FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2017
Ran by Haryo S (administrator) on DESKTOP-FHHLETL (22-07-2017 19:08:15)

Running from d:\Users\Haryo S\Downloads\Programs
Loaded Profiles: defaultuser0 & Haryo S (Available Profiles: defaultuser0 & Haryo
S)
Platform: Windows 10 Enterprise Version 1703 (X64) Language: English (United
States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-
recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will
not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA

Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation)
C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\i
gfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK
Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK
Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Bentley Systems Inc.) C:\Program Files (x86)\Bentley\Engineering\SPC Server v8i
SS4\Bentley.Structural.PropertyCatalog.Server.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth Filter ONLY\BTDevMgr.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA
Corporation\NvTelemetry\NvTelemetryContainer.exe
Corporation\NvContainer\nvcontainer.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License
Service\PsiService_2.exe
(Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
() C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe
() C:\Program Files\Chaos Group\VRLService\OLS\startvrolservice.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Chaos Software Ltd.) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe
(Microsoft Corporation)
C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Chaos Software Ltd.) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation)
C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\I
ntelCpHeciSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine
Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine
Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
Corporation\Display.NvContainer\NVDisplay.Container.exe
Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA
Corporation\NvContainer\nvcontainer.exe
(ASUSTek Computer Inc.) C:\Program Files
(x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel Corporation)
C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\i
gfxEM.exe
Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart
Gesture\AsTPCenter\x64\AsusTPLoader.exe
Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(LAN Messenger) C:\Program Files (x86)\LAN Messenger\lmc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce
Experience\NVIDIA Share.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce
Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program
Files\WindowsApps\Microsoft.WindowsStore_11706.1001.25.0_x64__8wekyb3d8bbwe\WinStor
e.App.exe
() C:\Program
Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Mi
crosoft.Photos.exe
Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to
default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe

[629152 2017-03-19] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe"
C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common
Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe
Systems Incorporated)
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe
[3934168 2016-09-17] (Stardock Corporation)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk
Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common
Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat
11.0\Acrobat\Acrotray.exe [3478392 2013-12-21] (Adobe Systems Inc.)
HKU\S-1-5-21-1977530393-1560855581-2334280851-1000\...\RunOnce: [WAB Migrate] =>
C:\Program Files\Windows Mail\wab.exe [517120 2017-03-19] (Microsoft Corporation)
HKU\S-1-5-21-1977530393-1560855581-2334280851-1001\...\Run: [MySELECT.exe] =>
C:\Program Files\Common Files\Bentley Shared\CONNECTION
client\Bentley.Connect.Client.exe [501752 2015-09-23] (Bentley Systems Inc.)
HKU\S-1-5-21-1977530393-1560855581-2334280851-1001\...\Run: [Fences] => C:\Program
Files (x86)\Stardock\Fences\Fences.exe [3934168 2016-09-17] (Stardock Corporation)
HKU\S-1-5-21-1977530393-1560855581-2334280851-1001\...\Run:
[EPLTarget\P0000000000000001] =>
C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIN4E.EXE [298560 2014-03-20] (SEIKO
EPSON CORPORATION)
HKU\S-1-5-21-1977530393-1560855581-2334280851-1001\...\Run: [LAN Messenger] =>
C:\Program Files (x86)\LAN Messenger\lmc.exe [1721344 2012-07-25] (LAN Messenger)
HKU\S-1-5-21-1977530393-1560855581-2334280851-1001\...\Run: [CCleaner Monitoring]
=> C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd)
HKU\S-1-5-21-1977530393-1560855581-2334280851-1001\...\Policies\Explorer: []
IFEO\SppExtComObj.exe: [Debugger] SppExtComObjPatcher.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed

or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{6e121fd7-8ebd-460d-a9cc-997444d8c3c6}: [DhcpNameServer]
192.168.1.1
Tcpip\..\Interfaces\{e5bf0e46-c7a5-49dc-8bd7-1a1c090d4bb1}: [DhcpNameServer]
192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-1977530393-1560855581-2334280851-1001\Software\Microsoft\Internet
Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-1977530393-1560855581-2334280851-1001 -> DefaultScope
{FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?
q={searchTerms}&fr=ntg&product_id=%7BA976E640-3901-4CD1-B7E0-
DEF3020C06A8%7D&gp=811041
SearchScopes: HKU\S-1-5-21-1977530393-1560855581-2334280851-1001 -> {FFEBBF0A-C22C-
4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?
q={searchTerms}&fr=ntg&product_id=%7BA976E640-3901-4CD1-B7E0-
DEF3020C06A8%7D&gp=811041
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8}
-> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-11]
(Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} ->
C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft
Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} ->
C:\Program Files (x86)\Common
Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-21] (Adobe Systems
Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-
ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-
31] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-
665D8EE6A077} -> C:\Program Files (x86)\Common
Incorporated)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-
17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
[2016-12-11] (Internet Download Manager, Tonec Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-
2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
[2015-08-01] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910}
-> C:\Program Files (x86)\Common
Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems
Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-
A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL
[2015-08-01] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-
665D8EE6A077} -> C:\Program Files (x86)\Common
Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-
0819E2EAAC93} - C:\Program Files (x86)\Common
Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-
0819E2EAAC93} - C:\Program Files (x86)\Common
Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program
Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program
Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-08-01] (Microsoft
Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program
Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files
(x86)\Microsoft Office\Office16\MSOSB.DLL [2015-08-01] (Microsoft Corporation)
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] -
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat
11.0\Acrobat\Browser\WCFirefoxExtn [2017-05-12] [not signed]
FF HKU\S-1-5-21-1977530393-1560855581-2334280851-1001\...\SeaMonkey\Extensions:
[mozilla_cc@internetdownloadmanager.com] - C:\Users\Haryo
S\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Haryo S\AppData\Roaming\IDM\idmmzcc5 [2017-06-02]
[not signed]
FF HKU\S-1-5-21-1977530393-1560855581-2334280851-1001\...\SeaMonkey\Extensions:
[mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet
Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download
Manager\idmmzcc2.xpi [2017-01-26]
FF Plugin: @microsoft.com/SharePoint,version=14.0 ->
C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program
Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program
Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common
Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe
Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 ->
C:\Program Files (x86)\Intel\Intel(R) Management Engine
Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files
(x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[2015-08-25] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla
Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 ->
C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-08-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files
(x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files
(x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-17] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat
11.0\Acrobat\Air\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common
Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe
Systems)
FF Plugin HKU\S-1-5-21-1977530393-1560855581-2334280851-1001:
@unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Haryo
S\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-09] (Unity
Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla
firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation)
Chrome:
=======
CHR HomePage: Default -> inline.go.mail.ru
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://inline.go.mail.ru/search?
inline_comp=dse&q={searchTerms}&fr=chxtn12.0.23
CHR DefaultSearchKeyword: Default -> inline.go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\Haryo S\AppData\Local\Google\Chrome\User Data\Default [2017-
07-22]
CHR Extension: (Google Slides) - C:\Users\Haryo S\AppData\Local\Google\Chrome\User
Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-17]
CHR Extension: (Google Docs) - C:\Users\Haryo S\AppData\Local\Google\Chrome\User
Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-17]
CHR Extension: (Google Drive) - C:\Users\Haryo S\AppData\Local\Google\Chrome\User
Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-17]
CHR Extension: (YouTube) - C:\Users\Haryo S\AppData\Local\Google\Chrome\User
Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-17]
CHR Extension: (Adobe Acrobat) - C:\Users\Haryo S\AppData\Local\Google\Chrome\User
Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-07-17]
CHR Extension: (Google Sheets) - C:\Users\Haryo S\AppData\Local\Google\Chrome\User
Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-17]
CHR Extension: (Google Docs Offline) - C:\Users\Haryo
S\AppData\Local\Google\Chrome\User
Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-17]
CHR Extension: (Gmail) - C:\Users\Haryo S\AppData\Local\Google\Chrome\User
Data\Default\Extensions\kmhopmchchfpfdcdjodmpfaaphdclmlj [2017-07-17]
CHR Extension: (IDM Integration Module) - C:\Users\Haryo
Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-07-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Haryo
Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-17]
CHR Extension: (Gmail) - C:\Users\Haryo S\AppData\Local\Google\Chrome\User
Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-17]
CHR Extension: (Chrome Media Router) - C:\Users\Haryo
Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-17]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program
Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-05-25]
CHR HKLM-x32\...\Chrome\Extension: [bhjhnafpiilpffhglajcaepjbnbjemci] -
hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program
Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-
12-21]
CHR HKLM-x32\...\Chrome\Extension: [epgjfmblhacacphaljkdcjllkomdcjpc] -
CHR HKLM-x32\...\Chrome\Extension: [hcadgijmedbfgciegjomfpjcdchlhnif] -
CHR HKLM-x32\...\Chrome\Extension: [iinglghmhcgdgjjlafobajghjamdchik] -
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The
file will not be moved unless listed separately.)
S2 Autodesk Content Service; C:\Program Files\Autodesk\Content

