Acro Software Inc. ) C:\Users\admim\Downloads\CuteWriter.exe
2014-05-21 00:22 - 2014-06-10 23:17 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-21 00:22 - 2014-05-21 00:23 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 19:40 - 2014-05-05 20:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-05-14 19:40 - 2014-05-05 20:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-05-14 19:40 - 2014-05-05 19:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 19:40 - 2014-05-05 19:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 19:40 - 2014-05-05 19:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-05-14 19:40 - 2014-05-05 18:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-13 21:10 - 2014-04-11 18:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2014-05-13 21:10 - 2014-04-11 18:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2014-05-13 21:10 - 2014-04-11 18:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2014-05-13 21:10 - 2014-04-11 18:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2014-05-13 21:10 - 2014-04-11 18:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2014-05-13 21:10 - 2014-04-11 18:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2014-05-13 21:10 - 2014-04-11 18:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2014-05-13 21:10 - 2014-04-11 18:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-13 21:10 - 2014-04-11 18:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-13 21:10 - 2014-03-24 18:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2014-05-13 21:10 - 2014-03-24 18:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-13 21:10 - 2014-03-04 01:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2014-05-13 21:10 - 2014-03-04 01:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2014-05-13 21:10 - 2014-03-04 01:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\System32\objsel.dll
2014-05-13 21:10 - 2014-03-04 01:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2014-05-13 21:10 - 2014-03-04 01:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2014-05-13 21:10 - 2014-03-04 01:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2014-05-13 21:10 - 2014-03-04 01:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2014-05-13 21:10 - 2014-03-04 01:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2014-05-13 21:10 - 2014-03-04 01:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\wincredprovider.dll
2014-05-13 21:10 - 2014-03-04 01:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2014-05-13 21:10 - 2014-03-04 01:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\System32\cngprovider.dll
2014-05-13 21:10 - 2014-03-04 01:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\adprovider.dll
2014-05-13 21:10 - 2014-03-04 01:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\capiprovider.dll
2014-05-13 21:10 - 2014-03-04 01:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\System32\dpapiprovider.dll
2014-05-13 21:10 - 2014-03-04 01:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\System32\dimsroam.dll
2014-05-13 21:10 - 2014-03-04 01:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2014-05-13 21:10 - 2014-03-04 01:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-13 21:10 - 2014-03-04 01:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-13 21:10 - 2014-03-04 01:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-13 21:10 - 2014-03-04 01:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-13 21:10 - 2014-03-04 01:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-13 21:10 - 2014-03-04 01:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-13 21:10 - 2014-03-04 01:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-13 21:10 - 2014-03-04 01:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-13 21:10 - 2014-03-04 01:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-13 21:10 - 2014-03-04 01:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-13 21:10 - 2014-03-04 01:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-13 21:10 - 2014-03-04 01:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-13 21:10 - 2014-03-04 01:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-13 21:10 - 2014-03-04 01:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-13 21:10 - 2014-03-04 01:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-13 21:10 - 2014-03-04 01:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
==================== One Month Modified Files and Folders =======
2014-06-12 16:09 - 2014-06-12 16:09 - 00000000 ____D () C:\FRST
2014-06-12 02:16 - 2013-09-22 01:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-11 13:40 - 2014-06-11 13:40 - 00000000 __SHD () C:\found.000
2014-06-11 03:23 - 2014-06-11 03:23 - 00003544 ____N () C:\bootsqm.dat
2014-06-11 01:19 - 2014-06-11 01:19 - 00000000 __SHD () C:\found.001
2014-06-10 23:30 - 2014-01-21 04:17 - 95414520 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-06-10 23:30 - 2014-01-21 04:17 - 00000000 ____D () C:\Windows\System32\MRT
2014-06-10 23:30 - 2013-09-21 07:14 - 01977697 _____ () C:\Windows\WindowsUpdate.log
2014-06-10 23:29 - 2014-06-03 01:56 - 00000000 ____D () C:\Users\admim\AppData\Roaming\uTorrent
2014-06-10 23:29 - 2014-03-05 19:36 - 00000000 ____D () C:\Users\admim\AppData\Local\Temp
2014-06-10 23:28 - 2013-12-19 07:01 - 00000000 ____D () C:\Users\admim\Desktop\TIMESHEET
2014-06-10 23:27 - 2013-09-22 20:37 - 00000000 ____D () C:\Users\admim\AppData\Roaming\Dropbox