Service\Connect.Service.ContentService.exe [31160 2015-02-06] (Autodesk, Inc.)
R2 Bentley Property Catalog Service; C:\Program Files (x86)\Bentley\Engineering\SPC
Server v8i SS4\Bentley.Structural.PropertyCatalog.Server.exe [8704 2015-05-28]
(Bentley Systems Inc.) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth Filter
ONLY\BTDevMgr.exe [121560 2015-07-21] ()
R3 cphs;
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\I
ntelCpHeciSvc.exe [301536 2016-11-30] (Intel Corporation)
S3 cplspcon;
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\I
ntelCpHDCPSvc.exe [480224 2016-11-30] (Intel Corporation)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2015-10-30] (Intel
Corporation)
R2 igfxCUIService2.0.0.0;
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\i
gfxCUIService.exe [341984 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program
Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R)
Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security
Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security
Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine
Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA
Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA
Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA
Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-28] (NVIDIA
Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA
Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA
Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License
Service\PsiService_2.exe [337776 2013-09-14] (arvato digital services llc)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [292848 2017-05-18] (Realtek
Semiconductor Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
[3913064 2017-03-19] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10885360
2017-05-31] (TeamViewer GmbH)
R2 VRLService; C:\Program Files\Chaos Group\VRLService\OLS\startvrolservice.exe
[227328 2017-05-12] () [File not signed]
R2 vrswrm-service; C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe
[90176 2017-05-12] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-19]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20]
===================== Drivers (Whitelisted) ======================
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [98296 2015-12-15] (ASUS

Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung
Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55784 2015-10-30] (Intel
Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-10-30] (Intel
Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-10-30] (Intel
Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [31120 2016-12-20]
(ASUS)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2017-06-14]
(REALiX(tm))
R3 igfx;
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\i
gdkmd64.sys [11039712 2016-11-30] (Intel Corporation)
R1 MpKsl8cfabd0d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\
{D57403D3-5409-4AFE-BCF1-49DC55B17DFE}\MpKsl8cfabd0d.sys [44928 2017-07-22]
R3 nvlddmkm;
C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_15b1a77b889ed915\nvl
ddmkm.sys [15625336 2017-06-28] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
[30328 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-06-
21] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-06-28] (NVIDIA
Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [898296 2016-01-13] (Realtek
)
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [723920 2017-05-18]
(Realtek Semiconductor Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [762112 2015-10-21] (Realsil
Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6813664 2017-05-19] (Realtek
Semiconductor Corporation )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-19] ()
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung
Electronics Co., Ltd.)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-04-28]
(Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [205952 2017-04-28]
(Oracle Corporation)
S3 VMnetAdapter; no ImagePath
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-19] (Microsoft
Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-19]
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-19]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-07-22 19:08 - 2017-07-22 19:08 - 00000000 ____D C:\FRST

2017-07-20 08:16 - 2017-07-20 08:27 - 00000000 ____D C:\ProgramData\HitmanPro
2017-07-19 08:39 - 2017-07-19 08:39 - 00001257 _____ C:\Users\Haryo
S\Desktop\TweakBit PCRepairKit.lnk
2017-07-19 08:39 - 2017-07-19 08:39 - 00000000 ____D
C:\WINDOWS\System32\Tasks\TweakBit
2017-07-19 08:39 - 2017-07-19 08:39 - 00000000 ____D C:\ProgramData\TweakBit
2017-07-19 08:39 - 2017-07-19 08:39 - 00000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
2017-07-19 08:39 - 2017-07-19 08:39 - 00000000 ____D C:\Program Files
(x86)\TweakBit
2017-07-19 07:07 - 2017-07-19 07:08 - 00285926 _____
C:\TDSSKiller.3.1.0.15_19.07.2017_07.07.59_log.txt
2017-07-19 06:40 - 2017-07-19 07:11 - 00000000 ____D C:\AdwCleaner
2017-07-17 13:26 - 2017-07-17 13:26 - 00002354 _____
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-17 12:46 - 2017-07-17 12:46 - 00003416 _____
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-17 12:46 - 2017-07-17 12:46 - 00003292 _____
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-17 02:18 - 2017-07-17 02:18 - 00000000 ____D C:\Users\Haryo
S\AppData\LocalLow\Unity
2017-07-17 02:18 - 2017-07-17 02:18 - 00000000 ____D C:\Users\Haryo
S\AppData\Local\Unity
2017-07-17 02:16 - 2017-07-17 02:16 - 00003722 _____
C:\WINDOWS\System32\Tasks\jooringcommrtsm
2017-07-16 14:14 - 2017-07-16 14:14 - 00833212 _____ C:\Users\Haryo S\Desktop\_
Otomotif.Grid.pdf
2017-07-16 13:54 - 2017-07-17 02:34 - 00000000 ____D C:\Program Files
(x86)\GeoLogismiki Software
2017-07-15 06:29 - 2017-07-15 06:37 - 00000000 ____D C:\Program Files\Intel Driver
Update Utility
2017-07-15 06:29 - 2016-10-18 17:14 - 00021984 _____
C:\WINDOWS\system32\Drivers\semav6msr64.sys
2017-07-14 19:58 - 2017-07-19 10:33 - 104857600 _____
C:\WINDOWS\system32\config\SOFTWARE
2017-07-14 19:56 - 2017-07-14 19:56 - 00000000 ____D C:\WINDOWS\Microsoft
Antimalware
2017-07-14 04:59 - 2016-11-16 18:14 - 00000000 ____D C:\Users\Haryo S\Desktop\tugas
b ing ipa 2
2017-07-12 11:40 - 2017-07-12 11:40 - 04580601 _____ C:\Users\Haryo
S\Desktop\Struktur Yogya Terminal.pdf
2017-07-12 06:52 - 2017-07-07 21:00 - 00947712 _____ (Microsoft Corporation)
C:\WINDOWS\system32\HoloSI.PCShell.dll
C:\WINDOWS\system32\hvix64.exe
C:\WINDOWS\system32\hvax64.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\winresume.efi
C:\WINDOWS\system32\winresume.exe
C:\WINDOWS\system32\Drivers\pdc.sys
C:\WINDOWS\system32\KernelBase.dll
C:\WINDOWS\system32\ntoskrnl.exe
C:\WINDOWS\system32\winload.exe
C:\WINDOWS\system32\WindowsCodecsRaw.dll
C:\WINDOWS\system32\CoreUIComponents.dll
C:\WINDOWS\system32\wmpmde.dll
C:\WINDOWS\system32\CoreMessaging.dll
C:\WINDOWS\system32\Drivers\netio.sys
C:\WINDOWS\system32\Drivers\clfs.sys
C:\WINDOWS\system32\Drivers\dxgkrnl.sys
C:\WINDOWS\system32\windows.storage.dll
C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
C:\WINDOWS\system32\WindowsCodecs.dll
C:\WINDOWS\system32\ClipSVC.dll
C:\WINDOWS\system32\Drivers\USBHUB3.SYS
C:\WINDOWS\system32\SecurityHealthService.exe
C:\WINDOWS\system32\msv1_0.dll
C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
C:\WINDOWS\system32\rdpudd.dll
C:\WINDOWS\system32\shell32.dll
C:\WINDOWS\system32\winmde.dll
C:\WINDOWS\system32\ole32.dll
C:\WINDOWS\system32\mfps.dll
C:\WINDOWS\system32\wininitext.dll
C:\WINDOWS\system32\AppVEntSubsystems64.dll
C:\WINDOWS\system32\AppVCatalog.dll
C:\WINDOWS\system32\Drivers\http.sys
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\SysWOW64\fontdrvhost.exe
C:\WINDOWS\SysWOW64\dwmapi.dll
C:\WINDOWS\system32\edgehtml.dll
C:\WINDOWS\SysWOW64\KernelBase.dll
C:\WINDOWS\SysWOW64\dmcmnutils.dll
C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
C:\WINDOWS\SysWOW64\CoreUIComponents.dll
C:\WINDOWS\SysWOW64\wmpmde.dll
C:\WINDOWS\SysWOW64\windows.storage.dll
C:\WINDOWS\SysWOW64\WindowsCodecs.dll
C:\WINDOWS\SysWOW64\gdi32.dll
C:\WINDOWS\SysWOW64\iertutil.dll
C:\WINDOWS\SysWOW64\dcomp.dll
C:\WINDOWS\SysWOW64\WWAHost.exe
C:\WINDOWS\SysWOW64\msv1_0.dll
C:\WINDOWS\SysWOW64\Clipc.dll
C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
C:\WINDOWS\system32\win32kfull.sys
C:\WINDOWS\system32\Windows.UI.dll
C:\WINDOWS\system32\ieui.dll
C:\WINDOWS\system32\ConhostV2.dll
C:\WINDOWS\SysWOW64\shell32.dll
C:\WINDOWS\system32\Windows.UI.Xaml.dll
C:\WINDOWS\SysWOW64\winmde.dll
C:\WINDOWS\SysWOW64\AudioEng.dll
C:\WINDOWS\SysWOW64\ole32.dll
C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
C:\WINDOWS\SysWOW64\wininitext.dll
C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
C:\WINDOWS\SysWOW64\CoreMessaging.dll
C:\WINDOWS\system32\Chakradiag.dll
C:\WINDOWS\system32\wudriver.dll
C:\WINDOWS\system32\twinui.dll
C:\WINDOWS\system32\Drivers\bthpan.sys
C:\WINDOWS\system32\winsrv.dll
C:\WINDOWS\system32\mshtml.dll
C:\WINDOWS\system32\BingMaps.dll
C:\WINDOWS\system32\prntvpt.dll
C:\WINDOWS\system32\mos.dll
C:\WINDOWS\system32\domgmt.dll
C:\WINDOWS\system32\storewuauth.dll
C:\WINDOWS\system32\Windows.Data.Pdf.dll
C:\WINDOWS\system32\SensorService.dll
C:\WINDOWS\system32\Wldap32.dll
C:\WINDOWS\system32\WindowsCodecsExt.dll
C:\WINDOWS\system32\AzureSettingSyncProvider.dll
C:\WINDOWS\system32\GamePanel.exe