2014-06-10 23:17 - 2014-05-21 00:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-10 23:00 - 2013-09-22 19:33 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-10 22:38 - 2009-07-13 20:45 - 00009792 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-10 22:38 - 2009-07-13 20:45 - 00009792 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-10 22:37 - 2014-02-06 02:37 - 00000466 _____ () C:\Windows\Tasks\Quick Heal AntiMalware Scan.job
2014-06-10 22:37 - 2014-02-06 02:37 - 00000442 _____ () C:\Windows\Tasks\Resume Quickup Download.job
2014-06-10 22:20 - 2013-10-02 19:18 - 00000000 ____D () C:\Civil 3D Projects
2014-06-10 22:06 - 2013-09-21 07:43 - 00000000 ____D () C:\Users\admim\AppData\Local\Microsoft Help
2014-06-10 20:50 - 2014-06-09 00:58 - 00001159 _____ () C:\Users\admim\Documents\plot.log
2014-06-10 19:39 - 2014-01-21 08:07 - 00000000 ____D () C:\Users\admim\AppData\Roaming\DropboxMaster
2014-06-10 19:38 - 2014-06-10 19:38 - 00000000 ___HD () C:\Users\admim\ScStore
2014-06-10 19:38 - 2014-02-01 03:43 - 00000516 _____ () C:\Windows\Tasks\SpeedyPC Update Version3 Startup Task.job
2014-06-10 19:38 - 2013-11-08 21:10 - 00027586 _____ () C:\Windows\setupact.log
2014-06-10 19:38 - 2013-09-22 19:33 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-10 19:38 - 2013-09-21 07:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-10 19:38 - 2013-09-21 07:12 - 00000000 ____D () C:\users\admim
2014-06-10 19:38 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-10 02:09 - 2014-06-10 02:04 - 03239391 _____ () C:\Users\admim\Downloads\MP-PHE.rar
2014-06-10 02:03 - 2014-06-10 02:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-09 04:17 - 2014-01-21 02:29 - 00003004 _____ () C:\Users\admim\Documents\acad.err
2014-06-09 03:30 - 2009-07-13 21:13 - 00713888 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-06-09 00:11 - 2014-01-18 00:50 - 00000185 _____ () C:\Users\admim\AppData\default.pls
2014-06-09 00:11 - 2013-09-21 07:44 - 00000000 ____D () C:\Users\admim\AppData\Roaming\vlc
2014-06-08 19:40 - 2014-06-03 20:58 - 00000000 ____D () C:\Users\admim\Desktop\Aj_Ref files
2014-06-08 19:29 - 2014-02-06 02:36 - 00000000 ____D () C:\Windows\System32\gprodat
2014-06-08 19:29 - 2013-11-08 22:05 - 00089376 _____ () C:\Windows\PFRO.log
2014-06-07 04:30 - 2014-02-01 03:43 - 00000492 _____ () C:\Windows\Tasks\SpeedyPC Registration3.job
2014-06-07 03:04 - 2014-06-04 22:12 - 1713874944 _____ () C:\Users\admim\Downloads\keiso_isac3d32014tv.iso
2014-06-07 02:24 - 2014-06-04 22:06 - 00000000 ____D () C:\Users\admim\Downloads\InfiniteSkills.Learning.AutoDesk.Revit.MEP.2013.Training.Video
2014-06-06 21:11 - 2013-12-21 00:48 - 00000530 _____ () C:\Windows\System32\nvscnrpt.log
2014-06-06 00:11 - 2014-06-06 00:11 - 00000188 ____H () C:\Users\admim\Documents\Drawing1.dwl2
2014-06-06 00:11 - 2014-06-06 00:11 - 00000038 ____H () C:\Users\admim\Documents\Drawing1.dwl
2014-06-05 08:00 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-06-03 02:03 - 2014-06-03 01:58 - 00000000 ____D () C:\Users\admim\Downloads\Nitro PDF Professional Enterprise 8 (32-bit+64-bit) v8.1.1.3 + Key - {Cyclonoid}
2014-06-03 01:57 - 2014-06-03 01:57 - 00000848 _____ () C:\Users\admim\Desktop\µTorrent.lnk
2014-06-03 01:56 - 2014-06-03 01:55 - 01272912 _____ (BitTorrent Inc.) C:\Users\admim\Downloads\uTorrent.exe
2014-06-03 00:43 - 2014-06-03 00:43 - 00000000 ____D () C:\Users\admim\AppData\Local\CutePDF Writer
2014-06-03 00:42 - 2014-06-03 00:42 - 00003120 _____ () C:\Windows\System32\Tasks\{E8899465-8959-46B9-8BDA-A23B2DD0A993}
2014-06-03 00:42 - 2014-06-03 00:42 - 00000000 ____D () C:\Program Files (x86)\GPLGS
2014-06-03 00:41 - 2014-06-03 00:36 - 05254656 _____ () C:\Users\admim\Downloads\converter.exe
2014-06-03 00:34 - 2014-06-03 00:34 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-06-03 00:34 - 2014-06-03 00:34 - 00000000 ____D () C:\ProgramData\APN
2014-06-03 00:34 - 2014-06-03 00:34 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-06-03 00:34 - 2014-06-03 00:34 - 00000000 ____D () C:\Program Files (x86)\Acro Software
2014-06-03 00:33 - 2014-06-03 00:32 - 02003352 _____ (Acro Software Inc. ) C:\Users\admim\Downloads\CuteWriter.exe
2014-05-21 22:39 - 2013-09-21 07:45 - 00000000 ____D () C:\Users\admim\AppData\Local\Google
2014-05-21 00:23 - 2014-05-21 00:22 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-21 00:22 - 2013-09-23 07:08 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-21 00:22 - 2013-09-23 07:08 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 19:56 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
Some content of TEMP:
====================
C:\Users\admim\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0cvpqu.dll
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points =========================
==================== Memory info ===========================
Percentage of memory in use: 10%
Total physical RAM: 7977.29 MB
Available physical RAM: 7163.64 MB
Total Pagefile: 7975.44 MB
Available Pagefile: 7154.01 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:195.21 GB) (Free:145.95 GB) NTFS
Drive d: (Aum) (Fixed) (Total:638.54 GB) (Free:584.35 GB) NTFS
Drive f: (Personal) (Fixed) (Total:97.66 GB) (Free:97.56 GB) NTFS
Drive h: (AUM TECH) (Removable) (Total:7.28 GB) (Free:7.15 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: C2D4C849)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=639 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7 GB) (Disk ID: 28A1EEF3)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0C)
LastRegBack: 2014-05-11 21:49
==================== End Of Log ============================