C:\WINDOWS\system32\jscript9diag.dll
C:\WINDOWS\system32\vbscript.dll
C:\WINDOWS\system32\WpAXHolder.dll
C:\WINDOWS\system32\ieframe.dll
C:\WINDOWS\system32\winspool.drv
C:\WINDOWS\system32\Chakra.dll
C:\WINDOWS\system32\kerberos.dll
C:\WINDOWS\system32\mstscax.dll
C:\WINDOWS\system32\MapRouter.dll
C:\WINDOWS\SysWOW64\win32kfull.sys
C:\WINDOWS\system32\urlmon.dll
C:\WINDOWS\SysWOW64\GdiPlus.dll
C:\WINDOWS\SysWOW64\Windows.UI.dll
C:\WINDOWS\system32\PhotoScreensaver.scr
C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
C:\WINDOWS\system32\d2d1.dll
C:\WINDOWS\system32\fveapi.dll
C:\WINDOWS\system32\jscript9.dll
C:\WINDOWS\system32\wininet.dll
C:\WINDOWS\system32\twinui.pcshell.dll
C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
C:\WINDOWS\system32\win32kbase.sys
C:\WINDOWS\system32\dosvc.dll
C:\WINDOWS\system32\localspl.dll
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\DWrite.dll
C:\WINDOWS\system32\dwmcore.dll
C:\WINDOWS\system32\FntCache.dll
C:\WINDOWS\system32\msxml3.dll
C:\WINDOWS\system32\dbgeng.dll
C:\WINDOWS\system32\ExplorerFrame.dll
C:\WINDOWS\system32\wuaueng.dll
C:\WINDOWS\SysWOW64\wudriver.dll
C:\WINDOWS\SysWOW64\eapprovp.dll
C:\WINDOWS\SysWOW64\edgehtml.dll
C:\WINDOWS\SysWOW64\daxexec.dll
C:\WINDOWS\system32\Drivers\mrxsmb10.sys
C:\WINDOWS\system32\PlayToReceiver.dll
C:\WINDOWS\SysWOW64\raschap.dll
C:\WINDOWS\system32\SensorsApi.dll
C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
C:\WINDOWS\system32\sensrsvc.dll
C:\WINDOWS\SysWOW64\mshtml.dll
C:\WINDOWS\SysWOW64\ieframe.dll
C:\WINDOWS\SysWOW64\twinui.dll
C:\WINDOWS\SysWOW64\BingMaps.dll
C:\WINDOWS\SysWOW64\DevicePairing.dll
C:\WINDOWS\SysWOW64\Wldap32.dll
C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
C:\WINDOWS\SysWOW64\kerberos.dll
C:\WINDOWS\SysWOW64\vbscript.dll
C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
C:\WINDOWS\system32\csrsrv.dll
C:\WINDOWS\SysWOW64\mos.dll
C:\WINDOWS\SysWOW64\WpcWebFilter.dll
C:\WINDOWS\SysWOW64\rastls.dll
C:\WINDOWS\SysWOW64\comdlg32.dll
C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
C:\WINDOWS\SysWOW64\Chakra.dll
C:\WINDOWS\SysWOW64\wininet.dll
C:\WINDOWS\SysWOW64\mstscax.dll
C:\WINDOWS\SysWOW64\d2d1.dll
C:\WINDOWS\SysWOW64\MapRouter.dll
C:\WINDOWS\SysWOW64\urlmon.dll
C:\WINDOWS\SysWOW64\msxml3.dll
C:\WINDOWS\SysWOW64\aadtb.dll
C:\WINDOWS\SysWOW64\ExplorerFrame.dll
C:\WINDOWS\SysWOW64\jscript9.dll
C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
C:\WINDOWS\SysWOW64\OpcServices.dll
C:\WINDOWS\SysWOW64\wuapi.dll
C:\WINDOWS\SysWOW64\dbgeng.dll
C:\WINDOWS\SysWOW64\msftedit.dll
C:\WINDOWS\SysWOW64\dwmcore.dll
C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
C:\WINDOWS\SysWOW64\WMPhoto.dll
C:\WINDOWS\SysWOW64\SensorsApi.dll
C:\WINDOWS\SysWOW64\wdc.dll
C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-12 06:52 - 2017-07-02 05:52 - 00031932 _____
C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
C:\WINDOWS\system32\DeviceCensus.exe
C:\WINDOWS\system32\dcntel.dll
C:\WINDOWS\system32\aepic.dll
C:\WINDOWS\system32\winload.efi
C:\WINDOWS\system32\MSAudDecMFT.dll
C:\WINDOWS\system32\Drivers\ntfs.sys
C:\WINDOWS\system32\ntdll.dll
C:\WINDOWS\system32\Drivers\ndis.sys
C:\WINDOWS\system32\Drivers\msiscsi.sys
C:\WINDOWS\system32\MrmCoreR.dll
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\WWAHost.exe
C:\WINDOWS\system32\CredentialUIBroker.exe
C:\WINDOWS\system32\iertutil.dll
C:\WINDOWS\system32\LicenseManager.dll
C:\WINDOWS\system32\AppxAllUserStore.dll
C:\WINDOWS\system32\Drivers\wcifs.sys
C:\WINDOWS\system32\Windows.Media.dll
C:\WINDOWS\system32\mfsvr.dll
C:\WINDOWS\system32\MFCaptureEngine.dll
C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
C:\WINDOWS\system32\Drivers\tcpip.sys
C:\WINDOWS\system32\basecsp.dll
C:\WINDOWS\SysWOW64\aepic.dll
C:\WINDOWS\SysWOW64\ntdll.dll
C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
C:\WINDOWS\SysWOW64\ucrtbase.dll
C:\WINDOWS\SysWOW64\rpcrt4.dll
C:\WINDOWS\system32\WinBioDataModelOOBE.exe
C:\WINDOWS\system32\MusNotification.exe
C:\WINDOWS\system32\Drivers\usbvideo.sys
C:\WINDOWS\system32\Drivers\bridge.sys
C:\WINDOWS\system32\Drivers\hdaudbus.sys
C:\WINDOWS\system32\ScDeviceEnum.dll
C:\WINDOWS\system32\MshtmlDac.dll
C:\WINDOWS\system32\MusUpdateHandlers.dll
C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
C:\WINDOWS\system32\wincredui.dll
C:\WINDOWS\system32\mshtmled.dll
C:\WINDOWS\system32\Windows.Payments.dll
C:\WINDOWS\SysWOW64\policymanager.dll
C:\WINDOWS\system32\Narrator.exe
C:\WINDOWS\system32\SCardSvr.dll
C:\WINDOWS\system32\psmsrv.dll
C:\WINDOWS\system32\certprop.dll
C:\WINDOWS\system32\iepeers.dll
C:\WINDOWS\SysWOW64\explorer.exe
C:\WINDOWS\system32\LockHostingFramework.dll
C:\WINDOWS\system32\iedkcs32.dll
C:\WINDOWS\system32\PsmServiceExtHost.dll
C:\WINDOWS\system32\WinBioDataModel.dll
C:\WINDOWS\system32\dxtrans.dll
C:\WINDOWS\system32\scksp.dll
C:\WINDOWS\SysWOW64\d3d10warp.dll
C:\WINDOWS\system32\Drivers\bthport.sys
C:\WINDOWS\system32\MbaeApi.dll
C:\WINDOWS\system32\tileobjserver.dll
C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
C:\WINDOWS\system32\TDLMigration.dll
C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
C:\WINDOWS\system32\wbiosrvc.dll
C:\WINDOWS\system32\bisrv.dll
C:\WINDOWS\SysWOW64\LicenseManager.dll
C:\WINDOWS\system32\msfeeds.dll
C:\WINDOWS\system32\ActivationManager.dll
C:\WINDOWS\system32\AboveLockAppHost.dll
C:\WINDOWS\SysWOW64\thumbcache.dll
C:\WINDOWS\system32\SettingsHandlers_nt.dll
C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
C:\WINDOWS\system32\LogonController.dll
C:\WINDOWS\system32\AppReadiness.dll
C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
C:\WINDOWS\system32\InstallAgentUserBroker.exe
C:\WINDOWS\system32\InputSwitch.dll
C:\WINDOWS\system32\InstallAgent.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\SysWOW64\combase.dll
C:\WINDOWS\system32\UIAutomationCore.dll
C:\WINDOWS\system32\certutil.exe
C:\WINDOWS\SysWOW64\AppxPackaging.dll
C:\WINDOWS\system32\Unistore.dll
C:\WINDOWS\SysWOW64\webservices.dll
C:\WINDOWS\system32\SmartcardCredentialProvider.dll
C:\WINDOWS\system32\RDXTaskFactory.dll
C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
C:\WINDOWS\system32\EditionUpgradeHelper.dll
C:\WINDOWS\SysWOW64\msasn1.dll
C:\WINDOWS\SysWOW64\Windows.Media.dll
C:\WINDOWS\system32\inetcpl.cpl
C:\WINDOWS\SysWOW64\AudioSes.dll
C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
C:\WINDOWS\system32\tquery.dll
C:\WINDOWS\system32\AppXDeploymentServer.dll
C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
C:\WINDOWS\SysWOW64\mfsvr.dll
C:\WINDOWS\SysWOW64\MMDevAPI.dll
C:\WINDOWS\system32\MFMediaEngine.dll
C:\WINDOWS\system32\D3DCompiler_47.dll
C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
C:\WINDOWS\system32\SRH.dll
C:\WINDOWS\system32\twinui.appcore.dll
C:\WINDOWS\SysWOW64\basecsp.dll
C:\WINDOWS\system32\mssrch.dll
C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
C:\WINDOWS\system32\InputService.dll
C:\WINDOWS\system32\wpncore.dll
C:\WINDOWS\system32\audiosrv.dll
C:\WINDOWS\system32\TSWorkspace.dll
C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
C:\WINDOWS\SysWOW64\msctfuimanager.dll
C:\WINDOWS\SysWOW64\oleacc.dll
C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
C:\WINDOWS\SysWOW64\MshtmlDac.dll
C:\WINDOWS\SysWOW64\webplatstorageserver.dll
C:\WINDOWS\SysWOW64\ClipboardServer.dll
C:\WINDOWS\SysWOW64\wincredui.dll
C:\WINDOWS\SysWOW64\BluetoothApis.dll
C:\WINDOWS\SysWOW64\iepeers.dll
C:\WINDOWS\SysWOW64\mshtmled.dll
C:\WINDOWS\SysWOW64\dataclen.dll
C:\WINDOWS\SysWOW64\certca.dll
C:\WINDOWS\SysWOW64\Windows.Payments.dll
C:\WINDOWS\SysWOW64\iedkcs32.dll
C:\WINDOWS\SysWOW64\dxtrans.dll
C:\WINDOWS\SysWOW64\scksp.dll
C:\WINDOWS\SysWOW64\sendmail.dll
C:\WINDOWS\SysWOW64\bcastdvr.exe
C:\WINDOWS\SysWOW64\MbaeApi.dll
C:\WINDOWS\SysWOW64\SndVolSSO.dll
C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
C:\WINDOWS\SysWOW64\credprovhost.dll
C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
C:\WINDOWS\SysWOW64\ActivationManager.dll
C:\WINDOWS\SysWOW64\certcli.dll
C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
C:\WINDOWS\SysWOW64\edputil.dll
C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
C:\WINDOWS\SysWOW64\themeui.dll
C:\WINDOWS\SysWOW64\tquery.dll
C:\WINDOWS\SysWOW64\Unistore.dll
C:\WINDOWS\SysWOW64\mmsys.cpl
C:\WINDOWS\SysWOW64\VAN.dll
C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
C:\WINDOWS\SysWOW64\UIAutomationCore.dll
C:\WINDOWS\SysWOW64\dbghelp.dll
C:\WINDOWS\SysWOW64\certutil.exe
C:\WINDOWS\SysWOW64\msfeeds.dll
C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
C:\WINDOWS\SysWOW64\InstallAgent.exe
C:\WINDOWS\SysWOW64\inetcpl.cpl
C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
C:\WINDOWS\SysWOW64\SRH.dll
C:\WINDOWS\SysWOW64\mssrch.dll
C:\WINDOWS\SysWOW64\cldapi.dll
C:\WINDOWS\SysWOW64\MFMediaEngine.dll
C:\WINDOWS\SysWOW64\CertEnroll.dll
C:\WINDOWS\SysWOW64\InputService.dll
C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
C:\WINDOWS\SysWOW64\rasapi32.dll
C:\WINDOWS\SysWOW64\PlayToDevice.dll
C:\WINDOWS\SysWOW64\wdmaud.drv
C:\WINDOWS\SysWOW64\rpchttp.dll
C:\WINDOWS\SysWOW64\olepro32.dll
C:\WINDOWS\SysWOW64\apphelp.dll
C:\WINDOWS\system32\hvloader.efi
C:\WINDOWS\system32\hvloader.exe
C:\WINDOWS\system32\dmcmnutils.dll
C:\WINDOWS\system32\SecConfig.efi
C:\WINDOWS\system32\dcomp.dll
C:\WINDOWS\system32\Clipc.dll
C:\WINDOWS\system32\Drivers\mrxsmb20.sys
C:\WINDOWS\system32\AudioEng.dll
C:\WINDOWS\system32\CloudExperienceHost.dll
C:\WINDOWS\system32\AppVEntVirtualization.dll
C:\WINDOWS\system32\AppVIntegration.dll
C:\WINDOWS\system32\AppVEntSubsystemController.dll
C:\WINDOWS\system32\AppVPolicy.dll
C:\WINDOWS\system32\AppVManifest.dll
C:\WINDOWS\system32\AppVOrchestration.dll
C:\WINDOWS\system32\AppVClient.exe
C:\WINDOWS\system32\AppVEntStreamingManager.dll
C:\WINDOWS\system32\AppVReporting.dll
C:\WINDOWS\system32\AppVPublishing.dll
C:\WINDOWS\system32\TransportDSA.dll
C:\WINDOWS\system32\AppVScripting.dll
C:\WINDOWS\system32\GdiPlus.dll
C:\WINDOWS\system32\uDWM.dll
C:\WINDOWS\system32\duser.dll
C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
C:\WINDOWS\system32\officecsp.dll
C:\WINDOWS\system32\wuuhosdeployment.dll
C:\WINDOWS\system32\eapprovp.dll
C:\WINDOWS\system32\daxexec.dll
C:\WINDOWS\system32\ActiveSyncCsp.dll
C:\WINDOWS\system32\aadcloudap.dll
C:\WINDOWS\system32\raschap.dll
C:\WINDOWS\system32\DevicePairing.dll
C:\WINDOWS\system32\Windows.Internal.Management.dll
C:\WINDOWS\system32\SIHClient.exe
C:\WINDOWS\system32\WpcWebFilter.dll
C:\WINDOWS\system32\rastls.dll
C:\WINDOWS\system32\ActiveSyncProvider.dll
C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
C:\WINDOWS\system32\aadtb.dll
C:\WINDOWS\system32\msftedit.dll
C:\WINDOWS\system32\OpcServices.dll
C:\WINDOWS\system32\wuapi.dll
C:\WINDOWS\system32\wuuhext.dll
C:\WINDOWS\system32\PlayToDevice.dll
C:\WINDOWS\system32\WMPhoto.dll
C:\WINDOWS\system32\msinfo32.exe
C:\WINDOWS\system32\aitstatic.exe
C:\WINDOWS\system32\wdc.dll
C:\WINDOWS\system32\appraiser.dll
C:\WINDOWS\system32\CompatTelRunner.exe
C:\WINDOWS\system32\generaltel.dll
C:\WINDOWS\system32\devinv.dll
C:\WINDOWS\system32\invagent.dll
C:\WINDOWS\system32\acmigration.dll
C:\WINDOWS\system32\aeinv.dll
C:\WINDOWS\system32\policymanager.dll
C:\WINDOWS\system32\CloudExperienceHostUser.dll
C:\WINDOWS\system32\CloudExperienceHostCommon.dll
C:\WINDOWS\system32\Windows.ApplicationModel.dll
C:\WINDOWS\system32\AudioSes.dll
C:\WINDOWS\system32\audiodg.exe
C:\WINDOWS\system32\MMDevAPI.dll
C:\WINDOWS\system32\CloudExperienceHostBroker.dll
C:\WINDOWS\system32\msctfuimanager.dll
C:\WINDOWS\system32\oleacc.dll
C:\WINDOWS\system32\Drivers\mskssrv.sys
C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
C:\WINDOWS\system32\wwanprotdim.dll
C:\WINDOWS\system32\WFDSConMgr.dll
C:\WINDOWS\system32\DolbyMATEnc.dll
C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
C:\WINDOWS\system32\DolbyHrtfEnc.dll
C:\WINDOWS\system32\BluetoothApis.dll
C:\WINDOWS\system32\WFDSConMgrSvc.dll
C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
C:\WINDOWS\system32\provengine.dll
C:\WINDOWS\system32\ClipboardServer.dll
C:\WINDOWS\system32\sendmail.dll
C:\WINDOWS\system32\dataclen.dll
C:\WINDOWS\system32\certca.dll
C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
C:\WINDOWS\system32\bcastdvr.exe
C:\WINDOWS\system32\Drivers\WdiWiFi.sys
C:\WINDOWS\system32\SndVolSSO.dll
C:\WINDOWS\system32\updatehandlers.dll
C:\WINDOWS\system32\certcli.dll
C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
C:\WINDOWS\system32\edputil.dll
C:\WINDOWS\system32\TokenBrokerUI.dll
C:\WINDOWS\system32\themeui.dll
C:\WINDOWS\system32\rasmans.dll
C:\WINDOWS\system32\mmsys.cpl
C:\WINDOWS\system32\cldapi.dll
C:\WINDOWS\system32\wcmsvc.dll
C:\WINDOWS\system32\wwansvc.dll
C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
C:\WINDOWS\system32\usocore.dll
C:\WINDOWS\system32\CloudDomainJoinAUG.dll
C:\WINDOWS\system32\NetworkMobileSettings.dll
C:\WINDOWS\system32\rasapi32.dll
C:\WINDOWS\system32\rascustom.dll
C:\WINDOWS\system32\CertEnroll.dll
C:\WINDOWS\system32\AudioEndpointBuilder.dll
C:\WINDOWS\system32\omadmclient.exe
C:\WINDOWS\system32\DMPushRouterCore.dll
C:\WINDOWS\system32\FrameServer.dll
C:\WINDOWS\system32\wdmaud.drv
2017-07-11 22:56 - 2017-07-11 22:56 - 00092260 _____ C:\Users\Haryo
S\Desktop\gedung terminal Layout1 (18).pdf
2017-07-11 22:55 - 2017-07-11 22:55 - 00120779 _____ C:\Users\Haryo
2017-07-11 22:54 - 2017-07-11 22:54 - 00110884 _____ C:\Users\Haryo
2017-07-11 22:54 - 2017-07-11 22:54 - 00110883 _____ C:\Users\Haryo
2017-07-11 22:54 - 2017-07-11 22:54 - 00103104 _____ C:\Users\Haryo
2017-07-11 22:52 - 2017-07-11 22:52 - 00205152 _____ C:\Users\Haryo
2017-07-11 22:52 - 2017-07-11 22:52 - 00103103 _____ C:\Users\Haryo
2017-07-11 22:51 - 2017-07-11 22:51 - 00377871 _____ C:\Users\Haryo
2017-07-11 22:51 - 2017-07-11 22:51 - 00194721 _____ C:\Users\Haryo
2017-07-11 22:50 - 2017-07-11 22:50 - 00321680 _____ C:\Users\Haryo
2017-07-11 22:47 - 2017-07-11 22:47 - 00301089 _____ C:\Users\Haryo
2017-07-11 22:47 - 2017-07-11 22:47 - 00258084 _____ C:\Users\Haryo
2017-07-11 22:35 - 2017-07-11 22:35 - 00482645 _____ C:\Users\Haryo
2017-07-11 22:35 - 2017-07-11 22:35 - 00469910 _____ C:\Users\Haryo
2017-07-11 22:34 - 2017-07-11 22:34 - 00437891 _____ C:\Users\Haryo
2017-07-11 22:34 - 2017-07-11 22:34 - 00437669 _____ C:\Users\Haryo
2017-07-11 22:33 - 2017-07-11 22:33 - 00304607 _____ C:\Users\Haryo
2017-07-11 22:32 - 2017-07-11 22:32 - 00322444 _____ C:\Users\Haryo
2017-07-11 22:29 - 2017-07-11 22:29 - 01792108 _____ C:\Users\Haryo S\Desktop\draft
detail Layout1 (3).eps
detail Layout1 (1).eps
detail Layout1 ().eps
detail Layout1 (3).pdf
detail Layout1 (1).pdf
detail Layout1 ().pdf
2017-07-11 21:41 - 2017-07-11 21:41 - 01761082 _____ C:\Users\Haryo
S\Desktop\Lantai Keberangkatan.wmf
2017-07-11 21:04 - 2017-07-11 21:06 - 02151646 _____ C:\Users\Haryo
S\Desktop\Mezzanine.wmf
2017-07-09 15:21 - 2017-07-09 15:21 - 00002355 _____ C:\Users\Public\Desktop\HP
Deskjet 1000 J110 series.lnk
2017-07-09 15:21 - 2017-07-09 15:21 - 00001277 _____ C:\Users\Public\Desktop\Shop
for Supplies - HP Deskjet 1000 J110 series.lnk
2017-07-09 15:21 - 2017-07-09 15:21 - 00000057 _____ C:\ProgramData\Ament.ini
2017-07-09 15:21 - 2017-07-09 15:21 - 00000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-07-09 15:21 - 2017-07-09 15:21 - 00000000 ____D C:\ProgramData\HP
2017-07-09 15:21 - 2017-07-09 15:21 - 00000000 ____D C:\Program Files\HP
2017-07-09 15:21 - 2017-07-09 15:21 - 00000000 ____D C:\Program Files (x86)\HP
2017-07-09 15:20 - 2017-07-09 15:20 - 00000000 ____D C:\Users\Haryo
S\AppData\Local\HP
2017-07-09 15:16 - 2017-07-09 15:16 - 00315995 _____ C:\Users\Haryo
S\Desktop\Check-In Confirmation Pagesmr.pdf
2017-07-07 19:22 - 2017-07-12 11:35 - 00000000 ____D C:\Users\Haryo S\Desktop\JOGJA
07 JULI 2017
2017-07-05 16:06 - 2017-07-05 18:43 - 11141632 _____ C:\Users\Haryo
S\Desktop\Flyover-KA Sta.11+489(SDH).xls
2017-07-05 15:25 - 2017-07-19 12:35 - 00193820 _____ C:\Users\Haryo
S\Desktop\ELASTOMER_ENG.xlsx
2017-07-05 14:38 - 2017-07-05 15:35 - 00136192 _____ C:\Users\Haryo S\Desktop\Copy
of Bearing Design Method Ad.xls
2017-07-05 14:35 - 2017-07-05 08:48 - 00118784 ____N C:\Users\Haryo
S\Desktop\Bearing Design Method A.xls
2017-07-05 14:35 - 2017-07-05 08:42 - 01953894 ____N C:\Users\Haryo
S\Desktop\10_SE_M_2015 Pedoman Perancangan Bantalan Elastomer untuk Perletakan
Jembatan.pdf
2017-07-03 09:12 - 2017-07-03 09:12 - 00000000 ____D C:\Users\Haryo
S\AppData\Local\TeamViewer
2017-07-03 09:09 - 2017-07-03 09:32 - 00000000 ____D C:\Users\Haryo
S\AppData\Roaming\TeamViewer
2017-07-03 09:09 - 2017-07-03 09:09 - 00001122 _____
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-07-03 09:09 - 2017-07-03 09:09 - 00001110 _____
C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-07-03 09:09 - 2017-07-03 09:09 - 00000000 ____D C:\Program Files
(x86)\TeamViewer
2017-07-03 09:09 - 2017-04-20 14:27 - 00035112 _____ (TeamViewer GmbH)
C:\WINDOWS\system32\Drivers\teamviewervpn.sys
2017-07-01 13:32 - 2017-07-01 13:32 - 00454991 _____ C:\Users\Haryo
S\Desktop\Authorized Service Center - Yamaha - Indonesia.pdf
2017-07-01 11:35 - 2017-07-01 11:35 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-06-30 17:51 - 2017-06-30 17:51 - 00000000 ____D C:\Program Files
(x86)\VulkanRT
2017-06-30 17:51 - 2017-03-11 04:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-
1.dll
2017-06-30 17:51 - 2017-03-11 04:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-
1.dll
2017-06-30 17:51 - 2017-03-11 04:17 - 00254240 _____
C:\WINDOWS\system32\vulkaninfo.exe
2017-06-30 17:51 - 2017-03-11 04:17 - 00233760 _____
C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-06-30 17:49 - 2017-06-28 05:39 - 40239736 _____ (NVIDIA Corporation)
C:\WINDOWS\system32\nvcompiler.dll
C:\WINDOWS\system32\nvoglv64.dll
C:\WINDOWS\SysWOW64\nvcompiler.dll
C:\WINDOWS\SysWOW64\nvoglv32.dll
C:\WINDOWS\system32\nvcuda.dll
C:\WINDOWS\system32\nvopencl.dll
C:\WINDOWS\system32\nvptxJitCompiler.dll
C:\WINDOWS\SysWOW64\nvcuda.dll
C:\WINDOWS\SysWOW64\nvopencl.dll
C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
C:\WINDOWS\system32\nvcuvid.dll
C:\WINDOWS\SysWOW64\nvcuvid.dll
C:\WINDOWS\system32\nvdispco6438476.dll
C:\WINDOWS\system32\nvdispgenco6438476.dll
C:\WINDOWS\system32\nvEncMFTH264.dll
C:\WINDOWS\system32\NvFBC64.dll
C:\WINDOWS\SysWOW64\NvFBC.dll
C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
C:\WINDOWS\system32\NvIFR64.dll
C:\WINDOWS\SysWOW64\NvIFR.dll
C:\WINDOWS\system32\nvEncodeAPI64.dll
C:\WINDOWS\system32\nvfatbinaryLoader.dll
C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
C:\WINDOWS\system32\NvIFROpenGL.dll
C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-06-30 17:49 - 2017-06-28 05:39 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-
vk32.json
2017-06-30 17:49 - 2017-06-28 05:39 - 00000669 _____ C:\WINDOWS\system32\nv-
vk64.json
2017-06-26 22:29 - 2017-06-26 22:29 - 00000000 ____D C:\Users\Haryo
S\AppData\Roaming\etcher
2017-06-25 06:15 - 2017-06-25 06:16 - 00000000 ____D C:\Program Files\CCleaner
2017-06-25 06:15 - 2017-06-25 06:15 - 00002874 _____
C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-06-25 06:15 - 2017-06-25 06:15 - 00000869 _____
C:\Users\Public\Desktop\CCleaner.lnk
2017-06-25 06:15 - 2017-06-25 06:15 - 00000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
C:\WINDOWS\system32\nvaudcap64v.dll
C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-06-23 12:10 - 2014-09-17 08:45 - 00447752 _____ (On2.com)
C:\WINDOWS\SysWOW64\vp6vfw.dll
2017-06-23 11:55 - 2017-06-23 11:55 - 00000613 _____ C:\Users\Public\Desktop\The
Sims 4.lnk
2017-06-23 11:55 - 2017-06-23 11:55 - 00000613 _____
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk
2017-06-22 14:52 - 2017-06-22 14:53 - 00000000 ____D C:\Virtual Disk
2017-06-22 14:51 - 2017-06-22 14:51 - 00000000 ____D C:\Users\Haryo S\VirtualBox
VMs
2017-06-22 13:15 - 2017-07-18 12:20 - 00000000 ____D C:\Users\Haryo S\.VirtualBox
2017-06-22 13:15 - 2017-06-22 13:15 - 00000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-06-22 13:14 - 2017-06-22 13:14 - 00000000 ____D C:\Program Files\Oracle
2017-06-22 13:14 - 2017-04-28 17:37 - 00961768 _____ (Oracle Corporation)
C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2017-06-22 13:14 - 2017-04-28 17:37 - 00149304 _____ (Oracle Corporation)
C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-07-22 19:02 - 2017-06-02 00:21 - 00000000 ____D C:\Users\Haryo

S\AppData\Roaming\DMCache
2017-07-22 17:54 - 2017-05-18 11:44 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-22 12:46 - 2017-05-18 11:52 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS
Live Update1
2017-07-22 12:46 - 2017-05-18 11:52 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS
Live Update2
2017-07-22 12:46 - 2017-05-18 11:45 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-22 12:44 - 2017-05-11 23:44 - 00000000 __SHD C:\Users\Haryo
S\IntelGraphicsProfiles
2017-07-22 12:44 - 2017-05-11 23:26 - 00000000 ____D C:\ProgramData\ASUS Smart
Gesture
2017-07-22 07:47 - 2017-05-12 02:41 - 00000000 ____D C:\Users\Haryo
S\AppData\Local\Computers and Structures
2017-07-22 07:37 - 2017-03-19 04:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-22 07:30 - 2017-05-12 10:56 - 00000000 ____D C:\Users\Haryo
S\AppData\Roaming\vlc
2017-07-22 07:23 - 2017-05-12 06:33 - 00000000 ____D C:\Users\Haryo
S\AppData\Roaming\tixati
2017-07-21 20:56 - 2017-05-12 01:27 - 00000218 _____
C:\WINDOWS\SysWOW64\v71f9ko.tgz
2017-07-21 20:56 - 2017-05-12 01:27 - 00000204 _____
C:\WINDOWS\SysWOW64\v71f9ko.dll
2017-07-21 20:56 - 2017-05-12 01:27 - 00000114 _____ C:\WINDOWS\SysWOW64\prsgrc.tgz
2017-07-21 20:56 - 2017-05-12 01:27 - 00000100 _____ C:\WINDOWS\SysWOW64\prsgrc.dll
2017-07-21 20:56 - 2017-05-12 01:27 - 00000086 _____ C:\WINDOWS\SysWOW64\ssprs.tgz
2017-07-20 12:08 - 2017-05-11 23:22 - 00000000 ____D C:\Users\Haryo
S\AppData\Local\Packages
2017-07-19 12:11 - 2017-05-12 00:41 - 00000000 ____D C:\Users\Haryo
S\AppData\Local\Google
2017-07-19 10:41 - 2017-05-18 11:56 - 02244264 _____
C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-19 10:34 - 2017-05-18 11:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-19 10:33 - 2017-03-18 18:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-07-19 07:11 - 2017-05-20 08:12 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-07-19 07:02 - 2017-05-12 06:21 - 00000000 ____D C:\Users\Haryo
S\AppData\Local\CrashDumps
2017-07-17 20:34 - 2017-05-18 11:45 - 00000000 ____D C:\Users\Haryo S
2017-07-17 13:26 - 2017-05-12 00:41 - 00000000 ____D C:\Program Files (x86)\Google
2017-07-17 12:43 - 2017-05-12 00:48 - 00000000 ____D C:\Users\Haryo
S\AppData\Local\MicrosoftEdge
2017-07-17 11:12 - 2017-05-11 23:22 - 00000000 ____D C:\Users\Haryo
S\AppData\Local\VirtualStore
2017-07-15 06:37 - 2017-05-18 11:44 - 00000000 ____D C:\Program Files\Intel
2017-07-15 06:37 - 2017-05-11 23:34 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-15 06:29 - 2017-05-12 00:02 - 00000000 ____D C:\ProgramData\Intel
2017-07-15 03:51 - 2017-05-12 17:12 - 00000000 ____D C:\Program Files
(x86)\SpeedFan
2017-07-14 18:04 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\rescache
2017-07-13 03:53 - 2017-03-19 04:01 - 00000000 ____D C:\WINDOWS\INF
2017-07-12 14:50 - 2017-05-18 11:44 - 00559480 _____
C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-12 14:50 - 2017-05-11 23:22 - 00000000 __RHD
C:\Users\Public\AccountPictures
2017-07-12 14:46 - 2017-03-19 04:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-07-12 14:46 - 2017-03-19 04:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-07-12 14:46 - 2017-03-19 04:03 - 00000000 ___RD
C:\WINDOWS\ImmersiveControlPanel
2017-07-12 14:46 - 2017-03-19 04:03 - 00000000 ___RD C:\Program Files\Windows
Defender
2017-07-12 14:46 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-07-12 14:46 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\system32\migwiz
2017-07-12 14:46 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-12 14:46 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-07-12 14:46 - 2017-03-19 04:03 - 00000000 ____D C:\Program Files\Windows Photo
Viewer
2017-07-12 14:46 - 2017-03-19 04:03 - 00000000 ____D C:\Program Files (x86)\Windows
Photo Viewer
2017-07-12 14:46 - 2017-03-19 04:03 - 00000000 ____D C:\Program Files (x86)\Windows
Defender
2017-07-12 12:21 - 2017-06-02 00:21 - 00000000 ____D C:\Users\Haryo
S\AppData\Roaming\IDM
2017-07-12 11:35 - 2017-05-24 01:10 - 15242478 _____ C:\Users\Haryo S\Desktop\New
Yogyakarta Int'l Airport 2017 (presentation) struktur progres satu A.pptx
2017-07-12 06:54 - 2017-05-12 00:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-07-12 06:53 - 2017-05-12 00:34 - 135225752 ____C (Microsoft Corporation)
C:\WINDOWS\system32\MRT.exe
2017-07-03 08:26 - 2017-05-23 03:13 - 00000000 ____D C:\Users\Haryo
S\AppData\Roaming\WhatsApp
2017-07-03 08:09 - 2017-05-23 03:13 - 00000000 ____D C:\Users\Haryo
S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-07-03 08:09 - 2017-05-23 03:13 - 00000000 ____D C:\Users\Haryo
S\AppData\Local\WhatsApp
2017-07-03 08:09 - 2017-05-23 03:13 - 00000000 ____D C:\Users\Haryo
S\AppData\Local\SquirrelTemp
2017-07-01 11:34 - 2017-06-19 06:33 - 00000000 ____D C:\Program Files
(x86)\Motorola Mobility
2017-07-01 11:34 - 2017-05-12 00:01 - 00000000 ___HD C:\Program Files
(x86)\InstallShield Installation Information
2017-06-30 21:47 - 2017-03-19 04:06 - 00835576 _____ (Adobe Systems Incorporated)
C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-30 21:47 - 2017-03-19 04:06 - 00177656 _____ (Adobe Systems Incorporated)
C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-30 17:51 - 2017-06-19 06:33 - 00000000 ____D C:\Temp
C:\WINDOWS\system32\nvapi64.dll
C:\WINDOWS\SysWOW64\nvapi.dll
C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-06-28 05:39 - 2017-05-12 02:01 - 00046373 _____ C:\WINDOWS\system32\nvinfo.pb
C:\WINDOWS\system32\nvcpl.dll
C:\WINDOWS\system32\nvsvc64.dll
C:\WINDOWS\system32\nvsvcr.dll
C:\WINDOWS\system32\nv3dappshext.dll
C:\WINDOWS\system32\nvmctray.dll
C:\WINDOWS\system32\nv3dappshextr.dll
C:\WINDOWS\system32\nvshext.dll
2017-06-28 03:52 - 2017-05-18 11:45 - 00001951 _____
C:\WINDOWS\NvContainerRecovery.bat
2017-06-25 06:17 - 2017-05-18 00:01 - 00000000 ___DC C:\WINDOWS\Panther
2017-06-24 23:20 - 2017-06-13 12:46 - 00000000 ____D C:\Users\Haryo S\Desktop\New
folder
2017-06-24 12:00 - 2017-05-18 11:52 - 00004308 _____
C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}
2017-06-24 12:00 - 2017-05-18 11:52 - 00004000 _____
C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-
BAEC-A80AA35AC5B8}
2017-06-24 12:00 - 2017-05-18 11:52 - 00003994 _____
C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-24 12:00 - 2017-05-18 11:52 - 00003894 _____
C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}
2017-06-24 12:00 - 2017-05-18 11:52 - 00003866 _____
C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-24 12:00 - 2017-05-18 11:52 - 00003858 _____
C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-24 12:00 - 2017-05-18 11:52 - 00003696 _____
C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-24 12:00 - 2017-05-18 11:52 - 00003654 _____
C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}
2017-06-24 12:00 - 2017-05-18 11:45 - 00000000 ____D C:\ProgramData\NVIDIA
Corporation
2017-06-24 12:00 - 2017-05-18 11:45 - 00000000 ____D C:\Program Files\NVIDIA
Corporation
2017-06-24 12:00 - 2017-05-18 11:45 - 00000000 ____D C:\Program Files (x86)\NVIDIA
Corporation
2017-06-23 16:55 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-23 03:30 - 2017-05-18 11:45 - 08076177 _____
C:\WINDOWS\system32\nvcoproc.bin
2017-06-22 12:22 - 2017-05-12 02:26 - 00000000 ____D C:\ProgramData\VMware
2017-06-22 12:22 - 2017-05-12 02:26 - 00000000 ____D C:\Program Files (x86)\VMware
2017-06-22 12:19 - 2017-05-12 02:27 - 00000000 ____D C:\Users\Haryo
S\AppData\Roaming\VMware
2017-06-22 12:19 - 2017-05-12 02:27 - 00000000 ____D C:\Users\Haryo
S\AppData\Local\VMware
2017-06-22 12:17 - 2016-11-27 22:29 - 00000000 ____D C:\Users\Haryo S\Desktop\Midas
VMWare
2017-06-22 11:17 - 2017-05-18 11:52 - 00003294 _____
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-22 11:17 - 2017-05-11 23:23 - 00002426 _____ C:\Users\Haryo
S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-22 11:17 - 2017-05-11 23:23 - 00000000 ___RD C:\Users\Haryo S\OneDrive
2017-06-22 10:37 - 2017-06-14 04:18 - 00000000 ____D C:\Program Files\HWiNFO64
==================== Files in the root of some directories =======
2017-07-09 15:21 - 2017-07-09 15:21 - 0000057 _____ () C:\ProgramData\Ament.ini

2017-05-18 11:45 - 2017-05-18 11:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-05-12 03:13 - 2017-05-12 03:13 - 0000133 _____ ()
C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-07-18 12:13
==================== End of FRST.txt ============================

FRST

Diunggah oleh

Informasi Dokumen

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

FRST

Diunggah oleh

Hak Cipta:

Format Tersedia

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2017

Ran by Haryo S (administrator) on DESKTOP-FHHLETL (22-07-2017 19:08:15)

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Program Files\NVIDIA

==================== Registry (Whitelisted) ====================

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

==================== Services (Whitelisted) ====================

S2 Autodesk Content Service; C:\Program Files\Autodesk\Content

===================== Drivers (Whitelisted) ======================

R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [98296 2015-12-15] (ASUS

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-22 19:08 - 2017-07-22 19:08 - 00000000 ____D C:\FRST

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-22 19:02 - 2017-06-02 00:21 - 00000000 ____D C:\Users\Haryo

==================== Files in the root of some directories =======

2017-07-09 15:21 - 2017-07-09 15:21 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

LastRegBack: 2017-07-18 12:13

==================== End of FRST.txt ============================

Anda mungkin juga menyukai